What is the salary for this GRC Analyst position?

Salary information for this GRC Analyst position is available upon application.

What experience is required for this GRC Analyst role?

This GRC Analyst position requires entry_level of experience.

Where is this GRC Analyst job located?

This GRC Analyst position is located in Gurugram, Haryana, India.

How do I apply for this GRC Analyst position at Aviva India?

You can apply for this GRC Analyst position by clicking the 'Apply Now' button on this page, which will direct you to the official application portal.

Aviva India•1d ago

GRC Analyst

Gurugram, Haryana, India

Full Time

Entry Level

Auto Apply to 50+ AI Matched GRC Analyst Jobs

Use Auto Apply Agents to Bulk Apply jobs with ATS Optimised Resumes, find verified Insider Connections for jobs at Aviva India

Full Job Description

IT Risk & Cybersecurity GRC Analyst - Governance, Risk & Compliance

Aviva India is seeking a motivated IT Risk & Cybersecurity GRC professional with approximately 1 year of experience (0-2 years total) to join our team in Gurugram, Haryana. This role is crucial for supporting governance, internal audit readiness, regulatory compliance, and user access review processes within our regulated insurance environment.

You will collaborate closely with the Senior GRC team, assisting in audit coordination, evidence tracking, risk documentation, and control validation. This is an execution-focused position offering significant exposure to IRDAI, CERT-IN, internal audits, and enterprise risk governance.

Key Responsibilities:

Risk & Control Governance: Support risk assessments, control testing, maintain risk registers, track audit observations and remediation, document risk acceptance and mitigation, and identify control gaps.
Internal & Regulatory Audit Support: Assist in preparing for IRDAI Cyber Security Audits, CERT-IN compliance reviews, internal audits (including Big 4), and Financial & ITGC audits. Coordinate evidence collection, maintain trackers, and assist in responding to audit observations.
User Access Governance: Support privileged and normal user access reviews, Joiner-Mover-Leaver (JML) validations, and collect confirmations from business owners. Identify excessive access and track related observations.
Third Party Risk Management: Assist with vendor risk assessments, maintain third-party risk trackers, review vendor security questionnaires, and track vendor remediation commitments.
KPI / KRI / KCI Support: Help compile security KPIs, KRIs, and KCIs, support dashboard preparation, and maintain data accuracy for governance reporting.
Regulatory Compliance Support: Assist in implementing IRDAI and CERT-IN circulars, support gap assessments, and maintain a compliance evidence repository. Familiarity with data privacy (DPDP Act) and cybersecurity hygiene is beneficial.
Policy & Documentation Management: Aid in reviewing and formatting ISMS and BCMS policies, maintain version control, and support documentation updates based on regulatory changes.
Business Continuity & DR Support: Assist in documenting BCP and DR readiness, coordinate DR drill documentation, and maintain application criticality classifications.
GRC Platforms & Reporting: Gain hands-on experience with GRC tools like IBM OpenPages, Archer, or MetricStream. Update risk registers, issue trackers, and support report generation.
Security Awareness & Training Support: Assist in rolling out security awareness programs, track training metrics, and support communication campaigns.

Mandatory Skills & Experience:

0–2 years of experience in IT Risk, Cybersecurity, Audit, or Compliance.
Basic understanding of IT controls and cybersecurity concepts.
Exposure to audit or compliance activities is preferred.
Understanding of user access management concepts.
Proficiency in Excel/Sheets, PowerPoint, and documentation.
Strong documentation and communication skills.
Good analytical ability and attention to detail.
Ability to manage multiple trackers and deadlines.

Preferred Qualifications:

Bachelor’s degree in IT, Computer Science, Engineering, or a related field.
Basic knowledge of ISO 27001 / ITGC controls.
Internship or exposure in the BFSI / Insurance sector is preferred.
Certifications like ISO 27001, CEH, or Security+ are a plus.

What We Are Looking For:

A detail-oriented, process-driven professional eager to build a career in IT Risk & GRC. You should be adept at managing documentation and evidence accurately, possess foundational knowledge of access governance, and excel at collaborative work with cross-functional teams. Discipline with timelines and audit expectations, along with ownership of assigned tasks, are essential.

Company

Aviva India

Aviva India, officially Aviva Life Insurance Company India Limited, is a prominent joint venture forged between Dabur Invest Corp and the UK-based insurance group, Aviva International Holdings Limited...

Gurugram, Haryana, India

Posted on LinkedIn