Subject Matter Expert (Support&Ops)

Job Summary

Role Overview:

We are seeking a skilled GRC (Governance, Risk, and Compliance) professional to support and strengthen our enterprise risk management and regulatory compliance initiatives. The ideal candidate will have hands-on experience in risk assessments, audits, policy management, and compliance frameworks.Key Responsibilities Governance & Compliance

Develop, review, and maintain information security policies, standards, and procedures

Ensure compliance with global standards such as: ISO 27001 / ISO 27701SOC 2GDPR / Data Privacy regulationsNIST / COBIT frameworks Support internal and external audits (ISO, SOC, client audits)Risk Management

Conduct risk assessments and gap analysis

Identify, analyze, and mitigate risks across IT and business processes Maintain and update the risk register

Perform third-party/vendor risk assessments Audit & Assurance

Coordinate audit activities and track remediation actions Perform control validation and testing Work with stakeholders to address audit findings and closure

Policy & Process Management:

Draft and update policies aligned with industry standards Ensure proper implementation of controls across business units Conduct periodic policy reviews and awareness programs

Tool & Reporting:

Work on GRC tools such as: Service Now GRCArcher Metric Stream One Trust (preferred)Generate compliance reports, dashboards, and metrics for leadership Stakeholder Management

Collaborate with IT, security, legal, and business teams Provide advisory on compliance requirements and best practices

Required Skills & Qualifications Experience3–8+ years experience in GRC, Info Sec, Risk, or Compliance roles

Technical & Functional Skills:

Strong understanding of: Risk frameworks (ISO 31000, NIST RMF)Security standards (ISO 27001, SOC 2)Experience in audit handling and compliance tracking Knowledge of regulatory requirements (GDPR, HIPAA, etc. preferred)Tools

Experience with at least one GRC platform: Service Now GRC / RSA Archer / Metric Stream Certifications (Preferred)**CISA / CISM / CRISCISO 27001 Lead Auditor / ImplementerCISSP (good to have)**Soft Skills

Strong analytical and problem-solving ability Effective communication and stakeholder management skills Attention to detail and documentation excellence Ability to work in a fast-paced environment

Education:

Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field Master’s degree is a plus

Location

HCLTech Offices (Noida / Bangalore / Chennai / Remote options based on project)

Key Responsibilities

Role Overview:

We are seeking a skilled GRC (Governance, Risk, and Compliance) professional to support and strengthen our enterprise risk management and regulatory compliance initiatives. The ideal candidate will have hands-on experience in risk assessments, audits, policy management, and compliance frameworks.Key Responsibilities Governance & Compliance

Develop, review, and maintain information security policies, standards, and procedures

Ensure compliance with global standards such as: ISO 27001 / ISO 27701SOC 2GDPR / Data Privacy regulationsNIST / COBIT frameworks Support internal and external audits (ISO, SOC, client audits)Risk Management

Conduct risk assessments and gap analysis

Identify, analyze, and mitigate risks across IT and business processes Maintain and update the risk register

Perform third-party/vendor risk assessments Audit & Assurance

Coordinate audit activities and track remediation actions Perform control validation and testing Work with stakeholders to address audit findings and closure

Policy & Process Management:

Draft and update policies aligned with industry standards Ensure proper implementation of controls across business units Conduct periodic policy reviews and awareness programs

Tool & Reporting:

Work on GRC tools such as: Service Now GRCArcher Metric Stream One Trust (preferred)Generate compliance reports, dashboards, and metrics for leadership Stakeholder Management

Collaborate with IT, security, legal, and business teams Provide advisory on compliance requirements and best practices

Required Skills & Qualifications Experience3–8+ years experience in GRC, Info Sec, Risk, or Compliance roles

Technical & Functional Skills:

Strong understanding of: Risk frameworks (ISO 31000, NIST RMF)Security standards (ISO 27001, SOC 2)Experience in audit handling and compliance tracking Knowledge of regulatory requirements (GDPR, HIPAA, etc. preferred)Tools

Experience with at least one GRC platform: Service Now GRC / RSA Archer / Metric Stream Certifications (Preferred)**CISA / CISM / CRISCISO 27001 Lead Auditor / ImplementerCISSP (good to have)**Soft Skills

Strong analytical and problem-solving ability Effective communication and stakeholder management skills Attention to detail and documentation excellence Ability to work in a fast-paced environment

Education:

Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field Master’s degree is a plus

Location

HCLTech Offices (Noida / Bangalore / Chennai / Remote options based on project)

Skill Requirements

Role Overview:

We are seeking a skilled GRC (Governance, Risk, and Compliance) professional to support and strengthen our enterprise risk management and regulatory compliance initiatives. The ideal candidate will have hands-on experience in risk assessments, audits, policy management, and compliance frameworks.Key Responsibilities Governance & Compliance

Develop, review, and maintain information security policies, standards, and procedures

Ensure compliance with global standards such as: ISO 27001 / ISO 27701SOC 2GDPR / Data Privacy regulationsNIST / COBIT frameworks Support internal and external audits (ISO, SOC, client audits)Risk Management

Conduct risk assessments and gap analysis

Identify, analyze, and mitigate risks across IT and business processes Maintain and update the risk register

Perform third-party/vendor risk assessments Audit & Assurance

Coordinate audit activities and track remediation actions Perform control validation and testing Work with stakeholders to address audit findings and closure

Policy & Process Management:

Draft and update policies aligned with industry standards Ensure proper implementation of controls across business units Conduct periodic policy reviews and awareness programs

Tool & Reporting:

Work on GRC tools such as: Service Now GRCArcher Metric Stream One Trust (preferred)Generate compliance reports, dashboards, and metrics for leadership Stakeholder Management

Collaborate with IT, security, legal, and business teams Provide advisory on compliance requirements and best practices

Required Skills & Qualifications Experience3–8+ years experience in GRC, Info Sec, Risk, or Compliance roles

Technical & Functional Skills:

Strong understanding of: Risk frameworks (ISO 31000, NIST RMF)Security standards (ISO 27001, SOC 2)Experience in audit handling and compliance tracking Knowledge of regulatory requirements (GDPR, HIPAA, etc. preferred)Tools

Experience with at least one GRC platform: Service Now GRC / RSA Archer / Metric Stream Certifications (Preferred)**CISA / CISM / CRISCISO 27001 Lead Auditor / ImplementerCISSP (good to have)**Soft Skills

Strong analytical and problem-solving ability Effective communication and stakeholder management skills Attention to detail and documentation excellence Ability to work in a fast-paced environment

Education:

Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field Master’s degree is a plus

Location

HCLTech Offices (Noida / Bangalore / Chennai / Remote options based on project)

Other Requirements

Role Overview:

We are seeking a skilled GRC (Governance, Risk, and Compliance) professional to support and strengthen our enterprise risk management and regulatory compliance initiatives. The ideal candidate will have hands-on experience in risk assessments, audits, policy management, and compliance frameworks.Key Responsibilities Governance & Compliance

Develop, review, and maintain information security policies, standards, and procedures

Ensure compliance with global standards such as: ISO 27001 / ISO 27701SOC 2GDPR / Data Privacy regulationsNIST / COBIT frameworks Support internal and external audits (ISO, SOC, client audits)Risk Management

Conduct risk assessments and gap analysis

Identify, analyze, and mitigate risks across IT and business processes Maintain and update the risk register

Perform third-party/vendor risk assessments Audit & Assurance

Coordinate audit activities and track remediation actions Perform control validation and testing Work with stakeholders to address audit findings and closure

Policy & Process Management:

Draft and update policies aligned with industry standards Ensure proper implementation of controls across business units Conduct periodic policy reviews and awareness programs

Tool & Reporting:

Work on GRC tools such as: Service Now GRCArcher Metric Stream One Trust (preferred)Generate compliance reports, dashboards, and metrics for leadership Stakeholder Management

Collaborate with IT, security, legal, and business teams Provide advisory on compliance requirements and best practices

Required Skills & Qualifications Experience3–8+ years experience in GRC, Info Sec, Risk, or Compliance roles

Technical & Functional Skills:

Strong understanding of: Risk frameworks (ISO 31000, NIST RMF)Security standards (ISO 27001, SOC 2)Experience in audit handling and compliance tracking Knowledge of regulatory requirements (GDPR, HIPAA, etc. preferred)Tools

Experience with at least one GRC platform: Service Now GRC / RSA Archer / Metric Stream Certifications (Preferred)**CISA / CISM / CRISCISO 27001 Lead Auditor / ImplementerCISSP (good to have)**Soft Skills

Strong analytical and problem-solving ability Effective communication and stakeholder management skills Attention to detail and documentation excellence Ability to work in a fast-paced environment

Education:

Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field Master’s degree is a plus

Location

HCLTech Offices (Noida / Bangalore / Chennai / Remote options based on project)