Analyst - GRC (Governance, Risk & Compliance)

Purpose of the roleThis role has been established to support the business in building sustainable governance andcompliance practices at Amagi. The basic factor required to be successful in this role warrants a good understanding of the company's vendor landscape and compliance requirements. The focus is on building repeatable internal compliance validation and vendor security risk review processes.What are we looking for in potential candidates?Be a team playerBe hands-on at workBelieve in adopting an innovative approach towards cybersecurity risk management andgovernanceWillingness to learn technical aspects of securitySelf starterWho will the role report to?This role will report to the Director - GRCWhat is the scope of operation?Third-Party Risk Management (TPRM)Support for Audit Readiness and Evidence CollectionInternal Governance and Risk ManagementWhat is the desired outcome in the next two years?A sustainable vendor security risk management processA sustainable internal compliance teamContinuous monitoring and reporting of the Product risk postureProcesses to monitor the implementation effectiveness of security controlsKey ResponsibilitiesSupport products in sustaining SOC2 compliance by regular internal assessmentsEngage with vendors for regular security and risk reviewContinuous monitoring and scoring of vendor riskMonitor security control effectiveness and highlight deviations.To carry out Amagi’s Security Awareness ProgramManage governance documentationRequired CompetenciesBasic understanding and working knowledge of AWS / GCP.Basic understanding of security standards, policies, and processesBasic understanding of SOC2, audit, and compliance validationWorking knowledge of carrying out TPRM assessmentsGood documentation skills.Ability to work cross-functionally with Legal,IT and EngineeringStrong analytical and problem-solving mindsetComfort with ambiguity and willingness to shape early-stage processesWork Experience1-3 Years of experience in Vendor risk management and Compliance review