About US:
Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology.
Experience: 1-3 years
Industry: Fintech/Technology/Banking
Job Summary:
We are looking for a Governance, Risk, and Compliance (GRC) Analyst to support the development, implementation, and maintenance of the organization’s GRC framework. The ideal candidates will play a crucial role in ensuring compliance with regulatory requirements, assessing risk, and driving best practices in security and governance processes.
Key Responsibilities:
Governance:
Assist in developing and updating governance frameworks, policies, and procedures.
Maintain documentation for compliance with regulatory and industry standards such as ISO 27001, PCI DSS, DPDP, and SOC 2.
Conduct periodic reviews of GRC policies and recommend improvements.
Risk Management:
Support the execution of risk assessments and help maintain the enterprise risk register.
Identify, document, and report on information security and operational risks.
Collaborate with stakeholders to ensure risk mitigation strategies are effectively implemented and tracked.
Compliance Monitoring:
Perform internal audits and gap analyses to ensure adherence to applicable frameworks and standards.
Assist in maintaining compliance with regulations specific to the industry, including fintech-specific standards.
Prepare documentation and evidence for external audits, certifications, or regulatory reviews.
Training and Awareness:
Support employee training programs on GRC policies, compliance requirements, and best practices.
Develop awareness materials to promote a culture of compliance and security.
Required Qualifications:
Education: Bachelor’s degree in IT, Cybersecurity, Risk Management, Business Administration, or related fields.
Certifications (preferred):
ISO 27001 Foundation/Implementer/Auditor
SOC 2, RIsk management
Experience:
1-3 years in governance, risk, compliance, or related roles.
Exposure to regulatory frameworks (e.g., GDPR, ISO 27001, or SOC 2).
Preferred Skills:
Understanding of GRC tools (e.g., Archer, MetricStream, or ServiceNow).
Familiarity with cybersecurity principles and controls.
Strong analytical and communication skills.
Ability to work independently and as part of a cross-functional team.
Key Competencies:
Attention to Detail
Problem-Solving Abilities
Stakeholder Collaboration
Organizational and Documentation Skills