Skip to content

General information

IN_Bangalore_EOIZ Indust Area Campus_HCS
Additional Location:
Bangalore, India
Job Family:
Worker Type Reference:
Regular - Permanent
Pay Rate Type:

Description & Requirements

Job description

The GRC Consultant /SME

At least 5- 8 years of GRC experience, preferably in ERM.

Desired Role

  • Worked as first point of contact for Information Security Risk Compliance, Data Privacy, Business Continuity and Technology related requirements.
  • Oversee and manage security and compliance issues of process/account to adhere to the client requirements.
  • Maintain Framework and Related Policies
  • Coordinate development and implementation of the security and risk program.
  • Perform reviews on audit controls and measurements and conduct Risk Assessments to ensure correct practices are established and adhered to.
  • Ensure Risk Remediation and Exception are done appropriate in compilation with CRO and Business Leads
  • Liaison with Business Unit for Risk management activities
  • Report at pre-defined intervals to the appropriate stakeholders on the status of compliance program.
  • Respond appropriately to Business, Chief Risk Office Team

To qualify for the role, you must have:

  • Experience in delivering GRC technology enablement services using Industry Leading GRC/IRM platforms,
  • Experience in Risk Management, Audit Management, Business Continuity, and other risk management processes.
  • Remain current on new developments in GRC technology implementation services capabilities and industry knowledge.
  • Experience in tools like ServiceNow, Archer, MetricStream CIS certification in GRC/ IRM suite (Risk and Compliance, Vendor Risk Management, Oprisk etc.)
  • Strong understanding of compliance and risk management processes.
  • Good operational hands-on experience in GRC Function
  • Strong analytical, interpersonal, communication, writing and presentation skills.
  • Demonstrates integrity, values, principles, and work ethic.
  • Good knowledge of Information Security Management System and Audits
  • Experience in implementing/ facilitating audits for ISO 27001:2005/ SOC1 Type-2 (SSAE)/ PCI
  • Knowledge of NIST, CIS, HIPAA, Data Privacy (DPA, GDPR)
  • Proficiency in Stakeholder management and senior leadership communication/reporting
  • Proficiency in Client engagement and Risk communication with Leadership
  • Establish value added analytics and initiatives within the function.
  • Drive and Measure Key Risk metrics.
  • Self-driven with project management skills to lead internal projects and be the face for the function at an account / location level.


  • Bachelor's degree in computer science, information security, or related field.
  • Preferred: Certified: ISO 27001:2005, ISO-22301, PCI-DSS, IT/Network Security +, CCNA
  • Desired: CISA / CRISC / CISSP/ CISM
  • Proficiency with MS-Excel/VB/PowerPoint

HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.