Number of Applicants
:000+
Apply Now
Let AI Supercharge Your Job Hunt!
JobCopilot scans 500,000+ company career sites daily to find jobs for you
Activate JobCopilot
We are seeking a detail-oriented GRC & Data Privacy Analyst to join our security team. In this role, you will be responsible for maintaining our integrated risk management framework while taking a lead role in implementing and auditing our data privacy program. You will ensure that our operations remain compliant with global regulations (GDPR, PDPA, etc.) while identifying and mitigating risks across the organization.
Framework Alignment: Maintain and mature the organization’s security framework (e.g., ISO 27001, SOC 2 and Singapore MAS).
Risk Assessments: Conduct annual and project-based risk assessments; maintain the Corporate Risk Register and track remediation efforts.
Policy Management: Draft, review, and update internal security policies and standards to ensure they reflect current business processes.
Third-Party Risk Management (TPRM): Evaluate the security posture of vendors and partners through assessments and due diligence reviews.
Privacy Impact Assessments (PIAs/DPIAs): Lead the evaluation of new products or processes to ensure "Privacy by Design" is integrated into the development lifecycle.
Data Mapping: Maintain a comprehensive record of processing activities (ROPA) and data flow diagrams.
Privacy Operations: Manage the Data Subject Access Request (DSAR) process and coordinate responses to privacy-related inquiries.
Compliance Monitoring: Monitor changes in global privacy laws and translate them into actionable technical or procedural requirements for the IT and Product teams.
Internal Audits: Perform regular control testing to ensure ongoing compliance with internal policies and external regulations.
External Audit Liaison: Serve as the primary point of contact for external auditors during certification cycles.
Awareness Training: Develop and deliver training content on security best practices and data handling requirements for all employees.
Experience: 8 - 10 years in GRC, Information Security, or IT Audit, with at least 2–4 years specifically focused on Data Privacy.
Certifications (Preferred): CISA, CRISC, or CISM.
Technical Skills: Familiarity with GRC tools (Sprinto) and a solid understanding of cloud security (AWS).
Regulatory Knowledge: Deep understanding of GDPR, PDPA, and industry standards like ISO 27001, SOC 2 and Singapore MAS
The "Translator" Ability: Can explain complex legal requirements to developers and technical risks to executives.
Analytical Rigor: A passion for documentation and a "trust but verify" mindset.
Adaptability: Comfortable navigating the gray areas of emerging privacy legislation.
Auto-Apply to GRC & Data Privacy Analyst Jobs with your AI JobCopilot
Auto-Apply with AI
GrabJobs is the no1 job portal in India, connecting you to thousands of jobs fast! Find the best jobs in India, apply in 1 click and get a job today!
Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.
Your email job alert is now active!