Senior GRC Analyst

Workato, Inc.

Job Overview

Location

Hyderabad, India

Job Type

Full-time

Full Job Description

📋 Description

• Lead and participate in internal and external audits for compliance frameworks including ISO 27001/27701, PCI-DSS, NIST 800-171, NIST 800-53 (FedRAMP), and IRAP.
• Manage and oversee enterprise-wide risk, compliance, and governance initiatives across technical and non-technical teams.
• Conduct comprehensive risk assessments, security audits, and third-party/vendor risk reviews to ensure alignment with regulatory standards.
• Review contracts and service agreements to verify adherence to security and compliance requirements.
• Identify gaps in existing controls and recommend actionable improvements to strengthen the organization’s security posture.
• Communicate complex compliance requirements and risk findings clearly to both technical teams and non-technical stakeholders.
• Perform regular user access reviews to ensure adherence to least privilege principles and regulatory mandates.
• Develop, track, and manage remediation plans for identified compliance gaps and audit findings.
• Maintain and update the organization’s centralized risk register with accurate, timely, and actionable data.
• Oversee vendor security assurance processes, including due diligence, continuous monitoring, and contract compliance.
• Collaborate with process owners, control owners, auditors, and external consultants to ensure audit findings are resolved in a timely manner.
• Design and implement effective internal controls aligned with NIST, PCI-DSS, ISO 27001, FedRAMP, and IRAP standards.
• Support cross-functional risk and security discussions to embed compliance into product, engineering, and operational workflows.
• Build and maintain strong working relationships across departments to foster a culture of compliance and accountability.
• Explore and leverage AI/automation tools to enhance efficiency, scalability, and accuracy of GRC processes and workflows.
• Take on additional responsibilities as needed to support evolving compliance needs and organizational growth.

🎯 Requirements

• 8+ years of experience in cybersecurity programs, audits, risk management, compliance, or remediation
• Bachelor’s degree in Information Systems, Computer Science, Information Security, or a related field
• Proven experience auditing frameworks including PCI-DSS, SOC 2, ISO 27001/27701, NIST 800-171, NIST 800-53 (FedRAMP), and IRAP
• Experience working with cloud platforms such as AWS, Azure, or Google Cloud
• Relevant certifications such as CISSP, CISA, PCI ISA, or ISO are preferred
• Ability to manage multiple priorities independently with minimal supervision

🏖️ Benefits

• Flexible, trust-oriented culture that empowers employees to take full ownership of their roles
• Emphasis on balancing productivity with self-care and well-being
• Vibrant and dynamic work environment
• Opportunity to work with a Forbes Cloud 100 company and a Deloitte Tech Fast 500 winner
• Potential for international travel as part of role responsibilities
• Required overlap with U.S. Pacific Time (2:00 PM to 11:00 PM IST)

Skills & Technologies

AWS

Azure

GCP

Senior

Remote

Degree Required

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Workato, Inc.

Visit Website

About Workato, Inc.

Workato provides low-code/no-code enterprise automation and integration software that connects applications, data, and business processes across cloud and on-premises systems. Its platform offers pre-built connectors, recipes, and AI-powered workflow orchestration for finance, HR, IT, sales, support, and marketing functions. The company enables organizations to automate tasks without extensive coding, reducing manual effort and accelerating digital transformation initiatives. Workato serves mid-market to large enterprises worldwide through a subscription-based SaaS model, emphasizing security, governance, and scalability for complex integrations.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.