JobGrid.eu
Einloggen
Menü
Einloggen
Velsera

Principal InfoSec GRC Specialist (Contract / Permanent)

🇮🇳 Remote, Indien Remote Vollzeit Veröffentlicht Mai 6, 2026
Bewerben
Standort Remote, Indien
Arbeitsort Remote
Anstellung Vollzeit
Sprache English
Veröffentlicht 6. Mai 2026
Zuletzt geprüft 28. Mai 2026
JobGrid-Kontext

Rollenübersicht von JobGrid

Principal InfoSec GRC Specialist (Contract / Permanent) at Velsera: Remote, Indien; Vollzeit. JobGrid adds normalized role facts, source context, and a path to the employer application page so candidates can compare the listing before applying.

  • Location and workplace: Remote, Indien
  • Role classification: Vollzeit
  • Source freshness: checked by JobGrid on 2026-05-28.
  • Application path: candidates continue to the employer application page with non-personal referral tags.

What will you do?

Leadership & Program Management

  • Bring ‘Security by design’ principles to product development activities
  • Managing the GRC program, defining the roadmap for maturity across governance, risk management, and compliance initiatives.
  • Lead, manage, and mature the organization's Information Security Management System including risk treatment, internal audits, and readiness for external certification audits
  • Serve as the SME for high-stakes compliance frameworks, specifically FedRAMP, and maintaining advanced leadership over HIPAA and the ISO 27001 family (including 27017/27018 for cloud security).
  • Lead the development and revision of enterprise-level security policies, standards, and control frameworks to align with regulatory requirements and business objectives.
  • Manage GRC with focus on lean, efficient implementation by leveraging automation of activities

FedRAMP & Cloud Security

  • Lead FedRAMP authorization (e.g., Readiness, Assessment, and Continuous Monitoring), including coordinating with the 3PAO (Third-Party Assessment Organization) and government agencies.
  • Provide solution oriented technical guidance to Cloud Engineering, Security Operations, DevOps, and Product teams on architecting, implementing, and documenting controls required for FedRAMP, HIPAA, and ISO 27001 within cloud environments (AWS, Azure, or GCP).
  • Oversee and conduct complex, high-impact risk assessments (e.g., BIA, PIA, Data Flow Mapping) and residual risk management across the enterprise, escalating critical risks to senior leadership.
  • Manage and respond to high-level customer and partner due diligence requests and contract reviews related to security and compliance.

Collaboration & Stakeholder Management

  • Act as the primary InfoSec GRC liaison and subject matter expert, effectively collaborating with internal stakeholders including Legal, Internal Audit, Product Management, and Tech Leadership.
  • Translate highly technical security and compliance requirements providing clear, actionable, risk-informed recommendations.
  • Lead cross-functional remediation efforts, bringing a solution mindset to help technical teams design practical and compliant control implementations instead of simply identifying gaps.
  • Mentor and provide guidance to junior GRC team members, helping to build internal capabilities.