Senior Analyst, Product Governance Risk and Compliance (GRC)

Chennai

Genesys

Genesys is a leader for omnichannel customer experience & contact center solutions, trusted by 10,000+ companies in over 100 countries.

View company page

Build something new with a world-class team.

At Genesys, we allow our employees to make their mark by entrusting them to make decisions and do what they’ve been hired to do: their very best. Your potential is waiting; why are you?

At cloud" rel="noopener noreferrer" target="_blank">Genesys, we allow our employees to make their mark by entrusting them to make decisions and do what they’ve been hired to do: their very best. Your potential is waiting; why are you?

About Genesys

Every year, Genesys orchestrates billions of remarkable customer experiences for organizations in more than 100 countries. Through the power of our cloud, digital and AI technologies, organizations can realize Experience as a Service™ our vision for empathetic customer experiences at scale. With Genesys, organizations have the power to deliver proactive, predictive, and hyper personalized experiences to deepen their customer connection across every marketing, sales, and service moment on any channel, while also improving employee productivity and engagement. By transforming back-office technology to a modern revenue velocity engine Genesys enables true intimacy at scale to foster customer trust and loyalty.With a strong track record of innovation and a never-ending desire to be first, Genesys is named as a leader in The 2023 Gartner® Magic Quadrant™ for CCaaS.

About the Team

The Genesys Cloud GRC (Governance Risk and Compliance) team ensures the risks are managed proactively and compliance requirements are met within Genesys Cloud from initial design to Production. They own and manage security policies and standards and ensure procedures and technical controls are in place and aligned with Compliance requirements, mitigating underlying risks.  Our portfolio of attestations and certifications is available here.

About the Role

This is a very dynamic high growth environment and requires being agile and flexible. Successful candidates for this role should be experienced in evaluating, ever evolving compliance requirements and conducting gap assessments, documenting compliance related governance documents (policies, standards etc.) and experienced in third-party compliance audits. The successful candidate will be knowledgeable with risk management and risk treatment methodologies working in a similar fast-paced organization.

Candidate is expected to have understanding on Cloud SaaS technical environment and translating the compliance requirements into language Developers, DevOps, and Leadership can apply to our environments and working closely with cross functional teams spread across multiple geographies.

Major Responsibilities/Activities

  • Evaluate new and evolving certification programs, regulatory requirements, and technologies.
  • Conduct comprehensive assessments of technical controls, information security policies and procedures against applicable regulations and compliance requirements. Assessments include GAP analysis, recommendations and prioritize enhancements to the security and privacy infrastructure to remove or mitigate risk. 
  • Effectively communicate execution status, key accomplishments, and risks that impact Genesys Cloud’s ability to achieve or maintain compliance accreditations or certifications to line management.
  • Evaluate and audit security control systems to address requirements.
  • Advise process/control owners with the preparation and on-going maintenance of controls and control documentation (e.g., policies, procedures etc.).
  • Provide guidance to Development & Operations on the appropriate selection, design, implementation, and configuration of security controls.
  • Identify control deficiencies and make appropriate recommendations and drive remediation of control deficiencies.
  • Proactively identify gaps or conflicts in existing processes and work to develop solutions with cross functional teams.
  • Program manage Third- party compliance audits.
  • Collaborate effectively across multiple organizations with diverse personalities and expertise to drive to agreement on complex issues.
  • Support the annual review of information security and privacy policies, standards and guidelines covering all areas within the environment.
  • Engage with Infrastructure and/or Architect Teams to assess the security risk of proposed projects and system/application modifications.
  • Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency.

Minimum Requirements

  • 4+ years of related Governance Risk and compliance and/or security experience.
  • Knowledge and experience in audit execution of a global security certification such as ISO 27001/17/18, PCI , HIPAA, ENS, HDS, SOC 1 / 2 etc.
  • Knowledge of compliance frameworks (NIST etc.).
  • Good understanding of security concepts and practical usage.
  • Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS), is a plus.
  • Working knowledge of GRC tools and technologies.
  • Understanding of current Cyber Security trends.
  • Experience managing GRC projects and project management skills.
  • Focus on team and organizational goals, building accountability and a positive team culture.
  • Proactive achiever and comfortable working in a fast-paced, dynamic environment incorporating constant change as we grow.
  • Excellent written and verbal English communication skills; ability to communicate effectively across all levels of the organization.
  • Analytical problem solver with organizational skills and eye for detail.
  • Prior Big-4 consulting experience or prior professional experience in similar cloud based organizations is a plus.

Desirable certifications

  • One or more Information Security Certifications: CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), ISO 27K Lead Auditor/ Implementor or other security certification/accreditation.

Reasonable Accommodations:

If you require a reasonable accommodation to complete any part of the application process or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you or someone you know may complete the Reasonable Accommodations Form for assistance. Please use the Candidate field in the dropdown menu to ensure a timely response.This form is designed to assist job seekers who seek reasonable accommodation for the application process. Submissions entered for non-accommodation-related issues, such as following up on an application or submitting a resume, may not receive a response.

Genesys is an equal opportunity employer committed to equity in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.

Please note that recruiters will never ask for sensitive personal or financial information during the application phase

If a Genesys employee referred you, please use the link they sent you to apply.

About Genesys:

Every year, Genesys orchestrates billions of remarkable customer experiences for organizations in more than 100 countries. Through the power of our cloud, digital and AI technologies, organizations can realize Experience as a Service™ our vision for empathetic customer experiences at scale. With Genesys, organizations have the power to deliver proactive, predictive, and hyper personalized experiences to deepen their customer connection across every marketing, sales, and service moment on any channel, while also improving employee productivity and engagement. By transforming back-office technology to a modern revenue velocity engine Genesys enables true intimacy at scale to foster customer trust and loyalty. Visit www.genesys.com.

Reasonable Accommodations:

If you require a reasonable accommodation to complete any part of the application process or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you or someone you know may complete the Reasonable Accommodations Form for assistance. Please use the Candidate field in the dropdown menu to ensure a timely response.

This form is designed to assist job seekers who seek reasonable accommodation for the application process. Submissions entered for non-accommodation-related issues, such as following up on an application or submitting a resume, may not receive a response.

Genesys is an equal opportunity employer committed to equity in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.

Please note that recruiters will never ask for sensitive personal or financial information during the application phase.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Audits CISA CISSP Cloud Compliance CRISC DevOps Governance HIPAA ISO 27000 ISO 27001 NIST Privacy Risk management SaaS SOC SOC 1

Perks/benefits: Career development Flex hours Team events

Region: Asia/Pacific
Country: India
Job stats:  10  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.