We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior GRC Analyst at Workato. . Location: Hyderabad, India. About Workato. . Workato delivers enterprise infrastructure for the agentic era, redefining iPaaS and helping enterprises unify data, applications, processes, and AI into a single, governed platform. A leader in Enterprise MCP and trusted by 50% of the Fortune 500, Workato’s cloud-native architecture connects every application, data source, and process to power real-time orchestration at scale. With enterprise-grade security and continuous innovation at its core, Workato provides the trusted foundation for organizations to automate with confidence and operationalize AI across the business. To learn more, visit . www.workato.com. . Why join us?. . Ultimately, Workato believes in fostering a . flexible, trust-oriented culture that empowers everyone to take full ownership of their roles. . We are driven by . innovation . and looking for. team players . who want to actively build our company. . . But, we also believe in . balancing productivity with self-care. . That’s why we offer all of our employees a vibrant and dynamic work environment . along with a multitude of benefits. they can enjoy inside and outside of their work lives. . . If this sounds right up your alley, please submit an application. We look forward to getting to know you!. . Also, feel free to check out why:. . . . Business Insider. named us an “enterprise startup to bet your career on”. . . . Forbes’ Cloud 100. recognized us as one of the top 100 private cloud companies in the world. . . . Deloitte Tech Fast 500. ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America. . . . Quartz. ranked us the #1 best company for remote workers. . . Responsibilities. . We are looking for an exceptional . Senior GRC Analyst . to join our growing team. In this role, you will lead compliance assessments for frameworks such as . NIST 800-171. ,. ISO 27001. ,. NIST 800-53 (FedRAMP). ,. PCI. ,. MLPS and IRAP. , while also driving broader security compliance efforts. The ideal candidate will use strong analytical, communication, and problem-solving skills to evaluate controls, identify gaps, and recommend improvements across security domains. You will also be responsible for:. . . . Lead and participate in both internal and external audits for frameworks including . ISO 27001/27701. ,. PCI-DSS. ,. NIST 800-171. ,. NIST 800-53 (FedRamp). ,. and IRAP. . . . Experience using or exploring AI/automation tools to enhance, streamline, or scale Governance, Risk, and Compliance (GRC) processes and workflows. . . . Manage and oversee risk, compliance, and governance initiatives across teams. . . . Coordinate with process owners, control owners, auditors, and consultants to ensure findings are tracked and addressed. . . . Conduct risk assessments, security audits, and third-party/vendor risk reviews. . . . Review contracts to ensure security and compliance requirements are met. . . . Identify process gaps and recommend improvements to enhance the organization’s security posture. . . . Communicate risks and compliance requirements clearly to both technical and non-technical stakeholders. . . . Perform regular user access reviews. . . . Develop and track remediation plans for identified risks and issues. . . . Maintain and update the risk register. . . . Oversee vendor security assurance processes. . . . Collaborate with stakeholders to design and implement effective internal controls aligned with regulatory standards. . . . Support risk and security discussions across cross-functional teams. . . . Build strong working relationships across departments. . . . Take on additional responsibilities as needed. . . . Requirements. . Qualifications / Experience / Technical Skills. . Please note that the working hours for this position are from 2:00 PM to 11:00 PM IST (overlap with U.S. Pacific Time required). . . . 8+ years of experience. in cybersecurity programs, audits, risk management, compliance, or remediation. . . . Experience working with cloud platforms such as AWS, Azure, or Google Cloud. . . . Proven ability to negotiate and prioritize risk remediation with internal stakeholders. . . . Bachelor’s degree in Information Systems, Computer Science, Information Security, or a related field. . . . Strong understanding of security controls, including cloud environments, firewalls, IDS/IPS, and vulnerability management. . . . Familiarity with NIST 800-171 and NIST Risk Management Framework (NIST 800-53). . . . Experience auditing frameworks such as . PCI-DSS. ,. SOC 2. ,. and ISO 27001/27701. . . . Relevant certifications (. CISSP. , . CISA. , . PCI ISA. ,. ISO. , or similar) are preferred. . . . Ability to manage multiple priorities independently with minimal supervision. . . . Soft Skills / Personal Characteristics. . . . Strong communication skills with the ability to translate compliance requirements into technical actions. . . . High energy and adaptability in a fast-paced environment. . . . Strong collaboration and a knowledge-sharing mindset. . . . Excellent time management and organizational skills. . . . High attention to detail, integrity, and ethical standards. . . . Willingness to learn and take on new challenges. . . . Additional requirements. . . . May involve some international travel. . . . This position requires overlap with U.S. Pacific Time (PST) working hours. Candidates should be available and flexible to work from . 2:00 PM to 11:00 PM IST. .. . . . Strong hands-on experience with PCI audits, ISO 27001, NIST 800-171, FedRamp, SOC 2, and potentially IRAP is required.. . . . To help your application stand out, please take time to answer the Job Application Questions below clearly and concisely. All submissions are reviewed by our Hiring Team, not evaluated by AI.. . (REQ ID: 2760)