Cybersecurity GRC Specialist

This position is also open to work remotely from anywhere in Mexico

We’re looking for a Cybersecurity GRC Specialist.

Role Overview: We are seeking a highly skilled and motivated Third party Risk Management, Cyber Security Governance, Risk & Compliance Specialist to join our team. The ideal candidate will have extensive experience in Third-Party Risk Management (TPRM), policy exception handling, and setting up risk and compliance frameworks and processes. This role requires a strong understanding of risk domains, regulatory compliance, and industry best practices. The candidate should be capable of leading client engagements from a GRC perspective and possess excellent interpersonal skills.

• Implement and manage TPRM end-to-end processes, including policy exception handling and cyber security governance.
• Execute risk and compliance assessments, and drive remediation activities.
• Understand and manage cyber risk domains such as access control, operational security, data protection and privacy, vulnerability management, backup and recovery, application security, and business continuity.
• Ensure compliance with various regulatory requirements (e.g., HITRUST, PCI DSS etc).
• Apply industry best practices (e.g., ISO 27001, NIST, COBIT) in designing and documenting GRC processes and assessment frameworks.
• Archer Knowledge is Mandatory.
• Understand and manage application security risks and controls.
• Lead client engagements from a GRC perspective, demonstrating strong ownership and high impact.

• Degree in Information Systems, Computer Science, or equivalent experience.
• Advanced degree in Engineering, Cybersecurity, Information Assurance, Information Security, Information Systems, or Computer Science is preferred.
• Relevant certifications such as ISO 27001, CRISC, CISA, CISSP, or the willingness and motivation to obtain similar certifications.
• Strong interpersonal skills and the ability to work collaboratively with clients and team members.

• Experience in Supplier Risk Management.
• Expertise in Control Testing.
• Proficiency in Policy Exception Handling.

At Tech Mahindra, what distinguishes us from other teams is the comfortable environment which engenders trust within teams and with our customers. Trust and openness leads to quality, innovation, commitment to deliverables, efficiency and cost-effectiveness for all our customers.

• Work with some truly remarkable IT engineers, architects, specialists and more.
• We’re growing at a phenomenal pace and we’d like some company.
• Hear your voice, nurture your talent and help you strengthen your footprint!
• Benefits above the law
• Mentorship, and opportunities to grow and learn

This position offers a unique opportunity to contribute to our cyber security governance and risk management efforts, ensuring our clients maintain robust and compliant security postures.

If you apply for this opportunity we will get your resume and its contain personal data whose treatment has been authorized by its owner for Digital OnUs, S. de RL de CV (the "Company"). If you are not the owner of this information or have no relation whatsoever with the subjects treated in it, you are requested in the most attentive way not to make copies of it and / or its attached files and delete it immediately, under the risk of being considered as responsible for the unauthorized treatment of personal data in accordance with the Federal Law on Protection of Personal Data Held by Private Parties, its Regulations, and other applicable regulations. If you are the owner of personal data in possession of the Company and wish to obtain further information regarding the processing of your personal data or the exercise of your ARCO rights, please consult our integral privacy notice on the website https://www.digitalonus.com/privacy-policy/