Lead Analyst - Information Security - GRC

FC Global Services India LLP (First Citizens India), a part of First Citizens BancShares, Inc., a top 20 U.S. financial institution, is a global capability center (GCC) based in Bengaluru. Our India-based teams benefit from the company’s over 125-year legacy of strength and stability. First Citizens India is responsible for delivering value and managing risks for our lines of business. We are particularly proud of our strong, relationship-driven culture and our long-term approach, which are deeply ingrained in our talented workforce. This is evident across all key areas of our operations, including Technology, Enterprise Operations, Finance, Cybersecurity, Risk Management, and Credit Administration. We are seeking talented individuals to join us in our mission of providing solutions fit for our clients’ greatest ambitions.

Job Description:

Value Preposition

We are seeking a dynamic and experienced Cyber Governance, Risk & Controls (GRC) Risk Assessment and Reg Compliance lead serving as a strategic partner to our US counterparts. This role will be instrumental in shaping, executing, and maturing our cyber risk programs while ensuring operational excellence and alignment to enterprise objectives. The ideal candidate is a strategic thought leader with deep understanding of governance and documentation standards, cyber technical ability and regulatory frameworks.

Job Details

Position Title:  Lead Analyst - Information Security - GRC

Career Level:  P3

Job Category: Manager

Role Type: Hybrid

Job Location: Bangalore

About the Team:

The Cyber Governance, Risk & Controls (GRC) team is a community of dedicated professionals committed to safeguarding our organization’s information security. Our values - inclusivity, transparency, and excellence – drive everything we do.

Impact

This is a high-impact role offering the opportunity to shape the future of our cyber risk landscape while enabling critical business functions across the globe. You will join a passionate, values-driven team committed to collaboration, innovation, and excellence in execution.

Key Deliverables

• Execute comprehensive risk assessments of security exceptions in alignment with internal SLAs and procedures.
• Elevate the quality, clarity, and consistency of policy, standard, and procedure documentation in alignment with corporate governance frameworks.
• Drive corporate and industry regulatory mapping to ensure full traceability and compliance across frameworks (e.g., NIST, ISO, FFIEC, RBI).

Skills and Qualification

Functional Skills:

• Strategic mindset with the ability to see the big picture while delivering tactical outcomes.
• Deep knowledge of cybersecurity risk, controls, policy, and documentation standards within a highly regulated environment.
• Demonstrate strong technical aptitude across a broad range of cyber domains, including but not limited to, encryption, IAM, cloud security, network security, and vulnerability management. Lead compliance activities related to applicable laws, regulations, and contractual obligations (e.g., GDPR, NIS2, SOX, PCI DSS, HIPAA, local financial or data protection regulations as applicable)
• Provide expert guidance and challenge to senior stakeholders on cyber risk decisions
• Promote a strong cyber risk culture and security awareness across the organization

Technical/Business Skills:

• Bachelor’s degree in Information Security, Risk Management, Business Administration, or related field; Master’s degree preferred.
• 8-10 years of experience in cybersecurity, governance, risk, or compliance and project/program management
• Experience in the financial services sector strongly preferred.
• Strong working knowledge of key regulatory frameworks and standards, including NIST, ISO 27001, RBI, FFIEC, with the ability to interpret, apply, and align them to risk management efforts
• Proven ability to analyze, report, and communicate complex risks and data to senior leadership and executive stakeholders.
• Hold relevant security certifications such as CISSP, CISM, or equivalent
• Deep understanding of cybersecurity governance, risk management, and compliance principles

• Strong knowledge of security frameworks and standards (ISO 27001, NIST, COBIT, CIS, etc.)
• Experience conducting cyber risk assessments and translating risks into business-focused language
• Ability to interpret regulatory requirements and implement pragmatic, scalable controls
• Excellent written and verbal communication skills, including executive-level reporting

Relationships & Collaboration

Reports to: Senior Manager - Information Security 

Partners: Senior leaders, cross- functional teams, end-users.

Accessibility Needs

We are committed to providing an inclusive and accessible hiring process. If you require accommodations at any stage (e.g. application, interviews, onboarding) please let us know, and we will work with you to ensure a seamless experience.

Equal Employment Opportunity

FC Global Services India LLP (First Citizens India) is an Equal Employment Opportunity Employer. We are committed to fostering an inclusive and accessible environment and prohibit all forms of discrimination on the basis of gender, religion, caste, disability, sexual orientation, economic status or any other characteristics protected by the law. We strive to foster a safe and respectful environment in which all individuals are treated with respect and dignity. Our EEO policy ensures fairness throughout the employee life cycle.