GRC InfoSec Analyst

Why Choose Bottomline? 

Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 30 years of experience and moving more than $10 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation - we want you on our team! 

The Role 

We are looking for a dynamic and innovative Information Security GRC Analyst to join our team in Bangalore. 

Job Summary    

This role reports to the Information Security Governance, Risk and Compliance (GRC) Manager and will work across all the product and technology teams to strengthen and enforce Bottomline’s information security posture.  

As the Information Security GRC consultant, you will be responsible for building trust and confidence among our clients on the information security posture.  This role also involves working closely with stakeholders to ensure adherence to regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA).  

How you’ll contribute 

• Governance – work with key stakeholders to develop, implement and enhance the information security policies, standards and processes in alignment with regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA). Execute governance routines and reporting to ensure compliance with required policies and standards.  

• Risk Management – build and maintain a control library for enterprise-wide controls and product specific controls. Maintain the risk register (issues and risk acceptances) to ensure effective tracking, prioritization and reporting of risks.   Process risk acceptances to ensure they are appropriately rated with sufficient mitigating controls. 

• Compliance – Coordinate assessments to ensure compliance with applicable regulations and industry requirements (e.g., SWIFT, NACHA, PCI, NIST, GLBA). 

• Client Support - Gather, assess and present the information security posture to customer (i.e., completion of request for information, contract language reviews, completion of due diligence questionnaires etc.). 

• Education and Awareness – develop and deliver information security awareness and training 

If you have the attributes, skills, and experience listed below, we want to hear from you. 

• Bachelor’s degree in risk management, cybersecurity, technology or equivalent 

 Preferred Experience & Qualifications 

• Cyber or risk management certifications 

• Understanding and knowledge of cyber regulatory and industry frameworks (i.e., SWIFT, NACHA, PCI, NIST, GLBA) 

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We're proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.