About NetApp
NetApp is the intelligent data infrastructure company, turning a world of disruption into opportunity for every customer. No matter the data type, workload or environment, we help our customers identify and realize new business possibilities. And it all starts with our people.
If this sounds like something you want to be part of, NetApp is the place for you. You can help bring new ideas to life, approaching each challenge with fresh eyes. We embrace diversity and openness because it's in our DNA. Of course, you won't be doing it alone. At NetApp, we're all about asking for help when we need it, collaborating with others, and partnering across the organization - and beyond.
"At NetApp, we fully embrace and advance a diverse, inclusive global workforce with a culture of belonging that leverages the backgrounds and perspectives of all employees, customers, partners, and communities to foster a higher performing organization."-George Kurian, CEO
GRC Analyst
Bengaluru, Karnataka, IndiaJob Summary
The GRC Analyst – Third Party Risk Management will focus on facilitating the review of third-party suppliers to ensure that third parties can adequately protect NetApp’s data and meet required disaster recovery expectations to guide the organization towards continuous compliance with ISO27001, DFARS/NIST 800-171, GDPR, and DORA framework guidelines. The analyst will work with the overall Security GRC team and internal business units to identify risks in third party relationships both at time of onboarding and throughout the relationship to support organizational objectives. The analyst will be responsible for all aspects of the third-party lifecycle, including internal risk assessments, evidence review, reporting, continuous monitoring, and incident response.
Job Requirements
• Ensures third parties are tracked and reviewed according to security standards within expected timelines
• Performs security reviews and identify security gaps resulting in remediations for the organization
• Engages with technical and business process owners to understand third party relationships and the services they will be providing to
• Reviews Master Service Agreements, End User Licensing Agreements and other contractual documents for appropriate security language as necessary
• Identifies security and continuity risks with third party relationships and escalates as appropriate to business and risk stakeholders
• Develops process documentation for completing third party reviews and assessments
• Defines and delivers appropriate GRC metrics, analytics, and scorecards; create monthly metric report
• Identifies opportunities for process automation through the use of analytics
• Interacts in both oral and written communications with all levels of technical and executive staff in matters related to third party security and continuity
• Works with Internal Audit and outside consultants as appropriate on required assessments and audits
• Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. DORA, GDPR, DFARS/NIST 800-171, ISO27001) or the risk register, risk exposure, risk reporting and handling of risk events.
• Excellent written and verbal communication skills.
• Strong analytical and problem-solving skills.
• Project management skills to plan, execute, and monitor initiatives.
• The ability to work well with people from many different disciplines with varying degrees of technical experience.
• Ability to stay current with emerging threats and industry trends to improve organization’s third party risk management posture
• Information security related training or certifications such as CISA, CISSP, or CRISC
• Experience performing information security audits or risk assessments
• Familiarity with Third Party Risk management processes
Preferred Qualifications
- BTech in Computers science or a related field required with a minimum of 5-9 years of related experience of which at least 7 years of experience in business process analysis is required and minimum 2 years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology related industry is required
Equal Opportunity Employer:
NetApp is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all laws that prohibit employment discrimination based on age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability or genetic information, pregnancy, and any protected classification.
Did you know...
Statistics show women apply to jobs only when they're 100% qualified. But no one is 100% qualified. We encourage you to shift the trend and apply anyway! We look forward to hearing from you.
Why NetApp?
We are all about helping customers turn challenges into business opportunity. It starts with bringing new thinking to age-old problems, like how to use data most effectively to run better - but also to innovate. We tailor our approach to the customer's unique needs with a combination of fresh thinking and proven approaches.
We enable a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time off each year to volunteer with their favourite organizations. We provide comprehensive benefits, including health care, life and accident plans, emotional support resources for you and your family, legal services, and financial savings programs to help you plan for your future. We support professional and personal growth through educational assistance and provide access to various discounts and perks to enhance your overall quality of life.
If you want to help us build knowledge and solve big problems, let's talk.
ApplyRelated content
Diversity, equity, inclusion, and belonging
We are a collection of diverse people from around the world with our own individual stories. We share the drive to create innovative, world-class products. We're One NetApp, and we find strength in celebrating our individuality.
NetApp Entry Level Careers Program
The NetApp Entry Level Careers Program is designed to help you grow your career, sharpen your skills, and foster meaningful relationships. When you join the Program, you join a diverse, global community where innovative ideas flourish.
Find your ideal job
In a world consistently defined by new expectations, can you quickly adapt for the success of our customers? We reward innovation and problem-solving.
Jobs for you
- Senior QA Automation Engineer Bengaluru, Karnataka, India
- Marketing Financial Analyst Remote - US
- Software QA Engineer Bengaluru, Karnataka, India
Your recently viewed jobs will appear here.
You have no saved jobs. Start browsing jobs here
Stay in touch
Equal Opportunity Employer*
NetApp is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination based on age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability or genetic information, pregnancy, protected veteran status and any other protected classification. We pledge to take every reasonable step to ensure that our applicants and employees are respected, treated fairly and with dignity. See the EEO poster (PDF). NetApp makes reasonable accommodations, consistent with applicable laws, for religious purposes and for the known physical or mental limitations of an otherwise qualified applicant or employee with a disability, who can perform the essential job functions unless undue hardship would result.
State-specific postings/notices to applicants regarding contract compliance can be found here in English and here in Spanish, and fair employment practice information can be found here.
Reasonable accommodation
If you are an applicant with a physical or mental disability that requires reasonable accommodation for any part of our application process, please email accessibility@netapp.com. Each request for reasonable accommodation will be considered on a case-by-case basis, consistent with applicable laws and regulations. Please note, this email address is only for accommodation requests; we do not accept unsolicited resumes.
Data privacy
We care about your privacy and therefore ask that you read our Applicant Privacy Policy (PDF) before you submit any personal information to us.
NetApp may use an automated employment evaluation tool or similar tool as one of several tools, actions, and/or steps to assist with NetApp’s review of candidate applications for various hiring needs. Currently, when addressing certain hiring needs, NetApp uses the Eightfold tool which can provide an initial ranking of a candidate’s skills and experience, based on information provided by the applicant in the application and/or supporting documentation, in comparison to the NetApp designated key requirements of a specific role. Additionally, the tool may be used to help review and /or rank internal employees seeking promotion or other internal mobility.
An independent audit of the Eightfold Matching Model tool can be found at https://eightfold.ai/nyc-eightfoldmatching-model.
Candidates may request an alternative selection process which will not be subject to the Eightfold matching tool or to any electronic automated employment evaluation by contacting NetApp at careers@netapp.com. To bypass the Eightfold matching tool or any electronic automated employment evaluation, you must include a resume and job ID with your email to careers@netapp.com and you must include in the subject line of your email: Data Privacy Request. Candidates who have questions or want to request additional information on the source of data, type of data, and/or collection of data related to the candidate review process should contact NetApp at careers@netapp.com
*Applies to applicants for employment in the United States.