Info Security GRC Analyst

At MoneyGram, we connect the world by making cross-border money transfers seamless, affordable, and secure for everyone. We are seeking an Info Security GRC Analyst who will collaborate with process owners, internal auditors, external auditors, and other stakeholders to assist in support of IT internal controls and compliance across all divisions and multiple technology platforms. Reviewing, monitoring, and resolving findings. This includes leveraging MGI's internal controls framework against key compliance frameworks and integrating into our GRC platform to accomplish one test to many controls. By supporting the implementation of internal and external assessments, responding to and managing the full lifecycle of compliance audits, and ensuring compliance with existing and emerging regulations and standards including SOC2, SOC1, ISO 27001, PCI, SOX and SWIFT, and other GRC activities, the GRC Analyst will also contribute to the transformation of the company’s IT controls and compliance program.

What you will get to do :

• Support SOC, SOX, PCI and SWIFT audits and compliance programs
• Promote widespread implementation of MGI controls framework
• Maintain and monitor a central repository for audit evidence within GRC tool (Onspring)
• Inform the proper stakeholders of important concerns and hazards
• Serves as primary contact with auditors, business owners and/or vendors to develop and document new procedures, techniques and remediation plans.
• Work together with other stakeholders to link our corporate IT, procurement, and privacy departments with GRC objectives
• Review security standards, policies, and practices on an annual basis to make sure they meet corporate demands and regulatory requirements
• Assist the department in responding to inquiries from the business units about ongoing operational compliance
• Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements
• Share information with managers to avoid surprises, draw attention to problems, and guarantee delivery on time
• Liaison for the annual IT testing for internal and external audits, risk assessments, and regulatory, legal, and policy compliance
• Conducts interview sessions with internal teams to prepare for IT testing activities
• Collaborate with leadership on compliance-related concerns and present findings and suggestions to them
• Ensure prompt turnarounds by supporting internal and external audit requests
• Inform others about IT issues and shortcomings to ensure that remedial action plans are in place
• Make suggestions for repeatable, quantifiable, and long-lasting remediation programs, and follow up on action plans until they are completed
• Develop IT documentation for IT internal controls in consultation with IT, including IT process narratives, process flows, and documented control actions
• Support governance tools (Onspring) for risk and compliance to support IT compliance activities
• Ensure compliance with the IT frameworks by helping IT control owners implement and validate controls for the processes of access management, release management, change management, and vendor management
• Work with control owners to ensure controls are actively managed and monitored throughout the year
• Collaborate with IT on how to efficiently adhere to IT standards and proactively reduce risks
• Cooperate with business partners to help IT satisfy new and existing regulatory obligations across all divisions, including needs from other countries
• Create and maintain productive working relationships with key business, internal audit, and compliance officials as well as IT staff from each division
  
  

Who you are :

Education

Bachelor’s degree in information cybersecurity, risk management, governance, or a related field

Experience

3-5 years’ experience working in a security, fraud or risk management function or equivalent experience in a distributed computing environment that includes in-depth knowledge of applications and systems.

Essential Skills

• Direct experience in information security, with a main emphasis on risk and controls.
• Thorough understanding of market structures, including relevant regulatory compliance requirements (ISO27001, SOC1, SOC2, NIST, PCI, GDPR and Swift)
• Comprehensive understanding of evaluating third-party SSAE 16 (SOC 1) reports and contracts to ensure that the third-party vendors and partners have effective internal control programs and identify any risks they might present
• Knowledge of identity management standards, storage, and disaster recovery in the cloud
• Experience with GRC tool techniques and best practices (OnSpring, OneTrust, Archer)
• Proven track record of organizing and carrying out several risk and compliance projects
• Ability to successfully manage third-party audits, compile evidence, and organize audit responses
• Keen attention to detail
• Effective written and verbal communication skills and the capability to communicate with cross-functional teams
• Proven analytical and problem-solving abilities for managing initiatives that advance corporate goals
• Oracle Data Warehouse, EBS.
• MS365,Excel, Word, Visio, PowerPoint, SharePoint
• Experience with MoneyGram applications (preferred).
• ServiceWorks, Mainframe, Profile Editor.
• Outstanding analytical skills and ability to synthesize situations for corresponding solutions.
• Ability to communicate to technical teams in a clear, concise format.
• Self-starter; demonstrates personal initiative and willingly assumes responsibility and ownership.
• Strong organizational and time management skills.
  
  

Location :

This position is based in India. While this is a virtual role it is required to reside in this country.

About MoneyGram

MoneyGram International, Inc. is a global financial technology leader, empowering consumers and businesses to send and manage money across over 200 countries and territories. With an industry-leading app and one of the world’s largest cash distribution networks, MoneyGram processes more than $200 billion annually, serving over 50 million people. A pioneer in blockchain technology, the company enables customers to buy, sell, and hold digital currencies, with over 50% of transactions now digital. Headquartered in Dallas, Texas, MoneyGram is celebrated for its strong culture, earning the Top Workplaces USA award three years in a row.

Some of the benefits you will be entitled to :

• Comprehensive Health Insurance - Full coverage for you and your family, including dental and vision care. Stay healthy and worry-free!
• Life and Accident Insurance - Peace of mind with coverage that protects you and your loved ones.
• Community Service Days - Make a difference! Enjoy paid days off to volunteer and give back to your community.
• Tuition Reimbursement - Invest in your future with our tuition reimbursement program. We support your educational and career growth.
• Transfer Fee Reimbursement - Corporate products and services at discounted prices. We’ve got you covered.
• Employee Assistance Program - Access to confidential counseling and support services for personal and professional well-being.
• Employee Referral Program - Help us grow our team! Earn rewards for referring talented friends and colleagues.
  
  

Primary Location

India-Maharashtra-Mumbai

Work Locations

IN_Corp_Mumbai_Bandra Kurla Complex suite 1126,1127,1128

Job

Information Security

Organization

Information Technology

Full-time

Job Posting

May 19, 2025, 10:46:47 AM

Any combination of relevant education and experience and/or related professional designations/certifications in this field is highly desirable.

Education

• Minimum Required: BA/BS degree
  
  

Experience

• 5+ years' Information Security or equivalent experience in a distributed computing environment to include in-depth knowledge of applications and systems.
  
  

Essential Skills

• Knowledge of business impact analysis methodologies.
• Significant technology experience.
• Knowledge to support recovery strategy design and testing.
• Strong analytical and problem-solving skills.
• Ability to adapt to potentially ever-changing situations and ability to work well under pressure.
• Knowledge of policy, standards and procedure documentation, and policy maintenance.
• Ability to present self in a confident and professional manner.
• Ability to deal with all levels of individuals, internal and external.
• Excellent communication skills, both written and verbal.
• Excellent customer service skills.