resu·mail

Senior GRC Analyst

at Workato

Bangalore, India Senior Posted 2026-05-07

Don't apply into the void — reach the hiring manager

ResuMail finds the recruiters and hiring managers behind this Senior GRC Analyst role at Workato, drafts a personalised outreach email, and schedules the send — so your application actually gets seen.

Reach the hiring manager ›

About this role

<div class="content-intro"><h1><span style="font-family: helvetica, arial, sans-serif;"><strong>About Workato</strong></span></h1> <p>Workato delivers enterprise infrastructure for the agentic era, redefining iPaaS and helping enterprises unify data, applications, processes, and AI into a single, governed platform. A leader in Enterprise MCP and trusted by 50% of the Fortune 500, Workato’s cloud-native architecture connects every application, data source, and process to power real-time orchestration at scale. With enterprise-grade security and continuous innovation at its core, Workato provides the trusted foundation for organizations to automate with confidence and operationalize AI across the business. To learn more, visit <span><a href="http://www.workato.com" target="_blank">www.workato.com</a></span></p> <h1><strong>Why join us?</strong></h1> <p><span style="font-weight: 400;">Ultimately, Workato believes in fostering a </span><strong>flexible, trust-oriented culture that empowers everyone to take full ownership of their roles</strong><span style="font-weight: 400;">. We are driven by </span><strong>innovation </strong><span style="font-weight: 400;">and looking for</span><strong> team players </strong><span style="font-weight: 400;">who want to actively build our company.&nbsp;</span></p> <p><span style="font-weight: 400;">But, we also believe in </span><strong>balancing productivity with self-care</strong><span style="font-weight: 400;">. That’s why we offer all of our employees a vibrant and dynamic work environment </span><a href="http://www.workato.com/careers"><span style="font-weight: 400;">along with a multitude of benefits</span></a><span style="font-weight: 400;"> they can enjoy inside and outside of their work lives.&nbsp;</span></p> <p><span style="font-weight: 400;">If this sounds right up your alley, please submit an application. We look forward to getting to know you!</span></p> <p><span style="font-weight: 400;">Also, feel free to check out why:</span></p> <ul> <li style="font-weight: 400;"> <p><a href="https://www.businessinsider.com/47-enterprise-startups-to-bet-your-career-on-in-2020-2019-12"><span style="font-weight: 400;">Business Insider</span></a><span style="font-weight: 400;"> named us an “enterprise startup to bet your career on”</span></p> </li> <li style="font-weight: 400;"> <p><a href="https://www.forbes.com/cloud100/#a57477b5f941"><span style="font-weight: 400;">Forbes’ Cloud 100</span></a><span style="font-weight: 400;"> recognized us as one of the top 100 private cloud companies in the world</span></p> </li> <li style="font-weight: 400;"> <p><a href="https://www2.deloitte.com/us/en/pages/technology-media-and-telecommunications/articles/fast500-winners.html"><span style="font-weight: 400;">Deloitte Tech Fast 500</span></a><span style="font-weight: 400;"> ranked us as the 17th fastest growing tech company in the Bay Area, and 96th in North America</span></p> </li> <li> <p><a href="https://qz.com/work/2053446/the-best-companies-for-working-from-home/"><span style="font-weight: 400;">Quartz</span></a><span style="font-weight: 400;"> ranked us the #1 best company for remote workers</span></p> </li> </ul></div><h1><strong>Responsibilities</strong></h1> <p>We are looking for an exceptional <strong>Senior GRC Analyst </strong>to join our growing team. In this role, you will lead compliance assessments for frameworks such as <strong>NIST 800-171</strong>,<strong> ISO 27001</strong>,<strong> NIST 800-53 (FedRAMP)</strong>,<strong> PCI</strong>,<strong> MLPS and IRAP</strong>, while also driving broader security compliance efforts. The ideal candidate will use strong analytical, communication, and problem-solving skills to evaluate controls, identify gaps, and recommend improvements across security domains. You will also be responsible for:</p> <ul> <li> <p>Lead and participate in both internal and external audits for frameworks including <strong>ISO 27001/27701</strong>,<strong> PCI-DSS</strong>,<strong> NIST 800-171</strong>,<strong> NIST 800-53 (FedRamp)</strong>,<strong> and IRAP</strong></p> </li> <li> <p>Experience using or exploring AI/automation tools to enhance, streamline, or scale Governance, Risk, and Compliance (GRC) processes and workflows</p> </li> <li> <p>Manage and oversee risk, compliance, and governance initiatives across teams</p> </li> <li> <p>Coordinate with process owners, control owners, auditors, and consultants to ensure findings are tracked and addressed</p> </li> <li> <p>Conduct risk assessments, security audits, and third-party/vendor risk reviews</p> </li> <li> <p>Review contracts to ensure security and compliance requirements are met</p> </li> <li> <p>Identify process gaps and recommend improvements to enhance the organization’s security posture</p> </li> <li> <p>Communicate risks and compliance requirements clearly to both technical and non-technical stakeholders</p> </li> <li> <p>Perform regular user access reviews</p> </li> <li> <p>Develop and track remediation plans for identified risks and issues</p> </li> <li> <p>Maintain and update the risk register</p> </li> <li> <p>Oversee vendor security assurance processes</p> </li> <li> <p>Collaborate with stakeholders to design and implement effective internal controls aligned with regulatory standards</p> </li> <li> <p>Support risk and security discussions across cross-functional teams</p> </li> <li> <p>Build strong working relationships across departments</p> </li> <li> <p>Take on additional responsibilities as needed</p> </li> </ul> <h1><strong>Requirements</strong></h1> <h3><strong>Qualifications / Experience / Technical Skills</strong></h3> <p><strong>Please note that the working hours for this position are from 2:00 PM to 11:00 PM IST (overlap with U.S. Pacific Time required)</strong></p> <ul> <li> <p><strong>8+ years of experience</strong> in cybersecurity programs, audits, risk management, compliance, or remediation</p> </li> <li> <p>Experience working with cloud platforms such as AWS, Azure, or Google Cloud</p> </li> <li> <p>Proven ability to negotiate and prioritize risk remediation with internal stakeholders</p> </li> <li> <p>Bachelor’s degree in Information Systems, Computer Science, Information Security, or a related field</p> </li> <li> <p>Strong understanding of security controls, including cloud environments, firewalls, IDS/IPS, and vulnerability management</p> </li> <li> <p>Familiarity with NIST 800-171 and NIST Risk Management Framework (NIST 800-53)</p> </li> <li> <p>Experience auditing frameworks such as <strong>PCI-DSS</strong>,<strong> SOC 2</strong>,<strong> and ISO 27001/27701</strong></p> </li> <li> <p>Relevant certifications (<strong>CISSP</strong>, <strong>CISA</strong>, <strong>PCI ISA</strong>,<strong> ISO</strong>, or similar) are preferred</p> </li> <li> <p>Ability to manage multiple priorities independently with minimal supervision</p> </li> </ul> <h3><strong>Soft Skills / Personal Characteristics</strong></h3> <ul> <li> <p>Strong communication skills with the ability to translate compliance requirements into technical actions</p> </li> <li> <p>High energy and adaptability in a fast-paced environment</p> </li> <li> <p>Strong collaboration and a knowledge-sharing mindset</p> </li> <li> <p>Excellent time management and organizational skills</p> </li> <li> <p>High attention to detail, integrity, and ethical standards</p> </li> <li> <p>Willingness to learn and take on new challenges</p> </li> </ul> <h3><strong style="font-size: 14px;">Additional requirements</strong></h3> <ul> <li> <p>May involve some international travel</p> </li> <li> <p>This position requires overlap with U.S. Pacific Time (PST) working hours. Candidates should be available and flexible to work from <strong>2:00 PM to 11:00 PM IST</strong>.</p> </li> <li> <p>Strong hands-on experience with PCI audits, ISO 27001, NIST 800-171, FedRamp, SOC 2, and potentially IRAP is required.</p> </li> </ul> <h3><strong style="font-size: 14px;">To help your application stand out, please take time to answer the Job Application Questions below clearly and concisely. All submissions are reviewed by our Hiring Team, not evaluated by AI.</strong></h3> <p><strong>(REQ ID: 2760)</strong></p>

How to get this job at Workato

  1. Don't rely on the portal. Cold applications for a role like Senior GRC Analyst land in a pile of hundreds. A direct, personalised message to the hiring manager or a referrer is the fastest way in.
  2. Find the right person. ResuMail surfaces the actual recruiters and hiring managers at Workato — not a generic careers inbox.
  3. Send tailored outreach. ResuMail drafts an email personalised to your resume and this role, then paces and schedules sends so you stay out of spam.
  4. Follow up. One polite nudge after 5–7 days roughly doubles reply rates — scheduled for you.

Reach Workato's hiring managers today.

Free to start. No credit card. Built for Indian job seekers.

Start free with ResuMail ›