This job has closed.

ITC Infotech · 3 hours ago

GRC Analyst

United States

Contract

Remote

Mid, Senior Level

ITC Infotech is a leading global technology services and solutions provider, and they are seeking an experienced Cloud Security Governance Consultant to develop and manage cloud security policies and compliance for a healthcare-regulated environment. The role involves ensuring alignment with HIPAA, HITRUST, and other security requirements across major cloud platforms.

ConsultingCRMEnterprise SoftwareInformation TechnologyIT ManagementSoftwareTravel

H1B Sponsor Likely

Responsibilities

Create and maintain cloud security policies aligned to HIPAA, HITRUST, and internal standards

Define approved cloud security architectures and governance frameworks

Establish RACI roles for security ownership and accountability

Continuously update policies based on regulatory and technology changes

Build cloud configuration standards for AWS, Azure, and GCP covering identity, encryption, compute, storage, network, and application security

Define standards for logging, auditing, analytics, AI/ML, and security tooling

Support secure coding and application security practices

Map cloud controls to CIS benchmarks, HITRUST, and internal KPIs

Maintain unified cloud configuration checklists across all cloud providers

Define approval workflows for new cloud services, applications, and modules

Document secure SDLC processes across design, build, and test stages

Create security checklists for new, migrated, and internally developed applications

Validate HITRUST compliance for certified applications and cloud accounts

Define secure hosting, operating procedures, and configuration baselines

Build monitoring, logging, vulnerability management, and incident response processes

Oversee change management and secure SDLC integration

Establish DR, backup, and cloud resiliency strategies

Document approved cloud security architectures and network design guidelines

Define encryption, remote access, and security zone requirements

Maintain a zone-to-zone communication policy matrix

Enforce IDS/IPS, DLP, and firewall security requirements

Define cloud security tagging requirements and ownership standards

Integrate missing/incorrect tags into vulnerability escalation workflows

Qualification

Cloud security governanceHIPAA complianceAWS security configurationsAzure security configurationsGCP security configurationsVulnerability management toolsCloud security certificationsHealthcare data classificationExceptional communication skillsLead cross-functional teams

Required

Strong experience in cloud security governance, compliance, and policy development

Deep understanding of HIPAA, HITRUST, CIS benchmarks, and healthcare security frameworks

Expert knowledge of AWS, Azure, and GCP security configurations

Experience with vulnerability management tools (e.g., Qualys, Varonis)

Exceptional written and verbal communication and presentation skills

Preferred

HITRUST certification or equivalent compliance expertise

Cloud security certifications (AWS, Azure, GCP, or equivalent)

Understanding of healthcare data classification and regulatory requirements

Ability to lead cross-functional teams and drive RACI-based accountability

Company

ITC Infotech

Glassdoor3.8

ITC Infotech offers domain, data, design, digital solutions for supply chain & service based companies.

Founded in 2000

Bengaluru, Karnataka, IND

10001+ employees

http://www.itcinfotech.com

H1B Sponsorship

ITC Infotech has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (81)

2024 (103)

2023 (132)

2022 (123)

2021 (110)

2020 (214)