Our Purpose "Move people through the wonders of Sport"

YOUR MISSION AT DECATHLON:

DECATHLON is accelerating its digital transformation with an ambitious mission of becoming THE digital sports platform that will allow customers to discover sports through many local experiences across the world.

Our goal is to create an open ecosystem in order to connect numerous actors and third-party services, in a safe and efficient way. Our Technology & Digital teams based in Bengaluru are united to build and grow Decathlon India digital products & solutions with the aim of always offering the best value to 1.3 billion users in India.

We are looking for a GRC Analyst with 3–5 years of experience to lead our Third-Party Risk Management (TPRM) program. You will be responsible for ensuring that our vendors meet our security standards and data privacy requirements. This role sits at the intersection of security, legal, and procurement.Key Responsibilities (Must Have)

• Understanding the Engagement by liaising with the partner.

• Vendor Assessment: Conduct end-to-end security reviews of third-party vendors using industry-standard questionnaires.

• Clear understanding of data flow diagrams and architecture reviews.

• DPA Review: Partner with the Legal team to review Data Processing Agreements (DPAs), ensuring appropriate technical and organizational measures are in place.

• Risk Mitigation: Identify gaps in vendor security postures and negotiate remediation plans before contract signatures.
  
  
  Key Responsibilities (Good to have)

• Internal Audit: Support internal audit cycles (ISO 27001/PCI DSS) by gathering evidence and performing gap analyses on internal controls.

• Risk Register Management: Maintain the corporate risk register, ensuring vendor risks are quantified and reported to stakeholders.
  
  
  

Qualification : B.Tech or equivalent degree

Work Location: Whitefield, Bengaluru (4 days from office)

Experience: 3–5 years of core experience in GRC/TPRM.

Contract Type : Third Party Payroll Contract