Energy Impact Partners
Energy Impact Partners

Information Security GRC Senior Specialist - Unified Support

Clevest Solutions

Clevest Solutions

IT, Customer Service
Colombo, Sri Lanka
Posted on Thursday, April 18, 2024

Company Description

IFS is a billion-dollar revenue company with 6000+ employees on all continents. Our leading AI technology is the backbone of our award-winning enterprise software solutions, enabling our customers to be their best when it really matters–at the Moment of Service™. Our commitment to internal AI adoption has allowed us to stay at the forefront of technological advancements, ensuring our colleagues can unlock their creativity and productivity, and our solutions are always cutting-edge.

At IFS, we’re flexible, we’re innovative, and we’re focused not only on how we can engage with our customers but on how we can make a real change and have a worldwide impact. We help solve some of society’s greatest challenges, fostering a better future through our agility, collaboration, and trust.

We celebrate diversity and understand our responsibility to reflect the diverse world we work in. We are committed to promoting an inclusive workforce that fully represents the many different cultures, backgrounds, and viewpoints of our customers, our partners, and our communities. As a truly international company serving people from around the globe, we realize that our success is tantamount to the respect we have for those different points of view.

By joining our team, you will have the opportunity to be part of a global, diverse environment; you will be joining a winning team with a commitment to sustainability; and a company where we get things done so that you can make a positive impact on the world.

We’re looking for innovative and original thinkers to work in an environment where you can #MakeYourMoment so that we can help others make theirs. With the power of our AI-driven solutions, we empower our team to change the status quo and make a real difference.

If you want to change the status quo, we’ll help you make your moment. Join Team Purple. Join IFS.

Job Description

As a Governance Risk and Compliance (GRC) Senior Specialist, you’ll be responsible for strengthening our governance, risk management and compliance program to ensure adherence with regulatory requirements and industry best practices. You will partner across corporate, operations, and technology teams to implement tools and practices to enhance our processes related to third-party risk management, business continuity planning, controls assurance, and external auditor engagement.



Functional Governance and Risk Management

  • Drive functional governance requirements in accordance with corporate guidelines

  • Conduct regular risk assessments, reviews and discussions under the Corporate Risk Management Policy which includes identification and detection of potential threats and mitigation measures

  • Prioritize risks based on their severity by analyzing and evaluating their likelihood and potential impact after identification.

  • Collaborate internal departments within the organization to ensure a coordinated approach to manage risk

Support Compliance & Agreements

  • Support functional compliance with regulatory requirements ISO27001, SOC1, SOC2 .

  • Engage with internal and external customers and stakeholders to improve Information security posture.

  • Manage and prepares all documentation related to Governance, Risk and Compliance assessments in line with the standard operating procedures

  • Establish key performance indicators (KPIs) and metrics to measure the effectiveness of security risk, assurance & compliance management efforts.

  • Establish standard repeatable practices to maintain a balanced security and compliance control framework that meets necessary regulatory and contractual requirements.

  • Act as the focal point for external auditor activity/assessments; driving accountability and efficiency across teams.

Customer Facing Responsibilities

  • Handle customer inquiries on Product, Platform and Service information security compliance.

  • Drive the Information Security presence in organizational customer community forum

Any other duties as designated by the line manager.


  • Ability to work to deadlines and targets.

  • Ability to manage own time efficiently and effectively.

  • Fluency in the English language is mandatory, with the ability to communicate effectively and confidently both verbally and in written form, about complex technical topics, including reading and understanding technical documentation written in English.

  • Excellent communication and people skills to collaborate effectively with international, multi-discipline cross-functional teams.

  • A positive collaborator with a can-do attitude.

  • Detail-oriented with a proactive approach to problem-solving and the ability to change approach based on information gathered during the process.

  • Strong organizational skills and ability to multi-task.

  • Ability to self-learn and quickly understand new and changing technologies in a fast-moving service driven technology landscape.

  • Proactivity and ownership of work items in all aspects of the technical and team role.

  • Strong technical writing skills with the ability to create clear and concise documentation.

  • Familiarity with ServiceNow and Jira Cloud is highly desirable.


  • At least 5 years’ experience in security operations or information security role in the industry or a similar role.

  • Knowledge of Information Security Governance, Risk and Compliance.

  • Combined experience in information security, GRC, BCP/DR, and risk management.

  • Exposure to developing and implementing security compliance programs.

Optional Value Add

  • Demonstrated knowledge of cloud computing services or IT service management methodologies and best practices.

  • Professional certifications such as Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Auditor (CISA) is preferrable.

  • Strong knowledge of relevant security frameworks and standards (e.g., ISO, NIST CSF, PCI, ISO 27001, SOC 1/2).


  • Academic degree or formal qualification in Information Security, Computer Science, or Information Technology.

Additional Information

As a step in our recruitment process, all final candidates will undergo a background check, to get us an understanding of our future employees.

We respectfully decline all offers of recruitment and/or advertising assistance.

IFS Fact

IFS develops and delivers enterprise software for customers around the world who manufacture and distribute goods, build and maintain assets, and manage service-focused operations. The industry expertise of our people and solutions, together with a commitment to delivering value to every one of our customers, has made IFS a recognized leader and the most recommended supplier in our sector. Our team of 6,000 employees and growing ecosystem of partners support more than 10,000 customers around the world challenge the status quo and realize their competitive advantage. Learn more about how our enterprise software solutions can help your business today at