Risk & Compliance Analyst - Cyber Security

Job Summary:

We are seeking a detail-oriented and experienced Risk & Compliance Analyst – Cyber Security to support and strengthen the organization’s information security governance framework. The role involves identifying and assessing cyber risks, ensuring compliance with regulatory and industry standards, supporting audits, and driving remediation efforts to reduce risk exposure.

Key Responsibilities:

• Conduct enterprise-wide cybersecurity risk assessments and maintain risk registers.
• Identify control gaps, assess vulnerabilities, and recommend remediation strategies.
• Ensure compliance with security standards and frameworks (ISO 27001, NIST CSF, SOC 2, PCI-DSS, GDPR, etc.).
• Perform IT General Controls (ITGC) testing and compliance monitoring.
• Support internal, external, and regulatory audits; track and close audit findings.
• Develop, review, and update information security policies, procedures, and SOPs.
• Manage third-party/vendor risk assessments and ongoing compliance reviews.
• Collaborate with IT, DevOps, and Security teams to implement corrective controls.
• Monitor changes in regulatory requirements and assess organizational impact.
• Prepare compliance dashboards, risk reports, and presentations for management.
• Assist in incident response reviews from a risk and compliance perspective.

Required Skills & Competencies:

• Strong knowledge of cybersecurity frameworks and governance standards.
• Experience in risk assessment methodologies and control validation.
• Hands-on experience with GRC tools (e.g., Archer, ServiceNow GRC, MetricStream).
• Understanding of cloud security compliance (AWS, Azure, GCP).
• Familiarity with data privacy regulations and security best practices.
• Strong analytical, documentation, and reporting skills.
• Excellent communication and stakeholder management abilities.
• Ability to manage multiple projects and deadlines effectively.

Qualifications & Experience:

• Qualification: Bachelor’s Degree in Information Security, IT, Computer Science, or related field.
• Experience: 4–7 years of relevant experience in Cybersecurity Risk, IT Compliance, or Information Security Governance.
• Preferred Certifications: CISA, CISM, CRISC, ISO 27001 LA/LI, CISSP.

Job Types: Full-time, Permanent

Pay: ₹40,000.00 - ₹45,000.00 per month

Benefits:

• Provident Fund

Work Location: In person