Analyst -Risk & Compliance

Open position

Bangalore
3-5 Years

Roles & Responsibilities:

  • Assist to Implement, maintain, and manage security compliance frameworks, including ISO 27001, PCI DSS, SOC2 Type2, GDPR, DPDPA and other regulatory standards.
  • Act as a liaison with product vendors, conduct Proof of Concepts (POC), and generate reports on findings. Be the conduit between Customer Audit teams and Indusface internal teams. Represent the organization for 2nd party audits by customers. For e.g. Third-party risk management audits.
  • Assist in conducting internal security audits to identify risks and ensure compliance with organizational policies.
  • Assist in performing risk assessment and management, identifying vulnerabilities, and recommending mitigation strategies.
  • Be a versatile player for security compliance, addressing queries and ensuring adherence to best practices.
  • Assist in preparing and deliver internal presentations on the organization’s security posture and compliance status.
  • Assist in developing, review, and update security policies and procedure documents to align with industry standards.
  • Manage and maintain the security review and audit charter, ensuring all compliance activities are well-documented.

Candidate Profile:

  • Bachelor’s degree in information security, Cybersecurity, IT, or a related field.
  • 3-5 years of experience in security compliance, risk assessment, or IT security audits.
  • Knowledge of ISO 27001, PCI DSS, and other compliance frameworks.
  • Experience conducting risk assessments and internal audits.
  • Ability to analyze security risks and recommend mitigation strategies.
  • Documentation and policy-writing skills.
  • Excellent communication and presentation skills.
  • Ability to work independently and collaborate with cross-functional teams.
  • Exposure to GRC tools is needed
  • Certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Auditor.
  • Hands-on experience with security tools and technologies.
Indusface
Indusface

Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.

Join us

Resume *
Invalid file type please choose a PDF or DOC

Have a friend who
would love this?

Linkedin Icon - Indusface Share with your network
Refer A Friend Program - Indusface