Location
Mumbai | India
Job description
- This position will be responsible for supporting the Director of Information Security in managing ContractPodAi s information security, audit, and compliance programs
- The Information Security Compliance Analyst will work to ensure ContractPodAi maintains its compliance to external customer and regulatory requirements
- The Information Security Compliance Analyst will be responsible for supporting the core services of the Information Security group
- They will need knowledge and understanding in IT/IS Operational processes, customer assurance, compliance, and audit readiness
RESPONSIBILITIES:
- Supports various compliance audits by coordinating with external auditors and customers to understand security requirements; providing sufficient artifacts to fulfill requests; and communication with internal stakeholders for audit readiness and areas of improvement.
- Delivers security assurance to customers by completing questionnaires and providing appropriate security documentation.
- Engages third party auditors to effectively communicate ContractPodAi s security program.
- Works with internal teams to properly communicate audit requirements and gather necessary evidence for ContractPodAi to successfully pass audits and customer requirements.
- Assists the Director of Information Security with maintaining information security policies, procedures, and evidence related to compliance.
- Identifies gaps between information security policies, procedures, and standards with control frameworks and communicates those gaps to the Director of Information Security and internal stakeholders.
- Uses compliance tools to track compliance efforts, align policies to control frameworks, and document evidence of compliance to control frameworks.
- Other duties as assigned.
REQUIRED COMPETENCIES:
- 4+ years of prior compliance experience.
- Hands on Information Security and/or security compliance experience with Information Security standards, technology, and monitoring.
- Familiarity with the following: ISO 27001, NIST 800-53, NIST CSF, FedRAMP, SOC 2, and GDPR.
- Excellent interpersonal, communication and writing skills, with the proven ability to communicate and translate technical concepts, requirements, and issues to technical and non-technical business audiences.
- Ability to manage demands of internal and external customers and auditors through email, messaging platforms, portals, and process requests.
- Detail oriented, self-motivated, and a problem solver.
- Ability to multitask and prioritize with little direct supervision.
- Auditing or leading experience responding to audits against control frameworks.
- Knowledge of best Azure Security practices.
- Risk assessments.
Certifications: CISA/CRISC, CISSP, Relevant SANS security training.
BENEFITS & PERKS:
- Competitive salary
- Opportunity to work in a fast-moving, high growth SaaS company
- Paid Time off
- Generous Employee Referral program
Job tags
Salary