Senior InfoSec Compliance Analyst
- Onit
- 6 - 8 years
- Pune
- 1 month ago
- Email to a friend
- Report this job
Job Description
- Lead the planning and execution of security audits (e.g., ISO 27001, SOC 2, PCI DSS, HIPAA, NIST, GDPR).
- Assess, implement, and maintain new compliance frameworks or controls, leading cross-functional projects for certifications or attestations (e.g., achieving new levels of SOC 2, ISO 27001, or industry-specific standards).
- Lead compliance-related projects, including process improvements, tool implementations (e.g., GRC platforms), and policy roll-outs.
- Oversee and coordinate penetration testing activities and manage third-party penetration testing vendors.
- Complete and manage responses to customer security and privacy questionnaires, providing evidence of controls to support sales.
- Perform risk assessments; document findings and collaborate with stakeholders to mitigate risks.
- Develop, review, and maintain security policies, procedures, and standards.
- Serve as the point of contact for compliance-related incidents and inquiries, conducting investigations and documenting findings.
- Support vendor management by performing third-party security assessments
- Mentor and coach junior analysts, promoting a team culture of knowledge-sharing and professional growth.
- Bachelor s degree in Information Security, Computer Science, or a related field.
- Minimum of 6-8 years of experience in years of experience in information security compliance, risk management, or IT audit.
- Proven experience managing and implementing major compliance frameworks (e.g., ISO 27001, SOC 2, NIST, PCI DSS, HIPAA, GDPR, etc.).
- Hands-on experience with penetration testing oversight and third-party risk assessments.
- Track record of leading or participating in successful compliance audits, certifications, and attestation projects.
- Experience managing multiple compliance projects and initiatives simultaneously.
- Ability to lead cross-functional teams and work collaboratively across departments.
- Self-motivated and proactive, with strong organizational and time-management skills.
- Strong analytical, investigative, and problem-solving skills.
- Strong written and verbal communication skills.
- Audit experience working with Enterprise SaaS software is a plus.
- Auditing knowledge of AWS and cloud infrastructures a plus.
- Professional certifications such as CISA, CISSP, or similar strongly desired.
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT Infrastructure ServicesRole: IT AuditEmployement Type: Full timeContact Details:
Company: OnitLocation(s): Pune
Keyskills: Computer science Cisa Information security SOC ISO 27001 Risk management Compliance Analyst Auditing Penetration testing IT audit
Similar positions
Onit
FLYONIT is a global IT solutions company founded in 2009, headquartered in Australia, with offices in the USA and India. It offers services like web design, mobile apps, cloud computing, IT infrastructure, and business consultancy. The company focuses on delivering cost-effective and customized tech...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in