Job Description
Location: Bhubaneswar, Odisha
Department: Information security
Reports To: IT Head
Employment Type: Full-time
Experience Level: L3 (Senior Level)
Role Summary
The IT Infrastructure Compliance L3 will be responsible for ensuring that internal IT infrastructure and customer environments comply with applicable security, regulatory, and industry standards. This includes conducting internal audits, gap analyses, and documentation for both internal company policies and external customer requirements. The role will bridge technical implementation and formal compliance, ensuring that evidence and controls are consistently maintained and verifiable.
Key Responsibilities
- Plan, execute, and document internal IT infrastructure audits covering network, servers, cloud platforms, identity management, endpoint security, and access controls.
- Perform gap analyses against frameworks such as PCIDSS, ISO 27001, GDPR, DPDP or other customerspecific standards, identifying noncompliance and recommending remediation.
- Maintain and update policy, process, and control documentation for internal IT and security policies, including SOC documentation, SOPs, and procedure manuals.
- Coordinate with IT administrators, security teams, and customer contacts to collect evidence, validate control implementation, and prepare for external audits or customer reviews.
- Assist in preparing compliance reports, dashboards, and artefacts (e.g., network diagrams, control matrices, evidence packs) for internal stakeholders and customers.
- Track and manage compliance timelines, findings, and remediation for internal audits, customer assessments, and regulatory reviews.
- Support the implementation of security controls around AD, Azure, MDM, DLP, EPP, and other relevant technologies based on audit and compliance requirements.
- Stay updated on emerging regulations, standards, and best practices relevant to cloud, SaaS, and managedservices environments.
Required Skills And Qualifications
- Bachelor's degree in IT, Computer Science, Cybersecurity, or related field.
- 4–6 years of experience in IT infrastructure, security, or compliance, preferably in a services or MSP environment.
- Strong understanding of:
ü IT compliance frameworks (e.g., PCIDSS, ISO 27001, SOC2, GDPR, DPDPA or similar)
ü Internal audit and gapanalysis methodologies
ü IT infrastructure components (networking, servers, cloud, AD, identity, endpoint security)
- Experience in documentation, evidence collection, and preparing audit reports.
- Ability to translate technical configurations into compliance language and evidence.
- Excellent written and verbal communication skills to deal with internal teams, auditors, and customers.
Preferred Qualifications
- Certifications such as CISA, CISSP, ISO 27001 Lead Auditor, PCI QSA, or similar.
- Prior experience participating in external audits or customer compliance reviews.
- Familiarity with ticketing, GRC, or auditmanagement tools.
check(event) ; career-website-detail-template-2 => apply(record.id,meta) mousedown=lyte-button => check(event) final-style=background-color:#3945A0;border-color:#3945A0;color:white; final-class=lyte-button lyteBackgroundColorBtn lyteSuccess lyte-rendered=>
