We are hiring a Senior Analyst – Cybersecurity Audit & Compliance to support cybersecurity governance, risk, and compliance (GRC) initiatives. This role focuses on performing security audits, ensuring compliance with global standards, identifying risks, and supporting internal and external audit requirements. The ideal candidate will have strong experience in cybersecurity compliance frameworks and a solid audit mindset.
Key Responsibilities
- Perform cybersecurity audits and compliance assessments across IT systems, applications, and processes.
- Ensure adherence to cybersecurity frameworks and standards such as:
- ISO 27001
- SOC 2
- NIST
- Identify security gaps, risks, and vulnerabilities, and recommend corrective actions.
- Support risk assessments, risk treatment plans, and mitigation strategies.
- Assist in internal and external audits, including evidence collection and audit response coordination.
- Develop and maintain compliance documentation including policies, procedures, reports, and audit trails.
- Collaborate with cross-functional teams (IT, Security, Operations, Business Units) to strengthen the overall security posture.
- Track remediation progress and ensure timely closure of audit findings.
Required Skills & Experience
- Strong knowledge of cybersecurity frameworks and standards (ISO 27001, SOC 2, NIST).
- Proven experience in IT Audit, Cybersecurity Audit, Risk Management, and Compliance (GRC).
- Good understanding of information security principles, controls, and best practices.
- Familiarity with audit tracking, risk assessment tools, and compliance reporting processes.
- Strong analytical, documentation, and reporting skills.
- Excellent communication and stakeholder management abilities.
Preferred Qualifications
- Certifications such as:
- CISA
- CISM
- ISO 27001 Lead Auditor (Good to have)
- Prior experience in cybersecurity compliance and audit roles within regulated environments.
Ideal Candidate Profile
- Detail-oriented and process-driven with a strong compliance mindset.
- Comfortable working in structured environments with strict governance requirements.
- Ability to manage multiple audits and compliance deliverables efficiently.
