RoboQuess Infotech Private Limited, a dynamic and innovative software development company, seeks highly skilled and motivated Senior Analyst - Risk & Compliance to join our Cyber Security Services Department.
Position: Senior Analyst - Risk & Compliance
Location:New Delhi, India (Onsite)
Experience Level: Minimum 35 years of experience
Notice Period: 15 days / Immediate joiners
Role Overview
As a Senior Analyst - Risk & Compliance within our Cyber Security Practice, you will play a pivotal role in standardizing, operationalizing, and managing both internal and client-facing regulatory compliance frameworks. Working within a dynamic consulting environment, you will collaborate with cross-functional internal teams and engage directly with clients to ensure effective implementation and maintenance of security and risk frameworks across multiple standards.
Key Responsibilities
- Certification & Compliance Support: Collaborate with internal teams and external clients to prepare, review, and maintain documentation for certifications and audits across various standards (e.g., ISO 27001, PCI DSS, SOC 2, GDPR, HIPAA, SAMA, PDPL, DPDP).
- Process Improvement & Standardization: Lead initiatives to streamline and enhance internal assurance and external client compliance processes, promoting efficiency and repeatability across engagements.
- Client Engagement & Advisory: Act as a subject matter expert (SME) and point of contact for client security questionnaires, RFPs/RFIs, and compliance-related discussions.
- Security Documentation & Knowledge Management: Develop, maintain, and manage security control documentation and knowledge repositories for both internal use and client engagements.
- Internal Controls & Awareness Programs: Contribute to internal and client-facing awareness initiatives related to IT controls, regulatory requirements, and audit readiness.
- Risk & Security Assessments: Participate in and lead internal and client-side risk assessments, including third-party/vendor risk assessments and gap analyses against regulatory frameworks.
- Regulatory Monitoring: Stay current on emerging regulations, data protection laws, and cybersecurity compliance trends; share insights with Internal stakeholders and clients.
- Policy Governance: Support adherence to organizational and client policies, procedures, and security standards.
Qualifications
Education:
Bachelor's degree in information security, Computer Science, or related discipline (preferred).
Experience:
3-5 years of experience in risk management, IT audit, or cybersecurity compliance preferably in a consulting or professional services environment.
Technical Skills:
- Proficient in Microsoft Office Suite (Excel, Word, PowerPoint, Visio, SharePoint).
- Familiarity with compliance frameworks such as ISO 27001, PCI DSS, SOC 2, HIPAA, HITRUST, GDPR, SAMA, PDPL, DPDP, etc.
Certifications (preferred)
CISA, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, or similar credentials.
Key Competencies
- Strong project management and stakeholder facilitation skills.
- Ability to manage multiple client engagements and internal initiatives concurrently.
- Exceptional verbal and written communication skills.
- High attention to detail and analytical problem-solving mindset.
- Ability to adapt to rapidly changing regulatory environments and client needs.
- Experience working with or supporting IT, GRC, and InfoSec teams.
Interested candidates may send their resume to [Confidential Information].
