GRC/Information Security Analyst

Job Overview:The Information Security Analyst supports client engagements by assisting in the implementation and maintenance of information security frameworks based on industry standards such as ISO 27001, ISO 27701, ISO 20000, ISO 22301 and ISO 9001
The role involves conducting gap analyses, assisting in audits, supporting the development of security policies, and ensuring compliance with regulatory standards to safeguard client data The ideal candidate will demonstrate a keen interest in security practices, have a proactive approach to learning, and work closely with the Information Security Manager and the team to help clients improve resilience and meet compliance requirements Job Responsibilities:- Manage client projects focused on information security and compliance - Serve as a key point of contact for clients, ensuring clear communication and understanding of project requirements - Conduct gap analyses against standards such as ISO 27001, ISO 27701, ISO 20000, ISO 22301,ISO 9001 and more - Document findings and provide actionable recommendations for achieving compliance - Assist in drafting and tailoring security policies and procedures, with a focus on data protection, incident management, and regulatory compliance - Participate in risk assessments to identify vulnerabilities and recommend appropriate mitigation strategies - Support ongoing risk management initiatives to ensure clients operational resilience - Develop and deliver security awareness and compliance training programs to client teams - Coordinate internal and external compliance audits, assisting clients in aligning with relevant standards and regulatory requirements - Document audit findings, prepare reports, and suggest corrective actions - Maintain and update security documentation to ensure alignment with industry standards and client needs Skills and Qualifications:- Bachelor s degree in Information Security, Computer Science, or a related field - Certifications like CISSP, CISM, CISA, or ISO 27001 Lead Auditor/Implementer are a plus - Familiarity with IT infrastructure, network security, and security tools (eg firewalls, intrusion detection systems) - Strong communication skills for reporting findings and assisting with client queries - Ability to support client-focused security initiatives and contribute to high-quality, tailored solutions Budget: 3-6 LPA