Job
Description
cum Position Title: Incident Compliance Analyst (Deputy Manager/Assistant Manager) About the Role We are seeking a proactive, detail-oriented, and versatile professional to join our Information Security team as an Incident Compliance Analyst . This role combines the responsibilities of managing information security incidents and ensuring compliance with cybersecurity frameworks and regulatory requirements. The selected candidate will act as a liaison with government agencies, handle information security incidents, strengthen the organization s cyber posture, and ensure timely communication of updates and learnings. Key Responsibilities Incident Management and Analysis: Investigate reported information security incidents to determine their scope, impact, and root cause. Identify responsible individuals or processes contributing to incidents and suggest corrective actions. Document findings, create detailed incident reports, and communicate learnings to stakeholders. Compliance Coordination and Stakeholder Management: Act as a liaison with government agencies (e.g., NCSCC, NCIIPC, CERT-IN, NTRO/DOT) to share and receive critical information related to cyber and information security incidents. Maintain a repository of communications, advisories, and updates from regulatory bodies for the organization. Ensure timely and accurate reporting of incidents to relevant stakeholders and authorities. Cybersecurity Posture Strengthening: Identify key areas for improvement in the organization s cyber and information security posture. Collaborate with internal teams to implement measures that address identified gaps and enhance security. Monitor and evaluate the effectiveness of implemented measures and recommend further improvements. Routine Information Security Management: Manage exceptional usage requests, ensuring compliance with organizational policies. Oversee information asset gate entry and access management to ensure secure handling of assets. Maintain records of access and usage approvals, ensuring proper documentation and traceability. Strategic Communication and Reporting: Prepare detailed management summaries of incidents for strategic communication and decision-making. Support preparations for Management Incident Summary Forum (MISF) meetings. Present periodic reports on incident statistics, root causes, preventive actions, and compliance updates. Provide training and guidance to employees on incident prevention, compliance, and security best practices. Qualifications and Skills Education: Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Work Experience: 3-5 years of total experience, with at least 2 years in information security incident handling, compliance coordination, IT operations, or a related field. Experience in liaising with government agencies or regulatory bodies is a strong advantage. Certifications (Preferred): ISO 27001 Lead Auditor/Implementer CISSP (Certified Information Systems Security Professional) / CISA (Certified Information Systems Auditor) / CRISC (Certified in Risk and Information Systems Control) or similar Technical Skills: Strong knowledge of cyber security frameworks, standards, and regulatory requirements. Familiarity with incident response frameworks, methodologies, and tools (e.g., SIEM, IDS/IPS etc.). Understanding of IT infrastructure, security controls proficiency in root cause analysis problem-solving. Soft Skills: Excellent communication and interpersonal skills for effective coordination with stakeholders. Strong analytical critical thinking abilities for attention to detail ability to prepare concise accurate reports. Proactive approach to identifying and addressing compliance and security issues.
