Information Security & Compliance Analyst

Company Description

Vedicon is a system integrator specializing in Cyber Security, Data Privacy, Risk Management, and Digital Forensics, offering cutting-edge solutions tailored to clients' needs. We cater primarily to the Banking, Finance, and Insurance Sectors, as well as Law Enforcement and Intelligence Agencies, Forensic Labs, and Government entities, providing services like capacity-building training and workforce solutions. Our expertise includes establishing advanced forensic labs, data centers, and digital transformation solutions, ensuring streamlined operations across organizations. Additionally, we develop customized mobile applications and software, delivering projects on time with a strong focus on quality and client satisfaction.

Role Description

This full-time on-site role, located in Bengaluru, involves ensuring the security, integrity, and compliance of the systems and networks. The Information Security & Compliance Analyst will monitor and evaluate security risks, enforce security policies, and contribute to implementing cybersecurity and application security procedures. Daily tasks include performing risk assessments, maintaining compliance standards, monitoring network activities, and collaborating with teams to address security concerns effectively. The role also involves creating security reports and assisting in employee training on security best practices.

Qualifications

• Proficiency in Cybersecurity and Application Security to safeguard systems and data from potential threats.
• Strong skills in Network Security and Information Security to ensure the security and integrity of data transactions and infrastructure.
• Excellent Analytical Skills to assess risks, analyze potential vulnerabilities, and implement effective security measures.
• Familiarity with compliance requirements and experience in regulatory frameworks is highly beneficial.
• Master's degree in a related field such as Computer Science, Information Technology, or Cybersecurity is preferred.
• Experience to support and perform compliance with

  ISO 27001

  and

  SOC 2

  frameworks.
• Assist in performing

  GRC activities

  , including risk assessments, control testing, and policy reviews.
• Contribute to the

  Third-Party Risk Management (TPRM)

  process by evaluating vendor risks and tracking remediation.
• Prepare and maintain clear

  documentation

  , audit evidence, and compliance reports.
• Collaborate with cross-functional teams to ensure security controls are implemented effectively and consistently.
• Support security awareness initiatives and internal audit readiness.
• Relevant certifications like CISSP, CISM, or CEH are advantageous.