ISO Security Analyst / Process Controller

Job Description

Role - ISO Security Analyst / Process Controller

Exp - 1-3 Years

Location - Mohali, PB

Work Mode - Work from office ( Morning Shift)

Job Role & Responsibilities

• Develop, implement, and maintain compliance programs and initiatives to ensure adherence to security requirements for ISO 27001:2022, SOC 2 Type II, HIPAA, PCI DSS, GDPR, etc.

• Create and maintain policies, procedures, standards, and documentation related to compliance activities.

• Manage and maintain internal control frameworks to mitigate risks and ensure compliance with regulatory standards.

• Conduct periodic assessments and audits of internal controls to identify gaps and areas for improvement.

• Develop and implement remediation plans to address control deficiencies.

• Coordinate and support external audits and assessments, such as SOC 2 Type II, HIPAA, and ISO 27001 audits.

• Ensure compliance with external regulatory requirements and assist in responding to audit findings and inquiries.

• Provide training and awareness programs to employees on compliance policies, procedures, and best practices.

• Foster a culture of compliance and awareness throughout the organization.

• Experience with any GRC platform like Drata, Vanta, or any other.

• Identify opportunities to improve compliance processes and controls.

• Collaborate with cross-functional teams to gather document requirements and ensure alignment with organizational goals.

• Communicate effectively with stakeholders regarding document status, updates, and requirements.

• Conduct quality checks on documents to ensure they meet quality standards and regulatory requirements.

Qualification Required

• Bachelor’s degree in Business Administration, Information Systems, or a related field.

• 1-3 years of experience in compliance management, preferably in a regulated industry.

• In-depth knowledge of SOC 2 Type II, HIPAA, and ISO 27001 security requirements.

• Experience developing and implementing compliance programs and controls with a Strong understanding of internal control frameworks and risk management principles.

• Effective communication and interpersonal skills.

• Ability to work independently and collaboratively in a dynamic environment.

Good to know about FedRAMP readiness and Authorization