Junior Cybersecurity Governance Analyst

We are a thriving global workforce of 3000+ employees, with a 850+ strong team based in Mangaluru, India. We have a people first culture fostering innovation, collaboration and continuous learning

About the team:

work smart, be creative, deliver results, develop yourself, act as a team player, and really enjoy cybersecurity

Your workday, your tasks and mandatory skill set:

• Security Governance & Documentation Support
• Policy Support: Assist in the review and updating of existing security policies, standards, and procedures under the direction of senior analysts.
• Compliance Mapping: Help map existing security controls to industry frameworks, such as CIS Controls, and update documentation accordingly.
• Audit Preparation: Gather evidence and documentation needed for internal and external security audits (e.g., SOC 2, ISO).
• Third-Party Risk Management (TPRM) Support
• Vendor Onboarding: Manage the administrative process for new vendor security reviews, including issuing questionnaires and tracking due dates.
• Data Collection: Help collect and organize required vendor documentation, such as SOC 2 reports, security certifications, and evidence of insurance.
• Tool Management: Input vendor risk data and assessment results into the GRC platform or TPRM tracking tool.
• Remediation Tracking: Monitor and follow up on outstanding security findings and remediation plans provided by third-party vendors.
• Security Asset Management
• Inventory Maintenance: Support the maintenance of the authoritative IT Asset Inventory, ensuring accurate records of hardware, software, cloud instances, and system owners.
• Data Integrity: Regularly audit asset management databases (CMDBs) against discovery tools to ensure data integrity and completeness.
• Classification: Help classify assets based on data sensitivity and criticality, ensuring proper security controls are assigned.
  

Required Skills:

• Foundational Knowledge: Basic understanding of information security principles, terminology, and common security controls (e.g., firewalls, access control).
• Framework Familiarity: Familiarity with the concepts of control frameworks like NIST or ISO 27001 and – in particular – CIS Controls.
• Asset Systems: Previous exposure to Configuration Management Databases (CMDBs) or other asset inventory tracking systems.
• Security Platforms: previous exposure to large security systems supporting Asset Management (CrowdStrike, Qualys) will be an advantage
• Productivity Tools: Proficiency with Microsoft Excel/Google Sheets for data analysis and tracking.
  

Good to Have:

• Education: Associate's or Bachelor's degree in Cybersecurity, Information Technology, or a related field; or equivalent combination of education and experience.
• Experience: 1–2 years of professional experience in an IT, IT Audit, or Security-related capacity. Internship experience is highly valued.
• Attention to Detail: Meticulous approach to data entry, documentation, and compliance tracking.
• Communication: Clear and professional written and verbal communication skills, especially for follow-up with internal teams and external vendors.
• Proactive Learner: Strong desire to learn about security regulations, policies, and risk management practices.
  

What can you expect from us

• A professional, innovative, and business-driven environment with exposure to real-world problems and large-scale cybersecurity solutions.
• Work with super-talented and committed colleagues in a culture of collaboration, curiosity, and continuous learning.
• Flexibility to experiment and ownership to implement ideas that matter.
• Extensive opportunities for personal and professional development through our learning academies.
• A strong focus on employee well-being, inclusion, and best-in-class benefits.