Omnicom - Analyst - Information Security Governance

Role Overview:
We have an exciting opportunity for an Analyst, Information Security Governance at our Hyderabad office. This role is part of the Governance, Risk, and Compliance (GRC) team and plays a vital role in driving effective and efficient security governance practices across Omnicom's global operations.The Information Security Governance Specialist will support security risk management, standards alignment, and audit coordination activities in line with ISO 27001, PCI, NIST, TISAX, and other regulatory frameworks. This role ensures that Omnicom maintains a strong compliance posture while executing proactive risk and governance processes.Key Responsibilities:
- Operate day-to-day Information Security Governance, Risk, and Compliance (GRC) activities across the organization.- Support alignment and implementation of security standards including ISO 27001, PCI, NIST, and TISAX.- Assist in the execution of Information Security Risk Management policies and procedures.- Collaborate on internal and external audit activities, and track remediation efforts to closure.- Support documentation, reporting, and evidence gathering for compliance and regulatory assessments.- Contribute to the continuous improvement of governance processes, control effectiveness, and risk posture.- Coordinate with business units and IT teams to ensure governance standards are understood and adhered to.Required Qualifications:
- 3-5 years of experience in information security governance, risk, compliance, or audit.- Working knowledge of ISO 27001, PCI-DSS, NIST, TISAX, or other major regulatory frameworks.- Experience with policy implementation, risk assessment methodologies, and audit coordination.- Ability to evaluate and articulate compliance requirements to technical and non-technical teams.- Strong documentation, analytical, and reporting skills with attention to detail.- Excellent interpersonal and communication skills to work cross-functionally.Preferred Qualifications:- Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar.- Experience with GRC platforms and tools.- Exposure to vendor risk management and compliance monitoring.