Job
Description
Senior Analyst - Cyber assurance - Compliance Mumbai Role purpose Senior Analyst - Cyber Assurance - Compliance is responsible for ensuring the organization s cybersecurity practices align with relevant industry regulations, internal policies, and best practices. This role focuses on assessing, monitoring, and maintaining compliance with cybersecurity frameworks and standards, ensuring that risk management protocols and controls are effectively integrated across the organization s operations. The Senior Analyst will collaborate with IT, legal, audit, and other departments to manage and address compliance risks related to cybersecurity and data protection, providing expert guidance on compliance requirements and helping to implement necessary improvements to the company s security posture. Duties & Responsibilities: Cybersecurity Compliance Management Ensure that the organization s cybersecurity policies, procedures, and controls comply with relevant standards, regulations, and frameworks (e.g., GDPR, CCPA, ISO 27001, NIST, PCI DSS). Governance of cybersecurity compliance by managing cybersecurity business request through ticketing tool. Work closely with legal, audit, products and IT teams to complete Cyber security assessments Provide guidance to business units on cybersecurity compliance issues, addressing any gaps and ensuring that security controls are being properly applied. Assist in providing cybersecurity responses for RFP/RFIs. Assist in ensuring that data privacy and protection requirements are met, particularly in relation to sensitive customer, employee, and organizational data. Risk and Control Assessments Evaluate the effectiveness of current security controls and practices to ensure compliance with external regulations and internal security policies. Identify compliance risks, control weaknesses, and areas for improvement through Customer SLA/Security assessments, gap assessments, and vulnerability management. Collaborate with stakeholders to implement corrective actions for any cybersecurity compliance issues identified, tracking the resolution process to ensure timely and effective remediation. Participate in risk assessments to identify cybersecurity threats and evaluate the organizations exposure to compliance-related risks, particularly in high-risk areas. Regulatory and Standards Compliance Stay up-to-date on relevant regulations, cybersecurity trends, and best practices to ensure the company remains compliant with applicable laws and frameworks. Assist in preparing for and supporting external audits and assessments related to cybersecurity compliance, providing necessary documentation, evidence, and reports. Guide the development of compliance programs and initiatives, ensuring they align with the organizations overall cybersecurity and business objectives. Compliance Reporting and Communication Prepare reports to senior management, detailing security KPI s, risk and recommended actions. Communicate compliance and cybersecurity risks to key stakeholders, providing actionable insights to enhance decision-making processes. Incident Management and Response Support the organization s incident response team in addressing compliance-related issues arising from security breaches or data protection incidents. Help track and report on incidents related to cybersecurity compliance, ensuring that they are resolved in accordance with applicable regulations and internal policies. Assist in identifying lessons learned from security incidents and developing preventive measures to reduce future compliance risks. Knowledge, Experience & Skills: 3+ years of experience in cybersecurity, compliance, or risk management, with a focus on ensuring adherence to cybersecurity standards and regulations. Experience in working with regulatory frameworks such as ISO 27001, NIST, GDPR, CCPA, PCI DSS, or SOC 2. Proven experience in conducting risk assessments, preparing ISO 27001 SOA, internal audits, and compliance reviews in a corporate or enterprise setting. Familiarity with cybersecurity concepts, controls, and best practices in data protection, threat management, and regulatory compliance. Skills Compliance Knowledge: In-depth understanding of cybersecurity compliance frameworks and regulatory requirements. What do we offer? Open culture and challenging opportunity to satisfy intellectual needs Flexible working hours Smart working: hybrid remote/office working environment Work-life balance Excellent, dynamic and multicultural environment We are proud to enable innovation-led growth for the airline industry and put control back in the hands of airlines. For more information, please visit www.accelya.com #LI-MK1
