Compliance Analyst
Pune, Maharashtra, India
Full Time
1 week ago
No Sponsorship
Key skills
CloudAIRepositoryRisk ManagementCommunicationFirewall
About this role
Role Overview
- Support all active audit engagements ISO 27001, SOC 1, SOC 2, customer audits, and internal audits by filling in questionnaires, preparing responses, and collating evidence as directed.
- Respond to audit queries and information requests promptly and accurately; strong response time is a key expectation of this role.
- Coordinate with internal teams to chase and gather audit evidence, ensuring all artefacts are collected, organized, and submitted on time.
- Assist in handling customer audit engagements and third-party risk assessment questionnaires by drafting and completing responses under the guidance of the senior analyst.
- Track open audit items, follow up on pending actions, and escalate delays to the Compliance Manager without waiting to be asked.
- Maintain a well-organized audit artefact repository, ensuring documentation is version-controlled, labelled, and easy to retrieve during audits.
- Support information security risk assessments by gathering data, documenting findings, and updating the risk register as instructed.
- Assist with access reconciliation and firewall access reviews for cloud operations and IT on a monthly and quarterly basis.
- Help track and investigate information security incidents, documenting findings and following up on remediation actions.
- Assist with vendor risk assessments by completing relevant sections of vendor questionnaires and following up on outstanding responses.
- Assist in running BCP/DR exercises and participate actively in Business Continuity Plan testing activities.
- Track BCP/DR test actions through closure and produce clear, accurate BCP/DR test reports.
- Help maintain and update BCP/DR documentation to ensure it remains current and ready for audit review.
- Keep Information Security training records current through regular, proactive follow-up with employees and departments; do not wait for reminders.
- Assist in publishing monthly compliance dashboards covering certifications, training completion, pending audit actions, and risk items.
- Develop a working awareness of AI governance principles and responsible AI practices as they relate to information security compliance.
- Support the team in identifying and documenting AI-related compliance considerations as part of routine audit and risk activities.
Requirements
- Proven experience in IT Audit with solid working knowledge of ISO 27001 certification requirements mandatory.
- Hands-on experience filling in and responding to audit questionnaires across ISO 27001, SOC 1/SOC 2, and customer or client audits.
- Known for fast, accurate response times in audit and compliance environments — this is a non-negotiable trait for this role.
- Familiarity with information security risk management principles and BCP/DR processes.
- Experience coordinating with multiple internal stakeholders to chase and collate audit evidence on time.
- Basic working knowledge of SharePoint for document and evidence management.
- Understanding of cloud infrastructure concepts is an advantage.
- Basic awareness of AI governance concepts and responsible AI principles is a plus.
- Good written and verbal communication skills with a clear, professional response style.
- Degree qualified — B.E. or Science Graduate (minimum).
Tech Stack
- Cloud
Benefits
- Icertis, Inc. provides Equal Employment Opportunity to all employees and applicants for employment without regard to race, color, religion, gender identity or expression, sex, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.
- If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to careers@icertis.com or get in touch with your recruiter.