IT Security Risk Analyst_3-6Yrs_Bangalore/Pune/Indore

Ready to take your career global?

Make your mark at one of the biggest names in payments. We’re looking for IT Security Risk Analyst to join our ever-evolving Cyber GRC team and help shape the future of global commerce.

What you’ll own

We are seeking a Cyber GRC / IT Security Risk Analyst with a strong focus on ISO 27001 to support and mature our Information Security Management System (ISMS). This role plays a key part in ensuring ongoing compliance, audit readiness, and effective risk governance across the global organization.

Core Responsibilities

• Own and support the ISO 27001 ISMS lifecycle, including control design, implementation, maintenance, and continuous improvement.
• Conduct enterprise-wide risk assessments aligned with ISO 27005, NIST CSF, or FAIR, and maintain the risk register.
• Perform control gap assessments against ISO 27001 Annex A and other frameworks (NIST, CIS, CCM).
• Drive risk treatment plans in collaboration with business and technology teams and track remediation progress.
• Lead and support internal and external audits, including ISO 27001 certification and surveillance audits.
• Develop, review, and maintain security policies, standards, and procedures aligned with ISO 27001 requirements.
• Monitor control effectiveness and security KPIs/KRIs, providing actionable insights to leadership.
• Partner with engineering, IT, legal, and compliance teams to embed security-by-design and governance practices.
• Stay informed on evolving regulatory requirements, cyber threats, and industry best practices.

What you bring

• Experience 3+ years of experience in Cybersecurity, with a strong focus on GRC, risk, and compliance.
• Hands-on experience with ISO 27001 implementation, audit, or certification processes.
• Proven experience managing risk registers, control frameworks, and remediation tracking.
• Experience with internal/external audits, including evidence collection and auditor engagement.
• Technical & Domain Expertise Strong understanding of: ISO 27001 / ISO 27002 (mandatory)
• Supporting frameworks: NIST CSF, CIS Controls, Cloud Security Alliance CCM
• Familiarity with risk quantification models (e.g., FAIR) is a plus.
• Experience with vendor/third-party risk management and due diligence processes.
• Knowledge of cloud security (AWS/Azure) governance controls is preferred. Exposure to data protection and privacy frameworks (GDPR, DPDP Act India) is a plus.
• Tools & Methods Experience with GRC tools (e.g., ServiceNow GRC, Archer, OneTrust, or similar).
• Strong documentation and reporting skills, including audit artifacts and executive dashboards.

• Certifications (Preferred)
  ISO 27001 Lead Implementer and/or Lead Auditor (highly preferred)
  One or more: CISSP, CISM, CRISC
  
  Soft Skills

• Strong stakeholder management and ability to influence without authority
• Excellent written and verbal communication (important for audit/reporting)
• Ability to translate technical risks into business impact
• Self-driven, detail-oriented, and comfortable working in a fast-paced global environment

It’s a bonus if you have

Fintech/Payments Industry Experience

About the team

Our inclusive and global teams win together every day. We’re proud to have the best minds in the industry, who you can learn from as you grow your career. The people, the energy, the connections – it’s unmatched. Come and be part of an ever-evolving company and get dynamic opportunities that go beyond borders.

What makes a Globalpayer?
Globalpayers think like a client, act like an owner and win as one team. We’re curious and innovative – always finding better ways to deliver impact. We empower each other to make decisions, and it’s our passion that drives excellence in everything we set out to do.
Does this sound like you? Then you sound like a Globalpayer.

Apply now to take your career global.

LinkedIn # (#LI-AZEEMASHAIK)