Sr. Cyber Security Analyst
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Sr. Cyber Security Analyst based in India.
This role sits within a high-trust cybersecurity and compliance environment where you will help strengthen governance, risk, and compliance (GRC) programs that protect sensitive financial and customer data. You will play a key role in ensuring the organization remains audit-ready and aligned with global security frameworks such as SOC 2, ISO 27001, PCI-DSS, and NIST CSF. The position involves close collaboration with security, engineering, legal, and business stakeholders to manage risk across systems, vendors, and internal processes. You will be responsible for supporting third-party audits, responding to customer security inquiries, and maintaining a strong control environment. This is a hands-on, detail-oriented role that blends technical security understanding with strong compliance and communication skills. You will also contribute to continuous improvement of security policies, risk management practices, and incident preparedness. The environment is fast-paced, collaborative, and focused on building trust through strong security governance.
Accountabilities:
- Support the execution and coordination of third-party audits and certifications, including SOC 2, PCI-DSS, ISO 27001, and NIST CSF.
- Maintain and enhance the organization’s GRC framework by developing, reviewing, and updating security policies, standards, and controls.
- Manage security questionnaires and customer due diligence requests, ensuring accurate and timely responses.
- Conduct vendor risk assessments, track third-party compliance, and maintain risk registers and mitigation plans.
- Perform enterprise-wide risk assessments across systems, processes, and tools, ensuring proper documentation and remediation tracking.
- Support access governance activities, including periodic access reviews, identity lifecycle management, and least privilege enforcement.
- Contribute to incident response planning, disaster recovery readiness, and security awareness initiatives.
- Monitor evolving threats, compliance requirements, and industry best practices to continuously strengthen the security posture.
- 3–5 years of experience in cybersecurity, IT risk, or GRC-focused roles.
- Strong understanding of compliance frameworks such as SOC 2, ISO 27001, PCI-DSS, and NIST CSF.
- Hands-on experience supporting audits, certifications, or regulatory assessments.
- Knowledge of risk management methodologies, control design, and compliance documentation practices.
- Experience handling security questionnaires and translating technical controls for business stakeholders.
- Familiarity with identity and access management (IAM) and access governance processes.
- Strong communication, documentation, and stakeholder coordination skills.
- Experience with GRC platforms such as Vanta, Drata, or similar tools is a plus.
- Exposure to SaaS, FinTech, or regulated environments is highly desirable.
- Certifications such as CISA, ISO 27001 Lead Auditor/Implementer, or PCI ISA are preferred but not mandatory.
- Opportunity to work in a high-impact cybersecurity and compliance function within a fast-growing digital environment.
- Exposure to global security frameworks and enterprise-grade audit and risk management programs.
- Collaborative work culture involving security, engineering, legal, and product teams.
- Strong learning and growth opportunities in governance, risk, compliance, and security operations.
- Flexible and remote-friendly work setup supporting work-life balance.
- Chance to contribute directly to strengthening security posture for financial institutions and regulated clients.
Requirements:
Benefits:
Security pay context
Based on 1,540 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $180K (10th–90th percentile: $95K–$216K).
See the full Security salary breakdown →