Senior Analyst, Information Security

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Analyst, Information Security based in India.

This role plays a key part in strengthening enterprise security governance, compliance, and awareness across the organization. You will contribute to the design, maintenance, and continuous improvement of information security policies, standards, and procedures aligned with leading frameworks such as PCI-DSS, NIST CSF, SOC 2, and SOX.
You will work at the intersection of governance, risk, and security education, helping translate complex regulatory requirements into clear, actionable documentation and controls.
The role also supports the development of a strong security culture through awareness programs, phishing simulations, and targeted training initiatives.
You will collaborate with cross-functional teams to ensure governance documentation is accurate, audit-ready, and consistently aligned with business and compliance needs.
This is a highly detail-oriented and analytical role suited for someone who enjoys structure, precision, and continuous improvement in security operations.
You will have exposure to enterprise-scale security programs in a regulated, fast-paced environment where your work directly impacts organizational risk posture.

• Support the lifecycle management of information security policies, standards, procedures, and governance documentation, including reviews, updates, approvals, and version control.
• Map and interpret regulatory and framework requirements (PCI-DSS, NIST CSF, SOC 2, SOX, FTC Safeguards) into internal security controls and governance documentation.
• Review and enhance governance materials to ensure clarity, consistency, enforceability, and alignment with regulatory expectations and internal standards.
• Coordinate with stakeholders across security, compliance, legal, and business teams to maintain accurate and audit-ready documentation repositories.
• Support security awareness initiatives, including training content development, phishing simulations, and engagement tracking across user groups.
• Develop dashboards, reports, and metrics covering policy compliance, awareness participation, phishing trends, and governance effectiveness.
• Contribute to audit readiness, evidence collection, and continuous improvement of governance and awareness processes.

Requirements:

You are an analytical and detail-oriented security professional with experience in governance, compliance, or security awareness programs. You are comfortable translating regulatory and technical concepts into structured, actionable documentation and insights.

• 3–5 years of experience in information security, GRC, compliance, technical writing, or security awareness roles.
• Strong understanding of security frameworks such as PCI-DSS, NIST CSF, SOC 2, SOX, and FTC requirements.
• Experience in policy development, governance documentation, and mapping regulatory requirements to controls.
• Excellent technical writing, editing, and communication skills in English.
• Strong analytical thinking with the ability to identify gaps, inconsistencies, and improvement opportunities in governance structures.
• Experience supporting security awareness programs, including phishing simulations and training initiatives.
• Ability to develop metrics, dashboards, and reporting for governance or compliance programs.
• Familiarity with audit support, evidence collection, and cross-functional coordination.
• Strong organizational skills with the ability to manage multiple priorities in a structured environment.

Preferred:

• Experience in regulated industries such as financial services or fintech.
• Familiarity with GRC platforms, workflow tools, or security awareness platforms.
• Relevant certifications such as Security+, CISSP, CISA, CRISC, or PCI ISA.

Benefits:

• Competitive compensation aligned with experience and industry standards
• Remote-first or hybrid flexibility depending on team structure
• Opportunity to work on enterprise-grade security governance and compliance programs
• Exposure to global security frameworks and audit environments
• Learning and certification support for professional growth
• Health insurance coverage for employees and eligible dependents
• Collaborative, cross-functional work environment with strong security culture focus
• Career development opportunities within information security and GRC domains.