Job Description: Security Analyst / Senior Security Analyst

Position Summary

Key Responsibilities

Security Program Management

• Support the CISO in planning, tracking, and executing organization-wide Information Security initiatives.
• Maintain the Information Security roadmap, project plans, milestones, dependencies, and risk registers.
• Monitor progress of security initiatives and provide periodic status reports to leadership.
• Coordinate security steering committee meetings and prepare agendas, minutes, and action trackers.

Governance, Risk & Compliance (GRC)

• Assist in maintaining compliance programs such as:
  • ISO 27001
  • ISO 42001
  • SOC 2 Type II
  • GDPR
  • DPDP Act
  • Other customer-specific security requirements
• Track closure of audit findings, risk mitigation actions, and compliance obligations.
• Maintain security policies, standards, procedures, and evidence repositories.
• Support annual and periodic security assessments and audits.

Risk Management

• Maintain enterprise and product security risk registers.
• Track risk treatment plans and remediation activities across teams.
• Follow up with stakeholders to ensure timely closure of security risks.
• Assist in conducting vendor and third-party risk assessments.

Security Operations Coordination

• Coordinate vulnerability management activities across Engineering and IT teams.
• Track remediation timelines for:
  • Application vulnerabilities
  • Infrastructure vulnerabilities
  • Penetration testing findings
  • Security incidents and corrective actions
• Monitor security KPI and KRI dashboards.

Customer Security & Trust Support

• Coordinate responses to customer security questionnaires and due diligence requests.
• Maintain security documentation required for customer and prospect reviews.
• Assist Sales and Customer Success teams with security-related requests.

Metrics & Reporting

• Develop and maintain dashboards for:
  • Security posture
  • Compliance status
  • Vulnerability remediation
  • Audit findings
  • Security awareness completion
  • Risk treatment progress
• Prepare executive reports and presentations for leadership reviews.

Cross-Functional Collaboration

• Work closely with:
  • Engineering
  • Product
  • Professional Services
  • Customer Success
  • IT
  • Legal
  • HR
• Ensure security initiatives are aligned with business priorities and timelines.

Required Qualifications

Education

• Bachelor's degree in Science/Commerce/Engineering/Business Administration

Experience

• 3–8 years of experience in one or more of:
  • Information Security PMO
  • Security Governance
  • Security Compliance
  • IT PMO
  • GRC (Governance, Risk & Compliance)
  • Security Program Management

Technical Knowledge

• SaaS product environments
• Cloud platforms (Azure, AWS, or GCP)
• Secure SDLC concepts
• Vulnerability management lifecycle
• Security audits and certifications
• Security incident management
• Identity and Access Management (IAM)
• Compliance knowledge of ISO 27001, SOC 2, GDPR and DPDPA

Preferred Skills

Project Management

• Strong project coordination and stakeholder management skills.
• Experience with ALMs like JIRA, Azure DevOps

Reporting & Analytics

• Advanced Excel skills.
• Good to have: Experience building dashboards managed tools like Power BI

Communication

• Excellent verbal and written communication skills.
• Ability to work with both technical and non-technical stakeholders.
• Strong documentation and presentation capabilities.

Certifications (nice to have)

• CISM or CISP