Compliance Analyst

About the Role

We are seeking a meticulous Compliance Analyst to join our team in Thiruvananthapuram, Kerala. This position is instrumental in ensuring our information security practices align with global standards. Your core responsibilities will involve conducting comprehensive technical and non-technical information security assessments against defined standards and controls. You will also perform risk assessments utilizing our Information Security Management System and frameworks such as SOC 2 Type 2, ISO 27001, and HIPAA. A key aspect of this role includes conducting internal audits against ISO 27001, HIPAA, and SOC 2 Type 2 standards. Furthermore, you will play a crucial role in supporting all external audits, including ISO 27001, HIPAA, SSAE SOC 2, and customer-specific audits.

Key Responsibilities

• Assist in conducting technical and non-technical information security assessments based on standards like ISO 27001, HIPAA, and SOC 2 Type 2.
• Support internal audits and coordinate documentation for external audits (e.g., ISO, HIPAA, SOC 2, and customer assessments).
• Collaborate with IT, Network, and Cloud teams to support security assessments and identify potential risks.
• Assist in maintaining and updating compliance policies and procedures.
• Monitor and analyze security logs and incident data across platforms to support compliance reporting.
• Participate in risk assessments and document findings in the GRC system.
• Help track audit actions, report follow-ups, and maintain compliance dashboards.
• Assist in vendor risk assessments using tools like ServiceNow.
• Document audit findings and support remediation tracking.
• Review operational areas such as: endpoint and patch management, change management, technical vulnerability remediation, and access control analysis.
• Assist in reviewing compliance-related documentation and policies.
• Support business continuity and disaster recovery planning initiatives as needed.
• Collaborate on compliance reports and dashboard creation for management visibility.

Required Skills & Qualifications

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• 1–3 years of full-time experience in Information Security Audits or Compliance.
• Exposure to GRC systems and risk management tools.
• Familiarity with industry standards and frameworks: ISO 27001, SOC 2, HIPAA, GDPR, NIST.
• Ability to support internal/external audits with appropriate documentation and coordination.
• Strong documentation and reporting skills.
• Experience with tools like Git, Jira, ServiceNow, or security dashboards is a plus.
• Certifications such as ISO 27001 LI/LA, CISA, or equivalent are desirable but not mandatory.

Preferred Attributes

• Strong attention to detail.
• Proactive attitude toward learning and compliance improvement.
• Good communication and collaboration skills to work across departments.
• Willingness to take initiative in supporting team objectives and learning new technologies.

Note: As part of our interview process, we conduct an initial shortlisting to identify candidates who closely match our requirements. While we strive to notify all applicants about their status, if you do not receive a response from us, please understand that your profile has not been shortlisted at this time.