Job Summary

The Computer Security & Compliance Analyst is responsible for ensuring the organization's IT infrastructure, systems, and processes comply with regulatory, legal, and corporate security requirements. This role involves performing security assessments, monitoring compliance with frameworks such as NIST, ISO 27001, SOC 2, HIPAA, PCI-DSS, and CMMC, and assisting in audits. The analyst will also support incident response, risk assessments, and continuous improvement initiatives for security compliance..

Required

Qualifications & Skills :

• Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field..
• 2-5 years of experience in security compliance, risk management, or IT auditing..
• Familiarity with regulatory frameworks such as NIST, SOC 2, ISO 27001, HIPAA, PCI-DSS, CMMC, GDPR, and FedRAMP..
• Experience with GRC tools, SIEM solutions, and security assessment tools..
• Understanding of cloud security compliance (AWS, Azure, GCP)..
• Strong analytical, problem-solving, and communication skills..
  
  

Preferred

• Relevant security certifications (e.g., CISA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor, PCI-DSS ISA)..
• Experience with incident response frameworks (NIST 800-61, SANS)..
• Hands-on experience with vulnerability scanning tools (Qualys, Nessus, Rapid7, etc.)..
• Knowledge of scripting and automation tools for compliance (Python, PowerShell, Bash).
  
  

Job Title : Computer Security & Compliance Analyst

Location : Noida, Uttar Pradesh, India (On-site)

Role Overview

We are seeking a detail-oriented and proactive Computer Security & Compliance Analyst to ensure our organization's IT infrastructure, systems, and processes adhere to stringent regulatory, legal, and corporate security mandates. In this crucial role, you will be responsible for conducting thorough security assessments, diligently monitoring compliance against various industry frameworks, actively participating in audits, and providing vital support for incident response, risk assessments, and continuous improvement initiatives aimed at bolstering our security compliance posture.

Key Responsibilities

• Conduct regular security assessments and audits to evaluate the effectiveness of security controls and identify compliance gaps.
• Monitor and track adherence to relevant regulatory, legal, and corporate security requirements, including but not limited to NIST, ISO 27001, SOC 2, HIPAA, PCI-DSS, and CMMC.
• Assist in the development and maintenance of security policies, standards, and procedures to ensure ongoing compliance.
• Participate in risk assessment activities to identify, analyze, and evaluate IT-related risks and recommend appropriate mitigation strategies.
• Support internal and external audits by providing necessary documentation, evidence, and insights.
• Assist in the monitoring of security events and alerts generated by various security tools and systems.
• Participate in the investigation and response to security incidents, following established procedures and contributing to post-incident analysis.
• Help maintain and update incident response plans and playbooks.
• Contribute to the development, review, and maintenance of security policies, standards, and guidelines.
• Assist in the creation and delivery of security awareness training programs to educate employees on security best practices and compliance requirements.
• Participate in the assessment of the security and compliance posture of third-party vendors and service providers.
• Assist in the development and implementation of processes for managing third-party risks.
• Utilize and maintain Governance, Risk, and Compliance (GRC) tools to manage and track compliance activities.
• Work with Security Information and Event Management (SIEM) solutions to monitor security events and generate compliance reports.
• Employ security assessment tools to identify vulnerabilities and compliance issues.
• Understand and contribute to the compliance efforts related to cloud security (AWS, Azure, GCP).
  
  

(ref:hirist.tech)