Senior Analyst, Information Security

This is a fully remote position, open to applicants in India.

📋 Description

• Oversee and facilitate the entire lifecycle of information security policies, standards, procedures, and associated governance documentation.

• Organize document reviews, stakeholder engagement, approvals, renewals, attestations, and publication timelines.

• Monitor policy review timelines, exceptions, approvals, versioning, and governance workflow activities.

• Analyze and align regulatory and framework requirements with the organization’s governance documents and controls.

• Assist in governance alignment initiatives pertaining to PCI-DSS v4.0.1, NIST Cybersecurity Framework (CSF) 2.0, SOC 2, SOX, and FTC regulations.

• Evaluate governance documentation for clarity, consistency, completeness, enforceability, and compliance with regulatory and organizational standards.

• Compose, revise, and sustain governance documentation utilizing concise, professional, and active voice writing techniques.

• Aid in audit, assessment, and compliance activities by reviewing governance documentation and coordinating evidence.

• Manage governance repositories, templates, and document management systems.

⛳️ Requirements

• Bachelor’s degree in Information Security, Cybersecurity, Information Systems, Risk Management, English, Communications, or a related field; or equivalent practical experience.

• 3–5 years of experience in information security governance, compliance, policy management, technical writing, security awareness, or similar domains.

• Strong familiarity with security and regulatory frameworks such as PCI-DSS, NIST CSF, SOC 2, SOX, and FTC regulations.

• Proven capability to read, interpret, and correlate regulatory requirements with governance documentation and organizational controls.

• Exceptional technical writing, editing, and English language comprehension abilities.

• Strong critical thinking and analytical skills, with the ability to identify governance gaps, inconsistencies, or opportunities for improvement.

• Comprehensive understanding of the differences between policies, standards, procedures, guidelines, and controls.

• Experience in developing metrics, dashboards, and regular governance or compliance reports.

• Knowledge of phishing simulation platforms and security awareness practices.

• Strong organizational, stakeholder coordination, and project management skills.

• Capacity to handle multiple priorities and deadlines in a cross-functional setting.

🏝️ Benefits

• Competitive salary

• Flexible working hours

• Professional development budget

• Home office setup allowance

• Global team events