The Senior ISO Governance, Risk, and Compliance Analyst is responsible for supporting and strengthening the organization’s Information Security Management System (ISMS), with primary alignment to ISO/IEC 27001:2022 and related ISO standards for cloud security, cloud privacy, and artificial intelligence governance.
This senior analyst role leads day-to-day ISO compliance activities, including ISMS documentation, risk assessment coordination, control testing, evidence management, audit readiness, corrective action tracking, and continuous improvement of ISO-aligned security processes.
The role works closely with IT, Security Operations, Privacy, Legal, Risk, and Business teams to ensure information security roles, responsibilities, controls, and evidence are clearly defined, maintained, and audit-ready.
Work you'll do
As an ISO Security Cloud& AI on the Cyber Security team, you will be responsible for:
- Maintain and improve ISO/IEC 27001:2022-aligned ISMS policies, standards, procedures, control documentation, and governance records
- Coordinate information security risk assessments, maintain risk registers, and track treatment plans, risk owners, due dates, and acceptance records
- Support ISO certification, surveillance, internal audit, and external audit activities through evidence collection, control walkthroughs, self-assessments, and remediation tracking
- Support cloud security, cloud privacy, and artificial intelligence governance activities aligned to ISO/IEC 27017, ISO/IEC 27018, and ISO/IEC 42001
- Develop dashboards, management review materials, and process improvements to strengthen audit readiness, control monitoring, and continual ISMS improvement
The team
The Cyber Security team helps protect the organization’s information assets through governance, risk, and compliance practices that support secure business operations. The team works closely with technology, privacy, legal, risk, and business stakeholders to maintain security standards, manage risk, and improve audit readiness. It also helps translate security and compliance requirements into practical controls across enterprise, cloud, and AI-enabled environments.
Location: Hyderabad
Shift Timings: 2 PM to 11 PM IST
Qualifications
Required:
- 4-6 years of experience in information security governance, risk, and compliance, information security management systems, or information technology audit
- Experience supporting an information security management system aligned to ISO/IEC 27001
- Experience coordinating risk assessments, maintaining risk registers, and tracking corrective actions or treatment plans
- Experience supporting certification audits, surveillance audits, internal audits, or external audits
- Experience maintaining control documentation, evidence repositories, or document control records
- Experience with ServiceNow Governance, Risk, and Compliance, Archer, OneTrust, or equivalent governance, risk, and compliance tools
Preferred:
- Experience supporting cloud security governance aligned to ISO/IEC 27017
- Experience supporting cloud privacy reviews aligned to ISO/IEC 27018
- Experience supporting artificial intelligence governance activities aligned to ISO/IEC 42001
- Experience developing dashboards, key risk indicators, or management review reporting
- ISO/IEC 27001 Lead Implementer, Lead Auditor, or Internal Auditor certification