Compliance Analyst

Job Title: Compliance Analyst

Location: Bangalore

Responsibilities:

What you'll do:

• Assist with the implementation and management of a common/unified controls framework.
• Work as a subject matter expert on the process to interpret compliance regulations such as ISO27001, SOC1, SOC2, NIST 800-53 and NIST800-171 into actionable controls, with corresponding processes, policies, oversight.
• Ability to deep dive into various control environments to develop a technical understanding of control implementation and articulate compliance implications to internal control owners and external audit functions.
• Build capabilities for automation of evidence and integration into GRC platforms
• Work with external auditors on regulatory and compliance program audits and assessments.
• GRC and automation tooling API Integration: Collaborate with cross-functional teams to identify integration requirements and design solutions that connect our Technical Compliance platforms with third-party services, ensuring seamless data flow and functionality.
• Assist in the continuous effort of implementing and executing continuous monitoring activities to maintain a real time conformance view.
• Assess: Seek out opportunities to improve verification of controls compliance, such as through automation of tests.
• Assess: Evaluate, document, and communicate business risk in the context of control designs and gaps.
• Assess: Evaluate and assess the effectiveness of management, operational, and technical security controls.
• Assess: Conducting walkthroughs and audits to assess the adequacy of controls for adherence to established policies, procedures, business practices, and compliance.
• Assess: Obtaining and reviewing evidence, ensuring audit conclusions are well documented and based on a complete understanding of the processes and risks.
• Monitor compliance-led initiatives against KPIs, managing project risks, stakeholders, and excellent project delivery.

Requirements:

What we're looking for:

• Strong familiarity with risk management methodologies and common security controls frameworks, such as OX, ISO 27001, SOC I & II, NIST, CMMC, FedRamp, etc.
• Experience with security compliance monitoring tools/solutions offered natively in AWS, SIEM tools, GRC platforms, vulnerability scanning tools and log analysis, PAM (Privileged Access Management), and other infrastructure security tools.
• Ability to clearly communicate technical issues to non-technical audiences and others with varying backgrounds.
• Experience in performing and/or participating in technical assessments in direct support of other I.T. Security and Management Standards (such as, NIST 800-53, FedRAMP/StateRAMP, SOC 2)
• Relevant professional certifications, such as CISA, CISM, CISSP, GCCC, ISO 27001 Auditor.
• Experience in cloud technologies, cloud deployment models (IaaS/PaaS/SaaS), and audit of cloud environments
• Bachelor’s degree in Engineering, Information Systems, Business or related disciplines; Masters preferred with 2+ years of experience at a Big 4 consulting firms or similar
• 5+ years as a technical compliance specialist, preferably at a late-stage tech startup/newly-public company; along with 5+ years of experience as a technical manager preferred
• Self-sufficient and self-motivated; capable of working with ambiguity in a dynamic environment
• Outstanding written and verbal communication skills - will need to document policies and procedures, and articulate them well across all levels.
• Strong collaboration and negotiation skills and demonstrated ability to manage multiple projects and priorities
• Creative, business first approach to GRC with CISA, CISM, CISSP and other certifications a plus
• A detailed understanding of evaluating the design and effectiveness of IT controls and experience working with auditors/regulators for these types of assessments.

About Mindlance:

Founded in 1999, Mindlance has been ranked as one of the fastest growing US Staffing firms by SIA for 9 consecutive years. We provide workforce solutions to Global 1000 companies in Technology, Engineering, Finance, Clinical Research, Scientific, Digital/Creative/Marketing space.

Mindful of the opportunity gap, we provide balanced solutions for both employers and job seekers—elevating the standards of recruitment practice to a whole new level. Our aim is to make a difference in the lives of job seekers by providing them with opportunities that broaden career horizons and expand skill sets. We take pride in being a strong driver of mindfulness and balance at workplace.

EEO:

“Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”