Senior Security Analyst
Indexed description
The ideal candidate will have a blend of project management, governance, compliance, and information security knowledge, enabling effective coordination between Engineering, Product, IT, Customer Success, Legal, HR, and external auditors. Candidate should have demonstrable experience handling audits - preferably as an Information Systems Auditor or minimally as an auditee.
Key Responsibilities
Security Program Management
- Support the CISO in planning, tracking, and executing organization-wide Information Security initiatives.
- Maintain the Information Security roadmap, project plans, milestones, dependencies, and risk registers.
- Monitor progress of security initiatives and provide periodic status reports to leadership.
- Coordinate security steering committee meetings and prepare agendas, minutes, and action trackers.
- Assist in maintaining compliance programs such as:
- ISO 27001
- ISO 42001
- SOC 2 Type II
- GDPR
- DPDP Act
- Other customer-specific security requirements
- Track closure of audit findings, risk mitigation actions, and compliance obligations.
- Maintain security policies, standards, procedures, and evidence repositories.
- Support annual and periodic security assessments and audits.
- Maintain enterprise and product security risk registers.
- Track risk treatment plans and remediation activities across teams.
- Follow up with stakeholders to ensure timely closure of security risks.
- Assist in conducting vendor and third-party risk assessments.
- Coordinate vulnerability management activities across Engineering and IT teams.
- Track remediation timelines for:
- Application vulnerabilities
- Infrastructure vulnerabilities
- Penetration testing findings
- Security incidents and corrective actions
- Monitor security KPI and KRI dashboards.
- Coordinate responses to customer security questionnaires and due diligence requests.
- Maintain security documentation required for customer and prospect reviews.
- Assist Sales and Customer Success teams with security-related requests.
- Develop and maintain dashboards for:
- Security posture
- Compliance status
- Vulnerability remediation
- Audit findings
- Security awareness completion
- Risk treatment progress
- Prepare executive reports and presentations for leadership reviews.
- Work closely with:
- Engineering
- Product
- Professional Services
- Customer Success
- IT
- Legal
- HR
- Ensure security initiatives are aligned with business priorities and timelines.
- Bachelor's degree in Science/Commerce/Engineering/Business Administration
- 3–8 years of experience in one or more of:
- Information Security PMO
- Security Governance
- Security Compliance
- IT PMO
- GRC (Governance, Risk & Compliance)
- Security Program Management
- SaaS product environments
- Cloud platforms (Azure, AWS, or GCP)
- Secure SDLC concepts
- Vulnerability management lifecycle
- Security audits and certifications
- Security incident management
- Identity and Access Management (IAM)
- Compliance knowledge of ISO 27001, SOC 2, GDPR and DPDPA
- Strong project coordination and stakeholder management skills.
- Experience with ALMs like JIRA, Azure DevOps
- Advanced Excel skills.
- Good to have: Experience building dashboards managed tools like Power BI
- Excellent verbal and written communication skills.
- Ability to work with both technical and non-technical stakeholders.
- Strong documentation and presentation capabilities.
- CISM or CISP
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search