Compliance Analyst

Job Description

. Compliance analyst position’s core responsibilities are to conduct technical and non-technical Information, Security assessments against defined standards and controls.

. Also conducting Risk assessment through the information Security Management System and related SOC 2 Type 2, ISO 27001 & HIPAA control framework.

. This position will be responsible for conducting an internal audit against ISO 27001, HIPAA, SOC Type 2 standards.

 This position will also assist in all external audits such as ISO 27001, HIPAA, SSAE SOC 2 and customer audits

Key Responsibilities:

. Assist in conducting technical and non-technical information security assessments based on standards like ISO 27001, HIPAA, SOC 2 Type 2

. Support internal audits and coordinate documentation for external audits (e.g., ISO, HIPAA, SOC 2, andcustomer assessments)

. Collaborate with IT, Network, and Cloud teams to support security assessments and identify potential risks

. Assist in maintaining and updating compliance policies and procedures

. Monit or and analyze security logs and incident data across platforms to support compliance reporting

. Participate in risk assessments and document findings in the GRC system

. Help track audit actions, report follow-ups, and maintain compliance dashboards

. Assist in vendor risk assessments using tools like ServiceNow

. Document audit findings and support remediation tracking

. Review operational areas such as:

o Endpoint and patch management

o Change management

o Technical vulnerability remediation

o Access Control Analysis

. Assist in reviewing compliance-related documentation and policies

. Support business continuity and disaster recovery planning initiatives as needed

. Collaborate on compliance reports and dashboard creation for management visibility

Required Skills & Qualifications:

. Bachelor’s degree in information technology, Cybersecurity, or a related field

. 1–3 years of full-time experience in Information Security Audits or Compliance

. Exposure to GRC systems and risk management tools

. Familiarity with industry standards and frameworks: ISO 27001, SOC 2, HIPAA, GDPR, NIST

. Ability to support internal/external audits with appropriate documentation and coordination

. Strong documentation and reporting skills

. Experience with tools like Git, Jira, ServiceNow, or security dashboards is a plus

. Certifications such as ISO 27001 LI/LA, CISA, or equivalent are desirable but not mandatory

Preferred Attributes:

. Strong attention to detail

. Proactive attitude toward learning and compliance improvement

. Good communication and collaboration skills to work across departments

. Willingness to take initiative in supporting team objectives and learning new technologies

Note:

As part of our interview process, we conduct an initial shortlisting to identify candidates who closely match our requirements. While we strive to notify all applicants about their status, if you do not receive a response from us, please understand that your profile has not been shortlisted at this time.