Sr. Cyber Security Analyst

Posted on
null logo

Experience
3 - 5 yrs
Job Location
Bengaluru, India
Vacancy
1
Designation
Senior Cyber Security Analyst
Job Type
ONSITE

Job Description

Senior Cybersecurity Analyst | 100% Remote | Eltropy (Product based fintech SaaS firm)
We are seeking a Senior Cybersecurity Analyst GRC (Governance, Risk, and Compliance) to support and improve our security compliance and risk management program. This individual will help manage third-party audits, perform risk assessments, ensure ongoing compliance with security frameworks, and support business teams with customer and vendor assurance.
You ll work closely with security, engineering, legal, and customer teams to ensure Eltropy s security posture remains strong, transparent, and audit-ready.
Key Responsibilities
  • Assist in the preparation and execution of third-party audits and assessments, including SOC 2, PCI-DSS, NIST CSF, and ISO 27001.
  • Support the development and maintenance of Eltropy s GRC program, ensuring alignment with business and regulatory requirements through well-defined policies, controls, and risk processes.
  • Respond to customer security questionnaires and due diligence requests.
  • Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.
  • Perform risk assessments across systems, tools, and business processes; manage mitigation plans and maintain an exceptions register.
  • Contribute to access governance, including quarterly access reviews, enforcement of least privilege, and identity and access documentation.
  • Draft, review, and update security policies, standards, and procedures to reflect current risk posture and best practices.
  • Lead or support security awareness programs to promote a risk-conscious culture among staff and end users.
  • Contribute to the development and testing of incident response and disaster recovery plans.
  • Monitor and analyze cybersecurity threats, trends, and technologies, and recommend enhancements to Eltropy s security posture.
  • Help ensure the security of IT infrastructure by supporting the implementation and maintenance of measures against unauthorized access, cyber threats, and vulnerabilities.
  • Track and report on compliance status, audit readiness, and risk trends to key stakeholders.
Skills Attributes
  • 3 5 years of experience in cybersecurity or IT risk/compliance, with a focus on GRC.
  • Familiarity with major frameworks like SOC 2, PCI-DSS, ISO/IEC 27001, and NIST CSF.
  • Experience supporting third-party audits or certifications.
  • Knowledge of risk management processes and frameworks.
  • Ability to respond to security due diligence questionnaires and document technical and organizational controls.
  • Understanding of access governance and identity lifecycle best practices.
  • Excellent communication, documentation, and stakeholder coordination skills.
  • Comfort with tools like Vanta, Drata, or similar GRC platforms.
Preferred Skills
  • Experience in a SaaS, FinTech, or regulated technology environment.
  • Familiarity with cloud environments such as GCP, AWS, or Azure.
  • Understanding of security operations, incident response, or DevSecOps concepts.
Certifications (Preferred But Not Mandatory)
  • CISA Certified Information Systems Auditor
  • ISO 27001 Lead Auditor / Implementer
  • PCI ISA Internal Security Assessor
Disclaimer: This job posting has been aggregated from external source. Role details, content, and availability are subject to change. Applicants are advised to confirm the latest information directly on the company website before applying.

No Referrers Available

There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.