DISCO

legal

SeniorInformationSecurityGRCAnalyst

Gurugram, Haryana, India

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Senior candidates.

The Brief

“Senior Information Security GRC Analyst at DISCO. Skills: Information Security Compliance Program, Compliance and Audits, Third Party Risk Management, Reporting and Documentation. Drives and supports the security governance and risk and compliance programs. Perform reviews, assessments, and audits”

What You'll Achieve.

drive continual improvement in our risk and cyber-security posture

Industry & Context.

legal

Problems you'll solve

resolution of risk and compliance issues

What They're Looking For.

Must Have

4+ years of direct experience in security operations, risk or compliance management, 1+ years of IT or other relevant technical experience, Extensive knowledge and experience with ISO 27001 or SOC2, Experience leading audit activities and engagements, understanding of cloud computing concepts and relevant security controls, Experience coordinating tasks to complete third party assessments, Experience writing clear and concise policies, procedures, or controls in one or more standards/frameworks, Experience securing the public cloud (AWS, GCP, Azure), Experience responding to security and compliance questions from client and customer organizations

Nice to Have

Knowledge of computer networking concepts and protocols, and network security methodologies, Knowledge of risk management processes, Knowledge of cyber threats and vulnerabilities, Ability to advance multiple projects concurrently, Ability to work both independently and as part of a team, Excellent oral and written communication skills, with the ability to clarify complex topics to both technical and non-technical audiences

What You'll Do.

Drives and supports the security governance and risk and compliance programs

Facilitate communication to internal and external stakeholders

and implement documentation to support security

and audit requirements

Ensure compliance with audit obligations

Drive continual improvement in risk and cyber-security posture

Drives the information security programs including risk management and compliance testing

Coordinates security risk assessment activities and security compliance audits

Operates and improves security audit procedures relevant to SOC 2 & ISO 27001

Leads existing compliance programs and processes

Designs and executes audit procedures to assess and measure company compliance with its security policies and procedures

Supports in compliance testing and monitoring of regulatory obligations

and other regulatory matters as required

Maintains a library of security and compliance documentation

Drives due diligence and risk assessments for vendors and suppliers

ensuring that they meet security and compliance requirements

Maintains customer facing Trust Center and related documents

Leads response generation to customer questions and assessments

and prepares reports required for senior management

and other relevant stakeholders

Works closely with internal stakeholders on resolution of risk and compliance issues

and reports cybersecurity compliance issues and incidents

Supports activities related to contingency planning

business continuity management

and IT disaster recovery

Maintains and improves information security

How You'll Work.

Team & Collaboration

Facilitate communication to internal and external stakeholders; Works closely with internal stakeholders on resolution of risk and compliance issues; Ability to work both independently and as part of a team

Communication Scope

Excellent oral and written communication skills; ability to clarify complex topics to both technical and non-technical audiences

Process & Methodology

Ability to advance multiple projects concurrently

Full Job Description

Your Impact The Senior Information Security GRC Analyst drives and supports the security governance and risk and compliance programs. They perform reviews, assessments, and audits, conduct research, and facilitate communication to internal and external stakeholders where necessary. They monitor, coordinate, and implement documentation to support security, compliance, and audit requirements. They ensure compliance with our audit obligations and drive continual improvement in our risk and cyber-security posture. What You'll Do ● Information Security Compliance Program: Drives the information security programs including risk management and compliance testing. Coordinates security risk assessment activities and security compliance audits. Operates and improves security audit procedures relevant to SOC 2 & ISO 27001. ● Compliance and Audits: Leads existing compliance programs and processes. Designs and executes audit procedures to assess and measure company compliance with its security policies and procedures. Supports in compliance testing and monitoring of regulatory obligations, and other regulatory matters as required. Maintains a library of security and compliance documentation. ● Third Party Risk Management: Drives due diligence and risk assessments for vendors and suppliers, ensuring that they meet security and compliance requirements. Maintains customer facing Trust Center and related documents. Leads response generation to customer questions and assessments. ● Reporting and Documentation: Collects, analyzes, and prepares reports required for senior management, regulators, and other relevant stakeholders. Works closely with internal stakeholders on resolution of risk and compliance issues. Documents, investigates, and reports cybersecurity compliance issues and incidents. Supports activities related to contingency planning, business continuity management, and IT disaster recovery. Maintains and improves information security Who You Are ● 4+ years of direct experi

Free ATS check

Applying for this Senior Information Security GRC Analyst role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 29 detected · ranked by frequency

risk management ×4

Third Party Risk Management ×3

compliance testing ×3

audit procedures ×3

security audit procedures ×3

vendor risk assessments ×3

documentation ×3

reporting ×3

incident reporting ×3

cloud security controls ×3

Information Security Compliance Program ×2

Compliance and Audits ×2

Reporting and Documentation ×2

AWS

GCP

Azure

security governance

compliance management

security operations

due diligence

risk assessments

contingency planning

business continuity management

IT disaster recovery

legal document review

case management

ediscovery

ISO 27001

SOC 2

BEHAVIOURAL

communicationcollaborationindependent workteamwork

Role Details

Experience 4–10 yrs

Level Senior

Category it

AI-Extracted Insights

Domain Areas

cloud-computing-conceptslegal-industryediscoverylegal-document-reviewcase-management

ANONYMOUS · UNFILTERED

What do employees actually say about DISCO?

Real rants from real employees. Read before you apply.

Read Company Rants →