Compliance Analyst, IT/Tech
Job in
500016, Prakāshamnagar, Telangana, India
Listed on 2026-02-07
Listing for:
Evoke Technologies
Full Time
position Listed on 2026-02-07
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Job Title:
GRC Analyst / GRC Specialist
Location:
Hyderabad
Experience:
6 to 8 years
Job Summary
We are looking for a detail-oriented and proactive GRC professional with hands-on experience in SOC 2 Type 1 & Type 2, NIST CSF, NIST SP 800-53, CIS, GDPR, HIPAA, and ISO 27001 .
The ideal candidate will support and lead governance, risk, and compliance initiatives to ensure audit readiness, regulatory compliance, and effective risk management across the organization.
Key Responsibilities
Lead and support the implementation, maintenance, and continuous improvement of information security compliance programs, with a focus on SOC 2 Type 1 & Type 2, NIST CSF, NIST SP 800-53, and ISO 27001 .
Develop, review, and update security policies, procedures, and guidelines to align with applicable compliance frameworks and regulatory requirements.
Conduct risk assessments in coordination with cross-functional stakeholders against SOC 2, NIST, and ISO 27001 controls to identify gaps and improvement opportunities.
Prepare, compile, and manage audit documentation, evidence, and responses to ensure audit readiness and successful outcomes.
Contribute to enterprise risk assessments and business impact analysis (BIA) activities.
Maintain comprehensive documentation of security controls, compliance activities, remediation plans, and risk registers .
Prepare and present regular compliance status reports , key risk metrics, and identified issues to management and stakeholders.
Perform third-party risk assessments (TPRM) to evaluate vendor compliance with organizational security and privacy requirements.
Develop and maintain TPRM processes to monitor, assess, and mitigate risks associated with external vendors.
Ensure effective communication and documentation of third-party risk findings and remediation actions .
Assist in drafting, reviewing, and updating organizational governance, risk, and compliance policies and procedures .
Required Qualifications
Proven experience in GRC, Information Security, Risk, or Compliance roles.
Hands-on experience with SOC 2, NIST CSF, NIST SP 800-53, ISO 27001 , and familiarity with CIS, GDPR, and HIPAA .
Strong understanding of risk management principles , audit processes, and control frameworks.
Experience supporting internal and external audits .
Excellent documentation, reporting, and communication skills.
Ability to work cross-functionally with IT, Security, Legal, and Business teams.
Preferred Qualifications
Certifications such as CISA, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor , or similar.
Experience with GRC tools (Service Now GRC, Archer, One Trust, etc.).
SaaS, cloud, or regulated industry experience.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×