Security Analyst – Compliance & Audit - Bangalore

Job Description

Employment Type: Full-time

Job Summary:

We are seeking an experienced Security Analyst with a strong background in cybersecurity compliance, audit frameworks, and regulatory requirements for banks and financial institutions. The ideal candidate has worked in a consulting organization, guiding clients through security audits, ensuring adherence to frameworks like ISO 27001, PCI-DSS, NIST, SOC 2, GDPR, and financial regulations such as FFIEC, RBI guidelines, MAS TRM, and PSD2.

• Conduct security assessments and audits for banks and financial institutions to ensure compliance with industry standards and regulations.
• Develop and implement security policies aligned with ISO 27001, PCI-DSS, SOC 2, NIST, GDPR, FFIEC, RBI, MAS TRM, PSD2, and other banking compliance frameworks.
• Assist clients in preparing for security audits, identifying gaps, and implementing remediation plans.
• Support the completion of third-party risk assessments and regulatory security audits.

• Perform risk assessments, identifying vulnerabilities, threats, and compliance gaps in banking systems.
• Develop security risk management frameworks and controls in line with banking security regulations.
• Work with internal security teams, regulators, and auditors to ensure smooth compliance processes.
• Assist in vendor risk assessments and due diligence for third-party financial service providers.

• Collaborate with SOC, IT security, and DevOps teams to enforce security best practices.
• Monitor security threats, vulnerabilities, and incidents impacting compliance adherence.
• Provide recommendations for remediation of security vulnerabilities identified during audits.

• Draft and maintain security policies, standards, and procedures in compliance with regulatory frameworks.
• Conduct security awareness training for clients and internal teams on banking security best practices.
• Stay updated on evolving financial regulations, cybersecurity trends, and industry best practices.

Required Qualifications & Skills:Technical & Compliance Expertise:

• Strong experience with ISO 27001, SOC 2, PCI-DSS, NIST CSF, GDPR, FFIEC, RBI IT Guidelines, MAS TRM, PSD2, or other financial security standards.
• Knowledge of cloud security frameworks (AWS, Azure, GCP), Kubernetes security, and CI/CD security best practices.
• Familiarity with security monitoring tools such as SentinelOne, Splunk, SIEM solutions.

Consulting & Audit Experience:

• Experience working in security consulting firms, Big 4, or similar organizations handling compliance projects for banks and financial institutions.
• Ability to guide clients through security certifications, audits, and regulatory filings.

Soft Skills:

• Strong communication skills to interact with CISOs, IT teams, auditors, and regulators.
• Ability to work in a fast-paced, regulatory-driven environment with multiple stakeholders.
• Analytical thinking with problem-solving skills to address security compliance challenges.

Preferred Certifications:

• CISA (Certified Information Systems Auditor)
• CISM (Certified Information Security Manager)
• CRISC (Certified in Risk and Information Systems Control)
• CISSP (Certified Information Systems Security Professional)
• ISO 27001 Lead Auditor / Implementer
• PCI-DSS QSA (Qualified Security Assessor) preferred for payment security roles

• Work on high-impact security projects for leading banks, fintech firms, and financial institutions.
• Exposure to the latest regulatory changes and cybersecurity frameworks.
• Opportunity to collaborate with top security professionals and industry experts.

If you have a passion for security compliance, risk management, and consulting in the banking sector, wed love to hear from you!