Security and Compliance Analyst

6 hours ago


Bengaluru Karnataka India, Karnataka Anumana Full time

Position: Security and Compliance AnalystExperience Range: 3 to 5 yrsJob Location: BangaloreWork Mode: Hybrid (3 days in the office, 2 days remote)Job SummaryAnumana is seeking a detail-oriented and proactive Security and Compliance Analyst to ensure our organization’s adherence to international security standards and regulatory requirements. The successful candidate will play a key role in the development, implementation, and continuous improvement of Anumana's Information Security Management System (ISMS) in compliance with ISO/IEC 27001, ISO/IEC 27002, and ISO 13485 standards.This role involves close collaboration with multiple departments—HR, Legal, IT, Engineering, and Quality/Regulatory teams—to maintain a robust security and compliance posture. The Security and Compliance Analyst will also be responsible for managing third-party risk assessments, ensuring compliance with global privacy regulations (such as GDPR), and supporting the overall Information Security Program.Key Responsibilities Compliance ManagementMaintain and continuously improve the Information Security Management System (ISMS) to comply with ISO/IEC 27001, ISO/IEC 27002, and ISO 13485 standards.Coordinate with the Quality and Regulatory team to align security controls with ISO 13485 requirements for medical device software.Develop and update policies, procedures, and documentation necessary for maintaining certification status.Conduct internal audits and prepare for external audits, ensuring that all necessary evidence is documented and accessible. Cross-Department CollaborationWork closely with HR, Legal, IT, Engineering, and other departments to ensure that information security requirements are consistently integrated across the organization.Provide guidance on security and compliance matters, including secure practices, policy enforcement, and risk mitigation.Assist in the development of training materials and conduct regular security awareness sessions for staff. Third-Party Risk ManagementRespond to third-party risk management questionnaires, ensuring that external parties meet Anumana’s security standards.Perform risk assessments on vendors, suppliers, and partners, evaluating their adherence to security requirements.Maintain and update a database of third-party risk assessments and ensure regular monitoring of vendor compliance. Privacy and Confidentiality ManagementMonitor and enforce privacy compliance across the organization, focusing on GDPR, CCPA, and other relevant global data protection regulations.Track data protection incidents and coordinate response and remediation activities.Work with Legal and HR teams to ensure confidentiality agreements are properly managed and enforced. Security Program OversightSupport the overall information security program by conducting risk assessments, tracking key performance indicators (KPIs), and managing security metrics.Develop and maintain security policies, standards, and guidelines based on best practices and relevant frameworks.Monitor and assess compliance with organizational policies, industry standards, and applicable regulations.Identify areas of improvement in security controls and recommend mitigation strategies. Audit Preparation & Evidence ManagementGather, organize, and maintain documentation of control evidence required for internal and external audits.Track audit findings, follow up on remediation actions, and ensure they are completed on time.Prepare reports summarizing compliance activities, audit results, and risk assessments for management review. Qualifications Required:Bachelor's degree in Information Security, Computer Science, Risk Management, or a related field (or equivalent experience).3+ years of experience in information security, compliance, risk management, or related fields.Strong understanding of ISO/IEC 27001, ISO/IEC 27002, and ISO 13485 standards.Experience with information security frameworks (e.g., NIST, HITRUST) and best practices.Knowledge of data protection regulations, including GDPR, CCPA, and other privacy laws.Ability to respond to third-party risk assessments and manage vendor compliance.Familiarity with GRC (Governance, Risk, and Compliance) tools and methodologies. Preferred:Professional certifications such as CISSP, CISM, CRISC, CCSK, or ISO/IEC 27001 Lead Auditor/Implementer.Experience working in the medical device or healthcare sector, with familiarity in Software as a Medical Device (SaaMD).Knowledge of security assessment tools and vulnerability management practices.Understanding of secure software development and DevSecOps practices. Skills:Strong analytical and problem-solving skills with attention to detail.Excellent communication skills, with the ability to present complex information clearly to technical and non-technical stakeholders.Highly organized, with strong project management skills and the ability to prioritize tasks effectively.Demonstrated ability to work collaboratively with cross-functional teams.



  • Bengaluru, Karnataka, India Simeio Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About the Role: The Senior Security Analyst in Compliance and Audit is responsible for ensuring the organization meets and maintains compliance with key security frameworks such as ISO27000, ISO27001/18, CSA, SOC2, and ISO27701. This role includes managing the audit lifecycle, overseeing policy and contract governance, and ensuring compliance across all...


  • Bengaluru, Karnataka, India Simeio Solutions Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    About the Role: The Senior Security Analyst in Compliance and Audit is responsible for ensuring the organization meets and maintains compliance with key security frameworks such as ISO27000, ISO27001/18, CSA, SOC2, and ISO27701. This role includes managing the audit lifecycle, overseeing policy and contract governance, and ensuring compliance across all...


  • Bengaluru, Karnataka, India, Karnataka Signzy Full time

    Signzy is a digital trust system. We provide identification, background checks, forgery detectionand contract management systems which enable contracting in a trustable, safe, legal, andconvenient manner. Our biometric user authentication system and blockchain-based digital trailensure non-repudiation. This increases compliance and enforceability in the...


  • Bengaluru, Karnataka, India Infoblox Full time ₹ 70,000 - ₹ 1,20,000 per year

    At Infoblox, every breakthrough begins with a bold "what if."What if your ideas could ignite global innovation?What if your curiosity could redefine the future?We invite you to step into the next exciting chapter of your career journey. Bring your creativity, drive, your daring spirit, and feel what it's like to thrive on a team big enough to make an impact,...


  • Bengaluru, Karnataka, India iManage Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    We offer a flexible working policy that supports the health and well-being of our iManage employees. As an organization, we value collaborating and learning from our peers in person, while providing the necessary flexibility for our employees to have a meaningful work-life balance. Please reach out to learn more.Being a Security Compliance Analyst at iManage...


  • Bengaluru, Karnataka, India iManage Full time ₹ 8,00,000 - ₹ 12,00,000 per year

    We offer a flexible working policy that supports the health and well-being of our iManage employees. As an organization, we value collaborating and learning from our peers in person, while providing the necessary flexibility for our employees to have a meaningful work-life balance. Please reach out to learn more.Being a Security Compliance Analyst at iManage...


  • Bengaluru, Karnataka, India, Karnataka Madre Integrated Engineering Full time

    Job Role:As a Cyber Security Analyst, they will be responsible for safeguarding the digital infrastructure of our clients. Following the protocols and services put forward by global cybersecurity leaders you will detect, remediate and secure the information security systems of our clients.Key Responsibilities• Monitor, analyze, and respond to security...


  • Bengaluru, Karnataka, India, Karnataka [24]7.ai Full time

    Position : Security & Compliance SpecialistReports to: Manager InfoSec, GRCDepartment: Information Security (InfoSec) Location: BangaloreWork Mode : HybridKey ResponsibilitiesThis role oversee the development, evaluation and implementation of governance, risk and compliance.This role provides operational and conformance checking of information security...


  • Bengaluru, Karnataka, India 3M Full time

    3M has a long-standing reputation as a company committed to innovation We provide the freedom to explore and encourage curiosity and creativity We gain new insight from diverse thinking and take risks on new ideas Here you can apply your talent in bold ways that matter About the Role Join the dynamic and innovative team at 3M Global Technology...

  • Cyber Security

    6 hours ago


    Bengaluru, Karnataka, India, Karnataka Computacenter Full time

    Life on the teamOperates the cyber compliance framework to ensure Computacenter is continually compliant to our cybersecurity obligations, helping us to achieve our business goals and build customer trust.What you’ll doOperate the Cyber Compliance Framework (~ 90%)• Compliance Framework: operate processes and procedures as part of the Cyber Compliance...