Sr Security GRC Analyst

MoEngage is an insights-led customer engagement platform, trusted by 1,200+ global consumer brands. As a Great Place to Work Company we are a young, fast-paced and intelligent customer engagement platform that fosters a culture of innovation, ownership, freedom, and fun while building future-ready technology products. Sitting at a conflux of diverse technologies like Artificial Intelligence, Big Data, Web & Mobile platforms, MoEngage technology analyzes billions of data points generated by customers and their devices in order to predict their behavior and engage them at every touchpoint throughout their lifecycle with personalized communication.

In just eight years since our inception, we have worked with leading Fortune 500 brands such as Deutsche Telekom, Samsung, Ally Financial, Vodafone, and McAfee along with internet-first brands such as Flipkart, Ola, OYO, Bigbasket, and Sharechat, with a global presence that encompasses 35 countries. We currently have offices in San Francisco, Boston, London, Dubai, Ho Chi Minh city, Bangkok, Kuala Lumpur, Singapore, Sydney, Vietnam, Berlin, Jakarta, and Bengaluru.

The care we give to our customers is quite high! Our achievement of top service and support ratings in Gartners Magic Quadrant, Gartner Peer Insights, and G2 Summer Reports is a testament to that. Another commendable quality is our people-centric culture, as we have recently been included in Battery Ventures top 25 private cloud computing companies. As recognized by the DivHERsity Awards, we are one of the top 20 diversity companies in the world, while the Economics Times names us as one of the Top Organizations for Women.

Key Skills: Knowledge of Information Security Standards along with Regulatory Compliance Understanding [Information Security Governance, Risk and Compliance (GRC), ISO 27001, SOC2, GDPR, DPDA], Risk Management Expertise, Auditing Skills, Communication Skills, Analytical Thinking, Familiarity with GRC Tools, BCP & DR Concepts, Years of Experience: 3-5 years

Does this sound like you?

You enjoy tackling complex cybersecurity and infosec compliance issues and have a knack for handling customer inquiries:

• Dealing with customer inquiries about the companys security policies and practices, requires excellent customer service skills and an in-depth understanding of the companys cybersecurity measures.

• Conduct information security risk assessments effectively and serve as an internal auditor for any security-related issues that may arise within the organization.

• Develop and continuously update company-wide security policies, standards, guidelines, and procedures based on the evolving cybersecurity landscape.

• Understanding and catering to the security needs of various organizational stakeholders, especially when translating them into tangible security policies (AI-centric for example).

• Cultivating a culture of collective responsibility and continuous improvement within the team in relation to security effectiveness.

• Utilizing multiple security tools and methodologies to consistently assess the effectiveness of existing security controls.

• Helping to implement and maintain IT governance, risk management, and compliance frameworks amidst rapidly changing industry standards and regulations.

• Keeping up-to-date with changes in information security trends, regulatory requirements and best practices to continually improve the companys GRC program.

• Adapting to and managing any other related tasks that may arise during the departments day-to-day operations. This includes novel problem-solving and agility in response.

As a Security Lead, you will:

• Analyse client requests in the RFP lifecycle, mainly to understand information security requirements and articulate our current control framework

• Assist multiple customer-initiated security audits.

• Provide regular updates to stakeholders and management regarding the status of RFP activities and project milestones

• Collaborate with stakeholders, including IT and security teams and sales leaders, to understand project requirements and objectives

• Monitor remediation activities following audits to ensure any identified gaps are addressed promptly.

• Document lessons learned and best practices to continuously improve the RFP process

• Ensuring the security and compliance of our platform by effectively responding to security questionnaires and assessments

• Strong understanding of key compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, HIPAA).

• Proven experience in managing and executing risk assessments, compliance audits, and control testing.

• In-depth knowledge of risk management principles, security controls, and industry regulations.

• Maintain documentation of compliance processes, procedures, and controls.

• Support internal and external audits, including coordination with auditors, preparing audit materials, and tracking findings and resolutions.