Signzy - Security Analyst - Compliance & Audit (3-7 yrs)

Job Title: Security Analyst - Compliance & Audit.

Location: [Bangalore / Remote].

Experience: 3-7 years.

Industry: Banking, Financial Services, Consulting.

Employment Type: Full-time.

Job Summary:

We are seeking an experienced Security Analyst with a strong background in cybersecurity compliance, audit frameworks, and regulatory requirements for banks and financial institutions.

The ideal candidate has worked in a consulting organization, guiding clients through security audits, ensuring adherence to frameworks like ISO 27001, PCI-DSS, NIST, SOC 2, GDPR, and financial regulations such as FFIEC, RBI guidelines, MAS TRM, and PSD2.

Key Responsibilities:

Compliance & Regulatory Audits:

- Conduct security assessments and audits for banks and financial institutions to ensure compliance with industry standards and regulations.

- Develop and implement security policies aligned with ISO 27001, PCI-DSS, SOC 2, NIST, GDPR, FFIEC, RBI, MAS TRM, PSD2, and other banking compliance frameworks.

- Assist clients in preparing for security audits, identifying gaps, and implementing remediation plans.

- Support the completion of third-party risk assessments and regulatory security audits.

Security Governance & Risk Management:

- Perform risk assessments, identifying vulnerabilities, threats, and compliance gaps in banking systems.

- Develop security risk management frameworks and controls in line with banking security regulations.

- Work with internal security teams, regulators, and auditors to ensure smooth compliance processes.

- Assist in vendor risk assessments and due diligence for third-party financial service providers.

Security Operations & Incident Response:

- Collaborate with SOC, IT security, and DevOps teams to enforce security best practices.

- Monitor security threats, vulnerabilities, and incidents impacting compliance adherence.

- Provide recommendations for remediation of security vulnerabilities identified during audits.

Policy Development & Awareness:

- Draft and maintain security policies, standards, and procedures in compliance with regulatory frameworks.

- Conduct security awareness training for clients and internal teams on banking security best practices.

- Stay updated on evolving financial regulations, cybersecurity trends, and industry best practices.

Required Qualifications & Skills :

Technical & Compliance Expertise:

- Strong experience with ISO 27001, SOC 2, PCI-DSS, NIST CSF, GDPR, FFIEC, RBI IT Guidelines, MAS TRM, PSD2, or other financial security standards.

- Knowledge of cloud security frameworks (AWS, Azure, GCP), Kubernetes security, and CI/CD security best practices.

- Familiarity with security monitoring tools such as SentinelOne, Splunk, SIEM solutions.

Consulting & Audit Experience:

- Experience working in security consulting firms, Big 4, or similar organizations handling compliance projects for banks and financial institutions.

- Ability to guide clients through security certifications, audits, and regulatory filings.

Soft Skills:

- Strong communication skills to interact with CISOs, IT teams, auditors, and regulators.

- Ability to work in a fast-paced, regulatory-driven environment with multiple stakeholders.

- Analytical thinking with problem-solving skills to address security compliance challenges.

Preferred Certifications:

- CISA (Certified Information Systems Auditor).

- CISM (Certified Information Security Manager).

- CRISC (Certified in Risk and Information Systems Control).

- CISSP (Certified Information Systems Security Professional).

- ISO 27001 Lead Auditor / Implementer.

- PCI-DSS QSA (Qualified Security Assessor) - preferred for payment security roles.

Why Join Us?.

Work on high-impact security projects for leading banks, fintech firms, and financial institutions.

Exposure to the latest regulatory changes and cybersecurity frameworks.

Opportunity to collaborate with top security professionals and industry experts.

If you have a passion for security compliance, risk management, and consulting in the banking sector, we'd love to hear from you!.