Senior Security Analyst - GRC, Audit & Cloud Controls

Role:

• We are hiring a Senior Security Analyst — GRC, Audit & Cloud Controls to support security governance, audit readiness, control assurance, and remediation activities across cloud-based platforms, applications, and business processes.
• The role is ideal for someone with experience in security governance, IT risk, audit support, control testing, ISO 27001, SOC 2, PCI DSS, regulatory requirements, and cloud control environments.

Responsibilities:

• Support security governance, risk, and compliance activities across cloud platforms, applications, and technology services.
• Assist with internal and external audits, including ISO 27001, SOC 2, PCI DSS, regulatory reviews, and internal control assessments.
• Collect, review, and validate audit evidence to confirm that security controls are operating effectively.
• Support control testing, gap assessments, and control effectiveness reviews.
• Monitor security control gaps, non-compliance items, audit findings, and remediation actions.

Required Skills:

• Experience in security GRC, IT risk, technology risk, security assurance, IT audit, or security compliance.
• Good understanding of frameworks and standards such as ISO 27001, SOC 2, PCI DSS, NIST, COBIT, or similar.
• Experience supporting audits, evidence collection, control testing, gap assessments, or remediation tracking.
• Understanding of cloud or SaaS security controls, especially in environments such as AWS, Azure, GCP, or enterprise cloud platforms.
• Experience with security metrics, KRIs, RCSA, scorecards, dashboards, SLA tracking, or governance reporting.
• Clear written and verbal communication skills, with the ability to explain security risks to both technical and non-technical stakeholders.