Cyber Security Risk Analyst (Remote - India)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cyber Security Risk Analyst in India.

This role offers an exciting opportunity to take ownership of the full risk assessment lifecycle, ensuring technical security controls are effective across cloud and on-premise environments. You will lead detailed security audits, evaluate risks, and partner with engineering and product teams to remediate vulnerabilities. The position combines a strong risk and compliance mindset with technical expertise in modern enterprise security tooling. You will contribute to designing secure software practices, performing third-party assessments, and supporting AI governance initiatives. The role is ideal for someone passionate about cybersecurity, compliance frameworks, and improving organizational security posture.

Accountabilities

• Lead technology and cyber risk assessments, maintaining a detailed risk register with impact and likelihood rationales.
• Conduct security audits and evaluate IT controls across cloud, on-prem, and hybrid environments.
• Map controls to frameworks (ISO/IEC 27001:2022/27002, NIST CSF 2.0, NIST 800‑53, CIS Controls, PCI DSS 4.0) and regulatory requirements (GovRAMP, EU AI Act, GDPR, CCPA).
• Plan and execute end-to-end technical audits including evidence gathering, walkthroughs, testing, and issue rating.
• Support the design and testing of Access Control, Application and Data Security, IT Service Operations, and Technology Architecture.
• Partner with engineering, IT, and product teams to translate requirements into pragmatic controls and remediation actions.
• Perform third-party risk assessments and contribute to AI governance and data protection audits.
• Develop playbooks, control testing procedures, and knowledge articles to raise organizational control maturity.

Requirements

• Proven experience in cybersecurity, with demonstrable expertise in risk assessment and security auditing.
• Relevant certifications such as CISA, CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent experience.
• Strong knowledge of ISO 27001/27002, NIST CSF, NIST 800‑53, CIS Controls, SOC 2, and PCI DSS.
• Hands-on experience assessing Microsoft and Azure security including Entra ID, Defender suite, Sentinel, Intune, Azure Policy, and Purview.
• Experience with Identity and Access Management, Cloud Security (Azure, AWS), Data Protection, SecOps, Agile Software Development (DevSecOps), and Security by Design.
• Technical literacy across networks, identity, cloud, endpoints, logging/monitoring, and secure configuration.
• Solid understanding of ITGCs, evidence-based testing methods, and audit documentation/reporting.
• Competence in using GenAI or Agentic AI to enhance GRC processes.
• Strong communication and interpersonal skills to work effectively with stakeholders across locations and functions.

Benefits

• Competitive salary with performance-based incentives.
• Flexible hybrid work environment with partial remote work options.
• Professional growth opportunities and access to cutting-edge security technologies.
• Collaborative and inclusive team culture emphasizing diversity and belonging.
• Support for continuous learning and certification in cybersecurity and compliance.
• Health and wellness programs to support employee well-being.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the three candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!