The Information Security and Compliance Analyst will play a key role in supporting Rightpoint's Information Security Management System and driving compliance with SOX and ISO 27001 standards. In this position, you'll work across teams to ensure security best practices are implemented and maintained throughout the organization.
What You'll Do
- Coordinate and track SOX and ISO 27001 compliance efforts, including control reviews, evidence collection, process documentation, and internal readiness assessments
- Organize and conduct comprehensive searches to determine the applicability of data security policies to client contracts
- Serve as the point of contact for auditors and internal stakeholders during compliance reviews, ensuring clear and timely communication
- Maintain and organize a central repository of compliance documentation, policies, and procedures with a high standard of clarity and accuracy
- Review, triage, and analyze vulnerability findings from internal scans and external tools; prioritize and categorize based on risk and potential business impact
- Work closely with IT and application owners to coordinate remediation efforts, follow up on open vulnerabilities, and ensure timely resolution
- Assist in developing security policies, procedures, and user guidance aligned with industry best practices
- Generate concise and meaningful reports and dashboards for internal leadership and auditors
- Track exceptions, manage control gaps, and help drive risk mitigation strategies
- Contribute to security awareness and training efforts by preparing clear documentation and guidance materials
What We're Looking For
- 3+ years of experience in information security, IT compliance, or related roles
- Demonstrated experience supporting or managing SOX, ISO 27001 or similar compliance activities
- Familiarity with vulnerability management tools
- Outstanding written communication skills, especially in drafting audit responses, procedures, and internal documentation
- Meticulous attention to detail, with a strong ability to manage and organize complex deadline-driven tasks
- Comfortable working independently in a remote or distributed team environment
- Bachelor's Degree in Computer Science, MIS, or related field
Nice to Have
- Certifications such as CISA, ISO 27001 Implementation, CISSP, or Security+
- Experience working with compliance frameworks such as NIST, GDPR, or SOC 2
- Prior experience in a multinational or regulated environment
- Familiarity with project tracking tools (e.g. JIRA, Confluence, SharePoint)
Technical Stack
- AWS
- Azure
- JIRA
- Confluence
- SharePoint
- vulnerability management tools
Team & Environment
- Reports to: IT Security and Compliance lead
Benefits & Compensation
- 30 Paid leaves
- Public Holidays
- Casual and open office environment
- Flexible Work Schedule
- Family medical insurance
- Life insurance
- Accidental Insurance
- Regular Cultural & Social Events including Diwali Party, Team Parties, Team outings, etc.
- Continuous Training, Certifications, and Learning Opportunities
- First-hand experience dealing with security incidents
Work Mode
frequent flexibility for meetings with US-based colleagues; occasional after-hours (or before-hours) support during incidents or critical remediation windows
Rightpoint, a Genpact Company, is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. We are committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.
