Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Cyderes

GRC Analyst

Cyderes

GRC Analyst implementing and monitoring information security compliance programs at Cyderes. Assisting with audits and maintaining security policies in a hybrid work environment.

Posted 5/19/2026full-timeBengaluru • 🇮🇳 IndiaMid-LevelSeniorWebsite

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Coordinate IT security governance, risk and compliance activities across the enterprise
  • Oversee information security compliance activities, including daily, weekly, quarterly and/or annual security risk assessments – both performing internal assessments and responding to external assessments
  • Respond to request for information on Cyderes’ security compliance from customers and partners, review and negotiate relevant agreements
  • Support efforts for compliance with SOC2, ISO 27001, NIST 800-53, and other security standards and regulatory frameworks
  • Conduct audit readiness assessments and coordinate with internal and external functions and audit resources
  • Support the implementation and administration of the Governance, Risk, and Compliance system (GRC)
  • Collaborate with other departments to direct security compliance issues to appropriate channels for investigation and resolutions
  • Revise and maintain security & controls policies and procedures in accordance with applicable regulations
  • Enable Continuous Compliance through Continuous testing of security & privacy controls
  • Identify and provide recommendations for technology, licensing, and/or process updates to improve Cyderes overall security posture
  • Develop and provide reports to keep management informed of the operation and progress of compliance efforts

Requirements

What you’ll need
  • - Minimum 3 years in a GRC role with at least 1 full year of hands-on administration of a GRC automation tool (Vanta, Drata, or Sprinto etc.). Vanta is preferred.
  • - Experience in design and implementation of information security policies and controls
  • - Experience participating in external security audits; SOC2 Type II preferred
  • - Experience conducting needs assessments and identifying/implementing appropriate solutions
  • - Strong knowledge of security technologies and architecture, including encryption, cloud network security design, security group configuration, intrusion detection, data loss prevention and application security
  • - Ability to take initiative and be proactive
  • - Ability to work independently and be resourceful
  • - Complex problem-solving and analytical skills
  • - Excellent communication skills, both verbal and written; ability to condense complex information into simple language for the appropriate audience
  • - CISSP, CISM, CISA certifications preferred
  • - Analyst A (The Internal Builder): Focuses on Vanta, SOC2/ISO mapping, and internal engineering/DevOps alignment.)
  • - Evidence Collection: Proven track record of translating abstract SOC2 criteria into technical screenshots, logs, or API outputs.
  • - Proven track record of translating abstract SOC2 Common Criteria or ISO 27001 clauses into actionable technical controls.
  • - Analyst B (The External/Risk Specialist): Focuses on Third-Party Risk, Customer Questionnaires/Trust Center, and Privacy (GDPR/CCPA).
  • - high proficiency in interpreting SOC2/ISO reports and Data Processing Agreements (DPAs)
  • - Advanced Third-Party Risk (TPRM) Analysis: Minimum 3 years of hands-on experience evaluating SaaS vendors, with the proven ability to dissect SOC2 Type II, ISO 27001, and Penetration Test reports.
  • - Vanta Trust Center & Questionnaire Automation: Proficiency in managing Vanta’s Trust Center and Vendor Risk modules.
  • - Privacy & Data Protection Liaison: Practical experience navigating Data Processing Agreements (DPAs) and mapping vendor risks to privacy frameworks like GDPR, CCPA, or HIPAA.

Benefits

Comp & perks
  • ✔ Medical Insurance - Employee + dependents covered
  • ✔ Life Insurance - Protection for what matters most
  • ✔ Retirement Match Program - We invest in your future
  • ✔ Hybrid Work Model - 2–3 days in office
  • ✔ Maternity & Paternity Leave - Time for the moments that matter
  • ✔ Paid Time Off - PTO + sick & casual leave
  • ✔ Bereavement & Volunteer Time - Give back to your community
  • ✔ Professional Development - Reimbursement program
  • ✔ LinkedIn L&D Platform - Thousands of courses at your fingertips
  • ✔ Mobile Phone Reimbursement - Stay connected, on us

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
GRC automationinformation security policiessecurity technologiesencryptioncloud network security designintrusion detectiondata loss preventionapplication securitySOC2 Type IIISO 27001
Soft Skills
initiativeproactiveindependentresourcefulcomplex problem-solvinganalytical skillsexcellent communication
Certifications
CISSPCISMCISA