Lead Auditor - ISO 27001

We are looking for a driven, detail\-oriented **Information Security GRC Analyst** with 2–4 years of hands\-on experience to join our Information Security team. In this role, you will bridge the gap between technical security controls and business risk. You will be responsible for executing risk assessments, ensuring continuous compliance with global frameworks, managing third\-party vendor risks, and fostering a strong security culture across the organization.

Exposure to IT Compliance across Banking, NBFC, Power, IT, Manufacturing, and service sectors.

• *Compliance \& Framework Management**

· **Audit Readiness:** Support internal and external audits by gathering evidence, documenting controls, and interfacing directly with auditors for frameworks such as **ITGC**, **ISO 27001, ISO 27701, SOC 2, PCI DSS, NIST CSF, and GDPR**.

· **Control Mapping:** Perform continuous control monitoring to ensure technical security measures align with regulatory and corporate policy requirements.

• *Policy Development:** Assist in writing, updating, and reviewing internal information security policies, standards, and procedures to reflect shifting threat landscapes and business needs.

• Experience in user awareness and security training programs
• Ability to map security standards and frameworks to integrated compliance and risk assessment requirements