At Securonix, we’re on a mission to secure the world by staying ahead of cyber threats, reinforcing all layers of our platform with AI capabilities. Our Securonix Unified Defense SIEM provides organizations with the first and only AI-Reinforced solution built with a cybersecurity mesh architecture on a highly scalable data cloud. Enhanced by Securonix EON’s AI capabilities, our innovative cloud-native solution delivers a seamless CyberOps experience, empowering organizations to scale their security operations and keep up with evolving threats.

Recognized as a five-time leader in the Gartner Magic Quadrant for SIEM and highly rated on Gartner Peer Insights, our award-winning Unified Defense SIEM provides organizations with 365 days of ‘hot’ data for rapid search and investigation, threat content-as-a-service, proactive defense through continuous peer and partner collaboration, and a fully integrated Threat Detection, Investigation, and Response (TDIR) experience—all within a single platform. Built on a cloud-native architecture, the platform leverages the Snowflake Data Cloud for unparalleled scalability and performance.

Securonix is proud to be a cybersecurity unicorn and featured in CRN's 2024 Security 100 list. Backed by Vista Equity Partners, one of the largest private equity firms with over $100 billion in assets under management, we have a unique advantage in driving innovation and growth. With a global footprint, we serve more than 1,000 customers
worldwide, including 10% of the Fortune 100. Our network of 150+ partners and Managed Security Service Providers (MSSPs) enables us to deliver unmatched security solutions on a global scale.

At Securonix, we are driven by our core values and place our people at the heart of everything we do:

• Winning as One Team: We work together with universal respect to achieve aligned outcomes

• Customer Driven Innovation: We innovate to stay ahead of the market and create value for our customers

• Agility in Action: We embrace change and are unified in our purpose and objectives amidst change

Join us as we redefine cybersecurity, innovate fearlessly, and grow together as one team.

Summary:

The Security Risk and Compliance Analyst I will be responsible for executing control assessments and ensuring that compliance with regulatory and industry mandates that include SOC1, SOC2, PCI, GDPR, ISO 27001, HIPAA, HITRUST, FEDRAMP and others are maintained. Reporting to the Manager of Information Security Compliance, this role will be responsible for executing control self-assessments, creating and maintaining policy documentation, assisting in maintaining the risk register and overall maintenance of the organization’s compliance posture.

Essential Functions of the Job:

• Conduct controls assessments to identify and assess Information Security risks within the Securonix IT environment. Securonix IT General Controls to ensure our continued compliance with our regulatory and industry mandates.

• Ensure that control self-assessments are conducted in a timely manner ensuring completeness and accuracy

• Maintain documentation of control assessments and risks in the GRC tool.

• Ensure that appropriate documentation in the form of policies, standards and procedures is created and managed to support the various security, compliance and audit requirements.

• Co-ordinate execution of Pen Tests, Vulnerability scans and reporting. Work on remediation actions for identified findings and track them to closure.

• Work with other teams in the IT org to establish standards and process for maintaining and improving the organization’s security posture

• Assist in continuous improvement and maturing the Information Security GRC program

Additional Job Functions:

• Maintain the risk register with up-to-date risk details, and track risk response plans(remediation/exceptions) to closure

• Perform audits and assessments of third parties such as vendors, service
  providers, consulting organizations etc. as required.

• Work closely with Technology and Security teams to develop appropriate remediation action plans for identified risks.

Knowledge and Skill Requirements:

• Demonstrated experience in performing risk/control assessments against compliance frameworks such as COSO, COBIT, NIST, ISO 27001, etc.

• Understanding of IT General Controls in relation to SOC1, SOC2, HIPAA,HITRUST, GDPR, FEDRAMP and other compliance initiatives.

• Familiarity with IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security is desirable.

• Familiarity with cloud and SaaS-based environments and technologies with associated auditing methodologies is desirable

• Bachelor’s / Master’s degree in a computer or information management field or similar work experience.

• Relevant certifications like CISSP, CISA, CRISC, ISO 27001 – Lead Auditor/Lead Implementer
  desirable, but not mandatory

• Strong attention to detail, influencing and problem resolution skills.

• 2+years’ experience in Information Security - IT audit and/or IT Risk & Compliance roles

Benefits:

As a full-time employee with Securonix, you will be eligible for the following employee benefits:

• Health Insurance with a total sum insured is INR 7,50,000

• Coverage: Self, Spouse, 2 kids, Dependent parents, or parents-in-law

• Personal Accident with total sum insured is INR 10,00,000

• Term Life Insurance with a sum assured for employees is 5 times fixed base pay is covered.

Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training.

Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.