Compliance and Audit Analyst
Khatabook
- Bangalore, Karnataka
- Permanent
- Full-time
by managing documentation, conducting internal audits, and facilitating employee training. This
role ensures audit readiness and compliance with reporting requirements for a 150-member
company, working closely with the InfoSec team to address gaps and maintain records.Key Responsibilities:- Develop and maintain documentation for ISO 27001:2022 (e.g., policies, procedures, risk
registers).
- Prepare and track evidence for CIRCIA audits, including incident reports and data retention (2
years minimum).
- Conduct internal audits to ensure continuous compliance with ISO 27001:2022 and CIRCIA.
- Train employees on security awareness and compliance requirements, including CIRCIA
reporting processes).
- Assist in vendor risk assessments and third-party compliance reviews.
- Support the InfoSec Manager during external audits for ISO 27001 certification and CIRCIA
assessments.
- Monitor and report on compliance gaps and remediation progress.
- Maintain documentation repositories using tools like Confluence or SharePoint.Qualifications:- Bachelor’s degree in Information Security, Business, or related field.
- 2-4 years of experience in compliance, audit, or risk management.
- Knowledge of ISO 27001:2022 documentation and audit processes.
- Understanding of CIRCIA reporting and retention requirements.
- Strong organizational and detail-oriented skills.
- Proficiency in documentation tools (e.g., Confluence, SharePoint).
- Experience with security awareness training platforms (e.g., KnowBe4).
Preferred Skills:
- ISO 27001 Foundation or CISA certification.
- Familiarity with GRC platforms.
- Experience in critical infrastructure compliance.