{"id":5258,"date":"2026-03-13T05:46:27","date_gmt":"2026-03-13T05:46:27","guid":{"rendered":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/were-hiring-information-security-compliance-analyst-2\/"},"modified":"2026-03-13T05:46:27","modified_gmt":"2026-03-13T05:46:27","slug":"were-hiring-information-security-compliance-analyst-2","status":"publish","type":"post","link":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/were-hiring-information-security-compliance-analyst-2\/","title":{"rendered":"We\u2019re Hiring Information Security &#038; Compliance Analyst"},"content":{"rendered":"<p>Information Security &#038; Compliance Analyst<span class=\"br\"><\/span>In Office | Full-Time | Gurugram, India<span class=\"br\"><\/span><b>Department<\/b><span class=\"br\"><\/span>Information Security &#038; Compliance<span class=\"br\"><\/span><b>Reports To<\/b><span class=\"br\"><\/span>Information Security Lead<span class=\"br\"><\/span><b>Experience<\/b><span class=\"br\"><\/span>2\u20134 years in GRC \/ Compliance \/ Internal Audit<span class=\"br\"><\/span><b>Education<\/b><span class=\"br\"><\/span>Bachelor\u2019s in Information Security, Computer Science, IT, or related field<span class=\"br\"><\/span><b>About the Role<\/b><span class=\"br\"><\/span>We are a healthcare services and technology company serving 270+ healthcare organizations across the US. Our Information Security program is in a high-growth phase, with active certification and compliance initiatives underway across HITRUST, SOC 2, and ISO 27001.<span class=\"br\"><\/span>We are looking for a hands-on compliance execution specialist who will drive our day-to-day security compliance operations. You will work under the direction of our Information Security Lead (a senior consultant with deep healthcare security expertise) and alongside a dedicated Security Operations team. This role focuses on audit readiness, evidence management, vendor compliance, and policy lifecycle management. Our compliance operations run on the Sprinto GRC platform.<span class=\"br\"><\/span><b>Responsibilities<\/b><span class=\"br\"><\/span>Audit Readiness &#038; Evidence Management<span class=\"br\"><\/span>Own the end-to-end evidence collection pipeline for HITRUST, SOC 2, and ISO 27001 audits<span class=\"br\"><\/span>Maintain and organize the evidence repository (via Sprinto) with zero gaps and audit-trail integrity<span class=\"br\"><\/span>Coordinate with cross-functional teams (IT, HR, Operations) to gather evidence on schedule<span class=\"br\"><\/span>Prepare audit working papers and support internal and external audit engagements<span class=\"br\"><\/span>Track audit findings, remediation action items, and closure timelines<span class=\"br\"><\/span>Policy &#038; Compliance Lifecycle Management<span class=\"br\"><\/span>Draft, review, and maintain security policies aligned to NIST CSF, ISO 27001, and HIPAA requirements<span class=\"br\"><\/span>Manage policy version control, approval workflows, and acknowledgment tracking<span class=\"br\"><\/span>Monitor regulatory changes (HIPAA updates, state privacy laws, emerging standards) and flag implications<span class=\"br\"><\/span>Respond to customer compliance questionnaires and security assessments accurately and on time<span class=\"br\"><\/span>Manage BAA (Business Associate Agreement) compliance documentation<span class=\"br\"><\/span>Risk Assessment &#038; Vendor Compliance<span class=\"br\"><\/span>Support quarterly risk assessments \u2014 data collection, evidence gathering, risk scoring<span class=\"br\"><\/span>Maintain the risk register and track remediation progress against target timelines<span class=\"br\"><\/span>Conduct vendor security assessments as part of the third-party risk management program<span class=\"br\"><\/span>Track vendor compliance status, BAA execution, and security posture documentation<span class=\"br\"><\/span>Support DLP (Data Loss Prevention) controls monitoring and reporting<span class=\"br\"><\/span>Security Awareness &#038; Reporting<span class=\"br\"><\/span>Develop and coordinate security awareness training content (HIPAA, data handling, incident reporting)<span class=\"br\"><\/span>Track training completion rates and phishing simulation performance metrics<span class=\"br\"><\/span>Support incident response documentation and post-incident reporting<span class=\"br\"><\/span>Prepare monthly compliance status reports for management<span class=\"br\"><\/span>Early Impact Opportunities<span class=\"br\"><\/span>This role offers the chance to make a visible contribution from day one. Within your first six months, you will be directly supporting active HITRUST and SOC 2 certification efforts, building evidence pipelines from the ground up, and establishing the compliance processes that the organization will run on going forward. You will have a front-row seat to three concurrent certification programs \u2014 a rare level of exposure at this career stage.<span class=\"br\"><\/span>Scope &#038; Focus<span class=\"br\"><\/span>This role sits squarely in the governance, risk, and compliance (GRC) domain. Security strategy and architecture are owned by the Information Security Lead, while technical security operations (vulnerability management, incident response, access controls) are handled by a separate team. Your focus is on keeping the compliance engine running \u2014 evidence, documentation, audit readiness, policy lifecycle, and vendor compliance. If you enjoy building structured, repeatable processes and take pride in keeping things organized and audit-ready, this is the right fit.<span class=\"br\"><\/span><b>Must-Have Qualifications<\/b><span class=\"br\"><\/span>2\u20134 years of experience in GRC, compliance, or internal audit \u2014 preferably in healthcare or a regulated industry<span class=\"br\"><\/span>Working knowledge of HIPAA\/HITECH compliance requirements with hands-on audit or compliance program experience<span class=\"br\"><\/span>Experience with at least one GRC platform (Sprinto, Vanta, Drata, OneTrust, or similar). Sprinto experience is a strong plus.<span class=\"br\"><\/span>Hands-on experience with evidence collection, audit preparation, and working with external auditors<span class=\"br\"><\/span>Familiarity with ISO 27001, SOC 2, or HITRUST frameworks (direct experience with at least one required)<span class=\"br\"><\/span>Strong documentation and written communication skills<span class=\"br\"><\/span>Self-driven execution style \u2014 you take direction well and proactively identify what needs to happen next<span class=\"br\"><\/span><b>Nice-to-Have<\/b><span class=\"br\"><\/span>Certifications: ISO 27001 Lead Implementer\/Internal Auditor, CISA, CRISC, or HITRUST CCSFP<span class=\"br\"><\/span>Experience in a BPO\/KPO or healthcare services environment with multi-geography operations<span class=\"br\"><\/span>Exposure to vendor risk management and third-party security assessments<span class=\"br\"><\/span>Experience supporting HITRUST validated or certified assessments<span class=\"br\"><\/span>Familiarity with NIST CSF framework<span class=\"br\"><\/span><b>Why Join Us<\/b><span class=\"br\"><\/span>Work directly with a senior security consultant who will mentor your growth in healthcare compliance<span class=\"br\"><\/span>Exposure to three concurrent certification programs (HITRUST, SOC 2, ISO 27001) \u2014 accelerated learning curve<span class=\"br\"><\/span>Clear growth path to Compliance Manager \/ GRC Manager within 24\u201336 months based on performance<span class=\"br\"><\/span>Multi-geography exposure across US, India, and Philippines operations<span class=\"br\"><\/span>Performance-linked bonus tied to certification milestones and operational delivery<span class=\"br\"><\/span>Powered by JazzHR<\/p>\n<p><center><b><a rel=\"nofollow noopener\" href=\"https:\/\/jobviewtrack.com\/v2\/d6tqwOcC7qd0whQLCbIshAkEySDQPiDqyL_QzK9ZCFE6qwf_8HHxaV_vAb5PYuGVot5TAi4vti1z9WbdPvXs3GRH-XPAp7E_Y8uhiz5yAwreYG7XSWgUoTu6KnTOvULEauKRyb6clbBokUljMdaETDQfvR6fHo6Xb5qMs1zJZBp1om8lR_w5SYjZXvStO8-yyJcTxZiJbEBBqpQrRK-CiQ?affid=1e18623d919a855447a16dd0557b1bec\" class=\"button purchase\" target=\"_blank\">Apply Now<\/a> <\/b><\/center><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Information Security &#038; Compliance Analyst In Office | Full-Time | Gurugram, India Department Information Security &#038; Compliance Reports To Information Security Lead Experience 2\u20134 years in GRC \/ Compliance \/ Internal Audit Education Bachelor\u2019s in Information Security, Computer Science, IT, or related field About the Role We are a healthcare services and technology company serving<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[26],"tags":[],"class_list":["post-5258","post","type-post","status-publish","format-standard","hentry","category-bpo-kpo-jobs"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[],"jetpack_shortlink":"https:\/\/wp.me\/pgs0IK-1mO","_links":{"self":[{"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/posts\/5258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/comments?post=5258"}],"version-history":[{"count":0,"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/posts\/5258\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/media?parent=5258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/categories?post=5258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitehattoolbox.com\/jobsinindia\/wp-json\/wp\/v2\/tags?post=5258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}