Associate Information Security and Compliance

Title: Associate Information Security and Compliance

Location: Mumbai

Education: Any Degree (Computer Science)

Exp: 0-2 Years

The Information Security and Compliance Associate will support the execution of Information Security Privacy and AI Management System (AIMS) programs aligned with ISO 27001 ISO 27701 and ISO 42001 standards. The role involves assisting in compliance monitoring audit activities and risk assessments using ServiceNow GRC and defined control frameworks. The associate will also support periodic reporting and ensure adherence to organizational policies and procedures.

Core Responsibilities:

Compliance & Monitoring

Conduct periodic compliance checks and update findings in line with defined policies and procedures.

Record track and maintain audit/compliance tickets in ServiceNow GRC.

Perform regular health checks of security tools and review daily alerts/events.

Support ongoing monitoring of security controls across IT HR FM and business operations.

Participate in periodic control assessments mapped to ISO 27001 ISO 27701 and AIMS requirements.

Audit & Risk Support

• Assist in internal audits covering information security privacy and AI controls.

• Document audit observations evidence and status updates in ServiceNow GRC.

• Support enterprise risk assessment activities as per the defined risk management calendar.

• Assist in third-party/vendor risk assessments using established frameworks and tools.

Security Operations Support

• Perform periodic reviews of key security domains such as Vulnerability Management DLP Endpoint Security and SIEM.

• Proactively monitor and update security incidents service requests and compliance tickets.

• Assist in the preparation of dashboards and compliance/security metrics reporting.

Reporting & Continuous Improvement

• Generate periodic reports and metrics for management on compliance and security posture.

• Identify opportunities to enhance reporting quality control effectiveness and process efficiency.

Skills and Experience:

• Fresher or entry-level experience in Information Security Audit or Compliance.

• Basic understanding of IT systems cybersecurity tools and control environments.

• Familiarity with standards such as ISO 27001/27002 ISO 27701 ISO 42001 (AIMS) NIST or PCI-DSS is preferred.

Key Attributes:

• Strong interpersonal skills and ability to collaborate across teams.

• Effective verbal and written communication skills.

• High integrity and adherence to ethical standards.

• Ability to grasp technical and compliance concepts quickly.

• Strong learning mindset and attention to detail.

• Process-oriented with a focus on consistency and improvement.

Qualifications:

• Graduate in Computer Science or equivalent field.

• Certifications or basic knowledge in security and audit standards (e.g. ISO 27001 LI/LA ISO 27701 CISA preferred but not mandatory).