logo inner

Senior Information Security Analyst (Compliance)

GranicusBengaluru, IndiaRemote, Onsite
Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.  
Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place. With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada.

By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe. Want to know more? See more of what we do here.Granicus is looking for NetSuite Administrator to configure, maintain, and optimize Granicus’s NetSuite Application. As the administrator, it will be critical to understand Granicus’ business process and accounting practices to provide options to improve and support growth, while balancing the cost effectiveness and efficiency of the NetSuite instance.

Job description


  • We are looking for an experienced Senior Information Security Analyst with experience managing multiple audit frameworks, such as ISO 27001, SOC 2, PCI, FedRAMP, TxRAMP, and others. You will be part of the information security and compliance team and report to the Senior manager, Information Security. Your role will have a focus on compliance audits, control mapping, and analysis of compliance requirements. Your expertise will lend itself to identifying control gaps, collaborating with control owners to identify remediation paths, assessing risks, and providing analysis of control requirements. 
  • In this role, you will:
  • Manage external compliance audits, including for FedRAMP, TxRAMP, ISO 27001, SOC 2, HIPAA, FISMA, CJIS, PCI, and Cyber Essentials. This includes internal audit preparation, evidence review and submission, coordinating audit schedules, and managing audit deliverables. 
  • Centralize and manage audit runbooks, including evidence runbooks. Build audit runbooks. 
  • Track audit findings and resolution.
  • Lead audit retrospections to identify improvement opportunities, address challenges, and highlight success points. 
  • Identify and communicate control gaps, provide analysis of compliance requirements, evaluate remediation plans, and track through resolution. 
  • Build and maintain relationships with external auditors and control owners.
  • Provide guidance to control owners. Work with control owners to identify opportunities to improve control implementation and scalability. 
  • Partner with product teams and control owners; provide guidance on compliance requirements for planned changes.
  • Participate in change control review meetings to provide Security feedback and decisions. 
  • Manage security projects geared towards improvement of the ISMS, compliance audits, and security resources for internal stakeholders. 
  • Assist as security SME for support request escalations.
  • Respond to customer questions, including to provide customer-facing responses and maintain a security answer library. 
  • Review and update security training content at least annually. 

We are looking for:


  • 7+ years in information security and compliance 
  • Direct experience leading third party cloud security audits, such as ISO 27001, SOC 2 Type II, FedRAMP, StateRAMP, TxRAMP
  • Knowledge of common security frameworks, such as NIST 800-53, ISO 27001, PCI, HIPAA, SOC 2, and/or Cyber Essentials
  • Understand nuances between different audit frameworks in order to educate and support internal control owners, prepare for audits, and manage the audit process
  • Experience documenting company security policies and procedures
  • Strong communication skills, written and verbal
  • Program management experience for multiple compliance frameworks
  • Experience working with a robust product set, including software and cloud services
  • Ability to work with technical teams and non-technical teams
  • Familiarity with AWS, Azure, and/or GCP cloud security and infrastructure
  • Relevant security certifications are a plus, such as CISSP, CISM, CISA, CRISC, or equivalent. 

Security Requirement


  • Responsible for Granicus information security by appropriately preserving the Confidentiality, Integrity, and Availability (CIA) of Granicus information assets in accordance with the company's information security program.

CLOSING FROM DEFAULT - ALL LOCATIONSDon’t have all the skills/experience mentioned above? At Granicus, we are trying to build diverse, inclusive teams. We do not have degree requirements for most of our roles. If you don’t meet every requirement above but are excited to learn more, we encourage you to apply. We might just be able to find another role that could be a perfect fit! The Team- We are a remote-first company with a globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.The Culture- At Granicus, we are building a transparent, inclusive, and safe space for everyone who wants to bea part of our journey.- A few culture highlights include – Employee Resource Groups to encourage diverse voices- Coffee with Mark sessions – Our employees get to interact with our CEO on very important andsometimes difficult issues ranging from mental health to work-life balance and current affairs. - Microsoft Teams communities focused on wellness, art, furbabies, family, parenting, and more.-=- - We bring in special guests from time to time to discuss issues that impact our employeepopulation The Impact- We are proud to serve dynamic organizations around the globe that use our digital solutions to make the world a better place — quite literally. We have so many powerful success stories that illustrate how our solutions are impacting the world.

See more of our impact here.Granicus is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law.Apply for this job

Life at Granicus

Granicus provides technology that empowers government organizations to create better lives for the people they serve. By offering the industry's leading cloud-based solutions for communications, meeting and agenda management, and digital services to over 4,000 public sector organizations, Granicus helps turn government missions into quantifiable realities. Granicus products connect over 150 million people, creating a powerful network to enhance citizen engagement. By optimizing decision-making processes, Granicus strives to help government see better outcomes and a greater impact for the citizens they serve.
Thrive Here & What We Value1. Inclusive work environment valuing diverse voices (#1)2. Transparent communication on employee issues (#2)3. Safe space for sensitive discussions (#3)4. Coffee sessions with CEO Mark Sessions (#4)5. Building strong government-citizen relationships (#5)6. Simplifying critical information dissemination (#6)7. Empowering agencies with digital solutions (#7)8. Serving over 5,500 governments worldwide (#8)9. Collaborative work environment fostering innovation (#1)10. Emphasizing individual initiative and teamwork (#2)11. Opportunities for personal development (#3)12. Encouragement of work-life balance (#4)13. Driving positive community change through technology (#5)14. Recognition as a top company to work for (#6)15. Equitable and inclusive tech deployment (#7)16. Passionate public service, citizen engagement (#8)17. Commitment to customer experience excellence (#1)18. Collaborative partnerships advancing customer-centric initiatives (#2)19. Building trust and fostering collaboration within the organization (#3)20. Equitable, inclusive solutions meeting community needs (#4)
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Copyright © 2024