Posted 27 June, 2026
Senior Security & Compliance Analyst
Energy Exemplar
Pune, Maharashtra, India
Full Time
Reference: 102_702491_5283811008
About the Position
Reporting to the VP, Cloud Operations & GRC, the Sr. Security & Compliance Analyst will support the execution and continuous improvement of Energy Exemplar's security, risk, compliance, vulnerability management, and AI governance programs across cloud and enterprise operations.
Responsibilities:
- Support security and compliance programs aligned with ISO 27001, SOC 1, SOC 2, privacy, and emerging AI governance requirements.
- Coordinate and drive vulnerability remediation activities across Engineering, Cloud Operations, IT, and Product teams to ensure remediation within defined EE SLAs.
- Track and report security metrics, including MTTR, overdue vulnerabilities, remediation trends, audit findings, and compliance dashboards.
- Proactively follow up and escalate unresolved vulnerabilities, audit findings, and compliance gaps.
- Support continuous control monitoring, risk assessments, third-party risk management, policy management, access reviews, and audit activities.
- Respond to customer security and compliance due diligence requests, audits, and questionnaires.
- Support AI governance, security, and compliance initiatives, including assessment of AI-related risks, emerging regulations, and industry standards (e.g., ISO 42001, EU AI Act, privacy requirements).
- Assist in evaluating AI-enabled solutions and third-party AI services for security, privacy, compliance, and responsible AI considerations.
- Monitor emerging cybersecurity threats, privacy regulations, and industry compliance requirements.
- Collaborate with cross-functional teams to drive remediation and continuous improvement initiatives.
Qualifications:
- 6-8 years of experience in Governance, Risk & Compliance (GRC), cybersecurity, information security, or risk management.
- Strong understanding of ISO 27001, SOC 1 / SOC 2, GDPR/privacy principles, vulnerability management, and security controls.
- Experience in Energy / Utilities sector security and compliance requirements (e.g., CEII or critical infrastructure requirements)
- Experience coordinating vulnerability remediation programs, tracking SLA compliance, MTTR metrics, and executive reporting.
- Experience supporting audits, customer security reviews, and compliance programs.
- Familiarity with emerging AI governance, privacy, and security frameworks (e.g., ISO 42001, EU AI Act, responsible AI principles) preferred.
- Strong communication, organizational, stakeholder management, and follow-up skills.
- Ability to work independently and proactively drive outcomes across distributed teams.
Preferred Certifications:
- CISSP, CISA, ISO 27001 Lead Implementer/Auditor, or similar certifications.
- AI governance/privacy certifications are a plus.