Analyst, Compliance
Icertis
IT, Legal
Pune, Maharashtra, India
Icertis is looking for an Information Security Audit & Compliance Analyst to join our Compliance team. Reporting to the Compliance Manager, you will provide hands-on support across all active audit and compliance engagements — filling in questionnaires, gathering evidence, coordinating responses, and ensuring nothing falls through the cracks.
This role is built for someone who is responsive, detail-oriented, and takes pride in quick, accurate turnaround. You will work across ISO 27001, SOC, customer audits, and other compliance activities, acting as a reliable execution engine for the team. A basic awareness of AI governance as it relates to information security is increasingly important and will be an advantage in this role.
Icertis is the global leader in AI-powered contract intelligence. The Icertis platform revolutionizes contract management, equipping customers with powerful insights and automation to grow revenue, control costs, mitigate risk, and ensure compliance - the pillars of business success. Today, more than one third of the Fortune 100 trust Icertis to realize the full intent of millions of commercial agreements in 90+ countries.
Who we are: Icertis is the only contract intelligence platform companies trust to keep them out in front, now and in the future. Our unwavering commitment to contract intelligence is grounded in our FORTE values—Fairness, Openness, Respect, Teamwork and Execution—which guide all our interactions with employees, customers, partners, and stakeholders. Because in our mission to be the contract intelligence platform of the world, we believe how we get there is as important as the destination.
Icertis, Inc. provides Equal Employment Opportunity to all employees and applicants for employment without regard to race, color, religion, gender identity or expression, sex, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. Icertis, Inc. complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to careers@icertis.com or get in touch with your recruiter.
Icertis is looking for an Information Security Audit & Compliance Analyst to join our Compliance team. Reporting to the Compliance Manager, you will provide hands-on support across all active audit and compliance engagements — filling in questionnaires, gathering evidence, coordinating responses, and ensuring nothing falls through the cracks. This role is built for someone who is responsive, detail-oriented, and takes pride in quick, accurate turnaround. You will work across ISO 27001, SOC, customer audits, and other compliance activities, acting as a reliable execution engine for the team. A basic awareness of AI governance as it relates to information security is increasingly important and will be an advantage in this role.
Proven experience in IT Audit with solid working knowledge of ISO 27001 certification requirements mandatory.
Hands-on experience filling in and responding to audit questionnaires across ISO 27001, SOC 1/SOC 2, and customer or client audits.
Known for fast, accurate response times in audit and compliance environments — this is a non-negotiable trait for this role.
Familiarity with information security risk management principles and BCP/DR processes.
Experience coordinating with multiple internal stakeholders to chase and collate audit evidence on time.
Basic working knowledge of SharePoint for document and evidence management.
Understanding of cloud infrastructure concepts is an advantage.
Basic awareness of AI governance concepts and responsible AI principles is a plus.
Good written and verbal communication skills with a clear, professional response style.
Degree qualified — B.E. or Science Graduate (minimum).
Support all active audit engagements ISO 27001, SOC 1, SOC 2, customer audits, and internal audits by filling in questionnaires, preparing responses, and collating evidence as directed.
Respond to audit queries and information requests promptly and accurately; strong response time is a key expectation of this role.
Coordinate with internal teams to chase and gather audit evidence, ensuring all artefacts are collected, organized, and submitted on time.
Assist in handling customer audit engagements and third-party risk assessment questionnaires by drafting and completing responses under the guidance of the senior analyst.
Track open audit items, follow up on pending actions, and escalate delays to the Compliance Manager without waiting to be asked.
Maintain a well-organized audit artefact repository, ensuring documentation is version-controlled, labelled, and easy to retrieve during audits.
Support information security risk assessments by gathering data, documenting findings, and updating the risk register as instructed.
Assist with access reconciliation and firewall access reviews for cloud operations and IT on a monthly and quarterly basis.
Help track and investigate information security incidents, documenting findings and following up on remediation actions.
Assist with vendor risk assessments by completing relevant sections of vendor questionnaires and following up on outstanding responses.
Assist in running BCP/DR exercises and participate actively in Business Continuity Plan testing activities.
Track BCP/DR test actions through closure and produce clear, accurate BCP/DR test reports.
Help maintain and update BCP/DR documentation to ensure it remains current and ready for audit review.
Keep Information Security training records current through regular, proactive follow-up with employees and departments; do not wait for reminders.
Assist in publishing monthly compliance dashboards covering certifications, training completion, pending audit actions, and risk items.
Develop a working awareness of AI governance principles and responsible AI practices as they relate to information security compliance.
Support the team in identifying and documenting AI-related compliance considerations as part of routine audit and risk activities.