Senior Associate, Compliance Analyst

Who We Are

Acumera is now Scale Computing! Scale Computing is a global leader in edge computing, hyperconverged infrastructure, and managed networking solutions. We deliver innovative, secure, and scalable technology that powers critical operations worldwide.

Role Overview

We are seeking a Compliance Analyst (Tier 2 or Tier 3) to support our growing governance, risk, and compliance (GRC) program. This role will execute internal assessments, support audit readiness, manage risk documentation, engage with customers on security reviews, and collaborate with Security Operations to validate control effectiveness.

This is a mid-to-senior level position requiring hands-on experience with industry compliance frameworks and direct interaction with auditors and customers.

Key Responsibilities

Compliance & Audit Support

· Support compliance programs aligned to:

o PCI DSS

o SOC 2

o ISO/IEC 27001

o GDPR

· Conduct control walkthroughs and validate evidence.

· Support audit preparation and artifact organization.

· Track remediation efforts and verify closure.

· Assist with cross-framework control mapping

Assessments & Risk

· Perform internal control effectiveness assessments.

· Conduct readiness and gap assessments.

· Participate in enterprise risk assessments.

· Maintain risk documentation and registers.

· Document findings and recommend remediation actions.

Customer-Facing Engagement

· Participate in customer security reviews and compliance discussions.

· Respond to compliance questionnaires.

· Support customer audits and due diligence activities.

· Clearly explain security controls to technical and business stakeholders.

GRC & Compliance-as-a-Service Platforms

· Experience working with third-party Compliance-as-a-Service (CaaS) / GRC platforms.

· Hands-on experience with platform tools such as:

o Drata

o Trava

· Experience managing evidence collection, control monitoring, and audit workflows within automated GRC platforms.

· Familiarity with control automation, integrations, and continuous compliance monitoring preferred.

Equivalent experience with other enterprise GRC platforms is acceptable.

Collaboration with Security Operations

· Work with Security Operations to validate implementation of controls.

· Review vulnerability management outputs.

· Understand logging, monitoring, and incident response workflows.

Experience

· 3+ years (Tier 3) or 5+ years (Tier 2) in compliance, GRC, or information security.

· Hands-on experience supporting PCI, SOC 2, or ISO 27001 programs.

· Experience conducting assessments and validating control effectiveness.

· Experience working with auditors or participating in customer reviews.

· Strong written and verbal English communication skills.

Work Timings

4.30PM -1.30AM IST

Technical Knowledge

· Understanding of network segmentation and PCI scoping principles.

· Identity & Access Management fundamentals.

· Encryption and key management concepts.

· MFA and cloud security fundamentals (AWS/Azure preferred).

Preferred Certifications

One or more of the following preferred:

· PCI DSS ISA

· CySA+

· ISO/IEC 27001 Lead Implementer

· ISO/IEC 27001 Lead Auditor

Equivalent practical experience will be considered.

Education

Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field (or equivalent experience).

Perks of Acumera 

Group medical insurance. 

Paid company holidays.

Casual dress code Cab facilities for employees working in shifts. 

Fully stocked snacks at office. Vibrant and Inclusive Workplace Atmosphere. 

Flexible work environment and an opportunity to grow as we grow. 

Scale Computing is an equal-opportunity employer. 

All final candidates will be subject to a pre-employment background check.