Senior Information Security GRC Analyst - India

The Senior Information Security GRC Analyst at DISCO plays a pivotal role within the Information Security team, focusing on governance, risk management, and compliance programs. DISCO is a cloud-native, AI-powered legal technology company that simplifies ediscovery, legal document review, and case management for various legal entities.

In this position, the analyst supports information security programs, including risk management and compliance testing, coordinates security risk assessments and compliance audits, and contributes to security audit procedures relevant to SOC 2 and ISO 27001. Additionally, the role involves improving and operationalizing vendor security and compliance programs, designing and executing audit procedures to assess company compliance with security policies, and maintaining a library of security and compliance documentation.

The ideal candidate possesses over five years of experience in security operations, risk, or compliance management, along with more than three years of IT or other relevant technical experience. Significant knowledge and experience with ISO 27001 and SOC 2 are essential, as well as experience coordinating tasks to complete third-party assessments and writing clear and concise policies, procedures, or controls in one or more standards/frameworks.

DISCO offers an open, inclusive, and fun environment, with benefits including medical, dental, and vision insurance, as well as 401(k). The company provides a competitive salary plus RSUs, flexible PTO, and opportunities to be part of a company revolutionizing the legal industry.

As a company, DISCO is deeply committed to diversity and inclusion, fostering a culture where employees feel valued and empowered to contribute to its mission of using technology to strengthen the rule of law. The company offers growth opportunities throughout the organization, encouraging employees to develop their careers in a dynamic and innovative environment.