Compliance Analyst - Cybersecurity & GRC
SPOG.AI
Job Description
Company: SPOG.AI
Function: Product
Experience: 5–7 years
About the Role
SPOG.AI is hiring a Regulatory Compliance Analyst - Cybersecurity & GRC to support regulatory mapping, control crosswalks, and compliance content development for our GRC platform.
The role involves analyzing cybersecurity, privacy, and technology regulations across geographies and mapping them to SCF Controls and other control frameworks. The candidate should have strong understanding of GRC, cybersecurity compliance, audit readiness, control testing, and evidence requirements.
This is a product-focused compliance role where the candidate will help convert regulatory requirements into structured content used for automated compliance mapping, evidence requests, control testing, and compliance posture reporting.
Key Responsibilities
- Analyze cybersecurity, privacy, and technology regulations across jurisdictions.
- Map regulatory requirements to SCF Controls and other control frameworks.
- Create crosswalks across frameworks such as ISO 27001, NIST, SOC 2, PCI DSS, GDPR, CIS Controls, RBI, SEBI CSCRF, DORA, MAS TRM, and similar regulations.
- Identify overlaps, gaps, duplicates, and partial mappings across frameworks.
- Define evidence artifacts required to demonstrate compliance.
- Create practical and audit-friendly evidence request templates.
- Maintain regulatory requirement libraries, control mappings, evidence catalogs, and GRC taxonomies.
- Document mapping rationale to ensure traceability and explainability.
- Work with Product and Engineering teams to translate compliance logic into scalable product workflows.
- Review compliance content for accuracy, consistency, and audit usability.
- Track regulatory updates and support changes to the compliance library.
Required Skills
- Strong understanding of GRC concepts, cybersecurity compliance, and regulatory obligations.
- Experience with control mapping, compliance assessments, framework crosswalks, or IT audits.
- Ability to interpret regulatory language and convert it into control and evidence requirements.
- Good understanding of cybersecurity domains such as governance, risk management, IAM, data protection, vulnerability management, incident response, third-party risk, business continuity, and security monitoring.
- Strong analytical, documentation, and communication skills.
- High attention to detail and ability to work with structured compliance content.
Required Experience
- 5–7 years of experience in cybersecurity compliance, GRC consulting, IT audit, risk advisory, regulatory compliance, control assurance, or compliance content development.
- Hands-on experience with at least 3–5 major frameworks or regulations such as ISO 27001, NIST, SOC 2, PCI DSS, GDPR, CIS Controls, RBI, SEBI, DORA, MAS TRM, HIPAA, or similar.
- Experience mapping regulatory requirements to controls, policies, risks, or evidence artifacts.
- Experience with GRC platforms, audit tools, compliance automation tools, or evidence management systems is preferred.
Preferred Qualifications
- ISO 27001 Lead Auditor / Lead Implementer
- CISA
- CISM
- CRISC
- CISSP
- CCSK / CCSP
- CIPM / CIPP/E
Preferred Tool Exposure
Experience with tools such as ServiceNow GRC, Archer, OneTrust, MetricStream, Drata, Vanta, Sprinto, Hyperproof.
What You Will Build
- Regulatory-to-control mappings
- SCF control crosswalks
- Evidence request libraries
- Control testing guidance
- Audit-ready compliance content
- Regulatory applicability notes
- GRC domain taxonomy
- Mapping rationale and traceability documentation
Ideal Candidate
The ideal candidate can read a regulatory requirement, understand its compliance intent, identify the relevant cybersecurity or privacy control area, map it to the correct SCF Controls, and define what evidence an organization should provide to demonstrate compliance.
They should be detail-oriented, structured, analytical, and comfortable working with large volumes of regulatory and control content.
Why This Role Matters
- This role will help SPOG.AI build a scalable compliance intelligence layer that enables customers to understand which controls apply, what evidence is required, where frameworks overlap, and how audit readiness can be improved.
Required Skills
Similar Jobs
View all →
Staff Product Manager
Weekday (YC W21)
Solution Architect (f/m/d)
NTT DATA Business Solutions
AI Implementation Strategist
Himanshu Trading Company
Recruiter
Jobgether
Regional Product Lead SAP Managed Services (f/m/d)
NTT DATA Business Solutions
Similar Jobs
View all →
Staff Product Manager
Weekday (YC W21)
Chennai
Solution Architect (f/m/d)
NTT DATA Business Solutions
Uttarakhand
AI Implementation Strategist
Himanshu Trading Company
Daskroi
Recruiter
Jobgether
India
Regional Product Lead SAP Managed Services (f/m/d)
NTT DATA Business Solutions
UttarakhandShare
Quick Apply
Upload your resume to apply for this position