This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Risk Analyst based in India.
This role offers the opportunity to build and mature a modern risk management function within a fast-growing, technology-driven environment.
You will help shape a forward-looking security and operational risk framework designed for an AI-enabled organization.
The position combines strategic thinking, technical expertise, and hands-on execution to transform risk management from a reactive process into a proactive business capability.
You will own key risk initiatives, develop quantitative risk methodologies, and create actionable insights for stakeholders across engineering, product, legal, and leadership teams.
The role requires an AI-native mindset, leveraging automation and data-driven approaches to improve risk visibility and decision-making.
You will play a key role in defining how organizations measure, communicate, and manage risk in the evolving AI landscape.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Risk Analyst based in India.
This role offers the opportunity to build and mature a modern risk management function within a fast-growing, technology-driven environment.
You will help shape a forward-looking security and operational risk framework designed for an AI-enabled organization.
The position combines strategic thinking, technical expertise, and hands-on execution to transform risk management from a reactive process into a proactive business capability.
You will own key risk initiatives, develop quantitative risk methodologies, and create actionable insights for stakeholders across engineering, product, legal, and leadership teams.
The role requires an AI-native mindset, leveraging automation and data-driven approaches to improve risk visibility and decision-making.
You will play a key role in defining how organizations measure, communicate, and manage risk in the evolving AI landscape.
Accountabilities:
- Design, implement, and continuously mature an enterprise risk management program, including risk taxonomy, scoring methodologies, risk appetite statements, escalation processes, and alignment with industry frameworks such as ISO 27005, NIST RMF, and ISO 31000.
- Build and maintain an enterprise risk register as a dynamic operational tool, ensuring risks are accurately identified, assigned to owners, prioritized, tracked, and remediated.
- Lead risk identification workshops with cross-functional teams including engineering, product, legal, and business stakeholders to uncover emerging risks and improve risk visibility.
- Develop AI-enabled risk workflows by leveraging automation, threat intelligence tools, and data analysis techniques to identify trends, accelerate reporting, and improve risk monitoring.
- Support third-party risk management activities by contributing to vendor assessments, risk scoring, documentation, and alignment with broader enterprise risk practices.
- Assess and manage emerging AI-related risks, including privacy concerns, model security, algorithmic bias, explainability challenges, AI misuse, and regulatory requirements.
- Create executive-ready risk reports, dashboards, and summaries that translate technical findings into clear business impacts for leadership teams.
- Partner with teams across the organization to embed risk management practices into operational processes, technology adoption, and continuous improvement initiatives.
- Improve risk measurement through quantitative approaches, key risk indicators (KRIs), live data sources, dashboards, and reporting pipelines.
- Ensure security and compliance controls are documented, tested, and supported by reliable evidence generated through scalable processes and integrations.
- 6+ years of experience in governance, risk, compliance (GRC), information security, risk management, or IT audit roles, preferably within SaaS, cloud-native, or technology-focused environments.
- Strong knowledge of security and compliance frameworks including SOC 2, ISO 27001, NIST Cybersecurity Framework, CIS Controls, and related risk management standards.
- Experience building or significantly improving risk programs, including risk registers, scoring models, control frameworks, and quantitative risk measurement approaches.
- Demonstrated ability to use AI tools, automation, or data solutions to improve risk analysis, reporting, evidence gathering, and operational workflows.
- Experience working with GRC platforms such as Drata, Vanta, AuditBoard, ServiceNow GRC, or equivalent solutions.
- Familiarity with cloud platforms such as AWS, Azure, or Google Cloud and related security technologies including CSPM, SIEM, and identity management tools.
- Experience supporting security, privacy, or compliance audits, including evidence collection, control walkthroughs, and auditor collaboration.
- Ability to translate technical security findings into clear risk documentation, business recommendations, and executive-level reporting.
- Knowledge of privacy and data protection requirements such as GDPR and CCPA/CPRA, and their relationship with security controls.
- Strong analytical skills with experience using qualitative and quantitative risk scoring methods, heat maps, likelihood-impact assessments, and risk appetite models.
- Experience developing KRIs, risk dashboards, and reporting processes connected to operational data sources.
- Strong written and verbal communication skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
- Experience supporting third-party risk assessments and vendor risk management processes.
- Nice to have certifications or qualifications such as CISA, CRISC, CISM, CISSP, CCSK, or ISO 27001 Lead Auditor/Implementer.
- Experience with AI governance frameworks such as ISO 42001, NIST AI Risk Management Framework, EU AI Act, or OECD AI Principles.
- Exposure to SOX ITGC processes, privacy programs, data mapping, DPIAs, or regulatory compliance environments.
- Experience with scripting or automation tools such as Python, JavaScript, or low-code platforms applied to compliance or risk workflows.
- Familiarity with quantitative risk methodologies such as FAIR analysis, Monte Carlo simulations, or loss exceedance analysis.
- Experience with business intelligence and visualization tools such as Tableau, Looker, or Power BI for risk reporting and executive dashboards.
- Remote work opportunity based in India.
- Opportunity to build and shape a modern risk management function from an early stage.
- Exposure to cutting-edge AI-driven risk management practices and emerging technology challenges.
- High-impact role collaborating with engineering, product, legal, security, and executive stakeholders.
- Opportunity to influence how a growing technology organization measures and manages risk.
- Flexible and innovative work environment focused on ownership, collaboration, and continuous improvement.
- Competitive compensation package and employee benefits aligned with market standards.
- Professional growth opportunities through involvement in strategic security, compliance, and AI governance initiatives.