Senior Analyst - Cyber assurance - Compliance

For more than 40 years, Accelya has been the industry’s partner for change, simplifying airline financial and commercial processes and empowering the air transport community to take better control of the future. Whether partnering with IATA on industry-wide initiatives or enabling digital transformation to simplify airline processes, Accelya drives the airline industry forward and proudly puts control back in the hands of airlines so they can move further, faster. 

Senior Analyst - Cyber assurance - Compliance

Mumbai

Role purpose

Senior Analyst – Cyber Assurance – Compliance is responsible for ensuring the organization’s cybersecurity practices align with relevant industry regulations, internal policies, and best practices. This role focuses on assessing, monitoring, and maintaining compliance with cybersecurity frameworks and standards, ensuring that risk management protocols and controls are effectively integrated across the organization’s operations. The Senior Analyst will collaborate with IT, legal, audit, and other departments to manage and address compliance risks related to cybersecurity and data protection, providing expert guidance on compliance requirements and helping to implement necessary improvements to the company’s security posture.

Duties & Responsibilities:

Cybersecurity Compliance Management

• Ensure that the organization’s cybersecurity policies, procedures, and controls comply with relevant standards, regulations, and frameworks (e.g., GDPR, CCPA, ISO 27001, NIST, PCI DSS).
• Governance of cybersecurity compliance by managing cybersecurity business request through ticketing tool.
• Work closely with legal, audit, products and IT teams to complete Cyber security assessments
• Provide guidance to business units on cybersecurity compliance issues, addressing any gaps and ensuring that security controls are being properly applied.
• Assist in providing cybersecurity responses for RFP/RFIs.
• Assist in ensuring that data privacy and protection requirements are met, particularly in relation to sensitive customer, employee, and organizational data.
   

Risk and Control Assessments

• Evaluate the effectiveness of current security controls and practices to ensure compliance with external regulations and internal security policies.
• Identify compliance risks, control weaknesses, and areas for improvement through Customer SLA/Security assessments, gap assessments, and vulnerability management.
• Collaborate with stakeholders to implement corrective actions for any cybersecurity compliance issues identified, tracking the resolution process to ensure timely and effective remediation.
• Participate in risk assessments to identify cybersecurity threats and evaluate the organization's exposure to compliance-related risks, particularly in high-risk areas.

Regulatory and Standards Compliance

• Stay up-to-date on relevant regulations, cybersecurity trends, and best practices to ensure the company remains compliant with applicable laws and frameworks.
• Assist in preparing for and supporting external audits and assessments related to cybersecurity compliance, providing necessary documentation, evidence, and reports.
• Guide the development of compliance programs and initiatives, ensuring they align with the organization's overall cybersecurity and business objectives.

Compliance Reporting and Communication
 

• Prepare reports to senior management, detailing security KPI’s, risk and recommended actions.
• Communicate compliance and cybersecurity risks to key stakeholders, providing actionable insights to enhance decision-making processes.

Incident Management and Response
 

• Support the organization’s incident response team in addressing compliance-related issues arising from security breaches or data protection incidents.
• Help track and report on incidents related to cybersecurity compliance, ensuring that they are resolved in accordance with applicable regulations and internal policies.
• Assist in identifying lessons learned from security incidents and developing preventive measures to reduce future compliance risks.

Knowledge, Experience & Skills:

• 3+ years of experience in cybersecurity, compliance, or risk management, with a focus on ensuring adherence to cybersecurity standards and regulations.
• Experience in working with regulatory frameworks such as ISO 27001, NIST, GDPR, CCPA, PCI DSS, or SOC 2.
• Proven experience in conducting risk assessments, preparing ISO 27001 SOA, internal audits, and compliance reviews in a corporate or enterprise setting.
• Familiarity with cybersecurity concepts, controls, and best practices in data protection, threat management, and regulatory compliance.
  Skills
  Compliance Knowledge: In-depth understanding of cybersecurity compliance frameworks and regulatory requirements.

What do we offer?

• Open culture and challenging opportunity to satisfy intellectual needs
• Flexible working hours
• Smart working: hybrid remote/office working environment
• Work-life balance
• Excellent, dynamic and multicultural environment

About Accelya 

Accelya is a leading global software provider to the airline industry, powering 200+ airlines with an open, modular software platform that enables innovative airlines to drive growth, delight their customers and take control of their retailing.  

Owned by Vista Equity Partners long-term perennial fund and with 2K+ employees based around 10 global offices, Accelya are trusted by industry leaders to deliver now and deliver for the future.  

The company´s passenger, cargo, and industry platforms support airline retailing from offer to settlement, both above and below the wing. Accelya are proud to deliver leading-edge technologies to our customers including through our partnership with AWS and through the pioneering NDC expertise of our Global Product teams.

We are proud to enable innovation-led growth for the airline industry and put control back in the hands of airlines. 

For more information, please visit www.accelya.com 

#LI-MK1

What does the future of the air transport industry look like to you? Whether you’re an industry veteran or someone with experience from other industries, we want to make your ambitions a reality!