Job Description

- Information Security Analyst

Location:

Remote / Bangalore
Shift: US Time Zone

Employment Type:

Full-Time

About Scrut Automation

Scrut Automation is a leading security and compliance automation platform, helping organizations streamline compliance and strengthen their security posture across frameworks like ISO 27001, SOC 2, HIPAA, GDPR, CMMC, and FedRAMP. We work with fast-growing startups and enterprises worldwide, simplifying complex audits and enabling them to achieve certifications faster.
We are looking for an

Information Security Analyst (1-3 years experience)

with a strong foundation in compliance and a special focus on

U.S. federal frameworks (CMMC and FedRAMP)

. This role is ideal for someone who is passionate about security frameworks, compliance readiness, and supporting U.S. customers through complex regulatory environments.

Key Responsibilities

Support customer engagements across

ISO 27001, SOC 2, HIPAA, GDPR, CMMC, and FedRAMP

. Conduct gap assessments and readiness checks specifically for

CMMC (Level 2/3)

and

FedRAMP Moderate/High

. Assist customers in documenting controls, gathering evidence, and preparing for

C3PAO assessments

(CMMC) and

3PAO audits

(FedRAMP). Review cloud security configurations (AWS, Azure, GCP) against CMMC and FedRAMP baselines. Maintain up-to-date knowledge of

NIST 800-53, NIST 800-171, CMMC model, and FedRAMP requirements

. Collaborate with clients to design remediation plans for identified gaps, ensuring controls are implemented effectively. Draft and maintain security documentation including SSPs (System Security Plans), POA&Ms (Plans of Action & Milestones), and incident response procedures. Act as a point of contact for U.S. clients, guiding them through compliance journeys with clear communication and actionable steps.

Qualifications

1-3 years

of experience in information security, risk management, or compliance. Hands-on knowledge of

ISO 27001, SOC 2, HIPAA, and GDPR

frameworks. Demonstrated interest or experience in

CMMC (NIST 800-171)

and

FedRAMP (NIST 800-53)

compliance. Familiarity with security controls in cloud environments (AWS, Azure, GCP). Strong written and verbal communication skills for interfacing with U.S. clients. Preferred certifications:

ISO 27001 LA, CISA, Security+, CCSK, or equivalent

.

Why Join Scrut Automation?

Build expertise in

high-demand U.S. compliance frameworks

(CMMC & FedRAMP). Work with global customers and cutting-edge cloud-native companies. Exposure to multiple frameworks and industry-leading compliance automation. Growth-focused culture with mentorship and fast learning opportunities. * Competitive pay, benefits, and remote-first flexibility.