Information Security Analyst

Hyderabad17h ago

About the role

<div class="content-intro">Who We Are Finance leaders choose Billtrust to get paid faster, control costs, and maximize customer satisfaction. As the leader in B2B accounts receivable workflow and payment software, we provide the world’s leading brands with AI-powered solutions across the full AR lifecycle—from invoice presentment and payment processing to cash application and collections. With over 2,600 global customers, more than $1 trillion in invoice dollars processed, and a proprietary network of 13 million buyers, Billtrust delivers business value through deep industry expertise and a culture relentlessly focused on meaningful customer outcomes. We’re an AI-first company, not just in what we build for our customers, but in how we work. Across every function, our teams use AI tools daily to work faster, make better decisions, and deliver higher-quality outcomes. We hire exceptional people, give them cutting-edge AI capabilities, and measure success by the impact they create. If you want to do the best work of your career at the frontier of AI and fintech, Billtrust is the place to do it. Our Values Customers We relentlessly increase value for customer and do the right thing for them. Action We make ‘thoughtfully fast’ decisions, act quickly, cut through red tape, deliver progress not perfection, take ownership and accountability. Team Spirit We put the team ahead of ourselves, foster trust and respect, collaborate with passion, despise toxic politics, value our differences, and celebrate together. Innovation We challenge the status quo, experiment thoughtfully, and are novel and brilliant in what we create. Excellence We love to win, but we hate losing even more. We aspire to be the best and take pride in our work. When we fall short, we own it and come back stronger.</div>Information Security Analyst  Information Security Analyst will support Billtrust's compliance and assurance programs across our key security frameworks, contribute to risk assessment activities, and help protect the systems that power our business payments platform. You'll work closely with cross-functional teams and report to the Information Security Manager.    Assurance Frameworks  This role directly supports Billtrust's compliance posture across the following frameworks:     <table data-tablestyle="MsoNormalTable" data-tablelook="1696"> <tbody> <tr> <td data-celllook="69905"> Framework  </td> <td data-celllook="69905"> Scope  </td> </tr> <tr> <td data-celllook="69905"> SOC 1 / ISAE 3402  </td> <td data-celllook="4369"> Financial reporting controls & service organization attestation  </td> </tr> <tr> <td data-celllook="69905"> SOC 2 Type 2  </td> <td data-celllook="4369"> Security, Availability, Confidentiality trust service criteria  </td> </tr> <tr> <td data-celllook="69905"> ISO 27001  </td> <td data-celllook="4369"> Information security management system (ISMS)  </td> </tr> <tr> <td data-celllook="69905"> PCI DSS  </td> <td data-celllook="4369"> Payment card industry data security standards  </td> </tr> <tr> <td data-celllook="69905"> HIPAA BAA  </td> <td data-celllook="4369"> Health information privacy and security requirements  </td> </tr> </tbody> </table>   Key Responsibilities    Compliance & Audit Support  <ul> <li>Assist in the preparation and execution of SOC 1/ISAE 3402 and SOC 2 Type 2 audits, including evidence collection, control walkthroughs, and liaising with external auditors </li> <li>Support ISO 27001 surveillance and certification audits; maintain ISMS documentation and control evidence </li> <li>Assist with PCI DSS assessments, including scope validation, control testing, and QSA coordination </li> <li>Support HIPAA BAA obligations, including risk analysis activities and documentation of safeguards  </li> </ul> Risk & Controls  <ul> <li>Participate in information security risk assessments and help maintain the risk register </li> <li>Evaluate and test internal controls over Billtrust information systems </li> <li>Review and provide input on policies, procedures, and standards to ensure alignment with applicable frameworks </li> <li>Assist in vendor security reviews and third-party risk assessments </li> </ul>    Security Operations & Advisory  <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="9" data-aria-level="1">Support vulnerability assessment activities and help track remediation progress </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="10" data-aria-level="1">Assist with the review and maintenance of incident response and business continuity documentation </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="11" data-aria-level="1">Monitor the security and compliance landscape for emerging risks relevant to Billtrust's frameworks </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="12" data-aria-level="1">Contribute to internal awareness and training initiatives </li> </ul> Reporting & Documentation  <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="13" data-aria-level="1">Prepare accurate and thorough work papers documenting scope, procedures, and results </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="14" data-aria-level="1">Assist in drafting findings summaries and remediation recommendations for internal stakeholders </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="29" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="15" data-aria-level="1">Maintain compliance evidence repositories and audit-ready documentation </li> </ul> Qualifications    Required:  <ol> <li>1–3 years of experience in information security, GRC, compliance, or a closely related role </li> <li>Working knowledge of at least two of Billtrust's assurance frameworks: SOC 1/2, ISO 27001, PCI DSS, or HIPAA </li> <li>Familiarity with common security frameworks and standards (e.g., NIST CSF, CIS Controls, ISO 27001) </li> <li>Strong written and verbal communication skills; ability to document findings clearly and concisely </li> <li>Bachelor's degree in Information Systems, Computer Science, Business, or a related field — or equivalent experience </li> </ol> Preferred:  <ul> <li data-leveltext="•" data-font="Aptos" data-listid="30" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="6" data-aria-level="1">Exposure to GRC tools or audit management platforms </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="30" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="7" data-aria-level="1">Experience supporting external audit engagements (SOC, PCI QSA, ISO certification body) </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="30" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="8" data-aria-level="1">Relevant certification in progress or obtained (e.g., CompTIA Security+, CISA, CISSP, ISO 27001 Lead Implementer) </li> </ul> <ul> <li data-leveltext="•" data-font="Aptos" data-listid="30" data-list-defn-props="{"335552541":0,"335559685":720,"335559991":360,"469769242":[65533,0],"469777803":"left","469777804":"•","469777815":"hybridMultilevel"}" data-aria-posinset="9" data-aria-level="1">Basic familiarity with vulnerability assessment tools or security monitoring platforms </li> </ul>

747,000+ hidden jobs like this

billtrust1 and thousands of companies post here first — often days before LinkedIn or Indeed. Your first 5 applications are free; go Pro to apply without limits.

Everything Pro unlocks:

Unlimited applications — free stops at 5
Track every application in one place
Apply straight to the source, one click
Save & organize roles you love
Roles pulled from company boards before the big sites

Weekly

$9.99

$4.99/week

For an active search. Cancel anytime.

Get Weekly

Monthly

$24.99

$12.99/month

The smart pick. Save 35% vs weekly.

Get Monthly

Lifetime

$99

$49.99once

Pay once. Every future feature, forever.

Get Lifetime