Infosec Analyst

Infosec Analyst  

Who We Are

Arcadia is a technology company empowering energy innovators and consumers to fight the climate crisis. Our software and APIs are revolutionizing an industry held back by outdated systems and institutions by creating unprecedented access to the data and clean energy needed to make a decarbonized energy grid possible.

In 2014, Arcadia set out on its mission to break the fossil fuel monopoly and since then we have been knocking down the institutional barriers to unlock decarbonization. To date, we have connected hundreds of thousands of consumers and small businesses with high-quality clean energy options. Fast forward to today, and now, we're thinking even bigger. We have launched Arc, an industry-defining SaaS platform that empowers developers and energy innovators to deliver their own custom, personalized energy experiences, accelerating the transformation of the industry from an analog energy system into a digitized information network.

Tackling one of the world's biggest challenges requires out-of-the-box thinking & diverse perspectives. We are building a team of individuals from different backgrounds, industries, & educational experiences. If you share our passion for ushering in the era of the clean electron, we look forward to learning what you would uniquely bring to Arcadia! Visit www.arcadia.com.

HO: Washington, DC $1.5B valuation: $380 million funding to date

Job Summary:

As a Infosec Analyst, you'll play a crucial role in managing security standards, risk policies and practices and ensuring Arcadia’s compliance to industry standards.Leverage your expertise in governance frameworks, risk assessment methodologies, and regulatory compliance strategies to drive transformative change in the renewable energy sector. Join our team as a Infosec Analyst and directly contribute to democratizing access to clean energy through your expertise in governance, risk management, and compliance strategies.

What we’re looking for:

We're seeking a curious and resourceful Infosec Analyst to join our Chennai team. The ideal candidate is a collaborative team player with a humble demeanor, possessing a background in governance, risk management, and compliance within the renewable energy sector. You thrive in environments where you can apply your problem-solving skills to tackle complex engineering challenges and are genuinely excited about supporting software initiatives that expand renewable energy access to millions of households nationwide.This person will report to an Engineering manager in Chennai and will also collaborate closely with Infosec team members in the US. 

What you’ll do:

• Drive internal audits to assess compliance and partner with key stakeholders such as security, legal and HR to identify areas for improvement.
• Work with process owners across the enterprise to update cloud related standards, risks, and controls.
• Manage risk and vulnerability assessments, validation testing, compliance reviews, and audits.
• Oversee and support SOC 2 audits.
• Maintain and monitor a central repository for audit evidence.
• Monitor, analyze, and track requests for policy exceptions and support the assessment and qualification of risks associated with deviations.
• Inform relevant stakeholders of critical concerns and hazards.
• Collaborate with internal stakeholders to align with GRC objectives.
• Stay updated on procedures and methods to enhance team knowledge and industry expertise.
• Manage security standards, policies, and practices annually to meet corporate demands.
• Assist in responding to inquiries from business units regarding ongoing operational compliance.
• Proactively identify areas for improvement and provide valuable insights and guidance on process and control enhancements.
• Share information with managers to ensure timely delivery and avoid surprises.

What will help you succeed:

• 5+ years of direct experience in information security, with a primary focus on risk and compliance.
• 3+ years of experience conducting SOC 2 audits and managing audit responses.
• Thorough understanding of relevant regulatory/compliance requirements (SOC 2, NIST, FedRamp, CMMC, PCI, GDPR, etc.).
• In-depth knowledge of cloud platforms (AWS preferred), cloud native services, and hybrid cloud solutions.
• Familiarity with GRC tools and best practices (such as Auditboard, OneTrust, Vanta, Archer).
• Proven track record of organizing and executing multiple risk and compliance projects.
• Ability to effectively manage third-party audits, compile evidence, and organize audit responses.
• Attention to detail.
• Effective written and verbal communication skills, with the ability to communicate with cross-functional teams.
• Proven analytical and problem-solving abilities to drive initiatives aligned with corporate goals.

Nice-to-have:

• Certified Information Systems Security Professional (CISSP),
• Certified  Information Security Auditor (CISA),
• Certified in Risk and Information System Control (CRISC)
• Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.

Benefits:

• Competitive compensation based on market standards.
• We are working on a hybrid model with remote first policy
• Apart from Fixed Base Salary potential candidates are eligible for following benefits
• Flexible Leave Policy
• Office is in the heart of the city in case you need to step in for any purpose.
• Medical Insurance (1+5 Family Members)
• We provide comprehensive coverage including accident policy and life Insurance. 
• Annual performance cycle
• Quarterly team engagement activities and rewards & recognitions
• L&D programs to foster professional growth
• A supportive engineering culture that values diversity, empathy, teamwork, trust, and efficiency

Eliminating carbon footprints, eliminating carbon copies.
Here at Arcadia, we cultivate diversity, celebrate individuality, and believe unique perspectives are key to our collective success in creating a clean energy future. Arcadia is committed to equal employment opportunities regardless of race, colour, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, protected veteran status, or any status protected by applicable federal, state, or local law. While we are currently unable to consider candidates who will require visa sponsorship, we welcome applications from all qualified candidates eligible to work in India.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.

Thank you