Cybersecurity Risk and Compliance Analyst

Cybersecurity Risk & Compliance Analyst- 2

JLL empowers you to shape a brighter way.  

Our people at JLL are shaping the future of real estate for a better world by combining world class services, advisory and technology for our clients. We are committed to hiring the best, most talented people  and empowering them to  thrive, grow meaningful careers and to find a place where they belong.  Whether you’ve got deep experience in commercial real estate, skilled trades or technology, or you’re looking to apply your relevant experience to a new industry, join our team as we help shape a brighter way forward.   

Cybersecurity Risk & Compliance Analyst- 2

Reporting to the Cybersecurity Compliance Manager, the Cybersecurity Risk & Compliance Analyst provides analytical support for cybersecurity risk assessments and regulatory compliance across JLL's global operations. This role contributes to cybersecurity program initiatives, policy maintenance, and compliance monitoring while learning from senior team members and gaining exposure to business operations.

Key Responsibilities

Risk Assessment Support

• Assist in monitoring business process changes and maintaining risk assessment documentation

• Support cybersecurity risk assessments using established methodologies and templates

• Help maintain cybersecurity risk registers and update treatment plans under guidance

• Track and compile key risk indicators (KRIs) and compliance metrics for reporting

• Assist with vendor risk management activities, including questionnaire reviews

• Support evaluation of third-party security controls

Compliance & Audit Support

• Assist in audits of control effectiveness and help ensure timely completion

• Support internal audit teams with cybersecurity audit documentation

• Help coordinate regulatory examinations and external auditor requests

• Maintain audit documentation and evidence files

• Support completion of audits and compliance reviews under supervision

Policy & Standards Maintenance

• Assist in reviewing and updating cybersecurity policies, standards, and procedures

• Help maintain cybersecurity policy repositories with proper version control

• Support policy review processes and documentation updates

• Assist with cybersecurity awareness training material development

• Help coordinate policy integration activities with business units

Communication & Coordination

• Support relationship building with process owners across business functions

• Assist with compliance reporting preparation for management

• Help coordinate audit logistics and communication

• Support internal communication of policies and compliance information

Incident Response Support

• Provide analytical support for cybersecurity investigations and incident response

• Assist with post-incident compliance documentation and lessons learned

• Support business continuity planning documentation

General Analytical Support

• Support cybersecurity due diligence activities for business initiatives

• Assist with embedding cybersecurity requirements in business processes

• Help evaluate internal control effectiveness and identify improvement opportunities

• Contribute to cybersecurity program improvement initiatives

Required Experience & Education

Education

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or Computer Engineering

• Equivalent combination of education and professional experience will be considered

Professional Experience

• 2-3 years of IT/cybersecurity experience with exposure to risk and compliance

• 2-3 years contributing to multi-site or multi-country initiatives

• Experience supporting compliance and risk management activities in IT environments

• Exposure to internal audits of IT operations, applications, or projects

• Basic experience with cybersecurity policy development or implementation

• Familiarity with cybersecurity risk assessment methodologies

Industry & Regulatory Knowledge

• Basic understanding of compliance frameworks: ISO 27001/27002, NIST Cybersecurity Framework, SOC1/SOC2

• Awareness of data privacy regulations (GDPR, CCPA, etc.)

• Exposure to regulatory examinations or external audits

• Basic understanding of business continuity principles

Technical Exposure

• Familiarity with GRC technologies and policy management platforms

• Basic knowledge of network security, cloud security, and application security concepts

• Understanding of cybersecurity maturity models

• Experience with security control documentation and testing support

Required Skills & Competencies

Communication & Collaboration

• Strong written and oral English communication skills

• Good technical writing skills for documentation

• Ability to explain technical concepts to business audiences

• Effective communication with colleagues and management

Analytical & Problem-Solving

• Strong analytical and problem-solving abilities

• Good research skills and attention to detail

• Ability to support risk assessments and document findings

• Proactive approach to identifying issues

Professional Qualities

• Quality-focused with flexibility and adaptability

• Ability to prioritize tasks effectively

• Team player with collaborative approach

• Eager to learn and develop professionally

Preferred Qualifications

Industry Experience

• Exposure to corporate environments (financial services, telecommunications, utilities)

• Real estate services industry awareness

• Multi-jurisdictional compliance exposure

Technical Knowledge

•  Exposure to GRC technologies and policy management platforms (ServiceNow GRC, Archer, MetricStream)

• Knowledge of network security, cloud security, application security, and penetration testing concepts

• Understanding of threat intelligence and its application to risk assessments

• Familiarity with cybersecurity metrics and reporting

• Familiarity with cybersecurity maturity models (C2M2, NIST CSF, etc.)

• Experience with security control testing and validation techniques

Professional Development

• Working toward relevant certifications (CISA, CISM, CRISC)

• ITIL Foundation or similar process certifications

Success Metrics

• Quality and timeliness of analytical support and documentation

• Successful completion of assigned audit and compliance tasks

• Contribution to risk assessment and remediation tracking activities

• Support quality for policy maintenance and awareness initiatives

• Professional development progress and certification advancement

Why JLL

At JLL, we are collectively shaping a brighter way — for our clients, ourselves, and our fellow employees. We choose to take the more inspiring, innovative, and optimistic path on our journey toward success. What sets JLL apart is our culture of collaboration, locally and across the globe, which allows us to create transformative solutions for the real estate industry.

If this job description resonates with you, we encourage you to apply, even if you don’t meet all the requirements. We’re interested in getting to know you and what you bring to the table!

Location:

Remote –Bengaluru, KA

Scheduled Weekly Hours:

40

If this job description resonates with you, we encourage you to apply even if you don’t meet all of the requirements.  We’re interested in getting to know you and what you bring to the table!

At JLL, we harness the power of artificial intelligence (AI) to efficiently accelerate meaningful connections between candidates and opportunities. Using AI capabilities, we analyze your application for relevant skills, experiences, and qualifications to generate valuable insights about how your unique profile aligns with the specific requirements of the role you're pursuing.

JLL Privacy Notice

Jones Lang LaSalle (JLL), together with its subsidiaries and affiliates, is a leading global provider of real estate and investment management services. We take our responsibility to protect the personal information provided to us seriously. Generally the personal information we collect from you are for the purposes of processing in connection with JLL’s recruitment process. We endeavour to keep your personal information secure with appropriate level of security and keep for as long as we need it for legitimate business or legal reasons. We will then delete it safely and securely.

For more information about how JLL processes your personal data, please view our Candidate Privacy Statement.

For additional details please see our career site pages for each country.

For candidates in the United States, please see a full copy of our Equal Employment Opportunity policy here.

Jones Lang LaSalle (“JLL”) is an Equal Opportunity Employer and is committed to working with and providing reasonable accommodations to individuals with disabilities.  If you need a reasonable accommodation because of a disability for any part of the employment process – including the online application and/or overall selection process – you may email us at HRSCLeaves@jll.com. This email is only to request an accommodation. Please direct any other general recruiting inquiries to our Contact Us page > I want to work for JLL.