Scrut Automation
Job Description – Information Security Analyst
Location: Remote / Bangalore
Shift: US Time Zone
Employment Type: Full-Time
About Scrut Automation
Scrut Automation is a leading security and compliance automation platform, helping organizations streamline compliance and strengthen their security posture across frameworks like ISO 27001, SOC 2, HIPAA, GDPR, CMMC, and FedRAMP. We work with fast-growing startups and enterprises worldwide, simplifying complex audits and enabling them to achieve certifications faster.
We are looking for an Information Security Analyst (1–3 years experience) with a strong foundation in compliance and a special focus on U.S. federal frameworks (CMMC and FedRAMP). This role is ideal for someone who is passionate about security frameworks, compliance readiness, and supporting U.S. customers through complex regulatory environments.

Key Responsibilities
  • Support customer engagements across ISO 27001, SOC 2, HIPAA, GDPR, CMMC, and FedRAMP.
  • Conduct gap assessments and readiness checks specifically for CMMC (Level 2/3) and FedRAMP Moderate/High.
  • Assist customers in documenting controls, gathering evidence, and preparing for C3PAO assessments (CMMC) and 3PAO audits (FedRAMP).
  • Review cloud security configurations (AWS, Azure, GCP) against CMMC and FedRAMP baselines.
  • Maintain up-to-date knowledge of NIST 800-53, NIST 800-171, CMMC model, and FedRAMP requirements.
  • Collaborate with clients to design remediation plans for identified gaps, ensuring controls are implemented effectively.
  • Draft and maintain security documentation including SSPs (System Security Plans), POA&Ms (Plans of Action & Milestones), and incident response procedures.
  • Act as a point of contact for U.S. clients, guiding them through compliance journeys with clear communication and actionable steps.

Qualifications
  • 1–3 years of experience in information security, risk management, or compliance.
  • Hands-on knowledge of ISO 27001, SOC 2, HIPAA, and GDPR frameworks.
  • Demonstrated interest or experience in CMMC (NIST 800-171) and FedRAMP (NIST 800-53) compliance.
  • Familiarity with security controls in cloud environments (AWS, Azure, GCP).
  • Strong written and verbal communication skills for interfacing with U.S. clients.
  • Preferred certifications: ISO 27001 LA, CISA, Security+, CCSK, or equivalent.

Why Join Scrut Automation?
  • Build expertise in high-demand U.S. compliance frameworks (CMMC & FedRAMP).
  • Work with global customers and cutting-edge cloud-native companies.
  • Exposure to multiple frameworks and industry-leading compliance automation.
  • Growth-focused culture with mentorship and fast learning opportunities.
  • Competitive pay, benefits, and remote-first flexibility.

View all job openings