IT Security Analyst

Overview

Bausch + Lomb (NYSE/TSX: BLCO) is a leading global eye health company dedicated to protecting and enhancing the gift of sight for millions of people around the world—from the moment of birth through every phase of life. Our mission is simple, yet powerful: helping you see better, to live better.

Our comprehensive portfolio of over 400 products is fully integrated and built to serve our customers across the full spectrum of their eye health needs throughout their lives. Our iconic brand is built on the deep trust and loyalty of our customers established over our 170-year history. We have a significant global research, development, manufacturing and commercial footprint of approximately 13,000 employees and a presence in approximately 100 countries, extending our reach to billions of potential customers across the globe. We have long been associated with many of the most significant advances in eye health, and we believe we are well positioned to continue leading the advancement of eye health in the future.

Job Description: ITGRC - Compliance Analyst

Position Overview

The IT Compliance Analyst in this role is responsible for ensuring organizational compliance through training programs, cybersecurity policy management, and the effective administration of the internal cybersecurity SharePoint site. This position combines expertise in IT compliance and cybersecurity with technical skills in managing SharePoint to enhance collaboration, secure sensitive data, and promote awareness of compliance policies. The analyst works closely with IT, security, and other functional teams to implement best practices and maintain a secure digital environment.

Key Responsibilities

Training and Awareness

• Develop and deliver compliance training programs on topics such as data protection, cybersecurity best practices, and workplace security requirements using various formats (e.g., e-learning modules, webinars, workshops).
• Design engaging training materials aligned with regulatory requirements and organizational needs.
• Conduct awareness campaigns to educate employees about compliance policies and emerging cybersecurity threats.
• Monitor training participation through Learning Management Systems (LMS) and generate reports on completion rates and effectiveness.
• Evaluate feedback from training sessions to improve future programs.
• Generate detailed reports on training metrics (e.g., completion rates, quiz scores) for internal audits or regulatory reviews.
• Investigate non-compliance with training requirements and recommend corrective actions.
• Develop communication strategies to promote compliance awareness across the organization through newsletters, posters, or targeted email campaigns.
  
  

• Create, implement, and maintain cybersecurity policies and standards aligned with frameworks such as NIST CSF, ISO 27001, GDPR, or HIPAA.
• Conduct regular reviews of policies to ensure they address evolving threats and regulatory changes.
• Collaborate with IT teams to integrate policies into system designs and daily operations.
• Monitor adherence to cybersecurity policies through audits and assessments.
• Respond to non-compliance issues by recommending corrective actions.
  
  

• Manage the internal cybersecurity SharePoint site to serve as a centralized hub for cybersecurity resources, policies, and training materials.
• Implement best practices for SharePoint security by defining access permissions based on roles and responsibilities while adhering to the principle of least privilege.
• Maintain an organized site structure with logical hierarchies, metadata tagging for content classification, version control for documents, and consistent naming conventions.
• Update the site regularly with new resources such as policy updates, training schedules, or incident response guidelines.
  
  

• Conduct risk assessments to identify vulnerabilities in systems or processes related to compliance management.
• Assist in third-party audits or inspections by providing documentation.
• Track incidents related to policy violations and recommended preventive measures.
  
  

• Collaborate closely with LMS, Communications, and other functional teams to ensure that all published content meets organizational requirements.
• Act as a liaison between departments during audits or other risk management and compliance activities.
  
  

Education & Skills:

• A bachelor’s degree in information systems, computer science, business administration, Law, Compliance Management, or a related field is required.
• Advanced certifications CISA, CRISC, CISSP (Preferred)
• Strong knowledge of regulatory frameworks such as GDPR, HIPAA, SOX, or industry-specific standards.
• Proficiency in creating training materials using e-learning tools or LMS platforms.
• Excellent communication skills for delivering presentations and interacting with diverse teams.
• Analytical skills for assessing the effectiveness of training programs through data analysis.
  
  

• Prior experience in a compliance-related role with a focus on employee education or awareness campaigns.
• Familiarity with conducting audits or assessments related to the effectiveness of compliance training is a plus.
• Prior experience in compliance training or policy management roles.
• Hands-on experience managing SharePoint sites or similar collaboration platforms.
  
  

This position may be available in the following location(s): IN - Gurgaon

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

[IF APPLICABLE] For U.S. locations that require disclosure of compensation, the starting pay for this role is between [$000,000.00 and $000,000.00] [or $00.00 - $00.00 per hour]. The estimated salary range reflects an anticipated range for this position. The actual base salary offered may depend on a variety of factors.

[SHOULD BE INCLUDED WITH PAY TRANSPARENCY LANGUAGE IN THE PARAGRAPH ABOVE IF APPLICABLE] U.S. based employees may be eligible for short-term and/or long-term incentives. They may also be eligible to participate in medical, dental, vision insurance, disability and life insurance, a 401(k) plan and company match, a tuition reimbursement program (select degrees), company holidays, and well-being benefits, among others. U.S. based employees are also eligible to receive sick time, floating holidays and paid vacation.

Job Applicants should be aware of job offer scams perpetrated through the use of the Internet and social media platforms.

To learn more please read Bausch + Lomb's Job Offer Fraud Statement.

Our Benefit Programs: Employee Benefits: Bausch + Lomb

Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.