Title:
Security & Compliance Engineer
Experience:
5 plus years
Education:
Bachelor’s in Computer Science, Information Technology, Engineering, or equivalent. Relevant certifications (CISSP, CISA, ISO 27001 Lead Auditor/Implementer, or equivalent) strongly preferred.
Location:
Chennai, Bangalore, or Gurugram, India
Position Details:
We are looking for a hands-on Security & Compliance Engineer with direct experience in SOC 2 and ISO 27001 to join our team. The role requires someone who can hit the ground running with zero ramp-up time, able to support an ongoing SOC 2 observation period internally and externally, while working closely with internal stakeholders and external security professionals. You will own compliance program execution, finalize and maintain security policies and controls, coordinate with auditors, and manage evidence collection in our GRC platform (Vanta).
Beyond audit support, you will work closely with our engineering team to embed compliance into our software development and governance using Agile practices. This includes supporting incident response, root cause analysis (RCA), and secure software development lifecycle (SSDLC) processes. You will take on roles in administration for Jira and Confluence, configuring and refining workflows, project boards, and documentation standards that support both development velocity and audit readiness.
Responsibilities include:
- Active SOC 2 Type II observation period support and evidence management
- ISO 27001 ISMS buildout, gap analysis, and audit preparation
- Security policy finalization and periodic review
- Vanta GRC platform administration
- Jira/Confluence configuration for Agile development, SSDLC, IR, and RCA workflows
- Vendor security questionnaire support and third-party risk management
- PCI DSS readiness (future scope)
Benefits:
Group health insurance, flexible working hours, and a hybrid work model.