Role Overview...

We're hiring a GRC & Privacy Lead to own our compliance roadmap end-to-end, partner closely with

engineering on cloud and application security, and be the face of security to our customers, auditors, and

regulators.You'll build and mentorthe GRC & Privacy team as the function scales.

We are the Perfect match if...

• 10+ years in Information Security, with a strong focus on Governance, Risk, Compliance, Data Privacy, and Cloud Security.
• Deep, working knowledge ofISO 27001:2022, SOC 2 Type II, ISO 42001, ISO/IEC 27701, India's DPDPA, RBIregulations (e.g.,V-CIP, outsourcing guidelines), and sector-specific requirements like SAR reporting and data localization.
• Asolid understanding of cloud security including the ability to contribute to cloud architecture reviews and offer security design recommendations across multi-cloud environments (AWS, GCP).
• Working fluency in application security, SIEM/SOC,VAPT, security & privacy by design, leveragingAIfor security - enough to be a credible partnerto Engineering.
• Strong privacy program exposure - DPIAs, consent management, data subjectrights handling, breach notification, and privacy-by-design.
• Genuine comfort with client-facing security conversations articulating controls, handling auditor scrutiny, and building trust withBFSI,fintech, and enterprise customers.
• Confidence reviewing MSAs, DPAs, RFPs, TPRM, DPIA,AI questionnaires, and aligning contractual obligations with internal security practices.
• The judgmentto balance compliance rigor with business agility, and the ability to translate complex regulatory requirements into practical, actionable controls.
• A collaborative, cross-functional style, and experience building and mentoring a team.
  
  

Here’s what your day will look like...

• Lead GRC & own the compliance roadmap -Own our compliance roadmap across ISO 27001:2022, SOC 2 Type II, ISO 42001, ISO/IEC 27701, and DPDPA.
• Build clienttrust - Represent security in customer calls, audits, assessments, and RFPs articulating our controls and compliance stance clearly to some ofthe most scrutinising buyers inBFSI and enterprise.
• Partner with engineering on cloud & application security - Provide governance oversight across cloud security posture, application security (SAST/DAST/SCA),VAPT, SIEM/SOC operations, and the use of AIfor security.
• Champion cloud security, shift-left, secure-by-default, and privacy-by-design with Engineering and DevSecOps making security the path ofleastresistance,
• Lead the team & the conversation -Build, mentor, and grow the GRC & Privacy team. Regularly brief seniorleadership and business units on compliance posture,top risks, and mitigation plans.