Security & Compliance Engineer
Indexed description
Experience
5 plus years
Education
Bachelor’s in Computer Science, Information Technology, Engineering, or equivalent. Relevant certifications (CISSP, CISA, ISO 27001 Lead Auditor/Implementer, or equivalent) strongly preferred.
Location:
Chennai, Bangalore, or Gurugram, India
Position Details
We are looking for a hands-on Security & Compliance Engineer with direct experience in SOC 2 and ISO 27001 to join our team. The role requires someone who can hit the ground running with zero ramp-up time, able to support an ongoing SOC 2 observation period internally and externally, while working closely with internal stakeholders and external security professionals. You will own compliance program execution, finalize and maintain security policies and controls, coordinate with auditors, and manage evidence collection in our GRC platform (Vanta).
Beyond audit support, you will work closely with our engineering team to embed compliance into our software development and governance using Agile practices. This includes supporting incident response, root cause analysis (RCA), and secure software development lifecycle (SSDLC) processes. You will take on roles in administration for Jira and Confluence, configuring and refining workflows, project boards, and documentation standards that support both development velocity and audit readiness.
Responsibilities Include
- Active SOC 2 Type II observation period support and evidence management
- ISO 27001 ISMS buildout, gap analysis, and audit preparation
- Security policy finalization and periodic review
- Vanta GRC platform administration
- Jira/Confluence configuration for Agile development, SSDLC, IR, and RCA workflows
- Vendor security questionnaire support and third-party risk management
- PCI DSS readiness (future scope)
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search