Senior Compliance Analyst

Signzy is seeking a skilled Senior Compliance Analyst to join our dynamic team in Bengaluru, Karnataka, India. This role is crucial for maintaining and enhancing our security posture and compliance frameworks. You will be responsible for the development, implementation, and management of security policies, standards, and procedures, ensuring alignment with industry best practices and regulatory requirements such as ISO 27001, SOC2 Type 2, and PCI DSS. Your expertise will be vital in assessing technical implementation details for information security risks and coordinating with various teams for internal and external audits. You will lead Third Party Risk Management (TPRM) audits and closely collaborate with clients, including banks and fintechs, to ensure a seamless audit process. Managing the end-to-end vendor/partner onboarding risk process, including due diligence, risk assessment, contract compliance, and continuous monitoring, will be a key responsibility. You will also maintain and improve our enterprise GRC framework, support risk assessments (operational, cyber, privacy), and develop programs to address key company risks. A demonstrated understanding of common compliance frameworks like SOX, GDPR, CCPA, PCI, ISO27000, NIST Cybersecurity Framework, and NIST SP800-53 is essential. You should also possess a strong understanding of security best practices and conduct internal control testing and compliance reviews across infrastructure, applications, and processes. This role requires assisting the security engineering team with patch prioritization and improving controls for internal systems, processes, and policies, while also providing clear direction to security and engineering teams on audit requirements.