Talent.com
This job offer is not available in your country.
Senior Compliance Analyst

Senior Compliance Analyst

SignzyThane, IN
16 hours ago
Job description

Signzy is a digital trust system. We provide identification, background checks, forgery detection

and contract management systems which enable contracting in a trustable, safe, legal, and

convenient manner. Our biometric user authentication system and blockchain-based digital trail

ensure non-repudiation. This increases compliance and enforceability in the court of law. We

consist of a tech-savvy team and are backed by investors who are enthusiastic about creating

solutions with technology.

Working at Signzy

  • At Signzy we breathe software and exploit the latest technologies to create the most

amazing products. We comprise a tech-savvy team and are backed by investors who are

enthusiastic about creating solutions using technology.

  • Signzy is looking for an Compliance Analyst. If you think you have what it

    • takes to get the job done, this is an invitation to be a part of the future!

    JD for role of Compliance Analyst - II

    Responsibilities

  • Development, implementation, and management of security policies, standards, guidelines, and procedures to ensure the ongoing improvement and maintenance of security posture in line with ISO 27001, SOC2 Type 2, PCI DSS etc.,
  • Understand technical implementation details necessary to assess general and situational Information Security risk.
  • Coordinate with multiple teams across the organization for the Audits
  • Lead the Third Party Risk Management audits conducted by Banks and other Authorities
  • Closely interact and work with Clients[Banks, Fintechs etc] in ensuring smooth audit process and TPRM
  • Coordinate internal and external audits, ensuring timely collection of artifacts and responses.
  • Manage the end-to-end vendor / partner onboarding risk process - due diligence, risk assessment, contract compliance, and continuous monitoring.
  • Maintain and improve the enterprise GRC framework aligned to ISO 27001 / 27701, SOC 2, PCI-DSS
  • Support risk assessments (operational, cyber, privacy) and maintain risk registers.
  • Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks.
  • Demonstrated experience with common compliance frameworks (SOX, GDPR, CCPA, PCI, ISO27000, NIST Cybersecurity Framework, NIST SP800-53)
  • Understanding of security best practices (Password security, device security etc) in the context of Security Training and Awareness
  • Conduct internal control testing and compliance reviews across infrastructure, applications, and processes.
  • Establishing appropriate levels of security controls, systems monitoring, and security audits.
  • Assisting in the security engineering team with prioritizing patches and security fixes.
  • Improve controls for internal systems, processes, and policies.
  • Support the execution of multiple audit programs internally and externally.
  • Provide clear expectations and direction to security and engineering teams on audit requirements.

    • Requirements

    Must Have

  • 3+ years of proven experience in information security, audit, compliance, risk assessment, and management.
  • Hands-on experience in managing and driving security compliance mainly ISO 27001, PCI DSS, Data Localization and Bank Audits
  • Ability to prioritise, manage, and deliver on multiple projects simultaneously and partner with management in support of key initiatives and projects.
  • Knowledge of pragmatic security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.
  • Experience developing and producing security metrics and reports that are meaningful and actionable across various audiences.
  • In-depth understanding of the regulatory requirements and trends in the FinTech domain.
  • Ability to communicate to management, technical, and non-technical persons about the risk associated with the business.
  • Defining and maintaining the policies as per ISMS framework
  • Monitor third-party risk assessments and assist in performing internal risk assessments.

    • Good to Have

  • Certifications such as ISO27001 Lead Auditor / Implementer
  • CISA / CISM certification would be a plus
  • Ability to use basic automation / scripting (Python, SQL) for evidence collection.
  • Experience with SIEM / SOC outputs to validate alerts as audit evidence.
  • Knowledge of data governance / DLP tools.
  • Awareness of AI / ML governance and evolving regulatory frameworks.
  • Skills in continuous compliance (CI / CD, IaC scanning).
  • Well-versed with data security and data privacy.
  • Strong team player, but can work and execute independently
  • Brilliant written, verbal communication, and interpersonal skills
    • Create a job alert for this search

    Compliance Analyst • Thane, IN