GRC & Compliance Executive (ISO 27001 / SOC 2 / HIPAA)

3 weeks ago

Pune, India AutomationEdge Full time

We're seeking a hands-on
GRC & Compliance leader
to own our end-to-end program across
ISO 27001:2022
,
SOC 2 Type II
,
HIPAA
, and India's
DPDP Act 2023
. You will run the ISMS, manage external audits,
face auditors and customers
, complete
security questionnaires
, and keep our multi-tenant healthcare SaaS (primarily
AWS
) continuously audit-ready. This role is highly cross-functional with IT, DevOps/SRE, Data, Legal, HR, and Sales.

Responsibilities

Own the ISMS & SOC 2 program

  • Maintain control framework mapped to
    ISO 27001 Annex A
    and
    SOC 2 TSC
    ; align with
    HIPAA
    (Security/Privacy) and
    DPDP Act
    .
  • Plan & drive
    ISO (Stage 1/2, surveillance)
    and
    SOC 2 (readiness, Type I/II)
    cycles; manage PBC lists, walkthroughs, findings, and closures.

Customer trust & questionnaires

  • Lead responses for
    CAIQ, SIG, VSAQ, RFP security sections
    , due-diligence calls, and security addenda; maintain a reusable response library & evidence pack.

Policy, documentation & evidence

  • Draft and version policies, SOPs, runbooks (Access, Asset, Logging/Monitoring, Vulnerability, Patch, IR, BCP/DR, Vendor Risk, SDLC/Change, DLP).
  • Operationalize
    recurring evidence collection
    with automation where possible; maintain an auditable repository (Confluence/SharePoint + Jira).

Risk management

  • Run periodic risk assessments (
    ISO 27005/NIST
    ), maintain a risk register, drive treatment plans, and report risk posture & KPIs to leadership.

Security control operations (cloud-first)

  • Partner with DevOps/SRE on
    AWS
    controls:
    IAM
    ,
    KMS
    ,
    CloudTrail
    ,
    Config
    ,
    GuardDuty
    ,
    Security Hub
    ,
    VPC
    segmentation,
    Backup/DR
    (RDS/S3/EBS).
  • Oversee
    vulnerability management
    (e.g., Tenable/Qualys/Nessus),
    EDR
    (e.g., Sophos), patch management, and
    change management/CAB
    .

Incident readiness & privacy

  • Maintain
    Incident Response
    playbooks, on-call coordination, post-incident RCAs. Support
    HIPAA
    safeguards,
    DPDP
    requirements, DPIAs/ROPA as needed.

Vendor/Third-Party Risk

  • Run
    TPRM
    (due diligence, DPAs/BAAs, ongoing monitoring) with Legal/Procurement; ensure critical vendors meet our control bar before go-live.

Awareness & drills

  • Drive security awareness training, phishing simulations, and
    BCP/DR
    tabletop & failover drills with measurable outcomes.

Tooling & automation

  • Administer GRC platforms (
    Drata/Vanta/Sprinto/OneTrust/Secureframe
    ), integrate with
    Jira/Confluence/Slack/ServiceNow
    ; build dashboards for execs.

Qualifications

Candidate with 2-3+ years
in GRC/compliance for
SaaS/cloud
, with
successful ISO 27001
certifications and
SOC 2 Type II
audits.

  • GRC & Compliance Executive (ISO 27001 / SOC 2 / HIPAA)

    2 weeks ago

    Pune, Maharashtra, India AutomationEdge Full time ₹ 10,00,000 - ₹ 25,00,000 per year

    We're seeking a hands-onGRC & Compliance leaderto own our end-to-end program acrossISO 27001:2022,SOC 2 Type II,HIPAA, and India'sDPDP Act 2023. You will run the ISMS, manage external audits,face auditors and customers, completesecurity questionnaires, and keep our multi-tenant healthcare SaaS (primarilyAWS) continuously audit-ready. This role is highly...

  • Iso compliance executive

    3 weeks ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title : ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance Executive Job Location: Hinjewadi Phase-1, Pune Experience : 1-5 years Work Time :...

  • ISO Compliance executive

    3 days ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title : ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance Executive Job Location: Hinjewadi Phase-1, Pune Experience : 1-5 years Work Time : IST...

  • ISO Compliance executive

    1 week ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title: ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance ExecutiveJob Location: Hinjewadi Phase-1, PuneExperience: 1-5 yearsWork Time: IST 11:00 am...

  • ISO Compliance executive

    2 weeks ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title : ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance ExecutiveJob Location: Hinjewadi Phase-1, PuneExperience : 1-5 yearsWork Time : IST 11:00...

  • ISO Compliance executive

    1 week ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title: ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance ExecutiveJob Location: Hinjewadi Phase-1, PuneExperience: 1-5 yearsWork Time: IST 11:00 am...

  • ISO Compliance executive

    3 weeks ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title: ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance ExecutiveJob Location: Hinjewadi Phase-1, PuneExperience: 1-5 yearsWork Time: IST 11:00 am...

  • ISO Compliance executive

    3 weeks ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title : ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance Executive Job Location: Hinjewadi Phase-1, Pune Experience : 1-5 years Work Time : IST...

  • ISO Compliance executive

    2 weeks ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title: ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance ExecutiveJob Location: Hinjewadi Phase-1, PuneExperience: 1-5 yearsWork Time: IST 11:00 am...

  • ISO Compliance executive

    1 week ago

    Pune, India Futurism Technologies, INC. Full time

    Job Title : ISO Quality Assurance Specialist/ISO Compliance Executive/ Management Representative: ISO 9001:2013/ Information Security Compliance Analyst/ Information Security Auditor/ Information Security Engineer/ISO 27001 Compliance executive/ IT Security Compliance Executive Job Location: Hinjewadi Phase-1, Pune Experience : 1-5 years Work Time : IST...