▷ [Immediate Start] InfoSec Engineer (Compliance Engineer)

4 weeks ago


Mumbai India DripCapital Full time

Job Description

About Drip Capital

We are a US-based fintech company revolutionizing global trade for SMEs. At Drip Capital, we're redefining the future of trade finance and facilitation, empowering small and medium-sized enterprises (SMEs) to scale internationally with ease.

With the global SME trade market exceeding $5 trillion, our mission is to provide businesses in emerging markets with seamless access to capital-eliminating red tape and outdated processes. By leveraging cutting-edge technology, we make trade finance fast, efficient, and hassle-free. Beyond financing, we simplify trade and sourcing, helping SMEs navigate global markets effortlessly.

Headquartered in Palo Alto, California, with offices in India, Drip Capital is strategically positioned to meet the evolving needs of SMEs in emerging markets.

Backed by top investors-including Accel, Peak XV, Wing VC, Sequoia India, Y Combinator, GMO, SMBC Japan, Barclays, and IFC-Drip has facilitated over $7 billion in trade across 10,000+ buyers and sellers. As we continue to grow, we remain committed to transforming global trade for SMEs worldwide.

Role Overview :

We are looking for a highly motivated and detail-oriented Security Compliance Engineer with a strong focus on ISO/IEC 27001:2022 audit and implementation. The ideal candidate should also have hands-on experience in GRC, Cloud security, Vulnerability Assessment & Penetration Testing (VAPT), and general information security best practices. This role is essential in ensuring our compliance with security frameworks, maintaining our ISMS, and strengthening our overall security posture.

Key Responsibilities:

- Lead ISO/IEC 27001:2022 compliance initiatives, including implementation, internal audits, surveillance, and recertification audits.
- Prepare and maintain documentation for audits, including evidence collection and audit logs.
- Conduct or support internal VAPT exercises work with external vendors for third-party assessments and ensure closure of findings.
- Evaluate and ensure security compliance in cloud environments (AWS), including configuration reviews and adherence to cloud security best practices.
- Perform security risk assessments, gap analyses, and impact assessments across systems, processes, and vendors.
- Collaborate cross-functionally with Engineering, IT, Legal, and HR to ensure compliance across business units.
- Develop and maintain security policies, procedures, standards, and guidelines aligned with ISO 27001 and other applicable frameworks.
- Monitor compliance with regulatory requirements (e.g., GDPR, SOC 2, NIST, HIPAA) and internal policies.
- Assist in developing security awareness training and conducting compliance onboarding for new employees.
- Stay updated on emerging threats, vulnerabilities, and evolving regulatory requirements.

Requirements:

- Minimum 3+ years of experience in a security compliance, security engineering, or audit-focused role.
- Strong experience with ISO/IEC 27001:2022 implementation, audits, and certification processes.
- Practical knowledge of VAPT tools and methodologies, including reporting and remediation tracking.
- Solid understanding of cloud security principles (preferably with hands-on experience in AWS).
- Familiarity with security controls, risk management, and audit frameworks (e.g., SOC 2, NIST, GDPR).
- Excellent documentation and communication skills, especially for audit readiness and stakeholder reporting.
- Ability to manage multiple security and compliance initiatives simultaneously.

Preferred:

- Certifications such as ISO 27001 Lead Auditor/Implementer, CEH, or CCSK.

- Exposure to secure software development lifecycle (SDLC) and DevSecOps practices.

- Familiarity with identity and access management (IAM), data loss prevention (DLP), and endpoint security tools.

Education & Experience:

- Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field.

- 3+ years of experience in a security compliance, security engineering, or audit-focused role.



  • Mumbai, Maharashtra, India Uplers Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Role: Senior Infosec EngineerReference Code: HR Experience: 4-6 yearsSalary: Confidential (based on experience)Opportunity Type: Office (Mumbai)Placement Type: Full time Permanent Position(*Note: This is a requirement for one of Uplers Clients)Senior Infosec EngineerAs a Senior Information Security Engineer, youll be the go-to guardian of our security and...

  • Infosec Engineer

    7 days ago


    Mumbai, Maharashtra, India Baldor Technologies Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Role Brief...As a Senior Information Security Engineer at IDfy, youll be the go-to guardian of our security and compliance framework. Youll own everything from ISO 27001 and SOC 2 audits (Internal and External) to Customer third-party risk assessments, customer security requests, and internal ISMS management. Youll work across product, engineering, and legal...

  • Senior Manager

    3 weeks ago


    Pune, India Ocwen Financial Solutions Pvt. Ltd. - APAC Full time

    Job Description Job Description Position Summary: Sr Manager Information Security Governance - The Incumbent would be responsible to manage the information security governance, risk, and compliance process. - Standardize GRC policies, evaluate their impacts, and implement the relevant measure. - Liaise with Internal Audit, Corporate Compliance, Office of...

  • Infosec Auditor

    1 week ago


    Mumbai, Maharashtra, India Corporatehunt Private Limited Full time

    **Role : InfoSec Audit Executive** **Job location: Goregaon** - Overlooking day to day activities from Audit and Compliance point of view. - Prepare, review and maintain all documentation viz. policy, procedures, SOPs etc as necessary for all implemented compliances at ISG / Client site. - Conduct process compliance and security audits on a monthly basis...


  • Mumbai, India Easy Home Finance Limited Full time

    We are looking for a Cloud-first IT Administrator with foundational Information Security (InfoSec) skills to manage and secure a modern, distributed IT environment. The ideal candidate will be responsible for overseeing cloud-native infrastructure, end-user devices, identity and access management, and maintaining InfoSec hygiene—driven by an...


  • Hyderabad, India CLPS Global Full time

    Job Description Cloud Engineer with strong experience in managing Windows-based workloads on AWS, with a particular focus on maintaining company-compliant standard builds and AMI pipelines. Requirement : Location Offshore India Onboarding Immediate Will need English speaking candidate Key Skillsets and Experience Required: - Windows Expertise on AWS: Proven...

  • GIS Engineer

    3 weeks ago


    India TAO Digital Solutions Full time

    Job Description Immediate Joiners! Job Description - Experience- 6+ years - Build ingestion & validation pipelines (Landing Bronze Silver) using Spark/Glue/EMR. - Standardize schemas, handle drift, quarantine & auditability. - Convert to Geo Parquet & load Gold data into Aurora/PostGIS via DMS. - Automate schema mgmt., lineage & discovery (Glue Catalog). -...


  • Gurugram, Gurugram, India Delhivery Full time

    Job Description Experience & Skills - 5+ years of progressive experience in cybersecurity roles, with a proven track record in managing complex security initiatives. - Minimum of 1-2 years of proven team handling or techno managerial leadership experience mentoring engineers, defining project tasks, and managing team workload. Key Responsibilities...


  • Mumbai, India Xylem Full time

    Job Description Xylem is a Fortune 500 global water solutions company dedicated to advancing sustainable impact and empowering the people who make water work every day. As a leading water technology company with 23,000 employees operating in over 150 countries, Xylem is at the forefront of addressing the world's most critical water challenges. We invite...

  • Technical Writer

    3 weeks ago


    Mumbai, India WorkGeek Services Full time

    We are looking for a detail-oriented Technical Writer for a Fintech client in Mumbai who will be responsible for creating, curating, and maintaining high-quality technical documentation for their products, APIs, integrations, and deployment guides. The ideal candidate will collaborate with engineering, product, QA, and customer support teams to translate...