
▷ [Immediate Start] InfoSec Engineer (Compliance Engineer)
12 hours ago
Job Description
About Drip Capital
We are a US-based fintech company revolutionizing global trade for SMEs. At Drip Capital, we're redefining the future of trade finance and facilitation, empowering small and medium-sized enterprises (SMEs) to scale internationally with ease.
With the global SME trade market exceeding $5 trillion, our mission is to provide businesses in emerging markets with seamless access to capital-eliminating red tape and outdated processes. By leveraging cutting-edge technology, we make trade finance fast, efficient, and hassle-free. Beyond financing, we simplify trade and sourcing, helping SMEs navigate global markets effortlessly.
Headquartered in Palo Alto, California, with offices in India, Drip Capital is strategically positioned to meet the evolving needs of SMEs in emerging markets.
Backed by top investors-including Accel, Peak XV, Wing VC, Sequoia India, Y Combinator, GMO, SMBC Japan, Barclays, and IFC-Drip has facilitated over $7 billion in trade across 10,000+ buyers and sellers. As we continue to grow, we remain committed to transforming global trade for SMEs worldwide.
Role Overview :
We are looking for a highly motivated and detail-oriented Security Compliance Engineer with a strong focus on ISO/IEC 27001:2022 audit and implementation. The ideal candidate should also have hands-on experience in GRC, Cloud security, Vulnerability Assessment & Penetration Testing (VAPT), and general information security best practices. This role is essential in ensuring our compliance with security frameworks, maintaining our ISMS, and strengthening our overall security posture.
Key Responsibilities:
- Lead ISO/IEC 27001:2022 compliance initiatives, including implementation, internal audits, surveillance, and recertification audits.
- Prepare and maintain documentation for audits, including evidence collection and audit logs.
- Conduct or support internal VAPT exercises work with external vendors for third-party assessments and ensure closure of findings.
- Evaluate and ensure security compliance in cloud environments (AWS), including configuration reviews and adherence to cloud security best practices.
- Perform security risk assessments, gap analyses, and impact assessments across systems, processes, and vendors.
- Collaborate cross-functionally with Engineering, IT, Legal, and HR to ensure compliance across business units.
- Develop and maintain security policies, procedures, standards, and guidelines aligned with ISO 27001 and other applicable frameworks.
- Monitor compliance with regulatory requirements (e.g., GDPR, SOC 2, NIST, HIPAA) and internal policies.
- Assist in developing security awareness training and conducting compliance onboarding for new employees.
- Stay updated on emerging threats, vulnerabilities, and evolving regulatory requirements.
Requirements:
- Minimum 3+ years of experience in a security compliance, security engineering, or audit-focused role.
- Strong experience with ISO/IEC 27001:2022 implementation, audits, and certification processes.
- Practical knowledge of VAPT tools and methodologies, including reporting and remediation tracking.
- Solid understanding of cloud security principles (preferably with hands-on experience in AWS).
- Familiarity with security controls, risk management, and audit frameworks (e.g., SOC 2, NIST, GDPR).
- Excellent documentation and communication skills, especially for audit readiness and stakeholder reporting.
- Ability to manage multiple security and compliance initiatives simultaneously.
Preferred:
- Certifications such as ISO 27001 Lead Auditor/Implementer, CEH, or CCSK.
- Exposure to secure software development lifecycle (SDLC) and DevSecOps practices.
- Familiarity with identity and access management (IAM), data loss prevention (DLP), and endpoint security tools.
Education & Experience:
- Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field.
- 3+ years of experience in a security compliance, security engineering, or audit-focused role.
-
Senior Infosec Engineer
2 weeks ago
Mumbai, India Uplers Full timeRole: Senior Infosec Engineer Reference Code: HR Experience: 4-6 years Salary: Confidential (based on experience) Opportunity Type: Office (Mumbai) Placement Type: Full time Permanent Position (*Note: This is a requirement for one of Uplers Clients) Senior Infosec Engineer As a Senior Information Security Engineer, youll be the go-to guardian of our...
-
Infosec Engineer
2 weeks ago
Mumbai, India Baldor Technologies Full timeRole Brief... As a Senior Information Security Engineer at IDfy, youll be the go-to guardian of our security and compliance framework. Youll own everything from ISO 27001 and SOC 2 audits (Internal and External) to Customer third-party risk assessments, customer security requests, and internal ISMS management. Youll work across product, engineering, and...
-
Mumbai, India Apj engineer pvt ltd Full timePosition: Site Project Engineer Role Overview As a Site Project Engineer, you will play a vital role in assisting senior engineers and project managers in planning, supervising, and executing on-site activities related to DG sets, electrical panels, and automation projects. Freshers are welcome to join, as this position provides an excellent opportunity to...
-
Hyderabad, India JPMorganChase Full timeJob Description Job Description This is your chance to change the path of your career and guide multiple teams to success at one of the world's leading financial institutions. As a Manager of Software Engineering at JPMorgan Chase within the Consumer & Community Banking Team, you lead multiple teams and manage day-to-day implementation activities by...
-
India The Reliable Jobs Full timeWe’re looking to hire a highly capable AI Engineer with 3–5 years of hands-on experience in building LLM-powered applications. The ideal candidate should have strong expertise in working with LLMs, agentic workflows, and RAG systems, along with a solid foundation in Python. The engineer will be available to join immediately and can work *fully remote*.
-
[Immediate Start] Senior Engineer
12 hours ago
Mumbai, India Xylem Full timeJob Description Xylem is a Fortune 500 global water solutions company dedicated to advancing sustainable impact and empowering the people who make water work every day. As a leading water technology company with 23,000 employees operating in over 150 countries, Xylem is at the forefront of addressing the world's most critical water challenges. We invite...
-
Site Engineer
1 week ago
India Green HR Solutions Full timeHiring for big EPC Company, pls Apply if following Job Description suits your aspirations. We are seeking a reliable and detail-oriented Site Engineer to manage, supervise, and execute construction activities on-site. The Site Engineer plays a critical role in planning, organizing, and overseeing on-site operations to ensure projects are delivered on time,...
-
Noida, India ScratchNest Full timeJob Description We&aposre Hiring: Lead Embedded Hardware Design Engineer ScratchNest | Noida | Immediate Joining ScratchNest is seeking an experienced Lead Embedded Hardware Design Engineer to Lead the development of next-gen embedded systems for mission-critical industrial applications. Role Responsibilities: - Lead end-to-end hardware design from...
-
▷ (Immediate Start) Service Engineer
2 days ago
Navi Mumbai, Mumbai, India Mahadyuta Technical Solutions Pvt. Ltd. Full timeJob Description Company Description Established in 2019, Mahadyuta Technical Solutions Pvt. Ltd. is an ISO 9001:2015 certified Indian start-up (MSME) that provides world-class industrial reliability solutions. Our specialized team of mechanical and electrical engineers delivers Ultrasound Analysis Services for industrial reliability, machine condition...
-
Audits & Compliance Isms Specialis
2 days ago
Mumbai, India Infosec Career LLP Full timeKey Responsibilities: - Good knowledge of ISMS - 2+ years of prior hands-on audit experience - Knowledge on SOC 1 type 1 and SOC2 type 2, HITRUST, ISAE 3000 controls - Able to work in external auditors and tailor the controls applicability for the organization - Able to work with internal stakeholders and collate the required evidences for the external...