Compliance Analyst

Compliance Analyst

Location: Pune, India

Employment Type: Full-time

About the Role

We are seeking a Compliance & Information Security Specialist to support and grow our compliance and privacy programs. This role is hands-on — you will be responsible for implementing controls, monitoring compliance status, and supporting certifications across industry standards.

You’ll also play a key role in helping us implement India’s Digital Personal Data Protection (DPDP) Act and ensuring our security practices align with frameworks like CIS Benchmarks and NIST.

This is an excellent opportunity for someone with 2–3 years of experience who wants to expand their career into compliance, security, and privacy within a high-growth company.

Key Responsibilities

Compliance & Standards

• Support compliance programs across ISO 27001, 27017, 27018, 27701, SOC 2 Type II, CASA.
• Maintain trackers, evidence sheets, and control status dashboards.
• Flag delays or risks and proactively follow up with stakeholders.

DPDP (India) Implementation

• Assist in implementing Digital Personal Data Protection Act (DPDP) requirements.
• Help draft privacy notices, consent frameworks, and incident/breach response procedures.
• Track evolving DPDP updates and align practices accordingly.

Audit & Risk Management

• Prepare documentation and evidence for audits (internal/external).
• Coordinate with auditors and certification bodies.
• Monitor corrective actions to closure.
• Apply CIS Benchmarks and NIST controls as baselines for system hardening and security posture.

Awareness & Culture

• Conduct employee training on compliance, privacy, and security awareness.
• Work with IT, HR, and Engineering teams to integrate compliance into daily operations.
• Promote a “compliance-first” mindset across the company.

Requirements

• 2–3 years of experience in compliance, security, or privacy roles.
• Working knowledge of at least one compliance framework (ISO 27001, SOC 2, CASA, GDPR, DPDP).
• Awareness of CIS Benchmarks (system hardening) and NIST frameworks (CSF, 800-series).
• Strong organizational and documentation skills.
• Ability to maintain trackers, evidence sheets, and communicate effectively with cross-functional teams.
• Proactive, detail-oriented, and comfortable following up with teams to keep processes on track.

Nice to Have

• Entry-level certifications such as ISO 27001 Associate, CISA Foundation, or CompTIA Security+.
• Experience in fast-growing startups or mid-sized companies handling sensitive data.

What Success Looks Like

Compliance records are always audit-ready and up to date.

DPDP requirements are successfully rolled out across policies, processes, and systems.

CIS/NIST baselines are applied across IT and cloud infrastructure.

External audits and assessments are passed smoothly with minimal findings.

Why Join Us?

• Grow into a Compliance & Privacy expert while gaining exposure to ISO, SOC, CASA, DPDP, CIS, and NIST.
• Direct ownership and visibility in a company where compliance is a priority.
• Work closely with leadership and gain cross-functional experience.
• Be at the center of building a secure and compliant culture in a scaling company.

rutuja.bhailume@zoop.one