Sapiens
is looking for a Compliance Manager to join our Bangalore team. If you have expertise in quality management systems for IT services and delivery and are eager to advance your career with a globally established company, this opportunity could be the ideal fit for you.
Location: Bangalore
Working Model: Our flexible work arrangement combines both remote and in-office work, optimizing flexibility and productivity.This position will be part of Sapiens CTIO division, for more information about it, click here: www.sapiens.com .
What You’ll Do
We are seeking a highly skilled Security Compliance and Information Security Manager to ensure the organization’s compliance with all relevant security regulations, frameworks, and standards. The role is responsible for safeguarding our information systems, managing risk, and leading compliance efforts. The ideal candidate will have deep expertise in both compliance and technical security measures, ensuring a proactive approach to security threats while maintaining compliance with regulatory requirements.
Key Responsibilities
Security Compliance:
- Lead the development, implementation, and management of the company’s security compliance programs (e.g., ISO 27001, SOC 2, NIST, GDPR, HIPAA).
- Ensure compliance with applicable regulations and standards, including data protection laws, privacy regulations, and industry-specific guidelines.
- Develop and maintain documentation related to compliance policies, standards, and processes.
- Conduct regular security compliance audits, risk assessments, and gap analysis to identify vulnerabilities and areas for improvement.
- Collaborate with legal, HR, and other departments to maintain a comprehensive compliance framework.
- Interface with external auditors, regulators, and other third parties during compliance assessments and certifications.
- Provide training and awareness programs for employees to foster a culture of security and compliance.
- Prepare compliance reports and communicate with leadership on the status of security compliance initiatives.
Information Security
- Develop and implement the organization’s information security strategy, policies, and procedures to protect critical systems and data.
- Monitor and assess security risks, threats, and vulnerabilities across all information systems, networks, and applications.
- Lead incident response efforts, including forensic analysis, investigation, and reporting of security breaches or incidents.
- Implement security technologies such as firewalls, intrusion detection systems (IDS), data loss prevention (DLP), and endpoint protection tools.
- Manage identity and access management (IAM) systems, ensuring that access controls and user privileges are appropriately defined and enforced.
- Oversee the security of cloud infrastructure (AWS, Azure, GCP), including configuration reviews, security assessments, and monitoring.
- Conduct regular security testing, including vulnerability scans and penetration testing, to validate the security posture of systems.
- Work closely with DevOps and engineering teams to integrate security practices into development and operational processes (DevSecOps).
- Ensure the organization complies with secure coding standards and best practices in application development.
- Stay current on the latest security trends, vulnerabilities, and technologies, and recommend upgrades to security infrastructure as necessary.
Must Have Skills.
What to Have for this position.
- Bachelor’s degree in information security, Computer Science, or a related field.
- 12+ years of experience in information security, risk management, or security compliance.
- Experience managing compliance programs (ISO 27001, SOC 2, NIST, GDPR, HIPAA, PCI DSS).
- In-depth knowledge of information security principles, including network security, application security, encryption, identity management, and incident response.
- Familiarity with security tools and technologies, including firewalls, IDS/IPS, DLP, SIEM, endpoint security, and vulnerability management.
- Experience with cloud security in platforms like AWS, Azure, or GCP.
- Strong understanding of data privacy regulations (GDPR, CCPA) and their impact on security compliance.
- Strong leadership skills and experience managing cross-functional teams or security operations.
- Excellent analytical and problem-solving skills, with a proactive approach to identifying and mitigating risks.
- Certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
Preferred Qualifications
- Master’s degree in information security, Cybersecurity, or related field.
- Hands-on experience with security automation and orchestration in a DevSecOps environment.
- Experience working with security frameworks for regulated industries (e.g., healthcare, finance).
- Familiarity with advanced threat detection and mitigation strategies.
- Certifications in cloud security (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate).
About Sapiens
Sapiens is a global leader in the insurance industry, delivering its award-winning, cloud-based SaaS insurance platformto over 600 customers in more than 30 countries. Sapiens’ platform offers pre-integrated, low-code capabilities to accelerate customers’ digital transformation. With more than 40 years of industry expertise, Sapiens has a highly professional team of over 5,000+ employees globally. For More information visit us on www.sapiens.com .
Sapiens is an equal opportunity employer. We value diversity and strive to create an inclusive work environment that embraces individuals from diverse backgrounds.
Disclaimer: Sapiens India does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Sapiens . Further, Sapiens does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Sapiens shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution.In the event that you come across any fraudulent activities in the name of Sapiens , please feel free report the incident at sapiens to sharedservices@sapiens.com .
