Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Home
>
Jobs in mumbai
>
Drip Capital
>
InfoSec Engineer (Compliance Engineer)

InfoSec Engineer (Compliance Engineer)

Drip Capital

3 - 8 years

7 - 11 Lacs

mumbai

Posted:1 month ago| Platform:

Apply

Skills Required

isms access management information security soc http risk management sdlc vulnerability assessment penetration testing

Work Mode

Work from Office

Job Type

Full Time

Job Description

We are looking for a highly motivated and detail-oriented Security Compliance Engineer with a strong focus on ISO/IEC 27001:2022 audit and implementation. The ideal candidate should also have hands-on experience in GRC, Cloud security, Vulnerability Assessment & Penetration Testing (VAPT), and general information security best practices. This role is essential in ensuring our compliance with security frameworks, maintaining our ISMS, and strengthening our overall security posture.

Key Responsibilities:

Lead ISO/IEC 27001:2022 compliance initiatives, including implementation, internal audits, surveillance, and recertification audits.
Prepare and maintain documentation for audits, including evidence collection and audit logs.
Conduct or support internal VAPT exercises; work with external vendors for third-party assessments and ensure closure of findings.
Evaluate and ensure security compliance in cloud environments (AWS), including configuration reviews and adherence to cloud security best practices.
Perform security risk assessments, gap analyses, and impact assessments across systems, processes, and vendors.
Collaborate cross-functionally with Engineering, IT, Legal, and HR to ensure compliance across business units.
Develop and maintain security policies, procedures, standards, and guidelines aligned with ISO 27001 and other applicable frameworks.
Monitor compliance with regulatory requirements (eg, GDPR, SOC 2, NIST, HIPAA) and internal policies.
Assist in developing security awareness training and conducting compliance onboarding for new employees.
Stay updated on emerging threats, vulnerabilities, and evolving regulatory requirements.

Requirements:

Minimum 3+ years of experience in a security compliance, security engineering, or audit-focused role.
Strong experience with ISO/IEC 27001:2022 implementation, audits, and certification processes.
Practical knowledge of VAPT tools and methodologies, including reporting and remediation tracking.
Solid understanding of cloud security principles (preferably with hands-on experience in AWS).
Familiarity with security controls, risk management, and audit frameworks (eg, SOC 2, NIST, GDPR).
Excellent documentation and communication skills, especially for audit readiness and stakeholder reporting.
Ability to manage multiple security and compliance initiatives simultaneously.

Preferred:

Certifications such as ISO 27001 Lead Auditor/Implementer, CEH, or CCSK.
Exposure to secure software development lifecycle (SDLC) and DevSecOps practices.
Familiarity with identity and access management (IAM), data loss prevention (DLP), and endpoint security tools.

Education & Experience:

Bachelors degree in Computer Science, Information Security, Cybersecurity, or a related field.
3+ years of experience in a security compliance, security engineering, or audit-focused role

More Jobs at Drip Capital

DevOps Engineer II

Mumbai, Maharashtra, India

5 - 8 yrs

Salary: Not disclosed

Data Analyst

Mumbai, Maharashtra, India

Experience: Not specified

Salary: Not disclosed

Senior Relationship Manager

Mumbai

1.0 - 2.0 yrs

INR 7 - 8 Lacs

Associate , Credit Data Processor

Mumbai

Experience: Not specified

INR 3 - 7 Lacs

Intern, Legal Operations

Mumbai, Maharashtra

Experience: Not specified

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now

Drip Capital

Financial Services

Palo Alto California

Login to

Please Verify Your Phone or Email

Confirm Action

InfoSec Engineer (Compliance Engineer)