Senior Information Security Consultant

Sprinto

The Role

The Senior Infosec Consultant is a product and technology aficionado, with expertise in the areas of GRC, Information Security, Risk Assessments and Audits. This role is within a cross-functional, subject-matter-expertise team role which relies on superior execution and communication skills in a fully-remote setup.

Some Key Responsibilities Of The Role

• End-to-End Frameworks Expansion: Manage the onboarding of frameworks to the product, enabling customers to implement frameworks out of the box. This includes researching, mapping controls, updating policies, creating templates, making risk updates, and answering any customer questions during sales conversations or addressing auditor queries during audits
• Expanding Sprintos Controls: Develop a robust Sprinto Common Control Framework to support the extension of compliance frameworks across industries
• Stakeholder Management: Collaborate closely across teams to integrate the framework into our product offering, enabling businesses across various industries and verticals to implement any framework supported by Sprinto with minimal human intervention
• Teams Enablement: Establish a continuous learning engine to upgrade the compliance expertise of the entire team including Sales, Customer teams, Product, and Marketing to help them sell more effectively and support customers during implementations

Some Key Requirements Of The Role

• 5+ years of experience in Information Security and Compliance, covering various frameworks, Risk Assessment frameworks, and audits with top audit firms
• Strong preference for prior experience in a software/SaaS company
• The US market is Sprinto&aposs fastest-growing segment. We need individuals who are comfortable working late hours and interacting with prospects and customers based in the US
• Exceptional written communication, organizational, and presentation skills are crucial for this fully remote, cross-functional role
• Eagerness to continuously learn and gain expertise in the domain of information security compliance
• Experience in regulatory frameworks from India / US is preferred
• Certifications: Security certifications such as CISSP, CISA, CCSP, Lead Implementer, etc., are preferred