Senior Compliance Analyst

Signzy is a digital trust system. We provide identification, background checks, forgery detection and contract management systems which enable contracting in a trustable, safe, legal, and convenient manner. Our biometric user authentication system and blockchain-based digital trail ensure non-repudiation. This increases compliance and enforceability in the court of law. We consist of a tech-savvy team and are backed by investors who are enthusiastic about creating solutions with technology. Working at Signzy ● At Signzy we breathe software and exploit the latest technologies to create the most amazing products. We comprise a tech-savvy team and are backed by investors who are enthusiastic about creating solutions using technology. ● Signzy is looking for an Compliance Analyst. If you think you have what it takes to get the job done, this is an invitation to be a part of the future! JD for role of Compliance Analyst - II Responsibilities Development, implementation, and management of security policies, standards, guidelines, and procedures to ensure the ongoing improvement and maintenance of security posture in line with ISO 27001, SOC2 Type 2, PCI DSS etc., Understand technical implementation details necessary to assess general and situational Information Security risk. Coordinate with multiple teams across the organization for the Audits Lead the Third Party Risk Management audits conducted by Banks and other Authorities Closely interact and work with Clients(Banks, Fintechs etc) in ensuring smooth audit process and TPRM Coordinate internal and external audits, ensuring timely collection of artifacts and responses. Manage the end-to-end vendor/partner onboarding risk process - due diligence, risk assessment, contract compliance, and continuous monitoring. Maintain and improve the enterprise GRC framework aligned to ISO 27001/27701, SOC 2, PCI-DSS Support risk assessments (operational, cyber, privacy) and maintain risk registers. Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks. Demonstrated experience with common compliance frameworks (SOX, GDPR, CCPA, PCI, ISO27000, NIST Cybersecurity Framework, NIST SP800-53) Understanding of security best practices (Password security, device security etc) in the context of Security Training and Awareness Conduct internal control testing and compliance reviews across infrastructure, applications, and processes. Establishing appropriate levels of security controls, systems monitoring, and security audits. Assisting in the security engineering team with prioritizing patches and security fixes. Improve controls for internal systems, processes, and policies. Support the execution of multiple audit programs internally and externally. Provide clear expectations and direction to security and engineering teams on audit requirements. Requirements Must Have 3+ years of proven experience in information security, audit, compliance, risk assessment, and management. Hands-on experience in managing and driving security compliance mainly ISO 27001, PCI DSS, Data Localization and Bank Audits Ability to prioritise, manage, and deliver on multiple projects simultaneously and partner with management in support of key initiatives and projects. Knowledge of pragmatic security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc. Experience developing and producing security metrics and reports that are meaningful and actionable across various audiences. In-depth understanding of the regulatory requirements and trends in the FinTech domain. Ability to communicate to management, technical, and non-technical persons about the risk associated with the business. Defining and maintaining the policies as per ISMS framework Monitor third-party risk assessments and assist in performing internal risk assessments. Good to Have Certifications such as ISO27001 Lead Auditor/Implementer CISA/CISM certification would be a plus Ability to use basic automation/scripting (Python, SQL) for evidence collection. Experience with SIEM/SOC outputs to validate alerts as audit evidence. Knowledge of data governance/DLP tools. Awareness of AI/ML governance and evolving regulatory frameworks. Skills in continuous compliance (CI/CD, IaC scanning). Well-versed with data security and data privacy. Strong team player, but can work and execute independently Brilliant written, verbal communication, and interpersonal skills

Apply Now