Netradyne harnesses the power of Computer Vision and Edge Computing to revolutionize the modern-day transportation ecosystem. We are a leader in fleet safety solutions. With growth exceeding 4x year over year, our solution is quickly being recognized as a significant disruptive technology. Our team is growing, and we need forward-thinking, uncompromising, competitive team members to continue to facilitate our growth.
Job Description
Senior/Staff Engineer InfoSec Risk & Compliance
Location: Bengaluru, India |
Department: Information Security
Experience Level: 6-9+ years |
Employment Type: Full-Time, Permanent
Lead compliance transformation and security governance scaling at Netradyne. Own enterprise GRC platform implementation, manage multi-framework audits (ISO 27001/42001, SOC 2, HIPAA), and drive customer compliance acceleration enabling enterprise revenue growth.
Key Responsibilities
Facilitate Audit & Certification
- Drive ISO 42001 (AI governance), SOC 2 Type II, RED Directive EN 18031, ISO 27001, HIPAA programs
- Design vendor risk assessment program with SLA enforcement
- Manage external audits and certification timelines
GRC Platform Implementation
- Lead enterprise GRC tool deployment and configuration across all frameworks
- Build automated evidence collection, remediation tracking, and compliance reporting
- Create executive risk dashboards and governance reporting
Customer Compliance & Revenue
Build RFP/RFI response framework reducing turnaround to <10 business days
Develop customer-facing Trust Centre portal reducing RFP volumeManage customer security questionnaires and account support
Risk Optimization & International Support
- Design quarterly self-assessment (QSA) process via GRC automation
- Maintain AI risk register (model degradation, bias, privacy risks)
- Support 15-country compliance expansion (GDPR, local regulations)
Required Qualifications
Education & Certifications
- Bachelor's/master's degree in information security, Computer Science, or related field
- Active professional certification: CISSP, CCSP, CISM, CCSK, ISO 27001/42001 Lead Auditor, or equivalent
- Demonstrated audit Senior/Staff: ISO 27001 and/or SOC 2 field audit participation (2+ cycles)
Core Technical Competencies (Must Have)
Competency
Required Experience
ISO 27001 / 27701 / 42001
Led 2+ audit cycles; AI governance frameworks
SOC 2 Type II / HIPAA / GDPR
Field audit experience; PII/ePHI handling; breach notification
GRC Platforms
Implementation/administration (Archer, ServiceNow, Audit Board, Sprinto, Scrut, OneTrust)
Risk Management
Risk scoring, control testing, BIA, vendor assessment design
Cloud Security
AWS/Azure IAM, encryption, compliance configurations, CIS/CSA frameworks
Compliance Automation
Python/Bash/PowerShell scripting; RPA; process automation workflows
Network & Infrastructure
OSI/TCP-IP, VPN, DLP, CASB, SDWAN, zero-trust architecture
Vulnerability Management
Risk scoring (CVSS), remediation SLAs, patch compliance
Knowledge & Professional Skills
Technical Skills: (Should Have)
- Enterprise Resilience:Design BCP/DR, failover testing, 24/7 uptime SLAs for multi-region expansion
- AI Security:Threat modelling, adversarial attack scenarios, responsible AI assurance (ISO 42001)
- Cloud Compliance:Data classification, multi-region governance, DLP enforcement, CloudTrail/Azure Logs monitoring
- Infrastructure-as-Code:Terraform/CloudFormation for audit-trail automation
- API Integration:REST APIs for GRC, ticketing systems, SIEM/DLP tool integration
Preferred: IoT/embedded systems (RED Directive), RPA, network-layer authentication (RADIUS/LDAP), certificate management
Professional:
- Collaborate with cross-functional teams (IT, Engineering, Sales, Device, Finance, Legal, Privacy, HR) for compliance alignment
- Lead GRC platform implementation and governance workflow design
- Communicate risk and compliance status to executive leadership and board
- Support 24/7 on-call rotation for security incidents and emergencies
- Continuous learning mindset; ability to adopt emerging compliance frameworks (AI governance, new regulations)
We are committed to an inclusive and diverse team. Netradyne is an equal-opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status, or any legally protected status.
If there is a match between your experiences/skills and the Company's needs, we will contact you directly.
Netradyne is an equal-opportunity employer.
Applicants only - Recruiting agencies do not contact.
Recruitment Fraud Alert!
There has been an increase in fraud that targets job seekers. Scammers may present themselves to job seekers as Netradyne employees or recruiters. Please be aware that Netradyne does not request sensitive personal data from applicants via text/instant message or any unsecured method; does not promise any advance payment for work equipment set-up and does not use recruitment or job-sourcing agencies that charge candidates an advance fee of any kind. Official communication about your application will only come from emails ending in @netradyne.com or @us-greenhouse-mail.io.
Please review and apply to our available job openings at Netradyne.com/company/careers. For more information on avoiding and reporting scams, please visit the Federal Trade Commission's job scams website.
