Information Security Engineer

Information Security & Compliance Engineer Job Description

Job Title: Information Security & Compliance Engineer

Experience: 46 Years

Location: Bengaluru Hybrid (3 Days WFO)

About Convin

Convin is a Conversation Intelligence platform built by IIT Delhi alumni to transform sales, collections, and customer experience. With our proprietary AI and automation, we help enterprises analyze conversations, drive insights, improve conversions, and deliver exceptional customer experiences.

Were trusted by leading brands like Urban Company, Physics Wallah, ICICI Lombard, SBI Life, Shaddi.com, Bajaj and Niva Bupa, Aditya Birla Group Etc. across industries such as EdTech, FinTech, HealthTech, Hospitality, Travel, and BPO.

Highlights:

Raised $6.5M in Series-A (2024) and $2.1M seed funding (2022)

Featured in LinkedIns Top Startups list

Ranked Top 20 Software Companies in India by G2

Best Speech & Conversation Analytics Company at CX & DCX Summits

About the Role

We are looking for an Information Security & Compliance Engineer who can effectively bridge the gap between security operations and regulatory compliance. You will play a key role in managing security tools, driving compliance programs across multiple frameworks, and ensuring adherence to global data protection regulations.

This role requires hands-on experience in security operations, compliance frameworks, vulnerability management, and customer-facing security assessments.

What Youll Do

• Manage and respond to customer security questionnaires, RFPs, and third-party assessments
• Maintain a centralized repository of security responses and supporting documentation
• Lead implementation and maintenance of compliance frameworks such as ISO 27001, ISO 27701, ISO 20000-1, and SOC 2 (Type I & II)
• Manage end-to-end audit cycles, including coordination with auditors and remediation tracking
• Develop and maintain security and privacy policies, procedures, and documentation
• Ensure compliance with global privacy regulations including GDPR, DPDPA, and CPRA/CCPA
• Maintain RoPA, DPIAs, and support DSARs and breach notification processes
• Manage security tools such as SentinelOne EDR, MDM solutions, and Zscaler (ZIA)
• Monitor security alerts and respond to incidents in a timely manner
• Coordinate end-to-end VAPT engagements with external vendors
• Track vulnerability remediation and maintain a vulnerability register
• Generate reports on security posture, risk, and remediation progress
• Support cloud security practices across AWS, Azure, or GCP environments
• Collaborate with Engineering, DevOps, and Product teams to implement security controls

Required Skills

• 46 years of experience in Information Security or related roles
• Strong hands-on experience with ISO 27001 and SOC 2 implementation
• Working knowledge of GDPR and DPDPA (mandatory)
• Experience with SentinelOne EDR and Zscaler (ZIA)
• Familiarity with MDM solutions such as Intune or Jamf
• Understanding of cloud security fundamentals (AWS, Azure, or GCP)
• Experience managing VAPT lifecycle and vulnerability remediation
• Strong written and verbal communication skills
• Ability to work with both technical and non-technical stakeholders

Good to Have

• Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, CISSP, CCSP, CIPM/CIPP
• Experience with ISO 27701 or ISO 20000-1
• Familiarity with GRC tools such as Vanta, Drata, or OneTrust
• Experience in vendor risk management
• Understanding of Zero Trust, SASE/SSE frameworks
• Familiarity with vulnerability tools like Jira, ServiceNow, Qualys, or Tenable
• Knowledge of OWASP Top 10, CVEs, and CVSS scoring

What We Value

• Strong ownership of security and compliance processes
• Ability to manage audits and handle customer-facing security discussions
• Attention to detail in documentation and compliance tracking
• Problem-solving mindset with focus on risk mitigation
• Continuous improvement in security posture and processes

Interview Process

Heres how we hire at Convin:

Application Review Our People & Culture team will connect within 45 days if your profile fits.

Initial Catch-Up A quick conversation to check role fit.

IQ Round Assessing problem-solving and analytical skills.

Assignment / Case Study Practical exercise + discussion.

Final Leadership Round Interaction with our founders/leadership team.

Crack it, and youre in!

Perks & Benefits

Learning & Upskilling Reimbursement of 1,000 per month (up to 12,000 per year) towards books or courses, work-related or otherwise.

Wellness & Leisure Allowance 24,000/year (claimable as 6,000 quarterly or 24,000 annually) for personal travel, retreats, or gym memberships.

Comprehensive Insurance Health insurance of 5,00,000 (self & family) + accident coverage of 25,00,000.

Friday Treats Weekly snacks for in-office employees.

Friday Fun & Wellness Bi-monthly yoga, health check-ups, learning sessions, and cultural activities.

Quarterly Team Outings Relax, connect, and grow together.