InfoSec Risk & Compliance

Netradyne harnesses the power of Computer Vision and Edge Computing to revolutionize the modern-day transportation ecosystem. We are a leader in fleet safety solutions. With growth exceeding 4x year over year, our solution is quickly being recognized as a significant disruptive technology. Our team is growing, and we need forward-thinking, uncompromising, competitive team members to continue to facilitate our growth.

JOB DESCRIPTION

Senior/Staff Engineer – InfoSec Risk & Compliance

Location: Bengaluru, India | Department: Information Security
Experience Level: 6-9+ years | Employment Type: Full-Time, Permanent

Lead compliance transformation and security governance scaling at Netradyne. Own enterprise GRC platform implementation, manage multi-framework audits (ISO 27001/42001, SOC 2, HIPAA), and drive customer compliance acceleration enabling enterprise revenue growth.

KEY RESPONSIBILITIES

Facilitate Audit & Certification

• Drive ISO 42001 (AI governance), SOC 2 Type II, RED Directive EN 18031, ISO 27001, HIPAA programs


• Design vendor risk assessment program with SLA enforcement


• Manage external audits and certification timelines

GRC Platform Implementation

• Lead enterprise GRC tool deployment and configuration across all frameworks


• Build automated evidence collection, remediation tracking, and compliance reporting


• Create executive risk dashboards and governance reporting

Customer Compliance & Revenue

• Build RFP/RFI response framework reducing turnaround to <10 business days


• Develop customer-facing Trust Centre portal reducing RFP volume


• Manage customer security questionnaires and account support

Risk Optimization & International Support

• Design quarterly self-assessment (QSA) process via GRC automation


• Maintain AI risk register (model degradation, bias, privacy risks)


• Support 15-country compliance expansion (GDPR, local regulations)

REQUIRED QUALIFICATIONS

Education & Certifications

• Bachelor’s/master’s degree in information security, Computer Science, or related field


• Active professional certification: CISSP, CCSP, CISM, CCSK, ISO 27001/42001 Lead Auditor, or equivalent


• Demonstrated audit Senior/Staff: ISO 27001 and/or SOC 2 field audit participation (2+ cycles)

Core Technical Competencies (Must Have)

KNOWLEDGE & PROFESSIONAL SKILLS

Technical Skills: (Should Have)

• Enterprise Resilience:Design BCP/DR, failover testing, 24/7 uptime SLAs for multi-region expansion


• AI Security:Threat modelling, adversarial attack scenarios, responsible AI assurance (ISO 42001)


• Cloud Compliance:Data classification, multi-region governance, DLP enforcement, CloudTrail/Azure Logs monitoring


• Infrastructure-as-Code:Terraform/CloudFormation for audit-trail automation


• API Integration:REST APIs for GRC, ticketing systems, SIEM/DLP tool integration

Preferred: IoT/embedded systems (RED Directive), RPA, network-layer authentication (RADIUS/LDAP), certificate management

Professional:

• Collaborate with cross-functional teams (IT, Engineering, Sales, Device, Finance, Legal, Privacy, HR) for compliance alignment


• Lead GRC platform implementation and governance workflow design


• Communicate risk and compliance status to executive leadership and board


• Support 24/7 on-call rotation for security incidents and emergencies


• Continuous learning mindset; ability to adopt emerging compliance frameworks (AI governance, new regulations)

We are committed to an inclusive and diverse team. Netradyne is an equal-opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status, or any legally protected status.

If there is a match between your experiences/skills and the Company's needs, we will contact you directly.

Netradyne is an equal-opportunity employer.

Applicants only - Recruiting agencies do not contact.

Recruitment Fraud Alert!

There has been an increase in fraud that targets job seekers. Scammers may present themselves to job seekers as Netradyne employees or recruiters. Please be aware that Netradyne does not request sensitive personal data from applicants via text/instant message or any unsecured method; does not promise any advance payment for work equipment set-up and does not use recruitment or job-sourcing agencies that charge candidates an advance fee of any kind. Official communication about your application will only come from emails ending in ‘@netradyne.com’ or ‘@us-greenhouse-mail.io’.

Please review and apply to our available job openings at Netradyne.com/company/careers. For more information on avoiding and reporting scams, please visit the Federal Trade Commission's job scams website.