Netradyne harnesses the power of Computer Vision and Edge Computing to revolutionize the modern-day transportation ecosystem. We are a leader in fleet safety solutions. With growth exceeding 4x year over year, our solution is quickly being recognized as a significant disruptive technology. Our team is growing, and we need forward-thinking, uncompromising, competitive team members to continue to facilitate our growth.

JOB DESCRIPTION

Senior/Staff Engineer – InfoSec Risk & Compliance

Location: Bengaluru, India | Department: Information Security
Experience Level: 6-9+ years | Employment Type: Full-Time, Permanent

Lead compliance transformation and security governance scaling at Netradyne. Own enterprise GRC platform implementation, manage multi-framework audits (ISO 27001/42001, SOC 2, HIPAA), and drive customer compliance acceleration enabling enterprise revenue growth.

KEY RESPONSIBILITIES

Facilitate Audit & Certification

Drive ISO 42001 (AI governance), SOC 2 Type II, RED Directive EN 18031, ISO 27001, HIPAA programs
Design vendor risk assessment program with SLA enforcement
Manage external audits and certification timelines

GRC Platform Implementation

Lead enterprise GRC tool deployment and configuration across all frameworks
Build automated evidence collection, remediation tracking, and compliance reporting
Create executive risk dashboards and governance reporting

Customer Compliance & Revenue

Build RFP/RFI response framework reducing turnaround to <10 business days
Develop customer-facing Trust Centre portal reducing RFP volume
Manage customer security questionnaires and account support

Risk Optimization & International Support

Design quarterly self-assessment (QSA) process via GRC automation
Maintain AI risk register (model degradation, bias, privacy risks)
Support 15-country compliance expansion (GDPR, local regulations)

REQUIRED QUALIFICATIONS

Education & Certifications

Bachelor’s/master’s degree in information security, Computer Science, or related field
Active professional certification: CISSP, CCSP, CISM, CCSK, ISO 27001/42001 Lead Auditor, or equivalent
Demonstrated audit Senior/Staff: ISO 27001 and/or SOC 2 field audit participation (2+ cycles)

Core Technical Competencies (Must Have)

Competency

Required Experience

ISO 27001 / 27701 / 42001

Led 2+ audit cycles; AI governance frameworks

SOC 2 Type II / HIPAA / GDPR

Field audit experience; PII/ePHI handling; breach notification

GRC Platforms

Implementation/administration (Archer, ServiceNow, Audit Board, Sprinto, Scrut, OneTrust)

Risk Management

Risk scoring, control testing, BIA, vendor assessment design

Cloud Security

AWS/Azure IAM, encryption, compliance configurations, CIS/CSA frameworks

Compliance Automation

Python/Bash/PowerShell scripting; RPA; process automation workflows

Network & Infrastructure

OSI/TCP-IP, VPN, DLP, CASB, SDWAN, zero-trust architecture

Vulnerability Management

Risk scoring (CVSS), remediation SLAs, patch compliance

KNOWLEDGE & PROFESSIONAL SKILLS

Technical Skills: (Should Have)

Enterprise Resilience:Design BCP/DR, failover testing, 24/7 uptime SLAs for multi-region expansion
AI Security:Threat modelling, adversarial attack scenarios, responsible AI assurance (ISO 42001)
Cloud Compliance:Data classification, multi-region governance, DLP enforcement, CloudTrail/Azure Logs monitoring
Infrastructure-as-Code:Terraform/CloudFormation for audit-trail automation
API Integration:REST APIs for GRC, ticketing systems, SIEM/DLP tool integration

Preferred: IoT/embedded systems (RED Directive), RPA, network-layer authentication (RADIUS/LDAP), certificate management

Professional:

Collaborate with cross-functional teams (IT, Engineering, Sales, Device, Finance, Legal, Privacy, HR) for compliance alignment
Lead GRC platform implementation and governance workflow design
Communicate risk and compliance status to executive leadership and board
Support 24/7 on-call rotation for security incidents and emergencies
Continuous learning mindset; ability to adopt emerging compliance frameworks (AI governance, new regulations)

We are committed to an inclusive and diverse team. Netradyne is an equal-opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status, or any legally protected status.

If there is a match between your experiences/skills and the Company's needs, we will contact you directly.

Netradyne is an equal-opportunity employer.

Applicants only - Recruiting agencies do not contact.

Recruitment Fraud Alert!

There has been an increase in fraud that targets job seekers. Scammers may present themselves to job seekers as Netradyne employees or recruiters. Please be aware that Netradyne does not request sensitive personal data from applicants via text/instant message or any unsecured method; does not promise any advance payment for work equipment set-up and does not use recruitment or job-sourcing agencies that charge candidates an advance fee of any kind. Official communication about your application will only come from emails ending in ‘@netradyne.com’ or ‘@us-greenhouse-mail.io’.

Please review and apply to our available job openings at Netradyne.com/company/careers. For more information on avoiding and reporting scams, please visit the Federal Trade Commission's job scams website.

InfoSec Risk & Compliance

AI overview