Senior Security Analyst - GRC
Job Summary
Job Description
As a Senior Security Analyst - GRC, you will be a key player in ensuring compliance with rigorous standards like ISO 27001, PCI DSS, and RBI guidelines. Your responsibilities will include planning and executing audits, maintaining security policies, assessing risks, managing third-party risk, and driving security awareness. This role requires collaboration with various teams to ensure the company's secure operations within the fintech industry.
Must have:
- 4-7 years in Information Security/Risk Management
- Strong grasp of frameworks: ISO 27001, PCI DSS, NIST
- Exposure to Indian finance regulations (RBI, SEBI, NPCI)
- Strong communication and analytical skills
Good to have:
- Relevant certifications preferred: CISM, CISSP, CISA
- Understanding of cloud infra, SaaS environments, and security tooling
Perks:
- 20 days of paid time off + unlimited sick leave
- Generous parental leave
- Daily lunches, stocked micro kitchen, in-house gym, and Biryani Fridays
- Medical + life insurance for you and your family
- 24x7 mental health support
- Learning Stash — a fund for your upskilling and certifications
- FiAspire Projects — our internal gig program to explore new roles and skills
- Game rooms, Premier Leagues, and a genuinely fun work culture
6 skills required
Job Details
Fi is a money management platform that helps people get better with their money — spend smarter, save better, and take control of their financial journey.
We’re not a bank — we’re reimagining how people interact with money. Founded by the team behind Google Pay India, we’re a Series C startup valued at $550M, backed by top-tier investors like Sequoia, Ribbit Capital, and Alpha Wave. Our mission is simple: help Indians maximise their financial potential — through thoughtful design, deep tech, and zero jargon.
Senior Security Analyst – GRC
This role sits at the intersection of regulations, real-time fintech, and secure scale. If you’re someone who enjoys digging into frameworks, translating policy into practice, and shaping how a fast-growing startup approaches trust and compliance — you’ll thrive here.
You’ll be a key part of a small, high-trust team, working directly with Engineering, DevOps, Legal, and Product to ensure Fi stays compliant with some of the most rigorous standards — ISO 27001, PCI DSS, RBI guidelines, and beyond.
We’re proud winners of the Best Digital Banking Security Practices Award – GFF 2024, and this role is central to how we earned it — and how we’ll keep raising the bar.
What you will do:
- Own the planning, coordination, and execution of internal and external audits.
- Maintain and review InfoSec policies, risk registers, and control implementation status.
- Ensure ongoing compliance with frameworks like ISO 27001, PCI DSS, RBI, NPCI, SEBI and more.
- Help assess and treat IT and third-party risk, and maintain audit-ready documentation.
- Lead and streamline the vendor due diligence and TPRM (third-party risk management) process.
- Collaborate cross-functionally to drive security awareness and control implementation.
- Use project management skills to communicate, track, and unblock audit deliverables.
What we are looking for:
- 4–7 years in Information Security, Risk Management, or IT Audit roles.
- Strong grasp of frameworks: ISO 27001, PCI DSS, NIST.
- Exposure to Indian finance regulations (RBI, SEBI, NPCI) is a big plus.
- Relevant certifications preferred: CISM, CISSP, CISA.
- Bonus if you understand cloud infra, SaaS environments, and security tooling.
- Independent, proactive, and great at cross-functional collaboration.
- Strong communication and analytical skills.
What you get at Fi:
- 20 days of paid time off + unlimited sick leave
- Generous parental leave
- Daily lunches, stocked micro kitchen, in-house gym, and Biryani Fridays
- Medical + life insurance for you and your family
- 24x7 mental health support
- Learning Stash — a fund for your upskilling and certifications
- FiAspire Projects — our internal gig program to explore new roles and skills
- Game rooms, Premier Leagues, and a genuinely fun work culture
How We Work
We’re currently working from our office in Bangalore.
Once you apply, our team will reach out to schedule 3–4 rounds of interviews — to assess your domain expertise, problem-solving ability, and fit for our high-trust, high-ownership culture.
We aspire to create an inclusive culture of diverse people not just because it's the right thing to do but because heterogeneity inspires us and is more fun! We employ people solely on merit and do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.
Similar Jobs
Qualcomm
Bengaluru, Karnataka, India (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Globalization Partners
Northern Ireland, United Kingdom (Remote)
• 1 Month ago
Aisera
Palo Alto, California, United States (On-Site)
• 2 Months ago
Simcorp
Hong Kong, Hong Kong (Hybrid)
• 2 Months ago
The Walt Disney Company
Seattle, Washington, United States (On-Site)
• 2 Months ago
Get notifed when new similar jobs are uploaded
Jobs in Bengaluru, Karnataka, India
Postman
Bengaluru, Karnataka, India (Hybrid)
• 2 Months ago
velotio technologies
Pune, Maharashtra, India (Remote)
• 1 Month ago
Qualcomm
Bengaluru, Karnataka, India (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
bytedance
San Jose, California, United States (On-Site)
• 3 Months ago
nubank
State Of São Paulo, Brazil (On-Site)
• 1 Week ago
Optiv
Boston, Massachusetts, United States (Remote)
• 1 Month ago
Trend Micro
Taipei City, Taiwan (On-Site)
• 9 Months ago
Get notifed when new similar jobs are uploaded
