Compliance Manager

Job Title: InfoSec Compliance Manager | Lead 

Job Type : Full-time | Advanced Career Role 

Reporting to : Chief Operating Officer 

Location : Hyderabad with travel

Experience : 5+years

Job Summary 

The Information Security Compliance Manager is responsible for ensuring Ozonetel’s services and support adhere to information security standards, policies, regulations, and contractual requirements. This role focuses on implementing and monitoring security controls to protect customer data, managing compliance across multiple enterprise clients (especially in NBFC, BFSI, and Capital Markets), and acting as the primary Infosec interface for customers. The position involves overseeing security audits, risk assessments, and ensuring continuous compliance readiness.  

Key Responsibilities 

1. Compliance & Regulatory Alignment  

• Ensure adherence to contractual obligations related to information security and data privacy in Master Service Agreements, Statements of Work, and other customer contracts.  
• Monitor and report on compliance with Ozonetel’s internal information security and data privacy policies and standards.  
• Stay updated with evolving regulations and standards, including GDPR, HIPAA, ISO 27001, ISO 27701, SOC 2, RBI guidelines, and PCI-DSS (as applicable).  
• Coordinate with internal teams for certifications, audits, and preparation of security documentation required by clients across various domains.  

2. Security Governance  

• Develop and deliver engagement-specific information security and data privacy awareness programs and training to relevant teams.  
• Assist in defining and updating security policies, procedures, and best practices.  
• Conduct periodic security risk assessments and gap analyses.  
• Ensure adherence to internal security frameworks and controls.  
• Coordinate external, internal, and third-party audits/assessments conducted by customers and work with stakeholders to resolve any non-conformances or observations.  

3. Customer Security Engagement  

• Serve as the single point of contact (SPOC) for all information security and data privacy matters for assigned enterprise clients, particularly in NBFC, Banking, and Capital Markets.  
• Handle customer security questionnaires, audits, risk assessments, and due diligence meetings.  
• Support closure of security reviews during large enterprise deal cycles.  
• Collaborate with Ozonetel’s IT, Compliance, Product, and other internal teams, as well as customer leadership, to develop and communicate security-related reports and updates. 

4. Incident & Risk Management  

• Support security incident handling, investigation, documentation, and reporting frameworks.  
• Work closely with engineering and DevOps teams to ensure secure architecture and deployments.  
• Track, mitigate, and report on security vulnerabilities and operational risks. 

5. Pre-Sales & Enterprise Support  

• Assist sales teams during enterprise RFPs, security evaluations, and client discussions.  
• Provide security architecture inputs for customer deployments.  
• Build and maintain trust with enterprise clients regarding data protection and overall security posture.  
• Communicate relevant IT and product changes to assigned customers. 

Required Skills 

• Strong knowledge of Information Security frameworks and standards, including ISO 27001, SOC 2, NIST, and CIS Controls.  
• Proven experience working with BFSI clients, particularly NBFCs, Banks, Insurance, and Capital Markets.  
• Hands-on experience in handling customer security audits, assessments, and questionnaires.  
• Solid understanding of cloud security principles and controls across AWS, Azure, or GCP.  
• Good knowledge of data protection, encryption techniques, and secure architecture design.  
• Experience in responding to enterprise RFP security sections and security evaluations.  
• Excellent organizational and project management skills with the ability to handle multiple priorities and deadlines.  
• Strong communication and interpersonal skills, with the ability to engage effectively with both internal teams and enterprise clients.  
• High attention to detail and accuracy in all deliverables.  
• Proficiency in using information security tools and technologies. 

Preferred Qualifications 

• Experience: 5+ years in Information Security, with a strong focus on compliance, risk management, and customer-facing security roles.