Sprinto
Senior Infosec Consultant, GRC and Information Security - B2B SaaS
Job Summary
The Senior Infosec Consultant role involves managing the onboarding and expansion of compliance frameworks within a product, requiring expertise in information security, risk assessments, and audits. The position emphasizes developing control frameworks, collaborating across teams for integration, and enabling continuous learning for team members. Candidates should have at least five years of experience in security and compliance, with strong communication skills and familiarity with regulatory frameworks, preferably from India or the US. The role is fully remote and offers benefits such as flexible working hours, medical insurance, and educational support.
Required Skills
Benefits
Job Description
Sprinto is a leading platform that automates information security compliance. By raising the bar on information security, Sprinto ensures compliance, healthy operational practices, and the ability for businesses to grow and scale with unwavering confidence. We are a team of200+ employees & helping1000+ Customers across75+ Countries. We are funded by top investment partnersAccel, ELEVATION & Blume Ventures and have raised 32 Million USD in funding including our latestSeries B round.
The Role
The Senior Infosec Consultant is a product and technology aficionado, with expertise in the areas of GRC, Information Security, Risk Assessments and Audits. This role is within a cross-functional, subject-matter-expertise team role which relies on superior execution and communication skills in a fully-remote setup.
- End-to-End Frameworks Expansion: Manage the onboarding of frameworks to the product, enabling customers to implement frameworks out of the box. This includes researching, mapping controls, updating policies, creating templates, making risk updates, and answering any customer questions during sales conversations or addressing auditor queries during audits.
- Expanding Sprinto’s Controls: Develop a robust Sprinto Common Control Framework to support the extension of compliance frameworks across industries.
- Stakeholder Management: Collaborate closely across teams to integrate the framework into our product offering, enabling businesses across various industries and verticals to implement any framework supported by Sprinto with minimal human intervention.
- Teams Enablement: Establish a continuous learning engine to upgrade the compliance expertise of the entire team — including Sales, Customer teams, Product, and Marketing — to help them sell more effectively and support customers during implementations.
- 5+ years of experience in Information Security and Compliance, covering various frameworks, Risk Assessment frameworks, and audits with top audit firms.
- Strong preference for prior experience in a software/SaaS company.
- The US market is Sprinto's fastest-growing segment. We need individuals who are comfortable working late hours and interacting with prospects and customers based in the US.
- Exceptional written communication, organizational, and presentation skills are crucial for this fully remote, cross-functional role.
- Eagerness to continuously learn and gain expertise in the domain of information security compliance.
- Experience in regulatory frameworks from India / US is preferred.
- Certifications: Security certifications such as CISSP, CISA, CCSP, Lead Implementer, etc., are preferred.
- Remote First Policy
- 5 Days Working With FLEXI Hours
- Group Medical Insurance (Parents, Spouse, Children)
- Group Accident Cover
- Company Sponsored Device
- Education Reimbursement Policy
Sprinto
Sprinto is a security compliance automation platform for fast-growing tech companies that want to move fast and win big.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.