Sr Security & compliance

Senior Security & Compliance Analyst

New Delhi, India

About ThrivePass.

Thrive

CARE values

• Courageous

  – We embrace new challenges and fresh ideas.

• Authentic

  – We show up as our true selves and value transparency.

• Resourceful

  – We find creative solutions and make things happen.

• Excellent

  – We hold ourselves accountable and take pride in our work.

At ThrivePass, performance isn’t just about hitting goals—it’s about how you show up. We invest in our employees’ growth and encourage bold thinking, collaboration, and continuous learning. Join us in shaping the future of employee benefits!

About the Role.

Senior Security & Compliance Analyst

Responsibilities.

Compliance & Risk Management

• Stay up to date with all relevant regulatory and compliance frameworks, including but not limited to SOC 2 Type II, GDPR, HIPAA, CCPA & PCI DSS.
• Ensure continuous compliance with all applicable frameworks through regular assessments, gap analysis, and remediation plans.
• Coordinate and prepare for third-party audits, penetration tests, and compliance assessments.
• Own and manage policy creation and documentation aligned with the latest standards and regulations.
• Lead Business Continuity and Disaster Recovery (BCDR) testing and facilitate regular security incident response simulations.
• Support and complete vendor security questionnaires using tools like

  Vanta AI

  , while supplementing with manual responses as needed.

Security Operations & Incident Response

• Lead root cause analysis, stakeholder coordination, and response for security incidents and events.
• Manage SIEM tools (e.g.,

  Azure Sentinel

  ) to ensure actionable logging, threat detection, and reporting.
• Conduct internal and external audits including vulnerability assessments and risk analysis to proactively identify threats.

Cross-Functional Collaboration

• Partner with engineering, product, IT, and legal teams to embed security best practices across all technical and operational workflows.
• Act as a strategic partner, ensuring compliance efforts are enabling—not blocking—business innovation.
• Champion security awareness across the company through training and enablement programs.

Reporting & Program Ownership

• Own and maintain KPIs to track and improve compliance and security performance.
• Drive projects from initiation to completion using strong project management methodologies.
• Make compliance approachable and easy to understand for all employees.

Requirements.

Must-Have:

• Proven experience in a dedicated security, compliance, or information security role.
• Deep knowledge of key compliance standards (SOC 2, GDPR, HIPAA, CCPA, PCI DSS).
• Hands-on experience with SIEM tools (preferably Azure Sentinel).
• Strong understanding of security incident management and root cause analysis.
• Experience running audits, coordinating penetration tests, and managing risk registers.
• Proficiency in drafting and maintaining security policies.
• Excellent verbal and written communication skills—comfortable interfacing with both technical and non-technical audiences.
• Demonstrated ability to work cross-functionally and drive security initiatives from start to finish.

Nice-to-Have:

• Familiarity with compliance automation platforms (e.g., Vanta) and security awareness training tools (e.g., KnowBe4).
• Understanding of AI/automation workflows to improve compliance processes.
• Experience leading or mentoring other team members.
• Industry certifications: CISSP, CISA, CISM, CRISC, or equivalent.
• Strong analytical skills and a continuous improvement mindset.

Why You’ll Love Working

• Work in a fast-paced, innovative environment where your contributions will directly impact operations and scalability.
• Collaborate with forward-thinking teams that value efficiency, creativity, and experimentation.
• Be at the forefront of AI and automation adoption, learning and working with the latest tools and technologies.
• A culture that values

  courageousness

  ,

  authenticity

  ,

  resourcefulness

  , and

  excellence

  (we don’t just say it—we live it).

• An inclusive and welcoming environment for all.

  ThrivePass is committed to fostering a workplace where everyone feels valued and respected. We do not and shall not discriminate based on race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status in any of our activities or operations.

Join Us!

If this role sounds like your next great adventure, we’d love to hear from you. Apply today and let’s build something amazing together! 🚀