Location IN-KA-Bengaluru

ID 2026-2944

Category

Information Technology

Position Type

Full-Time

About SymponyAI

At SymphonyAI, we are building the leading AI SaaS company for enterprise transformation across the most critical industry sectors. We provide focused AI applications designed to rapidly solve challenging business problems and deliver breakthrough insights, increasing operational efficiencies and growing revenue for customers.

Role Overview

SymphonyAI is seeking a Governance, Risk and Assurance Manager to play a key role in maturing our information security governance and assurance capabilities.

This is a transformational role. You will be accountable for running our SOC 2 and ISO/IEC 27001 compliance programs today, while driving a strategic shift toward continuous, risk‑based security assurance that provides leadership and customers with real confidence in our security posture.

The role focuses on assurance and control effectiveness, not control implementation. You will work closely with engineering, security operations, and product teams across a federated organisation, helping us scale securely without slowing innovation.

What You’ll Do

Assurance & Risk (Primary Focus)

• Build and operate an assurance‑led security governance model, aligned to SOC 2, ISO/IEC 27001, and industry best practice.
• Provide ongoing assurance that security controls are effective in practice, not just documented.
• Define and report on security risk and control effectiveness metrics for leadership and stakeholders.
• Own and maintain the information security risk management process, supporting informed, risk‑based decision‑making.

Compliance & Audit Delivery

• Own and run SymphonyAI’s SOC 2 and ISO/IEC 27001 programs, including audit planning, evidence management, auditor engagement, and remediation tracking.
• Ensure audits are delivered efficiently and predictably, with minimal disruption to delivery teams.
• Progressively reduce manual, audit‑specific evidence collection by leveraging assurance artefacts, metrics, and operational evidence.
• Support customer security reviews and due‑diligence requests with clear, consistent assurance narratives.

Collaboration & Influence

• Act as a trusted advisor to engineering, product, and divisional leadership teams.
• Promote a culture of transparency, learning, and continual improvement in security governance.
• Help evolve the organisation from audit‑driven compliance to continuous assurance.

What This Role Is Not

• Not a security engineering or operations role
• Not a policy‑only or audit‑administration role
• Not responsible for implementing technical controls

Independence from implementation is key to the credibility of the assurance function.

What We’re Looking For

Essential

• 7+ years’ experience in information security governance, risk, assurance, or compliance roles
• Strong working knowledge of SOC 2 and ISO/IEC 27001
• Experience running audits while improving underlying assurance maturity
• Ability to communicate security risk and assurance clearly to senior stakeholders
• Experience working in complex, multi‑team or federated environments

Desirable

• SaaS or cloud‑native security experience
• Familiarity with compliance automation or continuous assurance tooling
• Experience supporting customer security reviews and audits

Why Join Us

You’ll have the opportunity to:

• Shape how security assurance is delivered across a growing, global organisation
• Reduce audit fatigue by building sustainable assurance capabilities
• Influence security outcomes without owning day‑to‑day operations
• Play a visible role in strengthening customer and executive trust

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.

Share on your newsfeed