Senior Security Analyst – GRC

Job Description

Company: EpiFi Technologies Pvt. Ltd
Location: Bangalore, Karnataka, India
Job Type: Full-Time
Experience: 4 – 7 Years
Education: Bachelor’s degree in Computer Science, Information Security, Risk
Management, or equivalent experience
Expected Salary: ₹12 – ₹20 Lakhs per year
Job Category: Information Technology, Accounting and Finance
Website: visit website
Contact: Contact us

……………………………………..

About Fi Money:

Fi is a next-generation fintech startup that helps digital natives demystify their finances—
consolidating all bank accounts, credit cards, investments, and loans into one secure,
intuitive hub. Backed by leading VCs, we blend deep-tech innovation with user-centric
product design to impact millions of lives.

……………………………………..

About the Role:

As a Senior Security Analyst in Governance, Risk, and Compliance (GRC), you will own
Fi’s compliance with industry standards (ISO 27001, PCI DSS) and regulatory guidelines
(RBI, NPCI, SEBI). You’ll lead audit planning, risk assessments, policy development, and
control implementation—fostering a security-first culture across the organization.

……………………………………..

Key Responsibilities:

→ Audit Management: Plan, execute, and coordinate internal and external audits;
maintain audit evidence for certification.
→ Policy & Procedure: Develop, review, and update InfoSec policies and
procedures in line with ISO 27001, PCI DSS, and RBI guidelines.
→ Risk Assessment: Conduct risk and control assessments across IT systems;
maintain and report from the IT Risk Register.
→ Compliance Monitoring: Track remediation of control gaps; ensure ongoing
alignment with applicable laws, regulations, and frameworks.
→ Third-Party Due Diligence: Support vendor risk assessments and third-party
compliance programs.
→ Training & Awareness: Educate teams on security best practices, compliance
requirements, and process updates.
→ Reporting: Prepare and present compliance status, risk metrics, and audit
findings to senior management.

………………………………

Requirements:

→ 4 – 7 years of experience in information security, risk management, or IT audit,
preferably in fintech or banking.
→ Strong knowledge of security frameworks and standards (ISO 27001, PCI DSS,
NIST).
→ Familiarity with Indian financial regulations and RBI guidelines is a plus.
→ Professional certification preferred (CISM, CISSP, CISA).
→ Excellent analytical, documentation, and communication skills.
→ Ability to work independently, prioritize tasks, and drive compliance initiatives
end-to-end.

……………………………………………