Risk & Compliance Analyst

Plivo is a leading technology company transforming customer engagement for some of the world’s largest B2C brands, including Uber, WhatsApp, and Zomato. Our new product - the AI agents platform, automates the entire customer lifecycle—from acquiring, engaging, and supporting customers—through cutting-edge multimodal AI, including LLMs, text-to-speech, and speech detection.With a 150+ member engineering team based entirely in India, we are building high-impact global products that handle over 1 billion API requests per month. If you are excited about solving hard, real-world AI challenges at scale, this is where you belong. 🚀
The Risk and Compliance Analyst is pivotal in ensuring that Plivo remains compliant with various international standards, including but not limited to SOC2, PCI, HIPAA, GDPR, CPRA, and the Data Privacy Framework. This role involves not only identifying risks but also proposing solutions and ensuring that IT controls are effective and robust. The individual in this role will serve as the primary touchpoint for internal stakeholders, offering support and guidance around IT policies, risk, and compliance. This role also encompasses the creation and refinement of policies and procedures to ensure ongoing compliance. With the rapid evolution of technology, it's imperative that our Analyst possesses a deep understanding of the intricacies and unique challenges that come with ensuring compliance for API and SaaS-based solutions.

Roles & Responsibilities :

• Risk Assessment: Conduct regular risk assessments to identify potential threats and vulnerabilities to Plivo's data and systems.
• Compliance Monitoring: Ensure that Plivo remains compliant with all relevant standards and regulations, including SOC2, PCI, ISO 27001, HIPAA, GDPR, CPRA, and the Data Privacy Framework.
• Policy Development: Draft, review, and update IT policies and procedures to ensure they are current and compliant with all relevant standards.
• Stakeholder Engagement: Serve as the primary point of contact for internal stakeholders on all matters related to IT risk and compliance.
• Training & Awareness: Develop and deliver training programs to ensure that all employees are aware of and adhere to compliance requirements.
• Incident Management: Respond to and manage any compliance breaches or incidents, ensuring they are resolved promptly and lessons are learned.
• Audit Support: Assist in internal and external audits, ensuring that all necessary documentation is available and any findings are addressed promptly.
• Continuous Improvement: Stay updated with changes in compliance standards and regulations, ensuring that Plivo's policies and procedures are always up-to-date.
• Vendor Assessment: Evaluate and assess third-party vendors for compliance with Plivo's standards and requirements.
• Reporting: Regularly report on the status of IT risk and compliance to senior management, highlighting any areas of concern.

Skills Required :

• Experience: At least 6+ years in compliance management, preferably aligned with control framework best practices and risk management.
• Essential Compliance Knowledge: A deep understanding of at least one of the following compliance frameworks: SOC2, PCI, ISO 27001, HIPAA, GDPR, CPRA, and the Data Privacy Framework.
• Certifications: Possession of PCI DSS, ISO 27001, CISA or CISM certification is highly desirable.
• Cloud Proficiency: Familiarity with AWS cloud environments and their associated security and compliance challenges.
• Analytical Skills: Ability to analyze complex data and systems to identify potential risks.
• Communication Skills: Strong written and verbal communication skills, with the ability to explain complex compliance issues to non-technical stakeholders.
• Stakeholder Management: Ability to work with and influence stakeholders at all levels within the organization.
• Attention to Detail: Ensuring that all compliance documentation is accurate and up-to-date.
• Problem-Solving: Ability to identify potential risks and develop effective solutions. Task Management: Ability to prioritize and execute tasks efficiently. Proficiency in handling multiple tasks simultaneously.
• SaaS Environment Adaptability: Ability to work effectively in a fast-paced SaaS environment.
• Continuous Learning: A commitment to staying updated with the latest developments in information security risk and compliance.
• Teamwork: Ability to work effectively as part of a team, as well as independently.

What We Offer :

• Competitive compensation and benefits package.
• A dynamic, fast-paced work environment at a leading global communications platform.
• Opportunities for professional growth and development.
• A collaborative, people-centric culture with a focus on innovation and continuous learning.