See all the jobs at Exotel Techcom Pvt Ltd here:
| Full-time
About Us:
Exotel is the emerging market’s leading full-stack customer engagement platform and business-focused virtual telecom operator. Incorporated in 2011, Exotel’s cloud-based product suite powers 50 million daily engagements across voice, video and messaging channels. Exotel powers unified customer engagement to over 6000 companies in 60+ countries, including India, SE Asia, the Middle East, and Africa.
Today, some of the fastest-growing companies in the emerging markets (Ola, Swiggy, Flipkart, GoJek, Byju’s, Urban Company, HDFC Bank, Zomato, Oyo, etc.) manage their customer engagement with Exotel’s suite of a communication API, Ameyo’s omnichannel contact centre (merger), and Cogno AI‘s conversational AI platform (acquisition) over the cloud. We are a $100 million Series D funded company with $60 million in ARR.
Role Overview
We are seeking an experienced Information Security Consultant – GRC to strengthen our information security posture and ensure compliance with regulatory and client requirements. The role involves handling client RFPs and audits, collaborating with cross-functional teams, and conducting ITGC control testing to maintain security assurance and trust with clients.
Key Responsibilities
-
Lead and manage client RFPs, security due diligence, and vendor assessments, ensuring accurate and timely responses.
-
Coordinate and support client security audits, including evidence collection, remediation tracking, and closure.
-
Collaborate with Sales, Infrastructure, Engineering, and Operations teams to align client commitments with internal controls.
-
Perform IT General Controls (ITGC) testing, risk assessments, and gap analysis across systems and processes.
-
Maintain and update ISMS policies, SOPs, and compliance documentation in line with ISO 27001, SOC 2, RBI, and DPDP requirements.
-
Track, monitor, and report GRC metrics, risks, and control effectiveness to leadership.
-
Support internal and external audits, ensuring timely remediation of identified issues.
-
Drive awareness and training programs to strengthen compliance culture across teams.
Key Skills & Competencies
-
Strong understanding of ITGC controls, risk management, and compliance frameworks (ISO 27001, SOC 2, RBI, GDPR/DPDP).
-
Experience handling client-facing RFPs, due diligence, and security audits.
-
Ability to collaborate effectively with Sales, Infra, and technical teams.
-
Excellent documentation, stakeholder communication, and presentation skills.
-
Strong analytical mindset with the ability to identify risks and recommend mitigation.
Qualifications & Experience
-
Bachelor’s degree in Computer Science, Information Security, or related field.
-
4–8 years of experience in Information Security GRC or related roles.
- Hands-on experience with Burpsuite, Nexus, Sonarqube or any other similar tool.
-
Hands-on knowledge of ITGC testing and audit processes.
-
Relevant certifications preferred: CISA, ISO 27001 LA/LI, CISSP (preferred), or equivalent.