Zeta

Corporate Risk and Compliance - Associate II

Zeta  •  Bengaluru, IN (Hybrid)  •  22 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

About us:
Build the future of banking.

Zeta is a next-generation banking technology company providing cloud-native, fully stackable processing and core banking platforms for issuers. With a focus on scalability, compliance, and innovation, Zeta empowers financial institutions to modernize their technology infrastructure and deliver secure, seamless digital banking experiences.
Our impact runs at real-world scale. Today, over 25 million cards are live on Zeta-powered platforms across 7 countries, supported by a passionate team of 1,700+ Zetanauts across India, the US, EMEA, and Asia. Backed by SoftBank Vision Fund, Mastercard, and other reputed strategic investors, we reached a valuation of $2 billion in 2025.
Our focus is on establishing product lines that focus on key outcomes by addressing real customer pain points, modernizing legacy systems, and strengthening core fundamentals. As a result, our systems and platforms support a wide range of banking and payments capabilities, including:
1. Tachyon, our cloud-native banking stack built for population-scale systems
2. Cipher, our unified authentication platform for secure, high-volume banking environments
3. Digital Credit as a Service, enabling banks to launch credit lines on UPI
4. Elena, our intelligent and conversational AI platform for banking
5. Pixel, India’s first digital-native credit card, launched in partnership with HDFC Bank, for whom we also revamped their PayZapp mobile app: Winner of the Celent Model Bank Award for Payments Innovation 2024
6. Sparrow, the leading card experience for non-prime cardholders in the US
…and more across cards, payments, lending, and core banking.
We are an engineering-first organization that values ownership, bias for action, and long-term thinking. Together, we solve some of the hardest problems in banking tech. Our culture is built around trust, collaboration, and creating the conditions for you to drive impact proportionate to your potential. Reinforcing our commitment to creating an inclusive and supportive workplace, we have been consistently recognized as a Great Place to Work
If you want to build cutting-edge banking tech that enables banks to serve millions reliably, securely, and at a population scale, Zeta is your playground.
If you would like to learn more about how we have grown and evolved over the years, watch our journey here You can also explore our website and follow us on LinkedIn, Instagram, YouTube, and X

About the Role:
We are seeking a highly capable Level 2 Information Security professional who effectively bridges the gap between hands-on technical operations and governance. This role demands a unique combination of technical expertise across endpoint, network, and email security systems, paired with a Governance, Risk, and Compliance ( GRC) mindset.

Beyond managing technical controls, the ideal candidate must be an exceptional communicator capable of collaborating across diverse internal teams, managing security risk exceptions, and meticulously tracking open compliance and remediation items to closure.

Responsibilities:

  • Endpoint & Identity Security: Assess and regulate/optimize Microsoft Entra ID (Conditional Access, Identity Protection) and Intune MDMMAM to manage configuration and compliance profiles for both Windows and macOS environments. Investigate security timelines using Microsoft Defender for Endpoint.
  • Network Security: Assess, monitor, regulate and audit perimeter and infrastructure security controls across a multi-vendor environment, including Next-Gen Firewalls (Fortinet/SonicWall/Check Point/Cisco) and enterprise wireless architectures (Aruba Wi-Fi).
  • Email Security & Gateway Security: Assess, monitor, regulate and audit enterprise email security gateways and protection suites (e.g., Defender for MS365,). Manage anti-phishing, anti-spam, and safe attachments policies, and maintain foundational authentication protocols including SPF, DKIM, and DMARC
  • Data Protection & DLP Tune and monitor Endpoint and Network Data Loss Prevention ( DLP) policies, analyzing data flows to prevent unauthorized exposure of proprietary or regulated data.
  • Cloud Security Governance: Govern and enforce security best practices across AWS and Azure. Monitor security posture ( CSPM), audit IAM configurations, and secure cloud storage.
  • GRC Alignment & Audit Support: Map everyday technical configurations to ISO 27001 and PCI-DSS controls. Systematically gather and organize log/configuration evidence for internal and external auditors.
  • R&C Business Support: Act as the Risk & Compliance guardian for the business; review, evaluate, and respond to incoming IT tickets, change requests, and end-user security queries to ensure no unauthorized risks are introduced.
  • Cross-Functional Collaboration: Act as the security bridge to Helpdesk, Infrastructure, DevOps, and Business teams. Translate technical risks into clear, actionable business language to drive fixes.
  • Action Item Tracking: Meticulously track open vulnerabilities, audit gaps, and risk exceptions. Own the follow-up lifecycle to ensure internal teams resolve items within agreed SLAs.

Skills:

    • Microsoft Stack: Strong understanding of M365 product/security suites, Intune deployments, and hybrid identity environments.

      • Networking & Perimeter Security: Strong understanding of networking technologies, network security, enterprise firewalls, and secure perimeter controls.

        • Email Protocols & Infrastructure: Strong working knowledge of email security infrastructure, mail routing, and authentication standards ( SPF, DKIM, DMARC).

          • Multi-OS Mastery: Solid understanding of different operating systems, including enterprise management of Windows, Linux, and macOS environments.

            • Automation & Scripting: Strong understanding of developing and reviewing technical scripts using common languages (e.g., Bash/Shell, Python) to analyze logs or automate checks.

              • Compliance Automation: Experience automating and templating security processes, metrics, and documentation for strict compliance purposes.

                • Cloud Infrastructure: Solid understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud platform (AWS or Azure).

                  • Security Fundamentals: Comprehensive understanding and hands-on for Vulnerability Assessments, Penetration Testing concepts, Identity & Access Management (IAM), and Endpoint Security.

                    • Frameworks & Process: Practical understanding of IT security frameworks, controls, and auditing processes—including CIS, NIST, PCI-DSS, and SOC 1/2.

                      • Documentation & Audit Support: Ability to author clear Standard Operating Procedures (SOPs) and systematically manage compliance evidence collection.

                        • Emerging Tech & AI: Basic understanding of AI tools and technologies, including their safe implementation and associated risk factors.

Experience and Qualifications:

  • 3+ years of experience in Information Security, Risk & Compliance, Endpoint Security, Network Security or Technical GRC role.
  • Bachelor of Technology (BE/ B.Tech) in Computer Science or equivalent.

  • Certifications (At least one of the following or equivalent is required):

  • Identity & Cloud Security: Microsoft Certified Associate (SC-200, SC-300, or SC-900).
  • Security Fundamentals: ISC² CC (Certified in Cybersecurity), CompTIA Security+ or CEH (Certified Ethical Hacker).
  • Network Security: CCNA (Cisco), Certified Security Associate (Cisco/Check Point), NSE 4 (Fortinet), or JNCIA (Juniper).
Zeta is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all backgrounds, cultures, and communities to apply and believe that a diverse workforce is key to our success.
Zeta

About Zeta

Headquartered in San Francisco, California, Zeta was named by Celent in 2023 as being among the likeliest partners for US banks and credit unions looking to modernize to a next-gen issuer processing platform. With our marquee credit card ranked #2 by American cardholders, Zeta is already acknowledged by leading issuers as the go-to platform for market-leading credit card experiences.

Globally, Zeta is recognized as a next-gen banking technology company. Our platform enables financial institutions to launch extensible and compliant banking asset and liability products, across cards, loans and deposits, rapidly. Our cloud-native and fully API-enabled stack supports processing, issuing, lending, core banking, fraud, loyalty, digital banking apps, and many other capabilities.

Zeta has 1700+ employees with over 70% in technology roles across locations in the US, Middle East, and Asia, with regional headquarters in Mumbai, India. Globally, customers have issued 25M+ cards on our platform. Visit us at www.zeta.tech or follow us on LinkedIn, YouTube, and X.

Industry
IT & Software
Company Size
1,001-5,000 employees
Headquarters
San Francisco, California
Year Founded
2015
Website
zeta.tech
Social Media