Associate Compliance Manager

About the Team The compliance team at Meesho is like the Avengers to Meesho's S.H.I.E.L.D. As Engineering Manager, you’ll lead our team to make our systems safer. After all, when 5% of Indian households shop with us, it’s important to build resilient systems to manage millions of orders every day. We’ve done this – with zero downtime! 😎 Sounds impossible? Well, that’s the kind of Engineering muscle that has helped Meesho become the e-commerce giant that it is today. We value speed over perfection, and see failures as opportunities to become better. We’ve taken steps to inculcate a strong ‘Founder’s Mindset’ across our engineering teams, making us grow and move fast.We place special emphasis on the continuous growth of each team member - and we do this with regular 1-1s and open communication. As a Cloud Security Engineer, you will be part of self-starters who thrive on teamwork and constructive feedback. We know how to party as hard as we work! If we aren’t building unparalleled tech solutions, you can find us debating the plot points of our favourite books and games – or even gossipping over chai. So, if a day filled with building impactful solutions with a fun team sounds appealing to you, join us.About the Role As Associate Compliance Manager, to join our team, you’ll drive security policies, procedures and assess risks in Meesho’s internal and external environments (including third parties). You’ll handle the audit and compliance of various security standards within the organisation. You’ll implement and ensure adherence to security policies and procedures.As part of the Security Compliance team, you’ll own and be accountable for the overall Information Security framework and program of the organisation.

What you will do

• Lead and own security compliance and certification charter end to end
• Define, rollout and enforce Information security policies and procedures
• Define and enforce data privacy and data protection compliances/laws/regulations such as Indian DPDP, etc. 
• Work with 3rd party vendors to ensure third party security
• Ensure compliance with IT Act, e-Commerce guidelines pertaining to cryptography, information security and data privacy
• Ensure timely information security awareness to the users
• Be responsible for information security risk management and privacy impact assessments
• Be responsible for ensuring adequate data protection agreements and information security agreements
• Participate in compliance programs, review company policies, and advise management on possible risks
• Coordinate internal and external audit-related activities
• Follow up with internal stakeholders to gather the necessary evidence to be presented during audits
• Develop, implement and maintain internal audit policies and procedures in accordance with local regulations, legal requirements, ISO 27001, SOC 2 and any other standard that the company opts to follow
• Audit and monitor data, systems, and processes for compliance with policies and laws
• Contribute to planning and executing information security awareness programs
• Prepare for and participate in process-led internal, external and vendor audits, at planned intervals
• Provide suitable reporting on whether the management systems conform to agreed standards such as ISO 27001 or SOC 2 as applicable
• Plan and complete ad-hoc audits as required (Vendor Audits)Produce reports for all audits undertaken

What you will need

• Educational Qualification: Bachelor's/Master's degree in Computer Science or a related technical field
• 4-7 years of experience working in information security or compliance
• Prior experience in the Startup industry and knowledge of the regulatory compliances like PCI DSS, ISO 27001 Lead Auditor Lead Implementer, Vendor Review is required
• Hands-on approach in solving complex security problems
• Experience with Cyber Security & Risk Management frameworks like ISO27001, NIST, Cyber Kill Chain, MITRE ATT&CK, or other relevant frameworks
• Working knowledge of Cloud environments like AWS & GCP , is beneficial
• Experience in implementing information security standards across the org
• Good understanding of the compliance standards and lifecycle
• Excellent stakeholder management and project planning skills required
• Excellent verbal and written communication skills and good analytical skills Certifications such as ISO, CISM, CISSP, CISA, CCSP, etc., are a plus

About MeeshoMeet Meesho - India’s only true e-commerce marketplace.Welcome to Meesho, where every story begins with a spark of inspiration and a dash of entrepreneurial spirit. We're not just a platform; we're your partner in turning dreams into realities.Meesho (Meri shop) started with a single idea in mind - to be an e-commerce destination for the next billion Indian consumers and enable 100 million small businesses to succeed online. Meesho is democratizing internet commerce in India. The company provides sellers with a range of industry-first benefits such as zero commission and the lowest shipping cost. Over 1.4 million sellers are registered on Meesho, growing their business by tapping the company’s massive customer base, state-of-the-art tech infrastructure, pan-India logistics at the lowest cost through third-party logistics providers in an 'Everyday Lowest Cost' channel for sellers.Meesho has been a catalyst for over individual entrepreneurs, propelling them into an online business with zero initial investment. What sets us apart is our revolutionary 0% commission model for sellers, a pioneering concept in the Indian e-commerce landscape. Our vision extends beyond being a platform; we aspire to be the e-commerce destination for Bharat—a testament to our dedication to inclusivity and accessibility.Meesho milestone:Our journey is marked by significant milestones, including a valuation of $4.9 billion and the unwavering support of renowned investors such as Sequoia Capital, Softbank, Fidelity, Prosus Ventures, Facebook, and Elevation Capital. Meesho proudly found its place in Y Combinator’s 2021 Top Companies List and was the sole Indian startup featured in Fast Company’s The World’s 50 Most Innovative Companies in 2020. In 2021, we claimed the 6th spot in Linkedin’s Top Startups List. 9 crore orders  every month~13 Lakh seller on the platform 75% of user from Tier 2+ cities of India 3.6 cr monthly  and 14 cr Annual  transiting users12+ Cr product listings on Meesho A new product uploaded every secondBut beyond the numbers and accolades, our true strength lies in our people. At Meesho, we champion a people-first culture with gender-neutral and inclusive policies. Discover opportunities to be part of our dynamic team at meesho.careers.Join us on this exhilarating journey, where innovation meets inclusivity, and every entrepreneur's dream finds a home. Explore more about our story and vision through our insightful blogs!Our mission:Democratising e-commerce for Bharat.Meesho is focused on building and making e-commerce accessible for the next billion users. Affordable, relatable merchandise mirroring local markets has helped us make inroads with first-time internet users in the country. With ~80% of Meesho’s 140 million annual transacting customers coming from Tier 2+ cities and towns, the company has been instrumental in bringing new-to-e-commerce users online. Meesho has made e-Commerce more accessible, affordable and engaging for a unique and underserved ‘non-affluent’ user segment. With a strong value proposition of Everyday Lowest Prices, the platform hosts one of the largest selection of quality products at affordable pricesOur purpose:Har Indian ka APNA MARKETOur founders:Vidit Aatrey : Co-Founder and CEOSanjeev Barnwal : Co-Founder and CTOmeesho.ioMeesho Blogs | One Of The Best Tech Blogs In IndiaLearn about Meesho culture, news and what goes on in building the fastest growing e-commerce app in India.