Senior Lead - Compliance

Job Title - Senior Lead - Compliance

Location - Bangalore

Work Mode - Hybrid (3x in office)

About the Role:

We are seeking a highly skilled and experienced Senior Compliance Analyst / Compliance Lead to join our Governance, Risk, and Compliance (GRC) team. In this role, you will be responsible for driving regulatory compliance, risk management, and internal governance programs across Aurigos SaaS products and business operations. You will play a pivotal role in maintaining and advancing Aurigos ISO 27001 (Information Security Management System) certification and driving our ISO 42001 (AI Management System) compliance journey as Aurigo expands its AI-powered capabilities within Masterworks.

The ideal candidate will possess deep expertise in global compliance frameworks such as ISO 27001, ISO 42001, CMMC (Level 2& 3), FedRAMP, GovRAMP, SOC 2, and NIST standards, while also serving as a strategic advisor to cross functional teams to maintain secure, compliant, and audit-ready environments across Aurigos cloud infrastructure (AWS) and product ecosystem.

Key Responsibilities:

• Lead Aurigos end‑to‑end compliance programs across ISO 27001, ISO 42001, SOC 2 Type II, FedRAMP/GovRAMP, CMMC (L2/L3), and NIST, including certifications, surveillance audits, and recertifications.
• Own and continuously improve the GRC program, covering risk assessments, internal audits, control monitoring, remediation tracking, and compliance reporting.
• Act as the primary liaison for auditors, assessors, and regulators, managing certification readiness, evidence, and audit execution.
• Partner with Product, Engineering, Security, Privacy, and Legal teams to embed compliance into the SaaS product lifecycle and SDLC, ensuring alignment with cloud (AWS) and multi‑tenant architecture requirements.Lead Aurigos ISO 42001 (AI Management System) initiative, defining AI governance, risk assessment, data governance, bias monitoring, transparency, and responsible AI controls.
• Build a unified compliance control framework by mapping and harmonizing controls across multiple standards (ISO 27001, ISO 42001, SOC 2, FedRAMP, CMMC) to reduce audit duplication and improve operational efficiency.

• Bachelors or Masters degree in Computer Science, Business, or related field.
• 7+ years of experience in compliance, risk, and security governance functions, ideally within a SaaS or cloud-first company.
• Proven expertise in implementing and managing controls for ISO 27001, ISO 42001, CMMC Level 2/3, FedRAMP, GovRAMP, SOC 2, and related frameworks.
• Experience in Risk Management, ITIL Process and Service operations
• Strong experience with GRC platforms and tools for risk and compliance program management.
• Strong communication skills with the ability to influence stakeholders across technical and business teams.

About Aurigo:

Aurigo is an AI‑native capital program management platform trusted by over 300 customers managing more than $300 billion in capital programs across North America. With over 40,000 projects delivered, Aurigo helps organisations in transportation, water and utilities, healthcare, higher education, and government plan, build, and manage infrastructure with confidence. Recognised as one of the Top 25 AI Companies of 2024 and a Great Place to Work for three consecutive years, we leverage artificial intelligence to create smarter, more connected outcomes. At Aurigo, we dont just build software—we help shape the future of infrastructure.