About Hevo:
Hevo (www.hevodata.com) is a simple, intuitive, and powerful No-code Data Pipeline platform that enables companies to consolidate data from multiple software for faster analytics.
Hevo powers data analytics for 2000+ data-driven companies across multiple industry verticals, including Cult.fit, Postman, ThoughtSpot, Jawa Motorcycles. By automating complex data integration tasks, Hevo allows data teams to focus on deriving groundbreaking insights and driving their businesses forward.
Hevo’s mission is simple but bold: Build technology from India, for the world that is simple to adopt and easy to access so that everyone can unlock the potential of data.
Based in San Francisco and Bangalore, Hevo has seen exponential growth since its inception. With total funding of $42 million from Sequoia India, Qualgro, and Chiratae Ventures, Hevo is now entering a new phase of hyper-growth.
Hevoites are a bunch of thoughtful, helpful problem solvers who are obsessed with making a difference in the lives of their customers, colleagues, and their own individual trajectory. If you are someone who is passionate about redefining the future of technology, then Hevo is the place for you.
About the Role
As a Senior Compliance Engineer at Hevo, you will be the primary owner of our security compliance posture — ensuring that Hevo's infrastructure, engineering practices, and internal processes meet the highest standards of regulatory and framework compliance. This is a unique, high-visibility role sitting at the intersection of security engineering and compliance, working closely with Engineering, Product, Legal, and Customer-facing teams. You will not only maintain and evolve Hevo's existing compliance certifications but also proactively build the systems and culture that make compliance a continuous, scalable practice rather than a point-in-time exercise.
What You Will Own
Compliance Program Ownership
Own and manage Hevo's compliance certifications end-to-end — including SOC 2 Type II, ISO 27001, GDPR, and any other applicable frameworks — across audit cycles, evidence collection, and remediation
Lead internal readiness assessments and gap analyses against compliance frameworks; define and drive remediation roadmaps in partnership with Engineering and Infrastructure teams
Serve as the primary point of contact for external auditors, certification bodies, and customer security review teams
Respond to customer security questionnaires, due diligence requests, and vendor assessments with accuracy and speed
Security Engineering & Controls
Design, implement, and continuously improve security controls across Hevo's cloud infrastructure, access management, data handling, and software development lifecycle (SDLC)
Collaborate with DevOps and Engineering teams to embed security and compliance requirements into CI/CD pipelines, infrastructure-as-code, and deployment practices
Conduct regular security risk assessments, vulnerability reviews, and internal audits — prioritizing findings and driving resolution within defined timelines
Define and enforce policies around data classification, access controls, encryption, logging, monitoring, and incident response
Policy & Governance
Develop, maintain, and operationalize security policies, standards, and procedures aligned with industry frameworks and Hevo's risk appetite
Build and run a compliance awareness and training program across the organization — making security and compliance a shared responsibility
Establish and maintain a continuous compliance monitoring framework using GRC tooling and automation where possible
Track and report on compliance metrics, audit findings, and risk posture to leadership on a regular cadence
Cross-Functional Collaboration
Partner with Product and Engineering to assess compliance implications of new features, integrations, and infrastructure changes early in the development cycle
Work with the Legal and Finance teams on contractual obligations, data pro…
Every tech & IT company hiring across India — with AI match scores — on one live map.
Open the map →