About this role
Sprinto is an AI-native GRC platform that helps organisations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, Sprinto combines scale with expertise to deliver trust and compliance. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve raised $31.8M in funding to fuel our mission. Trusted by leading organisations including Whatfix, Anaconda, Ultrahuman, WeWork, AI Foundation, and HackerRank, Sprinto supports 300+ integrations and 200+ global security standards, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS.Founded in 2020 by second-time entrepreneurs Girish Redekar and Raghuveer Kancherla, Sprinto is recognised as a Leader on G2 in Compliance Automation and has been named a LinkedIn Top Startup multiple years in a row.
Sprint with Sprinters: At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment. Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined
The Role: Sprinto is building a Managed Services wing that will evolve from framework digitisation into a broader services portfolio, including implementation consulting, risk & privacy assessments, policy reviews, internal audits, and security assurance programs. This leader will build the function from the ground up with strong governance, repeatability, and commercial accountability.
Build the function • Create delivery operating model: intake, scoping, SOWs, QA, SLAs, change control, and reporting. • Build reusable IP: templates, playbooks, mapping libraries, workshop agendas, and QA rubrics. • Hire and lead a team of specialists; build service-line pods over time. Deliver and scale service lines (phased) • Phase 1: framework digitisation & control/check mapping inside Sprinto. • Phase 2: packaged services for risk assessment, privacy (DPIA), policy review, internal audits, and audit readiness support. • Phase 3: scale into security assurance programs and partner-led offerings (e.g., VAPT program management, vendor governance, QA, and customer outcomes). Own commercial outcomes • Define service packaging and pricing models (fixed-fee tiers, retainer options where relevant). • Own utilization, margins, capacity planning, delivery forecasting, and predictable throughput. • Partner with Sales/SE/CS to attach services appropriately and improve enterprise deal conversion + retention. AI-enabled service productisation • Create “AI-assisted playbooks” for repeatable services (DPIA, risk assessment, policy review, internal audit checklists). • Build structured input forms/checklists that juniors can fill out, enabling consistent output. • Define QA guardrails (mandatory source inputs, validation steps, human approval gates). • Maintain an internal library of prompts/templates and continuously improve them based on audit/customer feedback. Ensure quality and manage risk • Establish acceptance criteria and review mechanisms for deliverables. • Define boundaries and disclaimers to avoid uncontrolled liability. • Build partner qualification standards and a QA framework for third-party-delivered services.
Experience • 3–6+ years in GRC/security consulting, audit/advisory, or building managed compliance programs. • Demonstrated experience building/scaling a services practice or delivery org (0→1 to repeatable). • Strong experience with enterprise customers and multi-stakeholder delivery. Domain mastery • ISO 27001, SOC 2, GDPR; strong risk assessment experience. • Privacy assessments (DPIA) hands-on. • Comfort with complex frameworks like FedRamp, HITRUST, NIST family and regional regulations Proficiency in building AI-enabled workflows • Demonstrated ability to use AI tools (e.g., ChatGPT-style workflows) to reduce manual effort and standardize deliverables. • Ability to translate domain expertise into reusable templates and guided systems. • Strong judgment around accuracy, confidentiality, and review requirements. Operator strengths • Ability to productize services (packages, deliverables, QA, SLAs). • Strong commercial ownership: pricing, margins, capacity planning. • Excellent written communication and workshop leadership. • Strong decision-making in ambiguity, without scope creep. Preferred • Prior leadership of multi-service GRC offerings (risk, privacy, internal audits, readiness). • Experience in auditing and implementing GRC frameworks • Certifications (good to have): ISO 27001 LA/LI, CISA, CISM, CISSP or PCI QSA. Success metrics • Services revenue growth trajectory toward the long-term contribution target. • Delivery cycle time, rework rate, QA pass rate, customer satisfaction. • Utilisation and gross margin improvement via reuse and standardisation. • Attach rate (services + product), deal unblock impact, retention uplift.
• Work wherever you are: We’re 100% remote, so you get to choose if you want to work from home, cafe, hills or beaches. • Co-working on the house: If co-working is your jam, we offer a generous annual allowance of up to INR 14,000* for social working. • We care about your learning: We are invested in seeing you grow, and commit USD 1000 annually to help you level up your skills. • We count your spark, not your leaves: We care about you not just as an employee, but as a person. So if you need a reset, make use of Unlimited leaves. • Your Safety Net, Woven in: We take care of the what-ifs. From health insurance with coverage up to INR 10 lakh for you and your family, to accident protection of an additional INR 10 lakh, and life insurance worth 3× your annual salary, our benefits wrap you and your family in protection so you can focus on thriving. • Workspace setup of your dreams: Work from anywhere, and if that’s home, we’ll chip in INR 35,000 to help you create a space that’s as effortless as your workflow. CX_POD
Sprint with Sprinters: At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment. Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined
The Role: Sprinto is building a Managed Services wing that will evolve from framework digitisation into a broader services portfolio, including implementation consulting, risk & privacy assessments, policy reviews, internal audits, and security assurance programs. This leader will build the function from the ground up with strong governance, repeatability, and commercial accountability.
Build the function • Create delivery operating model: intake, scoping, SOWs, QA, SLAs, change control, and reporting. • Build reusable IP: templates, playbooks, mapping libraries, workshop agendas, and QA rubrics. • Hire and lead a team of specialists; build service-line pods over time. Deliver and scale service lines (phased) • Phase 1: framework digitisation & control/check mapping inside Sprinto. • Phase 2: packaged services for risk assessment, privacy (DPIA), policy review, internal audits, and audit readiness support. • Phase 3: scale into security assurance programs and partner-led offerings (e.g., VAPT program management, vendor governance, QA, and customer outcomes). Own commercial outcomes • Define service packaging and pricing models (fixed-fee tiers, retainer options where relevant). • Own utilization, margins, capacity planning, delivery forecasting, and predictable throughput. • Partner with Sales/SE/CS to attach services appropriately and improve enterprise deal conversion + retention. AI-enabled service productisation • Create “AI-assisted playbooks” for repeatable services (DPIA, risk assessment, policy review, internal audit checklists). • Build structured input forms/checklists that juniors can fill out, enabling consistent output. • Define QA guardrails (mandatory source inputs, validation steps, human approval gates). • Maintain an internal library of prompts/templates and continuously improve them based on audit/customer feedback. Ensure quality and manage risk • Establish acceptance criteria and review mechanisms for deliverables. • Define boundaries and disclaimers to avoid uncontrolled liability. • Build partner qualification standards and a QA framework for third-party-delivered services.
Experience • 3–6+ years in GRC/security consulting, audit/advisory, or building managed compliance programs. • Demonstrated experience building/scaling a services practice or delivery org (0→1 to repeatable). • Strong experience with enterprise customers and multi-stakeholder delivery. Domain mastery • ISO 27001, SOC 2, GDPR; strong risk assessment experience. • Privacy assessments (DPIA) hands-on. • Comfort with complex frameworks like FedRamp, HITRUST, NIST family and regional regulations Proficiency in building AI-enabled workflows • Demonstrated ability to use AI tools (e.g., ChatGPT-style workflows) to reduce manual effort and standardize deliverables. • Ability to translate domain expertise into reusable templates and guided systems. • Strong judgment around accuracy, confidentiality, and review requirements. Operator strengths • Ability to productize services (packages, deliverables, QA, SLAs). • Strong commercial ownership: pricing, margins, capacity planning. • Excellent written communication and workshop leadership. • Strong decision-making in ambiguity, without scope creep. Preferred • Prior leadership of multi-service GRC offerings (risk, privacy, internal audits, readiness). • Experience in auditing and implementing GRC frameworks • Certifications (good to have): ISO 27001 LA/LI, CISA, CISM, CISSP or PCI QSA. Success metrics • Services revenue growth trajectory toward the long-term contribution target. • Delivery cycle time, rework rate, QA pass rate, customer satisfaction. • Utilisation and gross margin improvement via reuse and standardisation. • Attach rate (services + product), deal unblock impact, retention uplift.
• Work wherever you are: We’re 100% remote, so you get to choose if you want to work from home, cafe, hills or beaches. • Co-working on the house: If co-working is your jam, we offer a generous annual allowance of up to INR 14,000* for social working. • We care about your learning: We are invested in seeing you grow, and commit USD 1000 annually to help you level up your skills. • We count your spark, not your leaves: We care about you not just as an employee, but as a person. So if you need a reset, make use of Unlimited leaves. • Your Safety Net, Woven in: We take care of the what-ifs. From health insurance with coverage up to INR 10 lakh for you and your family, to accident protection of an additional INR 10 lakh, and life insurance worth 3× your annual salary, our benefits wrap you and your family in protection so you can focus on thriving. • Workspace setup of your dreams: Work from anywhere, and if that’s home, we’ll chip in INR 35,000 to help you create a space that’s as effortless as your workflow. CX_POD
About Sprinto
Sprinto is hiring for the senior consultant: trust assurance role. NewJob aggregates active openings directly from Sprinto's applicant tracking system, so this listing is current.
More jobs at Sprinto →