Underpaidby HiringX
← All Jobs

Security & Compliance Lead

Ema

India - BengaluruEngineering8+ yrs

About the role

ABOUT EMA

Ema is building the world’s leading Agentic AI platform to transform enterprise productivity. We enable organizations to delegate repetitive tasks to Ema, the Universal AI Employee, delivering 10x gains in workforce efficiency, across functions. Founded by former executives from Google, Coinbase, Flipkart, and Okta, our team includes engineers from premier tech companies and graduates of Stanford, MIT, UC Berkeley, CMU, and IITs.

We are backed by industry leading investors including Accel, Naspers/Prosus, Section32, and angels like Sheryl Sandberg and Dustin Moskovitz. Headquartered in Silicon Valley and with offices in London, Bangalore and Vancouver and Bangalore, Ema is at the frontier of what Agentic AI can do in production — we ship real systems that run real business processes at scale.

THE ROLE

We are looking for a Security & Compliance Lead to own Ema's entire security and compliance posture — both internal and customer-facing. This is a critical, high-visibility role that sits at the intersection of enterprise compliance, cloud infrastructure security, and the rapidly evolving landscape of AI/ML-driven development.

You will report directly to the Head of Engineering and serve as the single point of accountability for how Ema secures its platform, earns customer trust, and stays ahead of regulatory requirements in the agentic AI space. You will work closely with our Infrastructure team, Product Engineering, and directly with the InfoSec teams, CISOs, and compliance officers of our global enterprise clients.

WHAT YOU WILL DO

COMPLIANCE & REGULATORY LEADERSHIP

- Serve as the primary point of contact for customer InfoSec teams and CISOs during security reviews, vendor assessments, and due diligence cycles.

- Have high ownership in building and maintaining the security posture of the organization. Play a critical role in hiring and mentoring folks.

- Own and drive SOC 2 Type II, PCI DSS, FedRAMP, ISO 27001/27701/27017/42001, DORA and UK Cyber Essentials Plus, HIPAA and GDPR compliance programs end-to-end — from gap analysis through audit readiness and certification maintenance.

- Build and maintain Ema's compliance documentation, evidence repositories, and control frameworks. Keep our Trust Center (trust.ema.ai http://trust.ema.ai) current and credible.

- Navigate the emerging regulatory landscape for AI/ML systems — including AI governance frameworks, model risk management expectations, and data residency requirements across global markets.

SECURITY POSTURE & ARCHITECTURE

- Define and enforce Ema's internal and external security perimeters — covering cloud infrastructure, application security, API security, network segmentation, and access controls.

- Work closely with the Infrastructure team to harden production environments, implement zero-trust principles, and ensure secure multi-tenant and air-gapped deployment architectures.

- Establish and run vulnerability management, penetration testing, and