Sprinto is an AI-native GRC platform that helps organisations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of
350+ employees serving
3,000+ customers across
75+ countries, Sprinto combines scale with expertise to deliver trust and compliance. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve
raised $31.8M in funding to fuel our mission. Trusted by leading organisations including Whatfix, Anaconda, Ultrahuman, WeWork, AI Foundation, and HackerRank, Sprinto supports
300+ integrations and
200+ global security standards, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS.Founded in 2020 by second-time entrepreneurs Girish Redekar and Raghuveer Kancherla, Sprinto is recognised as a
Leader on G2 in Compliance Automation and has been named a
LinkedIn Top Startup multiple years in a row.
Sprint with Sprinters: At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment. Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined
The Role: Sprinto is building a Managed Services wing that will evolve from framework digitisation into a broader services portfolio, including implementation consulting, risk & privacy assessments, policy reviews, internal audits, and security assurance programs. This leader will build the function from the ground up with strong governance, repeatability, and commercial accountability.
What you’ll do
Build the function
Create delivery operating model: intake, scoping, SOWs, QA, SLAs, change control, and reporting.
Build reusable IP: templates, playbooks, mapping libraries, workshop agendas, and QA rubrics.
Hire and lead a team of specialists; build service-line pods over time.
Deliver and scale service lines (phased)
Phase 1: framework digitisation & control/check mapping inside Sprinto.
Phase 2: packaged services for risk assessment, privacy (DPIA), policy review, internal audits, and audit readiness support.
Phase 3: scale into security assurance programs and partner-led offerings (e.g., VAPT program management, vendor governance, QA, and customer outcomes).
Own commercial outcomes
Define service packaging and pricing models (fixed-fee tiers, retainer options where relevant).
Own utilization, margins, capacity planning, delivery forecasting, and predictable throughput.
Partner with Sales/SE/CS to attach services appropriately and improve enterprise deal conversion + retention.
AI-enabled service productisation
Create “AI-assisted playbooks” for repeatable services (DPIA, risk assessment, policy review, internal audit checklists).
Build structured input forms/checklists that juniors can fill out, enabling consistent output.
Define QA guardrails (mandatory source inputs, validation steps, human approval gates).
Maintain an internal library of prompts/templates and continuously improve them based on audit/customer feedback.
Ensure quality and manage risk
Establish acceptance criteria and review mechanisms for deliverables.
Define boundaries and disclaimers to avoid uncontrolled liability.
Build partner qualification standards and a QA framework for third-party-delivered services.
What we’re looking for
Experience
8–10+ years in GRC/security consulting, audit/advisory, or building managed compliance programs.
Demonstrated experience building/scaling a services practice or delivery org (0→1 to repeatable).
Strong experience with enterprise customers and multi-stakeholder delivery.
Domain mastery
ISO 27001, SOC 2, GDPR; strong risk assessment experience.
Privacy assessments (DPIA) hands-on.
Comfort with complex frameworks like FedRamp, HITRUST, NIST family and regional regulations
Proficiency in building AI-enabled workflows
Demonstrated ability to use AI tools (e.g., ChatGPT-style workflows) to reduce manual effort and standardize deliverables.
Ability to translate domain expertise into reusable templates and guided systems.
Strong judgment around accuracy, confidentiality, and review requirements.
Operator strengths
Ability to productize services (packages, deliverables, QA, SLAs).
Strong commercial ownership: pricing, margins, capacity planning.
Excellent written communication and workshop leadership.
Strong decision-making in ambiguity, without scope creep.
Preferred
Prior leadership of multi-service GRC offerings (risk, privacy, internal audits, readiness).
Experience in auditing and implementing GRC frameworks
Certifications (good to have): ISO 27001 LA/LI, CISA, CISM, CISSP or PCI QSA.
Success metrics
Services revenue growth trajectory toward the long-term contribution target.
Delivery cycle time, rework rate, QA pass rate, customer satisfaction.
Utilisation and gross margin improvement via reuse and standardisation.
Attach rate (services + product), deal unblock impact, retention uplift.
How We Care For Our Sprinters :
- Work wherever you are: We’re 100% remote, so you get to choose if you want to work from home, cafe, hills or beaches.
- Co-working on the house: If co-working is your jam, we offer a generous annual allowance of up to INR 14,000* for social working.
- We care about your learning: We are invested in seeing you grow, and commit USD 1000 annually to help you level up your skills.
- We count your spark, not your leaves: We care about you not just as an employee, but as a person. So if you need a reset, make use of Unlimited leaves.
- Your Safety Net, Woven in: We take care of the what-ifs. From health insurance with coverage up to INR 10 lakh for you and your family, to accident protection of an additional INR 10 lakh, and life insurance worth 3× your annual salary, our benefits wrap you and your family in protection so you can focus on thriving.
- Workspace setup of your dreams: Work from anywhere, and if that’s home, we’ll chip in INR 35,000 to help you create a space that’s as effortless as your workflow. CX_POD
CX_POD
