MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Compliance Programme Manager

Unifize

Bengaluru, Karnataka, India permanent

Posted: March 26, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

This is a Commissioned role that involves working with a large team to implement and manage a new compliance management system for a medical device manufacturing company. The ideal candidate will have experience in compliance and process improvement, with strong analytical and problem-solving skills.

Required Skills

Delivery Organization ISO 27001 External Advisor Management Cross-functional Coordination

Job Description

About Unifize

At Unifize, we're building the AI-native product suite for regulated manufacturing companies — helping teams in medical devices, aerospace, defence, and precision manufacturing run and prove critical work faster.

Today, regulated manufacturers rely on a patchwork of disconnected tools — QMS, DMS, PLM, MES, spreadsheets, and email — to manage their processes. This fragmentation slows innovation, creates compliance risk, and forces teams to waste time manually connecting the dots. Unifize brings process, documentation, and communication together in one place. Whether it's managing CAPAs, resolving deviations, launching new products, or preparing for audits, teams work faster with full traceability and audit readiness built in.

We are ~60 people with offices in Bangalore and the US. Our customers start with one use case and consistently expand — 100% net expansion to date. Check out our website, case studies, and videos to learn more.

The Opportunity

In March 2026, Unifize launched one of the most ambitious compliance programmes in Indian SaaS — seven frameworks, 18–24 months, and external certifications with direct customer and revenue consequences: SOC 2, ISO 27001, GDPR, HIPAA, ISO 9001, NIST 800-171, and CMMC Level 2.

A third-party NIST 800-171 assessment is already complete. ISO 27001 certification is targeted for June 2026. The clock is running — and there is currently no single person accountable for driving this programme.

We need a Compliance Programme Manager to own it end to end. Not advise on it. Not audit it. Own it — the plan, the milestones, the external auditor relationships, the cross-functional coordination, and the outcomes. You will report directly to the CEO and be the single point of accountability for the compliance programme.

What You'll Own

Programme Delivery

• Maintain the master programme plan, milestone tracker, and compliance calendar across all seven frameworks
• Drive each framework through Discovery, gap analysis, remediation, and certification — in sequence, on schedule
• Deliver weekly status updates and quarterly programme reviews to leadership — structured, crisp, and ahead of problems
• Ensure every framework has complete, audit-ready evidence packages before certification or assessment milestones

ISO 27001 — June 2026 (Most Urgent)

• Confirm the certification body, validate the gap analysis, and run Stage 1 and Stage 2 audits to completion
• This is the most time-critical milestone. You will be accountable for it within weeks of joining

External Party Management

• Select and manage certification bodies (ISO 27001, ISO 9001), the C3PAO (CMMC), legal counsel (GDPR, HIPAA), and third-party consultants
• You own these relationships — not the CEO, not legal

Cross-functional Coordination

• Align engineering, security, legal, HR, and QMS workstreams to the programme timeline
• Identify dependencies, resolve conflicts, and keep every workstream moving — without chasing

NIST 800-171 / CMMC Remediation

• Own the POA&M — 54 Not Met objectives require structured remediation across H2 2026
• Drive closure against the SPRS submission deadline

Budget Ownership

• Track programme spend against the approved budget envelope, flag variances early, and manage cost-driver decisions

What This Role Will NOT Do

• Write application code or implement technical controls — that's Engineering
• Perform security risk assessments or design security architecture — that's the Security / ISMS Lead
• Draft legal agreements (DPAs, BAAs, DFARS clauses) — that's Legal and external counsel
• Build or manage a compliance team — this is a sole-contributor role, not a people-management position

Who You Are

You are a programme manager first, compliance professional second. You have delivered a compliance programme — not participated in one, not audited one — but owned it end to end, including the external auditor relationships and the certification outcome.

You move fast without needing perfect information. You are deeply organised without being bureaucratic. You can give a CEO a crisp status update on seven frameworks in five minutes, and you know how to hold the programme together when engineering has competing product priorities and leadership wants to skip steps.

You are comfortable being the only dedicated compliance resource for 6–12 months. You are both the programme director and the person doing the work. There is no team to build — you are effective as a sole contributor from day one.

Requirements

Must-have:

• Demonstrated track record of delivering a compliance programme to certification or assessment completion — end-to-end ownership including CB / auditor management. Advisory roles, audit support, and participation roles do not qualify
• Minimum 2–3 years of full-time, dedicated compliance experience — not part-time, not adjacent
• Experience with at least two of: ISO 27001, SOC 2, NIST 800-171 / CMMC, GDPR, HIPAA
• Strong programme management discipline — milestone tracking, dependency management, risk registers, and proactive stakeholder communication
• Comfortable operating as a sole contributor without a team below you
• Able to push back constructively on founders and engineering when the programme requires it
• Bangalore-based, or open to full remote within India

Good to have:

• Sprinto or similar GRC platform experience (learnable within 30 days)
• CMMC or federal compliance background
• Experience at a B2B SaaS company of 50–300 people
• No depth on DPDP Act is fine — no candidate will have it yet

Hard no:

• No track record of closing a certification or assessment — only advisory, audit support, or participation roles
• Strong compliance domain knowledge but poor programme management discipline — frameworks researched, never shipped
• Requires a team in place before they can operate effectively
• Cannot manage up and push back constructively when needed

Why Join Unifize

This is a rare opportunity to own a compliance programme end to end from scratch — not inherit someone else's half-built framework, not manage a team executing it, but be the person who delivers it.

Seven frameworks. Real external milestones. Direct revenue consequences. You report to the CEO. Decisions happen in hours, not weeks.

The frameworks covered — ISO 27001, CMMC, NIST 800-171 — are credible, technically interesting, and increasingly rare in Indian SaaS. The person hired here will have a compliance delivery track record by end of 2027 that very few CPMs in India can match.

• Work on a programme that directly unlocks enterprise and federal manufacturing deals
• Ownership of outcomes, not just activities
• Direct access to the founding team — no layers, no bureaucracy
• Competitive compensation aligned with certification milestones and programme delivery

Unifize is an equal opportunity employer. We are building a diverse team and welcome applicants from all backgrounds.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply