Lead Compliance Engineer

Razorpay is one of India’s leading full-stack financial technology companies, powering the way businesses move, manage, and grow money. Founded in 2014 by Harshil Mathur and Shashank Kumar with a simple vision — to simplify payments for Indian businesses — we’ve since grown into a fintech powerhouse driving India’s digital payment revolution.

Razorpay powers millions of businesses with a smarter, scalable stack that goes beyond transactions to help them truly build and grow.

From seamless checkouts to payroll automation, across India, Singapore, and Malaysia, we’ve been engineering a fintech ecosystem that’s redefining how money moves across Asia — and we’re just getting started.

Today, that ecosystem supports everyone from early-stage startups to some of India’s largest enterprises, enabling them to accept, process, and disburse payments at scale while expanding into new ways of managing money more efficiently.

Our scale speaks volumes: Razorpay processes $180+ billion in annualized transactions, powering leading businesses like Airbnb, Facebook, WhatsApp, Airtel, CRED, BookmyShow, Zomato, Swiggy, Lenskart, Mirae Asset Capital markets, Indian Oil, National Pension Scheme — and over 100 of India’s unicorns. With strong roots in India and growing operations in Southeast Asia, we are shaping the next chapter of financial technology across the region.

We are backed by global investors including GIC, Peak XV Partners (formerly Sequoia Capital India & SEA), Tiger Global, Ribbit Capital, Matrix Partners, MasterCard, and Salesforce Ventures, having raised over $740 million to date. Strategic acquisitions — including Ezetap (POS and offline payments), Curlec (Malaysia expansion), BillMe (digital invoicing), and POP (rewards-first UPI) — along with earlier moves in fraud prevention, payroll, and lending, have further strengthened our platform and widened our footprint across Asia.

But what truly sets Razorpay apart is our culture. At Razorpay, ownership is our oxygen — you own what you build, with no micromanagement or red tape, just the runway to make your ideas fly. Learning is a lifestyle — if you’re curious, you’ll feel at home here. People > Pedigree — we hire for attitude, hustle, and hunger more than degrees. Transparency thrives over titles — this is where interns question CXOs and CXOs say “thank you.” Guided by our values of Customer First, Autonomy & Ownership, Agility with Integrity, Transparency, Challenging the status quo and a strong belief that Razorpay grows with Razors,  you’ll be part of a 3000+ strong team building not just products, but the financial infrastructure of the future.

Lead Compliance Engineer (Privacy )

Data Protection & Compliance (DPDPA & GDPR Focused)

We are seeking a Lead Privacy Specialist with deep expertise in global and Indian data protection regulations, specifically the Digital Personal Data Protection Act (DPDPA) and the General Data Protection Regulation (GDPR). The ideal candidate will be a subject matter expert who can lead the development, implementation, and maintenance of our privacy program, ensuring full compliance across all business functions. This role is crucial for managing our data handling practices and protecting the privacy of our users and stakeholders.

The Role

As the Lead Compliance Engineer (Privacy ), you will be at the forefront of our privacy compliance efforts. Your responsibilities will include conducting privacy impact assessments, advising on data handling practices, and leading audits to ensure adherence to DPDPA, GDPR, and other relevant privacy frameworks. You will work closely with legal, product, engineering, and business teams to embed a "privacy-by-design" and "privacy-by-default" approach throughout the organization. You will also be responsible for creating and refining our privacy manual, policies and processes.

Key Responsibilities

Privacy & Data Protection Expertise:

• Global & Indian Privacy Frameworks: Demonstrate an exceptional level of expertise in DPDPA and GDPR. Apply your deep understanding of these regulations to assess, implement, and maintain a robust privacy program.
• Privacy by Design: Collaborate with product and engineering teams to integrate privacy requirements seamlessly into the software development lifecycle. Ensure that new products and features are designed with privacy in mind from the outset. ​​Review the product designs for privacy compliance in line with DPDP/GDPR. Technical proficiency to map product, tech and privacy correlation and suggest the best way forward. 
• Privacy Impact Assessments (PIAs): Lead and conduct PIAs and Data Protection Impact Assessments (DPIAs) for new projects, products, and data processing activities. Analyze potential privacy risks and recommend effective mitigation strategies.
• Audit and Compliance: Plan, execute, and report on internal and external privacy audits. Identify compliance gaps and deviations, and work with relevant teams to develop and manage remediation plans. Periodically assess the privacy best practices as mandated by regulators and evaluate the implementation of such practices in Razorpay. Work with Public Policy team and regulators to address the privacy requirements and incorporate the best practices within product, policies and operations.  Periodically assess the privacy best practices as mandated by regulators and evaluate the implementation of such practices in Razorpay.
• Policy and Process Development: Create, define, and continuously improve privacy-related processes and procedures, including data subject request handling, consent management, and data retention policies.Draft and review Data Sharing Agreements with different parties. 

Data Security & Privacy Technology:

• Data Security Controls: Possess a strong grasp of data security principles, including access controls, encryption, and incident response. Advise on, suggest, and implement technical controls such as Data Loss Prevention (DLP) solutions and data masking techniques to enhance data privacy and security.
• Security Controls: Evaluate existing technical and organizational security controls to identify potential vulnerabilities that could impact personal data. Recommend appropriate measures to enhance data protection.
• Hosted Platforms: Understand the privacy implications of using hosted platforms like AWS or Azure. Evaluate vendor platforms for compliance with data protection laws and recommend necessary controls.
• Privacy-Enhancing Technologies (PETs): Advise on and evaluate the use of privacy tools and technologies to automate and streamline privacy compliance. This includes solutions for data discovery, consent management, and data subject access requests (DSARs).

Candidate Requirements

• Education: Bachelor's degree in Computer Science, Information Security, Law, or a related field. An advanced certification such as CIPP/E, CIPP/A, CIPM, or CISSP is highly preferred.
• Experience: A minimum of 7-9 years of overall experience in a privacy, compliance, or information security role, with a strong focus on data protection.
• Expertise:
• Proven track record of working as a Privacy Specialist, Privacy Engineer, or a similar role.
• Expert-level knowledge and practical experience with DPDPA and GDPR.
• Strong understanding of other privacy and security frameworks. Experience in implementing privacy frameworks such as ISO 27701 and NIST Privacy Framework for a Fintech, is a plus.
• Familiarity with common privacy tools and platforms (e.g., OneTrust, BigID, TrustArc or similar tools) is essential.
• Technical & Soft Skills:
• Strong understanding of different types of audit reports and deviations encountered during assessments.
• Proven experience suggesting and implementing technical controls to enhance privacy, such as DLP and data masking, tokenization, etc.
• Familiarity with hosted platforms (AWS/Azure) and the security controls needed to protect data.
• Proven ability to quickly learn and adapt to new technologies and privacy regulations.
• Excellent written and verbal communication skills, with the ability to effectively communicate complex privacy concepts to a wide range of stakeholders.
• Strong analytical and problem-solving skills, with a keen eye for detail and a methodical approach to compliance.