Cis Controls Jobs – Apply to Latest Cis Controls Job Vacancies

Cybersecurity Strategy & Security Engineer Legacies Techno

7 - 12 years

22 - 37 Lacs

Bengaluru

Work from Office

Job Summary: We are seeking an experienced Cybersecurity Strategy & Security Engineer to develop and implement security policies, frameworks, and architectures that align with organizational goals. This role is critical for defining security roadmaps, evaluating current capabilities, and ensuring robust protection across networks and cloud environments. We are looking for immediate joiners or a notice period less then a month is preferrable. Work from office and will have rotational shifts. Key Responsibilities: Develop and maintain IT security policies and standards for infrastructure components (firewalls, routers, VPNs, etc.) Design and implement cybersecurity strategies and roadmaps aligned with business objectives Conduct risk and maturity assessments and recommend security improvements Evaluate and integrate new security technologies and authentication protocols Provide expertise in network security architecture and cloud security across AWS, Azure, or GCP Collaborate with stakeholders to identify critical business functions and ensure alignment of security initiatives Reference and implement industry-standard frameworks like NIST 800-53, CIS Controls, ISO 27001, SOC 2 Mandatory Skills: Proven experience in security policy & standards development Deep understanding of security frameworks : NIST, CIS Controls, ISO 27001, SOC 2 Expertise in security strategy and roadmap development Strong background in network security architecture Cloud security knowledge in AWS, Azure (preferred), or GCP Familiarity with tools like Firewalls, WAF, VPN, EDR/XDR , and cloud-native tools (e.g., Prisma, Microsoft Defender for Cloud Apps, Azure Firewall ) Strong grasp of security reference architectures across domains like application, network, and data security Preferred Qualifications: Experience with security risk assessments, cost analysis, and security maturity evaluations Knowledge of security standards and compliance requirements (e.g., PCI-DSS)

Posted 1 month ago

Apply

Lead - Information Security & Compliance Engineer Bridge Global

7 - 12 years

10 - 17 Lacs

Kochi

Work from Office

Role & responsibilities Implement cybersecurity best practices across networks, applications, and cloud environments. Lead and maintain ISO/IEC 27001 standards, ensuring compliance with NIST, CIS Controls, and industry regulations. Conducting risk assessments, gap analyses, and defining security controls, policies, and procedures. Plan and conduct internal ISO 27001 audits, identify non-conformities, and recommend corrective actions. Assist in external audits and manage risk mitigation efforts to enhance security posture. Updated knowledge on cybersecurity threats and frameworks (NIST, CIS, GDPR). Perform vulnerability assessments, conduct penetration tests, and establish log analysis and threat detection capability. Maintain technical documentation (policies, risk registers, and audit reports) and develop security training materials. Integrate security into the development lifecycle. Conduct code reviews, threat modeling, and secure software assessments. Work closely with Western clients, ensuring clear communication on security requirements. Provide security advisory and consultation to clients and stakeholders. Translate complex cybersecurity concepts into business-friendly language Conduct employee training sessions on information security policies, procedures, and best practices. Promote a culture of security awareness and ensure employees understand their roles in maintaining compliance. Foster a collaborative and security-conscious culture within the team. Recruit, train, and retain top cybersecurity talent. Drive initiatives for continuous improvement and innovation in security practices. Manage the internal and external client relationships Preferred candidate profile Threat detection, Incident response, and Risk management Knowledge of SIEM tools like Wazuh/ Splunk/ SentinalOne/ AlienVault OSSIM (Now known as AT&T Cyber Security) Implementation of ISO 27001 Knowledge of NIST, CIS, GDPR, SOC 2, PCI-DSS frameworks. AWS, Azure, GCP, IDS/IPS, vulnerability scanners, GRC tools Problem-solving, Analytical, and decision-making. Documentation capabilities Team management, client handling, and cross-functional collaboration. Perks and benefits

Posted 3 months ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.