6 Isaca Jobs

You will be reporting to the Senior Manager VAPT as part of this role. A university degree in computer science or IT is required for this position. With over 8 years of experience in Information Security, including at least 5 years of experience in Penetration Testing, Red Teaming, and/or vulnerability assessment, you will play a crucial role in evaluating the control environment through Ethical Hacking. Your responsibilities will include hands-on experience in black-box and grey-box penetration testing on platforms like .Net and Java, as well as mobile testing of Android and iOS. Having a high-level understanding of Security Architecture and Infrastructure is essential, along with familiarity with best practices from organizations such as OWASP, SANS Institute, ISACA, GAO, FISCAM, NSA, NIST, and Internet Engineering Task Force (IETF). You will be expected to develop a framework for testing the compliance of applications and systems, as well as possess experience in project management. This position falls within the Information Technology industry. Your main responsibilities will involve conducting internal and third-party Ethical Hacking, Vulnerability Assessment, Penetration Testing, and Red Team assessments on business-critical assets and processes. You will need to liaise with external ethical hacking and penetration testing teams for RBI projects, and coordinate with the security intelligence framework to stay updated on the latest threats and vulnerabilities. Preparing security effectiveness reports for management, testing applications/systems for compliance to RBI/ReBIT Information Security practices, and ensuring new applications are inducted into the Data center after conducting pen testing/vulnerability assessment are key tasks. You will be responsible for prioritizing security vulnerabilities, updating the Security operations team for mitigation, and deciding on the most relevant metrics and algorithms for measuring security effectiveness. Certifications required for this role include any two of the following: CISSP, CEH, OSCP, OSCE, or GPEN.,

As a highly skilled professional in the field of Information Security, you will play a crucial role in ensuring the secure development of software applications. With your University degree in computer science or IT and a minimum of 6 years of experience in Information Security, you will possess the necessary qualifications to excel in this role. Your expertise in Software Development Lifecycle (SDLC) security reviews, control environment evaluation, and design flaw assessments will be key in upholding the highest standards of security. Your responsibilities will include conducting internal and third-party Security Risk Assessments on critical assets, coordinating with project teams to enforce security frameworks throughout the SDLC, and preparing detailed security effectiveness reports for management review. Your hands-on experience in Static and Dynamic Application Security Testing, along with your familiarity with industry best practices such as OWASP, SANS Institute, and NIST, will be invaluable in developing a comprehensive security framework for developers to follow. In this role, you will also be responsible for testing applications/systems against SSDLC frameworks, ensuring compliance with RBI/ReBIT Information Security practices, and facilitating the integration of new applications into the data center post-assessment. Your expertise in application security tools and methodologies, along with your ability to define and enhance security requirements for agile development methods, will be essential in driving continuous improvement in application security standards. Additionally, you will collaborate with the DevSecOps team to establish secure CI/CD pipeline processes and enable application teams to develop new capabilities securely. Your certifications in CISSP, CSSLP, cloud security, or DevSecOps automation will further validate your expertise and commitment to upholding the highest standards of information security in the industry.,

As an Architect-Cyber Security with 12+ years of experience, you will be responsible for security architecture across multiple industries. Your primary tasks will include developing and managing security architecture for global companies, participating in security architecture review boards, implementing secure coding and SSDLC, and designing secure solutions based on industry standards and best practices. You should have a strong background in Azure, with experience in securing multi-tenant environments. Additionally, you must be proficient in creating current state and future state architecture diagrams, providing technical roadmap support, and staying updated on technology market trends. To qualify for this role, you need a Bachelors/Masters degree in Information Security/Systems, Computer Science, or relevant field. Possessing certifications such as CISSP, CISSP-ISSAP, Azure Architecture, or Azure Security will be advantageous. Membership in industry associations like SANS and ISACA is also preferred. If you have a passion for cybersecurity and a proven track record in security architecture, this position in Bangalore is ideal for you. Join our team and contribute to delivering cutting-edge security solutions in alignment with enterprise architecture principles.,

Title: IBMi Senior Systems Administrator (AS400) Location: Remote Duration: 9-12 Months Experience required: Over 12 years Required Skills & Experience Bachelors degree or equivalent computer-related degree from a technical school, or similar training, along with a minimum of five year of experience in system administration related role(s). Good understanding of technical equipment and software packages. Good understanding with: IBM AS/400, IBM iSeries, IBM Power 10 EMC SAN and storage devices, IBM DS8000 Storage VTL backups, BRMS, cluster environment Performance monitoring Apache Servers IBM Web services System maintenance (IPL, PTF, SAVSYS....) IBM i commands, job control, WRKACTJOB, WRKSPLF, DSPMSG, etc. Backup tools (BRMS), job schedulers (Robot or native), system monitoring tools CL programming (basic to intermediate), SQL, and introductory RPG knowledge Knowledge of IT security best practices. An understanding of COBIT, ISACA, SANS Frameworks Self-starter with the demonstrated ability to learn/adapt to new technologies and techniques. Ability to organize and manage multiple priorities simultaneously in a fast-paced, deadline-driven environment. Excellent verbal and communication skills required. Passionate about delivering excellence in customer service within a team environment. Ability to read, analyze, and interpret general business/technological periodicals, procedures, and journals. Ability to write procedure manuals. Ability to be patient and train less experienced team members; respond to questions, build capability. Ethical, with a commitment to company values. Show more Show less

We are seeking an experienced Application Security Specialist to join our team. As an Application Security Specialist, you will be responsible for conducting SSDLC security assessments, integrating security throughout the software development lifecycle, and ensuring that applications meet the highest security standards before deployment. Your key responsibilities will include conducting internal and third-party SSDLC risk assessments on critical assets and processes, coordinating with project teams to enforce security frameworks in all phases of the SSDLC, and preparing security effectiveness reports for management. You will also be tasked with performing SSDLC assessments aligning with security practices, ensuring that new applications undergo SSDLC assessments before induction into data centers, and defining and enhancing application security requirements for agile development and traditional architectures. Additionally, you will assist DevSecOps teams in creating secure CI/CD pipeline processes, follow up on and escalate closure of identified security gaps, and contribute to standardizing application security tools and methodologies. The ideal candidate should have at least 6 years of experience in Information Security with a focus on application and software security, along with 4 years of experience in software development lifecycle security reviews. You should also possess expertise in architecture reviews, software design reviews, threat modelling, and design flaw assessments, as well as hands-on experience with SAST, DAST, SCA, IAST, RASP, and other application analysis tools. Familiarity with OWASP, SANS, ISACA, NIST, IETF best practices is required, and the ability to develop detailed security frameworks for developers to integrate into the SDLC is essential. Preferred certifications include CISSP, CSSLP, Cloud Security Certifications, and DevSecOps Automation Certifications. If you meet these qualifications and are passionate about enhancing application security, we encourage you to apply for this position.,

Hiring Requirements: • Experience: 35 years of hands-on experience in Information Security or a related field. • Certifications: ISO 27001 or ISACA certifications (such as CISA, CISM) preferred. Skills: • Excellent verbal and written communication skills. • Strong professional attitude and collaborative mindset. Knowledge: • Familiarity with Third Party Risk Management (TPRM) processes. • Understanding of IT/security-related contracting is a plus.