1471 Iso 27001 Jobs - Page 19

Job Title: IT Risk & Security Associate Years of Experience: 4 6 Years Location: India, Mumbai, Andheri, Saki Naka Job Summary: We are seeking a detail-oriented Associate IT Risk, Security & Audit to support product development and deployment by assisting in compliance, security governance, risk management, audits, and certifications within our banking technology environment. The role involves supporting audits, managing risk assessments, monitoring security operations, and ensuring compliance with RBI and global frameworks (ISO 27001, PCI-DSS, SOC2, etc.). The ideal candidate will have prior experience in BFSI/fintech environments and a solid foundation in IT risk, security controls, and au...

Knowledge of all RBI (preferred) related guidelines for banks or SEBI or IRDA requirements. Experience in ISO 27001, security implementation and support Experience in working with IT/ IS regulatory compliance and able to put together a structured process for monitoring continuous regulatory compliance Ability to manage / interact and work with senior members at client (SVP level of Bank) and other internal Bank stakeholders across departments Able to manage and assist during internal / external audits by collating evidence from teams / review of evidence Able to provide / draft recommendations and assist in remediation of identified audit / assessment observations Able to generate / review r...

What you will do: Developing detailed understanding of security policies, standards, and associated processes as it pertains to third party risk management program. 5-8 years of experience in the domains such as risk and compliance, information security Driving collaboration between cross-functional stakeholders and facilitating strong partnership with Fiserv Business Units Capability of contributing to TRPM Risk transformation projects in alignment with organization strategy. Responsible for independently conducting third-party risk assessment in line with security standards, practices encompassing people, process and technology controls Proficient in reviewing documentation including but n...

Conduct security assessments, including threat modeling, design reviews, and vulnerability scans for applications built on Java, React, Kubernetes, MongoDB, Elasticsearch, and Kafka. Perform penetration testing and vulnerability assessments on APIs, web applications, and mobile apps, addressing OWASP Top 10 and other common risks Ensure compliance with security standards such as OWASP, NIST, ISO 27001, SOC 2, PCI-DSS, and GDPR by implementing and validating controls. Assist in developing secure coding guidelines and provide security training to developers. Stay informed on emerging threats, including those related to AI/ML features in Sprinklr AI+, and recommend proactive mitigation strategi...

Qualification: B.E/MCA degree (CSE/ISE/Electronics) Experience: 4 8 years of Hands-on experience with Application Lifecycle Management (ALM) tools, model-based systems engineering (MBSE), and a strong understanding of compliance, quality management, and IT service processes. Relevant certifications in ALM tools, ITIL, or quality management systems will add value. Responsibility: Support for Enterprise Architect system modelling tool including helper tools and Add-Ins, covering 1st and 2nd level support. Apply and articulate Model Based Systems Engineering (MBSE) concepts and viewpoints across project phases Utilize software development tools, with a focus on code review applications, to enha...

We are looking forward to hire Cloud Security Professionals in the following areas : Cloud Security Architect Description YASH is a Digital services enabler organization delivering vast portfolio of digital services to customers across the globe. Our topline services include Cybersecurity services. This role will be part of vibrant YASH s Cybersecurity Cloud Security team. We are looking for candidates who will embrace our Cyber Security strategy in the design, implementation and operations of Cloud Security with a focus on Azure and AWS. As an Cloud Security Architect, you should have experience in all aspects of cloud security including designing security controls and threat protection, de...

Cybersecurity Specialist | Nio Digital Business Platform Coimbatore, Tamil Nadu, India Coimbatore, Tamil Nadu, India We are seeking highly skilled Cybersecurity Specialists with 3 7 years of experience in penetration testing, vulnerability assessment, and security audits. The ideal candidate will have hands-on experience with modern security tools and frameworks, and will play a key role in strengthening our internal systems as well as client-facing applications. Responsibilities Work: conduct vulnerability assessments, penetration testing, and security audits of applications, networks, and systems to identify security risks and vulnerabilities. Tools: such as OWASP ZAP, Burp Suite Professio...

About Us We re a fast-growing fintech company transforming how people access insurance and healthcare services. With a team of 50+ engineers split across multiple product-focused squads, as we scale, we re investing in our security infrastructure to support our growth while remaining compliant and secure. Role Overview We re looking for a Security Engineer with 5-6 years of hands-on experience in information security , cloud security , and IT operations . You ll be at the intersection of compliance, infrastructure security, and user lifecycle management , helping us build a robust and scalable security posture. Key Responsibilities: InfoSec & Cloud Security Implement and manage SSO , IAM pol...

About Us We re a fast-growing fintech company transforming how people access insurance and healthcare services. With a team of 50+ engineers split across multiple product-focused squads, as we scale, we re investing in our security infrastructure to support our growth while remaining compliant and secure. Role Overview We re looking for a Security Engineer with 5-6 years of hands-on experience in information security , cloud security , and IT operations . You ll be at the intersection of compliance, infrastructure security, and user lifecycle management , helping us build a robust and scalable security posture. Key Responsibilities: InfoSec & Cloud Security Implement and manage SSO , IAM pol...

About the Role The GRC Analyst is responsible for supporting the organizations information security governance, risk, and compliance activities. This role involves ensuring that the organization s security policies, procedures, and practices are aligned with regulatory requirements, industry standards, and best practices. The ideal candidate will have a strong understanding of information Security & Privacy principles, Third Party Vendor Risk management, ITGC & SOC2 audit controls, and the ability to communicate complex security issues to various stakeholders. Duties and Responsibilities: Governance: Develop, implement, and maintain information security policies and procedures. Ensure alignm...

Experience in conducting Business Impact Analysis and Risk Assessments for third-party companies / third-party applications / information systems with business stakeholders. Ability to identify information security risks and provide recommendations, including compensating controls for third-party companies / third-party applications / information systems. Summarize findings and recommendations in the risk report. Experience in communicating with business stakeholders / non-technical stakeholders to explain information security risks and mitigation plan. Review third-party contractual agreements to ensure alignment with internal policies. Conduct audits to verify the compliance to organizatio...

Job Role & responsibilities:- Major support to development and implementation of global security governance frameworks aligned with ISO 27001, other security frameworks and riskbased strategy. Oversee the Information Security Management System (ISMS) lifecycle, including audits, evidence collection, and continuous improvement. Manage and report on the execution of global security programs, including PSS (Physical Security Services), Operational Resilience, and Information Security. Coordinate with PMO and local IT/security teams to ensure timely delivery, budget control, and quality outcomes Prepare and lead security (ISO 27001 & other security frameworks) audits, including training auditee...

A Third Party Technology Assurance Lead plays a critical role in safeguarding an organisations technology landscape by managing and assessing the risks associated with third-party vendors and service providers. The Lead proactively analyses, monitors, and assures the compliance, security, and operational effectiveness of external technology services upon which the organisation relies. This position is vital in a world where organisations increasingly depend on external partners for software, cloud infrastructure, and data processing, making assurance and oversight of third parties a top priority for operational resilience and regulatory compliance. Key Responsibilities Third Party Risk Asses...

Lead efforts to identify and remediate cloud misconfigurations at scale using CSPM tools (e.g., Stacklet). Drive automation initiatives for encryption key rotation, secrets management, and policy enforcement. Partner with engineering teams to design and enforce AWS IAM governance and privilege management strategies. Integrate and optimize security scanning (SAST, DAST, IaC, OSS) across CI/CD pipelines (GitLab, Jenkins). Facilitate and contribute to threat modeling sessions, ensuring outputs translate into actionable mitigations. Define and enforce container and Kubernetes security baselines, including runtime policies and admission controls. Strengthen observability by designing and operatio...

Run regular vulnerability scans using tools like Tenable, Qualys, Rapid7, or similar. Monitor vulnerability dashboards and reports, and perform initial triage of findings. Analyze scan results to validate vulnerabilities, remove false positives, and prioritize remediation. Track remediation efforts and coordinate with system owners and IT teams for patching. Assist with configuration and maintenance of vulnerability scanning tools and schedules. Support continuous improvement of scanning methodologies and asset coverage. Compliance Monitoring: Assist with compliance assessments (e.g., CIS, ISO 27001, NIST, PCI-DSS). Monitor security controls and configurations for compliance with internal an...

[{"SalaryINR 15,00,000 Per Year" , "Remote_Job":false , "Posting_TitleL2 Security Analyst" , "Is_Locked":false , "CityGurgaon Kty.","IndustryIT Services","Job_Description Job Summary: We are looking for an experienced L2 Security Analyst with hands-on expertise in Vulnerability Assessment and Penetration Testing (VAPT), configuration reviews, and security scanning using Qualys. The ideal candidate should have a solid understanding of security testing methodologies and the ability to identify, analyze, and report vulnerabilities across IT infrastructure and applications. Key Responsibilities: Conduct regular vulnerability assessments using Qualys VMDR and other tools across endpoints, servers...

Security Administrator / Analyst Position Title: Security Administrator / Analyst Department: Physical Security Department as part of ITSEC. Location: Global Security Operations Center (GSOC), Hyderabad, India Job Summary: The GSOC Analyst is a critical member of the Global Security team, responsible for monitoring, triaging, investigating and responding to diverse security scenarios across all global locations. This role involves the implementation of function-based procedures with clear, actionable steps. The ideal candidate will possess a strong investigative skillset, a meticulous approach to data analysis, and the ability to act decisively under pressure. Key Responsibilities: Incident ...

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works extensively on Vendor IT Security risk assessment/ Third Party Risk management/ IT Technical Assessment Experience in performing Security audits and Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and ...

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works extensively on Vendor IT Security risk assessment/ Third Party Risk management/ IT Technical Assessment Experience in performing Security audits and Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and ...

Job Summary/Objective: We are seeking an experienced Microsoft XDR and Sentinel Expert to join our cybersecurity team. The ideal candidate will be responsible for the design, deployment, tuning, and day-to-day operations of Microsoft Sentinel (SIEM/SOAR) and the Microsoft Defender suite (XDR components). This includes Defender for Endpoint, Identity, Office 365, Cloud Apps, and Azure. The role will play a key part in detecting, investigating, and responding to security threats across our cloud and on-premises environments using the Microsoft security ecosystem. Qualifications: BE/B-tech In IT or MCA or equivalent Requirements & Skills: Proven hands-on experience with Microsoft Sentinel and M...

About the Role We are seeking a highly skilled and experienced Senior DevOps Engineer to join our growing technology team. This role requires deep technical expertise in managing and automating on-premises , cloud , and hybrid infrastructure deployments . The ideal candidate will also bring a strong understanding of infrastructure security , compliance , and DevSecOps practices , ensuring scalable, resilient, and secure environments. Key Responsibilities Design, build, and maintain scalable and resilient CI/CD pipelines for on-prem, cloud (AWS/Azure/GCP), and hybrid environments. Implement and manage infrastructure-as-code (IaC) using tools such as Terraform , Ansible , or Pulumi . Oversee c...

Who We Are As the leader in cloud-managed IT, Cisco connects passionate people to their mission by simplifying the digital workplace. Our impact is driven by the innovative, purposeful, and vibrant people who make up our inclusive community. When technology is intuitive, our customers can focus on what matters! About The team As a member of the Device Trust Assurance team, you will have a substantial impact on the security of millions of Cisco device sall around the world. We are looking for people who are passionate about security and eager to learn the ropes of vulnerability management (reporting, triaging and driving remediation). About The Role The Vulnerability Management Engineer plays...

About CloudThat: At CloudThat, we are driven by our mission to empower professionals and businesses to harness the full potential of cloud technologies. As a leader in cloud training and consulting services in India, our core values guide every decision we make and every customer interaction we have. Our culture is built on: Proprietorship Process Thinking Relentless Learning Commitment to Client Innovativeness Proactiveness If these principles resonate with you, we invite you to be a part of our journey. Role Overview: Enterprise-level role responsible for defining security governance frameworks and driving strategic security initiatives across cloud ecosystems. Key Responsibilities: Conduc...

[{"SalaryINR 22,00,000 Per Year" , "Remote_Job":false , "Posting_TitleNetwork Security Lead" , "Is_Locked":false , "CityGurgaon Kty.","IndustryIT Services","Job_Description Lead the design, deployment, and maintenance of network security architecture (firewalls, IPS/IDS, NAC, WAF, Load balancer VPNs, proxies, etc.). Monitor and analyze network traffic for suspicious activity, anomalies, and potential threats. Oversee firewall rule management, segmentation policies, and access control standards. Ensure approvals for any new deployment of the tools/policies Knowledge and good understanding of NBAD, NTA, NDR, Proxy Collaborate with SOC and incident response teams during threat detection, invest...

Support and oversee comprehensive technology audits, including assessments of IT General controls across the environment. Collaborate with external auditors to coordinate and support annual technology audits, ensuring audit requirements and timelines are met. Coordinate periodic SOX testing to demonstrate effectiveness of IT General Controls for all in-scope systems. Identify, assess, and prioritize technology-related risks across the organization, with a focus on cybersecurity, data protection, and operational resilience. Review and evaluate the design and effectiveness of IT General Controls, recommending improvements as necessary. Ensure IT processes, systems, and controls align with regu...