1498 Iso 27001 Jobs - Page 25

Cyber Security Lead Analyst - HIH - Evernorth Position Summary: We are seeking a talented and experienced GRC (Governance, Risk and Compliance) Developer to join our team. The current GRC platform is Onspring. As a GRC Developer, you will be responsible for designing, developing, and implementing customized solutions within the Onspring platform to meet specific needs of our organization s governance, risk management, and compliance functions. Education and Experience Required: Bachelor s degree in Computer Science, Information Systems, or a related field. 5-8 years of experience in GRC development or similar roles. Certifications such as ServiceNow Certified Implementation Specialist, RSA A...

Role To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC). Were seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security. Were looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bps strategy. Role Synopsis: In the digital era, where data breaches and cy...

Position: Information Technology Risk Management Consultant Location: Chennai Experience: 8-12 years Education: B. E. / B. Tech. /MCA Role Overview Responsible for developing, implementing, and maintaining the organisation s IT Risk Management framework. This role focuses on identifying, assessing, and mitigating risks to protect information assets, ensure regulatory compliance, and enhance overall IT governance. The position requires a deep understanding of risk frameworks, threat modelling, control evaluation, and GRC tools, combined with strong stakeholder management skills. Job Profile: Conduct comprehensive risk assessments: identification, impact analysis, heatmap/matrix creation, inhe...

Team Leadership Management: Supervise, mentor, and coordinate surveillance executives across locations. Develop shift rosters, assign duties, and monitor attendance and performance. Conduct regular training sessions on protocols, incident management, and system usage. Surveillance Operations Incident Response: Oversee real time CCTV monitoring; ensure vigilance at entry/exit points, storage areas and counters. Implement prompt escalation protocols for suspicious activity; supervise incident handling and post incident Conduct periodic audits of footage, operator logs, and system functionality. Policy SOP Development: Design and update surveillance policies, SOPs, and emergency response protoc...

Perform security assessments, application security reviews, and penetration testing for SaaS services, on-prem solutions focused around DNS/DHCP protocol Collaborate with development teams to enforce secure coding practices, guidelines, and standards Ensure integration of security requirements and threat modeling considerations into the software development lifecycle. Offer guidance and support during security-related discussions and decision-making processes Provide guidance on secure design principles and assist in addressing security issues Plan, execute, and analyze application security testing, including penetration testing, vulnerability scanning, and code reviews Interpret penetration...

1 to 3 Years of experience in Cyber Security Experienced in ISO 27001, SOC 2 Type II and other regulatory requirements. Knowledge of the implementation of NIST framework and NIS 2 requirements Ensuring that customer specific data and asset security policies are implemented and followed successfully. Develop and implement business processes and policies related to controlling access to customer transactional data from Cloud and remote monitoring site. Experience in AWS standard security features like IAM, Guard duty, Security hub, etc., Perform initial and periodic information Privacy and Security risk assessment/analysis, mitigation, and remediation with the business functions. Contribute fo...

1. Cloud Security: Design, implement, and manage cloud-native security controls across AWS and Azure (IAM, security groups, VPC security, Guard Duty, Azure Security Center). 2. Application Security: Collaborate with development teams to embed security into the SDLC (secure code reviews, threat modeling, SAST/DAST/SCA integration). 3. DevSecOps: Partner with DevOps to integrate security in CI/CD pipelines, IaC templates (Terraform, CloudFormation, ARM), and containerized workloads (Docker, Kubernetes). 4. Security Monitoring & Response: Monitor and respond to security alerts across cloud and application environments, investigate incidents, and implement corrective actions. 5. Security Tools M...

Key Responsibilities: As a part of our Cyber strategy team, you will build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. • Develop, implement, and maintain risk and governance frameworks. • Guide teams/Handle client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk. • Recommend security solutions and enhancements aligned with business goals and threat landscape. • Conduct security risk assessments of third-party vendors and service providers. • Define TPRM frameworks and integrate them into the overall risk management program. • Perf...

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a clients needs and budget, and external threat analysis, which provides critical intelligen...

Key Responsibilities: As a part of our Cyber strategy team, you will build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. • Develop, implement, and maintain risk and governance frameworks. • Guide teams/Handle client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk. • Recommend security solutions and enhancements aligned with business goals and threat landscape. • Conduct security risk assessments of third-party vendors and service providers. • Define TPRM frameworks and integrate them into the overall risk management program. • Perf...

Chief Manager / Senior Manager Information Security GRC Location: Gurugram Shift: Day Workdays: 5 Days/Week Experience: Chief Manager: 8 to 14 years Senior Manager: 5 to 8 years Role Summary A strategic and execution-driven role focused on aligning enterprise security posture with Indian & Global standards, regulatory mandates, and operational risk frameworks. Youll lead audits, compliance assessments, vendor risk evaluations, and training programs while leveraging your technical and project management expertise. Key Responsibilities Governance, Risk & Compliance (GRC) Lead InfoSec audits and compliance assessments Conduct vendor risk evaluations and third-party assessments Prepare audit doc...

You will directly impact the success of the NiCE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you...

Key Responsibilities: Lead the end-to-end tuning, and optimization of the DLP solution (Forcepoint) to align with business and compliance requirements. Develop, maintain, and enhance DLP policies to prevent unauthorized data transmission and ensure adherence to regulatory mandates. Conduct deep-dive investigations into high-priority DLP incidents and collaborate with legal, HR, and IT teams to manage insider threat cases. Maintain a structured reporting and escalation process for DLP events, with proactive recommendations on improving policy effectiveness. Drive quarterly DLP risk assessments, incident trend analysis, and recommend policy enhancements to improve data security posture. Provid...

Cloud Security (Azure Focus) Lead improvements in Azure security posture using Microsoft Secure Score , Azure Policy , and Azure Defender for Cloud . Implement and manage Azure-native security controls , including Key Vault , Azure Firewall , NSGs/ASGs , Sentinel , and Microsoft Defender XDR . Enforce Azure Security Benchmark and contribute to Azure Well-Architected Framework (Security Pillar) assessments and remediation. Security Operations & Incident Response Oversee day-to-day SOC operations in collaboration with MDR/MSSP vendors , ensuring timely triage, escalation, and remediation. Improve MTTA/MTTR through playbook automation, detection rule tuning, and optimised incident workflows. Le...

Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (R...

Work independently to lead and complete high quality threat-based risk assessments, business impact analysis across a diverse set of cloud technologies, business functions, and platforms. Conduct cloud infrastructure security risk assessments based on cloud security best practices. Assess cloud security architecture Cloud security controls evaluation to ensure compliance with business scope, security policies and standards Preparing cloud infrastructure risk assessment reports. Work closely with internal management/team and client business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent assessment of ris...

Security Architecture and Engineering: Maintain and implement the security architecture framework to ensure the integrity, confidentiality, and availability of information assets. Oversee the implementation of security solutions, including network security, endpoint security, and cloud security. Collaborate with IT and engineering teams to integrate security best practices into system and application development. Perform regular scans for PCI compliance Perform regular follow up with other teams share periodical reports related to vulnerabilities and follow up to closure. Perform required PCI scans Compliance and Risk Management: Ensure compliance with relevant regulations, standards, and fr...

Threat Modelling : Conduct threat modelling sessions to identify potential security risks to applications, networks, and infrastructure. Utilize various threat modelling frameworks (e.g., STRIDE, PASTA) to evaluate the risk associated with business processes and IT systems. Vulnerability Assessment & Penetration Testing : Perform regular vulnerability assessments and penetration testing on applications, systems, and networks to identify weaknesses and misconfigurations. Security Risk Analysis : Analyse vulnerabilities identified in VAPT engagements and prioritize them based on risk to the business. Provide recommendations for remediation and mitigation. Incident Response : Assist in respondi...

As Deputy Manage r in our Cyber - Extended Enterprise Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Work independently to lead and complete high quality threat-based risk assessments, business impact analysis across a diverse set of cloud technologies, business functions, and platforms. Conduct cloud infrastructure security risk assessments based on cloud security best practices. Assess cloud security architecture Cloud security controls evaluation to ensure compliance with business scope, security policies and standards Preparing cloud infrastructure risk assessment reports. Work ...

Essential Responsibilities include (but are not limited to): - Help to plan and carry out the organizations information security strategy. Prepare and execute actions based on an ISMS calendar. - Develop a set of security standards, policies and best practices for the organization. - Regularly monitor computer networks and systems for security issues, breaches, or intrusions. - Conduct regular monitoring and review of the information security in engineering projects and all functions/departments. - Responsible for vulnerability & risk assessment of all information assets. - Work with the IT & security team to perform tests and uncover network vulnerabilities. - Fix detected vulnerabilities t...

Job Summary: We are seeking a motivated and experienced GRC Specialist to support and enhance our Governance, Risk, and Compliance framework. The ideal candidate will be responsible for implementing and maintaining standards such as ISO 27001 , ISMS , BCMS , and Third Party Risk Management (TPRM) across the organization. You will work closely with cross-functional teams to ensure regulatory compliance, risk mitigation, and business continuity. Key Responsibilities: Governance & Compliance: Develop, implement, and maintain the organizations Information Security Management System (ISMS) in accordance with ISO 27001 standards. Monitor compliance with internal security policies and regulatory re...

Location: Pune Designation: Assistant Manager About the role As a Cybersecurity GRC Consultant / Assistant Manager , this position plays an vital role to support the implementation and management of governance, risk, and compliance initiatives that safeguard the organizations information assets. This role involves assisting in the execution of cybersecurity policies, conducting risk assessments, participating in audits, and evaluating third-party risk. You will contribute to aligning business objectives with security best practices and regulatory standards such as ISO 27001, NIST, and ITGC. The position requires a foundational understanding of security frameworks and a collaborative approach...

Location: Pune Designation: Consultant About the role As a Cybersecurity GRC Consultant / Assistant Manager , this position plays an vital role to support the implementation and management of governance, risk, and compliance initiatives that safeguard the organizations information assets. This role involves assisting in the execution of cybersecurity policies, conducting risk assessments, participating in audits, and evaluating third-party risk. You will contribute to aligning business objectives with security best practices and regulatory standards such as ISO 27001, NIST, and ITGC. The position requires a foundational understanding of security frameworks and a collaborative approach to str...

Hiring IT Audit professional with expertise in ITGC, Cyber Security, SOC 2, ISO 27001 & ISMS, IT Infra & regulatory compliance (RBI, IRDA, SEBI). Holding at least one IT Security certification such as CISA/ISO27001/CISM/CISSP.

Configure, manage, and troubleshoot firewalls and network infrastructure. Monitor network performance and ensure reliable connectivity across systems. Install, configure, and maintain operating systems and enterprise applications. Deliver prompt and effective technical support for hardware, software, and network-related issues. Communicate technical concepts clearly to both technical and non-technical stakeholders. Maintain detailed documentation for IT systems, configurations, and processes. Collaborate across internal teams and departments to identify and address IT needs. Work with vendors for procurement of hardware and software solutions. Support compliance initiatives in coordination w...