Information Security- Financial

at IT services provider based out of the US

Agency job
icon
Bengaluru (Bangalore)
icon
3 - 5 yrs
icon
₹12L - ₹16L / yr
icon
Full time
Skills
IT security
IT security audit
Information security
Security audit
ITGC
GRC
Cyber Security
General Ledger
Fraud
Budget
SSAE
SOC Audits
GDPR
TPRM
Infosec
ISMS
cloud security
balance sheet

Job description- Information Security(Financial)

Roles and Responsibilities

HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

 

Work profile of individual

  • As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
  • Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
  • Will be an active participant in internal / third party system security reviews and audits on customer engagements.
  • Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
  • Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
  • Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
  • Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

 

Team work

  • Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
  • Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
  • Communication, written and verbal, with these teams would be expected.
  • Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
  • Team members would be required to handle multiple tasks at the same time.
  • Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

  • Bachelors
  • Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
  • Experience : 3-5 years

 

Knowledge Required:

  • Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
  • Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
  • Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
  • Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
  • Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
  • Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
  • Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
  • Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

 

Additional Responsibilities:

 

  • Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
  • Good knowledge on software configuration management systems and license Management systems
  • Awareness of latest technologies and Industry trends
  • Logical thinking and problem solving skills along with an ability to collaborate
  • Understanding of the financial processes for various types of projects and the various pricing models available
  • Ability to assess the current processes, identify improvement areas and suggest the technology solutions
  • One or two industry domain knowledge
  • Client Interfacing skills
  • Project and Team management
Why apply to jobs via Cutshort
Personalized job matches
Stop wasting time. Get matched with jobs that meet your skills, aspirations and preferences.
Verified hiring teams
See actual hiring teams, find common social connections or connect with them directly. No 3rd party agencies here.
Move faster with AI
We use AI to get you faster responses, recommendations and unmatched user experience.
2101133
Matches delivered
3712187
Network size
15000
Companies hiring

Similar jobs

Cyber Security Specialist

at Response Informatics

Founded 2018  •  Services  •  employees  •  Bootstrapped
Cyber Security
icon
Remote only
icon
2 - 15 yrs
icon
₹2L - ₹20L / yr
Hi,

We are looking for Cyber Security Specialists who are strong in any Cloud providers like GCP, AWS & Azure.
Strong awareness of security considerations and security tools used to integrate with the build pipelines etc.,
Networking (VPC / VPCSC / VPN) fundamentals
Partner with InfoSec and Security teams to deliver on key information security and IT risk related initiatives.
A wide knowledge of technology and platforms with an understanding of good development practices, SecDevOps and Cloud.
Design and configure perimeter security
Define, configure, and automate firewall configurations and procedures
Verify and validate implementation of firewall configurations and security scripts

This is for a UK client and we need your availability from 2 PM to 8 PM IST weekdays,

Job posted by
NagendraChamarty

Security (AM/Executive)

at An Indian energy and power company.

Agency job
via Jobdost
Network Security
Cyber Security
IT security
Web application security
icon
Ahmedabad
icon
3 - 10 yrs
icon
₹5L - ₹15L / yr
Torrent Power is an Indian energy and power company, having interests in power generation, transmission, distribution and manufacturing and supply of power cables.

Security (AM/Executive)

• To design the security infrastructure / policies for the organisation, implement & monitor the same
• To ensure security compliance with respect to recommendations received from government agencies like CEA, NCIIPC
• Design, review, implement & monitor IT security related controls as part of Internal
• Controls, IFC, ERM
• ISMS certification (ISO 27001) for IT systems; this will include preparation and periodic review of policies and SOPs, regular trainings and maintaining records in prescribed formats
• Conducting internal security audit and generating reports by deploying VA tools
• Periodic security/VAPT audits and implementation of the findings
• IT security related new initiatives like - Security Operations Centre (SOC), Security Information and Event Management (SIEM), cloud security, EMM-enterprise mobility management
• Creating IT Security awareness within the organisation
Job posted by
Sathish Kumar

Information Security Manager

at Netmeds.com

Founded 2015  •  Product  •  500-1000 employees  •  Raised funding
Information security
IT security
WAF
Docker
Ethical Hacking
Network Security
Penetration testing
Vulnerability assessment
ISO/IEC 27001:2005
Web application security
Firewall
Burp suite
Amazon Web Services (AWS)
Windows Azure
Security Information and Event Management (SIEM)
Fraud management
Log management
Patch Management
Data security
Cyber Security
DevOps
icon
Chennai
icon
5 - 10 yrs
icon
₹10L - ₹30L / yr

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

 

Roles & Responsibilities:

  • Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
  • Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
  • Managing penetration tests and security reviews for core applications and APIs.
  • Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
  • Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
  • Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
  • Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
  • Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
  • Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
  • Investigate privacy breaches.
  • Educate employees on data privacy & security.
  • Prioritize security requirements based on their severity of impact and product roadmap.
  • Maintain a balance of security and business values across the organisation.

 Required Skills:

  • Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
  • Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.
  • Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.
  • Experience in Log Management, Security Event Correlation, SIEM.
  • Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

 

Good to Have Skills:

  • Online Fraud Prevention.
  • Bug Bounty experience.
  • Security Operations Center (SOC) management.
  • Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
  • Experience / Knowledge on tools like Fortify and Nessus.
  • Experience in handling logging tools on docker container images (ex. Fluentd).
Job posted by
Vijay Hemnath

IT Auditor

at Technomech Consultancy

Founded 2009  •  Services  •  20-100 employees  •  Profitable
CISA
CISSP
Cyber Security
Information security
CEH
IT audit
IT security audit
Ethical Hacking
CISACISM CISSP CEH
icon
Pune, Mumbai, Bengaluru (Bangalore)
icon
5 - 12 yrs
icon
₹15L - ₹25L / yr

Position: IT Auditor

Experience: 4-12 Years

Location: Pune

Key Skills Required:

CISA, CISSP, CISM, IT Audit, Technology Audit, IT Infrastructure Audit, Application Security Audit, Information Security Audit, Cyber Security Audit, Cloud Security, Ethical Hacker

Additional key words: Vulnerability assessment, Penetration Testing, ITGC testing, Cloud Computing,

 

 

IT AUDITOR is responsible to plan and perform the audit assignment starting from audit announcement, audit planning, field work, audit quality reviews, pre-closing / closing meetings with the respective Directors / Head of the Departments including writing of the audit report and its finalization as well as follow up of the audit actions. Additionally IT AUDITOR will also be responsible to:
•    Evaluate IT systems, processes and projects in place;
•    Determine risks to the Group’s information assets, and help identify methods to minimize those risks;
•    Ensure information management processes are in compliance with IT-specific laws, policies and standards;
•    Determine inefficiencies in IT systems, IT projects and associated management processes and
•    Consult in IT projects, new initiatives and organizational frameworks.

Description

 

Audit Planning

1)    Perform audits at Volkswagen Group entities. and other concerned Volkswagen Group Companies with focus on IT processes keeping the associated business risks in mind.
2)    Participate in the preparation of audit objective & scope document along with audit schedule based on the audit objective and timeline specified by Head of IT Audit India Hub.
3)    Participate in the preparation of work program

Audit Process

1)     Prepare and conduct preparatory interviews with the Directors and Heads of the audited departments to identify the processes to be assessed during the audit.
2)     Request and collect relevant audit data for analysis from respective business areas.
3)     Prepare audit matrix on periodic basis to record the audit field work and update the progress of the audit to IT Audit Manager and the Head of IT Audit Hub India.
4)    Define actions including relevant controls to mitigate the business risks identified based on the evidences provided during the audit.
5)    Organize and conduct pre-closing meetings with business areas to agree upon audit observations and relevant actions.
6)    Prepare and conduct closing meetings with the Directors / Heads of the Department for audited division to agree upon the audit observations, risks and proposed actions.
7)    Prepare the draft audit report and submit the same to the  IT Audit Manager and the Head of IT Audit India Hub for review.
8)    Ensure that adequate documentation is prepared for the audit assignment. Peer review changes are done before release of the final audit report to the business area.
9)    Contact business area to review the progress of the implementation of audit actions defined in the final audit report. Based on the review, write the status of the follow up and submit the same for upload in RIAS.
10)    Obtain necessary certifications / qualifications to support the job requirements by attending relevant trainings
11)    Support the conduction of unscheduled audits/special investigations and audits from the anti-corruption system.
12)    Relevant knowledge is shared among the team members.
13)    Consult in IT projects, new initiatives and organizational frameworks.
14)    Ensure information management processes are in compliance with IT-specific laws, policies and standards.
15)    Determine risks to the Group’s information assets, and help identify methods to minimize those risks.
16)    Evaluate IT systems, processes and projects in place.
17)    Determine inefficiencies in IT systems, IT projects and associated management processes.

Job posted by
Laxmi Ghoble
Amazon Web Services (AWS)
Cyber Security
Penetration testing
Threat modeling
Computer Security
VAPT
icon
Hyderabad
icon
7 - 13 yrs
icon
₹20L - ₹30L / yr

Job Responsibilities:

 

Experience: 8 Yrs to 12 Yrs

 

  1. Hands-on expertise on performing Application pen testing (Mobile(Android, IOS),networking, web application pen testing),
  2. Should worked on IOT,AWS,Application Penetration Testing, Reverse Engineering, source code review, CI/CD Pipeline
  3. have done any submission on Bug crowd or Bug Bounty.
  4. have developed tools or scripts for web pen test on GitHub.
  5. Certified on OSCP
  6. Threat Modeling
  7. Network scan in stealth mode or simple scan using Nmap and Burp suite

 

Implement security measures which monitor and protect sensitive data and systems from infiltration and cyber-attacks.

 

Developing different ways to solve the existing threats and security issues.

 

Configuring and implementing intrusion detection systems and firewalls.

 

Security product development, testing, and implementation.

 

Responsible for security technology research, penetration testing, and vulnerability scanning.

 

Please follow the below inputs.

 

The shift will starts from 03:00 PM to 12 AM (fixed for few months),

 

 

OSCP certification(Not mandatory, preferable)

 

Below are the primary key skills:

 

Total Application Security Experience:

Total Security Architecture Experience:

IOT(optional)

MOBILE

WEB

AWS(Mandatory)

NETWORKING

THREAT MODELS

 

 

Job posted by
Geetanjali Kumari

Cyber Security Engineer

at Dental Insurance

Cyber Security
Cloud Security
IT security
devsecops
HIPAA
Microsoft Windows Azure
Infrastructure
cloud security
icon
Remote only
icon
6 - 9 yrs
icon
$0.1K - $0.1K / yr
  • Max rate $85/hr
  • MUST HAVE- Application security covering micro services security and Restful API from technical and business process and architecture. 

  • MUST HAVE -Application security, penetration testing, red team tool (optional), development background, Should have done Application vulnerability Assessments.

  • GOOD TO HAVE - Infrastructure experience in Azure Cloud OR Microsoft 365 product implementations will be handy , network Architecture n design mostly in Azure space

  • GOOD TO HAVE - Enterprise platform – office 365 is plus and such implementation. 

  • Experience as a Azure DevSecOps engineer is desired 

  • Ability to communicate effectively with senior management as well as highly technical engineers to articulate security positions effectively. 

Job posted by
Ramya Bhaven

Security Engineer (SDE 1/2/3)

at Urbancompany (formerly known as Urbanclap)

Founded 2014  •  Services  •  100-1000 employees  •  Raised funding
Python
NodeJS (Node.js)
Web application security
Information security
Data security
Network Security
Authentication
Authorization
Vulnerability management
Vulnerability assessment
Penetration testing
Design patterns
Cyber Security
Ethical Hacking
vapt
icon
Remote, NCR (Delhi | Gurgaon | Noida), Bengaluru (Bangalore)
icon
2 - 7 yrs
icon
Best in industry
Why are we building Urban Company?

 

The local and home services industry is very fragmented and unorganized. Prior to Urban Company, hiring a plumber, beautician, yoga trainer, math tutor etc. was a painful process. There were no standards, no concept of trust, pricing inefficiencies etc. In a nutshell, the industry was shackled in the “yellow pages” era, and had seen no fundamental innovation for far too long.

The Urban Company team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips. We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.

 

Why are we building Urbancomapny?

Organized service commerce is a large yet young industry in India. While India is a very large market for a home and local services (~USD 50 Billion in retail spends) and expected to double in the next 5 years, there is no billion-dollar company in this segment today.

 

The industry is bare ~20 years old, with a sub-optimal market architecture typical of an unorganized market - fragmented supply side operated by middlemen. As a result, experiences are broken for both customers and service professionals, each largely relying upon word of mouth to discover the other. The industry can easily be 1.5-2x larger than it is today if the frictions in user and professional's journeys are removed - and the experiences made more meaningful and joyful.

 

The Urban Company team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips. We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.

Job Description :

Urbancompany has grown 3x YOY and so as our tech stack. We have evolved in data-driven approach solving for products over the last few years. We deal with around 10TB in data analytics with around 50Mn/day.  We adopted platform thinking pretty at the very early stage of UC. We started building central platform teams who are dedicated solve for core engineering problems around a 2-3 years ago and now it has evolved to a full-fledged vertical. Out platform vertical majorly includes Data Engineering, Service and Core Platform, Infrastructure and Security. We are looking for Security Engineers to build security vertical from scratch. Person who loves hacking, standardisation, have strong knowledge and hands-on experience around building security platform and dictating strong security practices will be an ideal fit here.

Job Responsibilities


  • Working on complex design and architectural problems.
  • Solving security vulnerabilities and building highly insightful security platform
  • Experience in conducting VAPT and handle data security
  • Visioning out the roadmap and thought process behind taking current security loopholes and plan to take it to next level
  • Building and maintaining the high NPS of 70% of Urbancomapny security
  • Strong decision-maker with hands-on experience around coding
  • Think about abstractions, systems, and services and write high-quality code.
  • Think through complex architecture to build robust platforms to solve for security loopholes, automation and protection 

 

Job Requirements


  • A thinker with strong opinions and ability to get those opinions into reality
  • Prior experience of creating complex systems in the past.
  • Ability to build scalable, sustainable, reliable, and secure products based on past experience.
  • Ability to bring new practices, architectural choices, and new initiatives onto the table to make the overall tech stack more robust.
  • History and familiarity with server-side architecture based on APIs, databases, infrastructure, and systems.
  • Ability to own the technical road map for systems/components.

 

What can you expect?

  • A phenomenal work environment, with massive ownership and growth opportunities.
  • A high performance, high velocity environment at the cutting edge of growth.
  • Strong ownership expectation and freedom to fail.
  • Quick iterations and deployments – fail-fast attitude.
  • Opportunity to work on cutting edge technologies.
  • Massive, and direct impact of the work you do on lives of people.
  • Having the skin in the game with lucrative ESOPs
Job posted by
Mohit Agrawal

Cyber Security Engineer

at Infinity Labs India

Founded 2015  •  Product  •  500-1000 employees  •  Profitable
Cyber Security
Python
Demsito
Playbooks
icon
Noida, NCR (Delhi | Gurgaon | Noida)
icon
2 - 10 yrs
icon
₹9L - ₹20L / yr
  • Must have good exposure working in SOAR (Security, Orchestration, Automation, Response)
  • Strong knowledge in End user/ point security.
  • Good hands on Cyber security like SIEM, IAM, PAM.
  • Sound Knowledge into automated incident management using Demisto (or similar technology)
  • Hands on creating playbooks in Python Scripting.
Job posted by
Piyush Agarwal

IT Security Specialist

at Virtual Engineering Services Pvt Ltd

Founded 1997  •  Product  •  20-100 employees  •  Profitable
OWASP
Vulnerability assessment
Web application security
Penetration testing
IT security
Burp suite
Cyber Security
Windows Azure
Web applications
Firewall
cenzic
hailstorm
Appscan
WebInspect
sqlmap
zap
icon
NCR (Delhi | Gurgaon | Noida)
icon
3 - 5 yrs
icon
₹4L - ₹8L / yr

IT Security Specialist

 

 

Roles and Responsibilities

  • Extensive experience of 2-5 years in Vulnerability Assessment and Penetration testing, Web Application security.
  • An Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, CSRF, authentication/authorization, OWASP top 10 issues.
  • Must have working experience in OWASP Top 10 Vulnerabilities Testing in Web applications.
  • Create policy and standards for developers and testers to secure programming in the organization. (secure code review, static application security testing.
  • Experience on both commercial and open source tools Cenzic Hailstorm, Burpsuite, AppScan, WebInspect, Appspider, sqlmap, OWASP ZAP. Assessing cloud security risk (AWS and Azure) and recommending appropriate security controls.
  • Ability to interact with project teams to understand the security requirements and come up with solutions
  • Extensive knowledge of managing Web Application Firewall (Product) including rules management and product administration
  • Strong understanding of networking concept.

 

Desired Candidate Profile

 

  • Excellent knowledge of Microsoft Windows operating environments and with special attention to security and hardening issues.
  • Able to work independently with minimal supervision.
  • Good knowledge of secure software development standard, process, techniques, cloud security policies and tools.
  • Keep stakeholders updated with communications and weekly reporting.
  • Collaborate with Security Platform and Services teams to build and integrate existing security solutions.
  • Excellent communication skills - written, verbal, presentation and interpersonal.
  • Willing to learn new skills and implement new technologies.
  • Should come with bachelor’s degree in engineering, mathematics or master’s in computer application / programing.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Job posted by
Abha Sachdeva

DevSecops- Information Security Architect

at EZEU (OPC) India Pvt Ltd

Founded 2020  •  Services  •  0-20 employees  •  Raised funding
Information security
Security operations
Penetration testing
Security analysis
Cyber Security
devsecops
icon
Pune, Bengaluru (Bangalore)
icon
10 - 15 yrs
icon
₹20L - ₹45L / yr
Security Architectural solutions, designing, Security Analysis, Infrastructure architecture, Application architecture, DevSecOps and cloud understanding, Threat Modelling, Penetration testing, Governance Risk & Compliance
Job posted by
HR Ezeu
Did not find a job you were looking for?
icon
Search for relevant jobs from 10000+ companies such as Google, Amazon & Uber actively hiring on Cutshort.
Get to hear about interesting companies hiring right now
iconFollow Cutshort
Want to apply to this role at IT services provider based out of the US?
Why apply via Cutshort?
Connect with actual hiring teams and get their fast response. No spam.
Learn more
Get to hear about interesting companies hiring right now
iconFollow Cutshort