Cutshort logo
It security audit jobs

6+ IT security audit Jobs in India

Apply to 6+ IT security audit Jobs on CutShort.io. Find your next job, effortlessly. Browse IT security audit Jobs and apply today!

icon
Astra Security

at Astra Security

1 video
3 recruiters
Human Resources
Posted by Human Resources
Remote only
1 - 2 yrs
₹6L - ₹7L / yr
Web application security
Penetration testing
Vulnerability scanning
Vulnerability assessment
IT security
+4 more

About us:

Astra is a cyber security SaaS company that makes otherwise chaotic pen-tests a breeze with its one of a kind Pentest Platform.

Astra's continuous vulnerability scanner emulates hacker behavior to scan applications for 8300+ security tests. CTOs & CISOs love Astra because it helps them fix vulnerabilities in record time and move from DevOps to DevSecOps with Astra's CI/CD integrations.

Astra is loved by 650+ companies across the globe.


In 2023 Astra uncovered 2 million+ vulnerabilities for its customers, saving customers $69M+ in potential losses due to security vulnerabilities. 


We've been awarded by the President of France Mr. François Hollande at the La French Tech program and Prime Minister of India Shri Narendra Modi at the Global Conference on Cyber Security. Loom, MamaEarth, Muthoot Finance, Canara Robeco, ScripBox etc. are a few of Astra’s customers.


Your mission:  

  • Carrying out VA/PT for web apps, mobile apps, Cloud infrastructure, SaaS apps, network devices, open-source projects etc.
  • Developing and testing rule sets for our DAST scanner.
  • Interacting with clients over remediation calls.
  • Facilitating clients to map out the steps for fixing vulnerabilities.
  • Maintaining our vulnerability management system.


Requirements for the role:

  • CEH or OSCP or CREST certified
  • 1-2 years of experience in doing pentests on multiple assets including web apps, cloud infrastructure etc. Comfortable in Black Box/WhiteBox testing with capability of finding business logic vulnerabilities
  • Experience directly interfacing with customers over calls & emails
  • Able to write & understand code in any one programming language.

Good to have:

  • A few published CVE’s
  • Good bug bounty/CTF experience


Benefits of joining teh Astra Squad:

  • Embrace the cosy remote work lifestyle.
  • Feel the startup adrenaline pumping through your veins.
  • Your brilliance showcased to thousands of eager readers and users.
  • Revel in our open, growth-centric ambiance; it's like a digital playground.
  • Dive deep into the captivating world of cybersecurity.
  • And yes, get ready for some unforgettable workcations—think Chikmagalur & Jim Corbett. 


Read more
Bengaluru (Bangalore)
4 - 10 yrs
₹11L - ₹20L / yr
IT security audit
ISO/IEC 27001:2005
ISMS implementation

1) Determine client needs and expectations and participate in the development of the overall client service plan. Analyse, develop, and implement information security programs, including organizational design and key processes for our clients as per plans

2)Design and develop cyber security strategies and programs for large and complex organizations

3)Define and implement cyber risk management structures, governance models, organizational transformations in the areas of cyber security

4)Develop security policies, processes, procedures. Map controls and compliance requirements. Responsible for risk assessments, gap analysis (against standards and benchmarks), risk mitigation strategy development.

4)Roll out the GRC Cybersecurity controls framework while balancing the approach with end user experience and compliance

5)Develop and tailor approaches, methods and tools to support clients cyber risk programs and initiatives

6)Provide strategic and operational advice in the areas of safeguarding critical information. Identify areas requiring improvement in the client's business processes to enable preparation of recommendations. 7)Evaluate, implement and operationalize security controls, define metrics for measure performance and establish a framework for continuous monitoring and improvement and Play substantive role in internal and external client relationship and communication

8)Interact with CxOs to define the roadmap for GRC strategy.

9Help build Cyber Transformation practice by getting involved in areas beyond engagement delivery such as pre-sales, RFP response, solution designing, competency development and Go to market strategies

10)Create or help create though leadership content in the emerging areas of Cyber Strategy and Risk Transformation .


Immediate Joiners

Read more
Bengaluru (Bangalore)
5 - 5 yrs
₹10L - ₹12L / yr
Information security
Network Security
IT security
IT security audit
ITGC
+12 more

Job description – Information Security (Network)

Roles and Responsibilities

Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

 

Work profile of individual

  • As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
  • Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
  • Will be an active participant in internal / third party system security reviews and audits on customer engagements
  • Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
  • Will be responsible for implementation of new projects under Information Security Domain
  • Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
  • Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
  • Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
  • Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
  • Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

 

Team work

  • Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
  • Individual would predominately work with off-shore engagement teams and relevant  teams on presale and cyber security delivery.
  • Communication, written and verbal, with these teams would be expected.
  • Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
  • Team members would be required to handle multiple tasks at the same time.
  • Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

 

Desired Candidate Profile

  • Bachelors
  • Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
  • Experience : 3-5 years

Knowledge Required:

  • Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
  • Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
  • Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
  • Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
  • Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
  • Good knowledge on Privacy, Governance and reporting
  • Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
  • Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
  • Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

 

Additional Responsibilities:

 

  • Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
  • Good knowledge on software configuration management systems and license Management systems
  • Awareness of latest technologies and Industry trends
  • Logical thinking and problem solving skills along with an ability to collaborate
  • Understanding of the financial processes for various types of projects and the various pricing models available
  • Ability to assess the current processes, identify improvement areas and suggest the technology solutions
  • One or two industry domain knowledge
  • Client Interfacing skills
  • Project and Team management
Read more
Bengaluru (Bangalore)
3 - 5 yrs
₹12L - ₹16L / yr
IT security
IT security audit
Information security
Security audit
ITGC
+13 more

Job description- Information Security(Financial)

Roles and Responsibilities

HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

 

Work profile of individual

  • As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
  • Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
  • Will be an active participant in internal / third party system security reviews and audits on customer engagements.
  • Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
  • Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
  • Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
  • Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

 

Team work

  • Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
  • Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
  • Communication, written and verbal, with these teams would be expected.
  • Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
  • Team members would be required to handle multiple tasks at the same time.
  • Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

  • Bachelors
  • Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
  • Experience : 3-5 years

 

Knowledge Required:

  • Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
  • Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
  • Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
  • Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
  • Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
  • Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
  • Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
  • Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

 

Additional Responsibilities:

 

  • Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
  • Good knowledge on software configuration management systems and license Management systems
  • Awareness of latest technologies and Industry trends
  • Logical thinking and problem solving skills along with an ability to collaborate
  • Understanding of the financial processes for various types of projects and the various pricing models available
  • Ability to assess the current processes, identify improvement areas and suggest the technology solutions
  • One or two industry domain knowledge
  • Client Interfacing skills
  • Project and Team management
Read more
Banyan Data Services

at Banyan Data Services

1 recruiter
Sathish Kumar
Posted by Sathish Kumar
Bengaluru (Bangalore)
4 - 10 yrs
₹8L - ₹20L / yr
Information security
Splunk
Cyber Security
IT risk management
IT security audit
+9 more

Information Security Specialist

Notice Period: 45 days / Immediate Joining

 

Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA. 

 

We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.

 

It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges. 

 

Key Qualifications

 

· Design, deploy, and support Information Security Solutions provided by BDS

 

· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms

 

· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.

 

· Research and strategic analysis of existing, and evolving all IT and data security technologies

 

· Establish baselines to define required security controls for all infrastructure components and application stack

 

· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.

 

· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts

 

· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up

 

· Must be able to work a flexible schedule during off-hours

 

Key Skills & Qualification

 

· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance

 

· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)

 

· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk

 

· Exposure of the security audit tools on public cloud platforms

 

· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture

 

· Certified Ethical Hacker would be a plus

 

· Handling of Security audits is a must

 

· Proven interpersonal skills while contributing to team effort by accomplishing related results

 

· Passion for learning new technologies and the ability to do so quickly.

http://www.banyandata.com" target="_blank">www.banyandata.com 

Read more
Technomech Consultancy

at Technomech Consultancy

1 recruiter
Laxmi Ghoble
Posted by Laxmi Ghoble
Pune, Mumbai, Bengaluru (Bangalore)
5 - 12 yrs
₹15L - ₹25L / yr
CISA
CISSP
Cyber Security
Information security
CEH
+4 more

Position: IT Auditor

Experience: 4-12 Years

Location: Pune

Key Skills Required:

CISA, CISSP, CISM, IT Audit, Technology Audit, IT Infrastructure Audit, Application Security Audit, Information Security Audit, Cyber Security Audit, Cloud Security, Ethical Hacker

Additional key words: Vulnerability assessment, Penetration Testing, ITGC testing, Cloud Computing,

 

 

IT AUDITOR is responsible to plan and perform the audit assignment starting from audit announcement, audit planning, field work, audit quality reviews, pre-closing / closing meetings with the respective Directors / Head of the Departments including writing of the audit report and its finalization as well as follow up of the audit actions. Additionally IT AUDITOR will also be responsible to:
•    Evaluate IT systems, processes and projects in place;
•    Determine risks to the Group’s information assets, and help identify methods to minimize those risks;
•    Ensure information management processes are in compliance with IT-specific laws, policies and standards;
•    Determine inefficiencies in IT systems, IT projects and associated management processes and
•    Consult in IT projects, new initiatives and organizational frameworks.

Description

 

Audit Planning

1)    Perform audits at Volkswagen Group entities. and other concerned Volkswagen Group Companies with focus on IT processes keeping the associated business risks in mind.
2)    Participate in the preparation of audit objective & scope document along with audit schedule based on the audit objective and timeline specified by Head of IT Audit India Hub.
3)    Participate in the preparation of work program

Audit Process

1)     Prepare and conduct preparatory interviews with the Directors and Heads of the audited departments to identify the processes to be assessed during the audit.
2)     Request and collect relevant audit data for analysis from respective business areas.
3)     Prepare audit matrix on periodic basis to record the audit field work and update the progress of the audit to IT Audit Manager and the Head of IT Audit Hub India.
4)    Define actions including relevant controls to mitigate the business risks identified based on the evidences provided during the audit.
5)    Organize and conduct pre-closing meetings with business areas to agree upon audit observations and relevant actions.
6)    Prepare and conduct closing meetings with the Directors / Heads of the Department for audited division to agree upon the audit observations, risks and proposed actions.
7)    Prepare the draft audit report and submit the same to the  IT Audit Manager and the Head of IT Audit India Hub for review.
8)    Ensure that adequate documentation is prepared for the audit assignment. Peer review changes are done before release of the final audit report to the business area.
9)    Contact business area to review the progress of the implementation of audit actions defined in the final audit report. Based on the review, write the status of the follow up and submit the same for upload in RIAS.
10)    Obtain necessary certifications / qualifications to support the job requirements by attending relevant trainings
11)    Support the conduction of unscheduled audits/special investigations and audits from the anti-corruption system.
12)    Relevant knowledge is shared among the team members.
13)    Consult in IT projects, new initiatives and organizational frameworks.
14)    Ensure information management processes are in compliance with IT-specific laws, policies and standards.
15)    Determine risks to the Group’s information assets, and help identify methods to minimize those risks.
16)    Evaluate IT systems, processes and projects in place.
17)    Determine inefficiencies in IT systems, IT projects and associated management processes.

Read more
Get to hear about interesting companies hiring right now
Company logo
Company logo
Company logo
Company logo
Company logo
Linkedin iconFollow Cutshort
Why apply via Cutshort?
Connect with actual hiring teams and get their fast response. No spam.
Find more jobs
Get to hear about interesting companies hiring right now
Company logo
Company logo
Company logo
Company logo
Company logo
Linkedin iconFollow Cutshort