4+ Security audit Jobs in India
Apply to 4+ Security audit Jobs on CutShort.io. Find your next job, effortlessly. Browse Security audit Jobs and apply today!
Position : India Practice Head We are seeking an experience and Dynamic individual to lead our Cyber Security services in India. As India Practice Head you will be responsible for driving business growth, managing client relationships, and delivering exceptional cyber security services to our clients.
You will work closely with leadership team
to develop and execute the strategic plan for the India Practice.
Key Responsibilities:
- Lead the Cyber security services practice in India including business development, client relationships management, service delivery and offshore business execution coming from US
- Develop and execute the strategic plan for the India practice in alignment with the global cybersecurity services strategy.
- Build and maintain strong relationships with key clients and stakeholders, ensuring their needs are met and exceeded.
- Drive business growth through the development of new services offerings, market analysis, and competitive intelligence.
- Manage and mentor a team of cybersecurity professionals, providing guidance and support to ensure quality service delivery.
- Ensure compliance with relevant laws, regulations, and industry standards in India.
Requirements:
- Bachelor's or Master's degree in Computer Science, Information Technology, or related field.
- At least 15 years of experience in cybersecurity services, with a proven track record of successful business development and client relationship management.
- Strong knowledge of cybersecurity frameworks and standards, such as ISO 27001, NIST, and PCI DSS, CERT-In
- Experience in managing Departments and mentoring a team of cybersecurity professionals.
- Excellent communication and interpersonal skills, with the ability to build and maintain strong relationships with clients and stakeholders.
- Strong leadership skills, with a proven track record of building and leading high-performance teams. Experience in managing cyber security services for mid-enterprises.
- Ability to research and evaluate potential solutions to determine suitability for the organization’s needs. Capability to work in a fast-paced environment and manage multiple projects simultaneously.
- Keep up to date with the latest cybersecurity trends and technologies.
- If you are a driven and experienced cybersecurity professional with a passion for leading and growing a practice, we encourage you to apply for this exciting opportunity.
at Fullness Web Solutions
We are looking for a capable System Administrator to take over all aspects of the configuration and maintenance of computer systems. A System Admin should be able to diagnose and resolve problems quickly and should have the patience to communicate with a variety of interdisciplinary teams and users.
Monitoring and reporting all points mentioned below.
Ensure Security updates are installed:
- Regularly checking whether the Antivirus software is updated for users.
- Regularly monitor platforms like Google to ensure everybody is using up-to-date applications with no security issues.
- Regularly Email users about the security updates that they need to install on their laptops and PCs.
Antivirus
Centrally managed antivirus should be installed on all laptops and mobile devices.
- Adding a purchase request for any additional licence that we might require.
- Pushing new software updates on users’ laptops.
- Keeping up-to-date with antivirus updates so all our devices are secure.
- Miradore user agent
Mobile device and access management
- Set rules and configure settings on personal and organisation-owned devices to access data and networks.
- Deploy and authenticate apps on devices -- on-premises and mobile.
- Protect company data by controlling the way users access and share information.
- Make sure devices and apps are compliant with security requirements.
- Only provide user access to laptops (No admin access, excluding developers)
- All new software installation requests will go through the system admin to make sure nothing is installed on work laptops that poses a security risk.
Vanta compliance-related tickets
- Vanta will continue to monitor and create issues to be compliant with ISO 27K over time. The system administrator must resolve all such system-related tickets.
Access management to different user applications
- Access should be restricted to only what is necessary to perform job duties ("principle of least privilege").
- Technical access to all the company’s networks must be formally documented, including the standard role for approver, grantor, and date.
- Only authorised employees and third parties working off a signed contract or statement of work, with a business need, shall be granted access to the company’s production networks.
- The company’s guests may be granted access to guest networks after registering with office staff without a documented request - guest network management.
Removal media encryption
- Research removable media encryption and figure out if removable media should be implemented and make sure it is always encrypted.
MFA reset and debugging
As we are enabling MFA for more and more applications that we have, more people are likely to have issues with it as the business moves forward.
- Different online applications will have different ways of handling the MFA reset; a system admin should be familiar with all.
Website watcher configuration and email issues
- Software like Website Watcher keeps having email issues, as it sends emails in huge numbers every day. The system administrator must keep an eye on the emails and fix issues promptly as and when they arise.
Office network management
- System admin can help in creating guest networks in the office and making sure that the network is as secure as possible.
Phishing emails
- Finding the optimal solution to prevent phishing emails from getting delivered.
- Verifying emails sent by our staff to check for phishing emails.
Security incidents handling
- System admin must monitor incident and event tickets and assign severity tickets.
- Continuous checks to ensure the security incident policies are being followed and up to date
- A root cause analysis report must be documented and referenced in incident tickets.
- A central "War Room" will be designated for handling security threats. This may be a physical or virtual location (i.e., Slack channel) and managed by the system admin.
- Conducting recurring Incident Response Meetings until the incident is resolved (as per the company's established norms)
Implement password policy
- Password policy must be in place to ensure that users are using secure passwords that are not easily crackable.
Add-ons:
- Devops is a plus point
at Statestreet HCL Services
Dear Candidate,
Greetings from HCL Technologies Ltd.
- Make sense of Cyber security and compliance frameworks that apply to your business or industry
• Identify business risks, taking into account the role of your hosting service provider
• Determine which Cyber security controls are required to mitigate your identified risks
• Improve collaboration and communication during Cyber security Incident mitigation and response.
• Establish the necessary framework based on NIST Framework to maintain and continually improve your information security program over time based on evolving scope and emerging risks
• Document and track efforts for evidence collection and audit preparation
- will have primary responsibility for coordinating and implementing effective Cyber Security management across the account. This role will ensure that all Supplier obligations are met regarding compliance with Security guidelines, data protection, regulations, Supplier policies, and key controls.
- provide implementation and ongoing operation of Security management framework;
- be responsible for coordinating activities to address the key Security risk exposures;
- ensure Security awareness training of, and assistance in the implementation of robust Security management practices across Security operations;
- direct the design of controls to address emerging or new Security risk and compliance requirements;
- carry out regular and frequent assurance reviews of the design and operating effectiveness of Security controls;
- implement, monitor and report on key Security risk indicators to identify and address emerging risks;
- coordinate with other Service Providers and Security functions, to facilitate client’s audits and inspections;
- manage and report on responses and actions to address Security audit points, inspection deficiencies, or control weakness identified during normal operations.
- review outcome of cyber security risk assessment, timely implement open action items and report progress to stakeholders
- incorporate vulnerability testing as an integral part of change management
- Should have good knowledge of Cyber Security Framework and controls
- CISA ,CISM or CISSP certification should be preferred.
- Have good understanding of Security policy and process along with ITSM process.
Credit cards haven't changed much for over half a century so our team of seasoned
bankers, technologists, and designers set out to redefine the credit card for you - the
consumer. The result is OneCard - a credit card reimagined for the mobile
generation. OneCard is India's best metal credit card built with full-stack tech. It is
backed by the principles of simplicity, transparency, and giving back control to the
user.
The Engineering Challenge
“Re-imaging credit and payments from First Principles”
Payments is an interesting engineering challenge in itself with requirements of low
latency, transactional guarantees, security, and high scalability. When we add credit
and engagement into the mix, the challenge becomes even more interesting with
underwriting and recommendation algorithms working on large data sets. We have
eliminated the current call center, sales agent, and SMS-based processes with a
mobile app that puts the customers in complete control. To stay agile, the entire
stack is built on the cloud with modern technologies.
Check out our apps here:
OneCard (Best credit card app) : www.getonecard.app
OneScore (5 million downloads): http://www.onescore.app" target="_blank">www.onescore.app
Security Compliance Lead
Opportunity:
Opportunity to build GRC practice grounds up for new Age Fintech startup, lead and
implement PCI-DSS, ISO-27001, RBI compliances
What you will do:
● Be SME for all applicable regulations, guidelines and industry best practices
to manage risk and ensure compliance.
● Be the single point of contact for all external entities related to Security and
Compliance communications.
● Owner for all security documentation such as policies, standards, and
procedures.
● Owner for driving security controls across all organisation functions.
● Build continuous assessment practice which is superset of all required
regulatory compliance.
● Manages and supports Information Security Risk Management Life-cycle for
the organization.
● Provide adequate security and compliance against specific standards such as
NIST 800-53, NIST 800-171, ISO 27001, SOX, PCI, HIPAA and other
regulatory requirements.
● Identifies and formally documents deviations from published standards,
estimates risk level, recommends appropriate mitigation countermeasures in
operational and non-operational situations.
● Identify potential areas of IT compliance vulnerability and risk; guide the
accountable stakeholders to develop/implement corrective action plans for
resolution, and provide general guidance on how to avoid or deal with similar
situations in the future. Risks should be identified, assessed and monitored on
an ongoing firm-wide and individual entity basis
Experience Range:
4-8 years of experience in Cybersecurity & Risk Compliance Domain in areas
including and limited to: System Security, Network Security , SOC, Risk &
Compliance Management
Technical Expertise:
● Auditing experience in ISO-27001, SOX, NIST, PCI-DSS
● Experience with AWS Security and Compliance.
● Prior experience in the Banking and Financial domain is nice to have.
● Proven experience in Endpoint Security, Network Security, SIEM,SOC
Advanced security tools – SOAR platform, Vulnerability Management, SIEM
● Experience building Threat Modeling practice
● Strong communication skills