339 Asset Protection jobs in India

Location

The successful candidate shall be placed at Pune Location. It is a Full-time Job, “No” remote work. Information Security Officer/Associate willing to work on a 12-month contract/full-time may apply.

Experience

Candidates should have experience between 4-6 years

Role Description

We’re Hiring: Information Security Officer/Associate

We are looking for people who are passionate about making data safer, secure, and accessible through appropriate systems, processes, and rules. Information Protection is the key function and additional data security sub-functions (like data discovery, classification, and protection), we would require a specialist like you to support with the below high-level responsibilities, amongst others.

Responsibilities

• Data Discovery and Classification(DDC): Design Data Discovery Processes, Develop comprehensive Data Lifecycle Management processes to identify, classify, and protect sensitive data across the organization.
• Create Standard Operating Procedures (SOPs): Draft and implement templatized SOPs for data analysis, ensuring consistency and focus on risk reduction.
• Automate Processes: Identify and coordinate automation opportunities within Data Discovery to improve efficiency and accuracy.
• Data Protection (DP) – DLP + CASB + Insider Threat Management: Perform detailed analysis of DLP incidents to identify policy violations, insider threats, or data exfiltration attempts. Investigate CASB alerts, Triage and categorize incidents by severity, business impact, and risk
• Reporting: Provide detailed reports to management stakeholders, highlighting the addressed risks, process improvements, and actionable insights
• Work closely with teams like IT Security Team, Cloud Centre of Excellence (CCoE), IT Help Desk, IP Management and IT GRC etc to develop systems & SOPs

Requirements

• Hands-on experience with Sentinel
• Proven experience in Data Security domain
• Training in any of SC 200 / SC 400/ CompTia Security+ / CEH
• Zscaler EDU 220/ Zscaler EDU -22/ Microsoft Ninja for Cloud Apps
• BigID Fundamentals / BigID Security Professional
• Proficiency in general system troubleshooting for Windows and MAC
• Configure advanced auditing and reporting capabilities to monitor compliance adherence.
• Ensure secure data governance across on-premises, cloud, and hybrid environments

About Us

Terra TCC is a Technology & Sustainability company offering services in Software, Environmental consulting, and Staff Augmentation to top-notch clients. We continuously strive to help companies find the right technology, the right services and the right talent for their needs. Learn more at

Any information that is shared with us, shall be retained as per company's data privacy policy. In case you wish to revise, modify or delete any of the submitted information, please write back to us. See contact details on

About the company

Credit cards haven't changed much for over half a century so our team of seasoned bankers, technologists, and designers set out to redefine the credit card for you - the consumer. The result is OneCard - a credit card reimagined for the mobile generation. OneCard is India's best metal credit card built with full-stack tech. It is backed by the principles of simplicity, transparency, and giving back control to the user.

Key Responsibilities:

Security Strategy and Governance:

1. Develop, implement, and maintain a comprehensive information security roadmap and strategy aligned with business objectives.
2. Establish, mature, and enforce security policies, standards, and procedures to ensure a robust governance framework.
3. Collaborate with executive leadership on budget planning, forecasting, and management for security-related expenditures.

Audit and Compliance Management:

1. Lead and manage all aspects of internal and external audits, including those from regulatory bodies and clients (vendor due diligence).
2. Serve as the primary point of contact for auditors, ensuring all evidence requests are fulfilled accurately and on time.
3. Drive the remediation and closure of audit findings by coordinating with relevant technical and business teams.
4. Ensure ongoing compliance with key standards and regulations, including ISO 27001, ISO 22301, Credit Information Companies (CIC), and data localization laws.
5. Conduct routine compliance activities, such as management review meetings, to maintain certifications and ensure continuous improvement.

Risk and Vendor Management:

1. Establish and operate a robust vendor due diligence (VDD) program, working with internal teams and external audit vendors to assess third-party risk.
2. Oversee the end-to-end financial process for security vendors, including obtaining proposals, securing internal approvals, and tracking payments.
3. Identify, assess, and communicate security risks to the company's leadership and other key stakeholders.

Security Operations and Collaboration:

1. Act as the primary security advisor for the company, working closely with various technical teams and Technology Service Providers (TSPs).
2. Provide expert guidance and oversight for the implementation and management of security controls across key domains, including:

Cloud Security:

1. Advise on best practices for securing AWS environments.
2. Application Security: Champion the integration of security into the SDLC (SAST/DAST, penetration testing).

Network & Endpoint Security:

1. Guide the deployment and configuration of firewalls, WAF, IDS/IPS, and EDR solutions.
2. Identity & Access Management (IAM): Ensure robust implementation of SSO, MFA, and privileged access controls.

Qualifications and Experience:

1. Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
2. 5-6 years of progressive experience in information security, with a focus on governance, risk, and compliance.
3. Demonstrated experience in developing or significantly maturing an information security program.
4. In-depth, hands-on experience leading and facing audits for frameworks like ISO 27001, SOC 2, or PCI DSS.
5. Professional certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Auditor/Implementer are highly desirable.

Skills and Competencies:

1. Leadership and Ownership: A strategic leader with the ability to operate with a high degree of autonomy. Possesses a strong sense of ownership and takes full responsibility for the security posture of the company.
2. Independent Decision-Making: Proven ability to make critical, well-reasoned decisions independently and confidently drive security initiatives forward.
3. Stakeholder Management: Exceptional communication and interpersonal skills, with the ability to effectively articulate complex security concepts and risks to diverse stakeholders, including company directors, executive leadership, and heads of technology departments.
4. Broad Technical Proficiency: Strong, advisory-level knowledge across multiple security domains (Cloud, Network, Application, Endpoint, IAM).
5. Compliance Expertise: Deep understanding of ISO 27001, ISO 22301, CIC, and data localization principles.
6. Creative Problem-Solving: A proactive and innovative approach to identifying and solving complex security challenges in a dynamic environment.

• Developing and enforcing information security policies, standards, and guidelines.
• Conducting regular risk assessments to identify potential security vulnerabilities and threats.
• Implementing and managing security controls, including access management, data protection, and network security.
• Developing and managing the organization's incident response plan and coordinating incident management activities.
• Overseeing the implementation and maintenance of security technologies such as firewalls, IDS/IPS, and endpoint security solutions.
• Ensuring compliance with relevant data protection regulations and industry best practices (e.g., ISO 27001, GDPR).
• Conducting security awareness training programs for employees.
• Monitoring security logs and performing regular security audits.
• Investigating security breaches and recommending corrective actions.
• Collaborating with IT teams to ensure the security of systems and applications.
• Staying informed about emerging security threats and vulnerabilities.
• Managing relationships with third-party security vendors.

• Conduct passenger and baggage screening using advanced security equipment (X-ray scanners, metal detectors).
• Perform regular patrols of terminal buildings, airside areas, and other sensitive locations.
• Monitor surveillance systems (CCTV) to detect and report suspicious activities.
• Enforce airport security regulations and protocols for passengers, staff, and visitors.
• Respond to security alerts, incidents, and emergencies in a prompt and professional manner.
• Identify and apprehend individuals involved in security breaches or criminal activities.
• Conduct access control checks for restricted areas and personnel.
• Provide security escorts for VIPs, valuable cargo, or during sensitive operations.
• Collaborate closely with law enforcement agencies, airline personnel, and airport management.
• Prepare detailed incident reports and maintain accurate logs of security activities.
• Maintain a high level of vigilance and situational awareness at all times.
• Uphold the highest standards of professionalism, integrity, and customer service.
• Assist passengers with security-related queries and provide guidance when necessary.

• High school diploma or equivalent required.
• Previous experience in security, law enforcement, or military service is highly desirable.
• Valid security licenses and certifications as required by aviation authorities.
• Ability to pass rigorous background checks and drug screenings.
• Excellent observation and situational awareness skills.
• Strong communication and interpersonal skills.
• Physical fitness and ability to stand/walk for extended periods.
• Proficiency in operating security screening equipment and CCTV systems.
• Ability to remain calm and act decisively under pressure.
• Team-oriented with the ability to work independently.
• Must possess a valid driver's license.
• Willingness to work flexible shifts, including nights, weekends, and holidays.

We are seeking an experienced Chief Information Security Officer (CISO) to lead and enhance the organization’s cybersecurity framework. The ideal candidate will have 15+ years of experience in IT Security , preferably within the insurance or banking sector , with exposure to multinational environments . A B.E. degree is preferred, along with certifications such as CISA, CISSP, or CISM .

The CISO will define and execute the enterprise-wide security strategy , aligning it with business goals and regulatory requirements. The role involves reporting to the Board and executive leadership on cyber risk and readiness, overseeing risk assessments, incident response, and compliance with frameworks like ISO 27001, NIST, GDPR, and PCI-DSS .

The candidate should possess strong analytical, techno-managerial, and problem-solving skills , with the ability to embed security across IT and business functions. Responsibilities include vulnerability management, threat monitoring, business continuity planning , and security awareness initiatives .

This is a strategic leadership role for a professional capable of combining vision and execution , ensuring robust protection of the organization’s digital assets while fostering a proactive, security-conscious culture across teams.

Would you like me to make a LinkedIn-friendly version (under 120 words) next?

Academic: Graduation in any discipline, B.E will be preferred; along with professional certification like CISA/ CISSP etc. is mandatory

Experience: 15 years and above experience in IT security, preferably from GI or banks

Experience of working with multi-national organisations, will be preferred

Competencies

• Good understanding and knowledge of evolving IT technologies, frameworks and solutions
• Understanding Business and IT landscape and applying security mindset to address issues and requirements
• Analytical and problem-solving abilities with a security mindset to identify and fix security risks and issues.
• Good Techno managerial skills

Primary Responsibilities-

• Define and execute the enterprise-wide information security vision and strategy.
• Align security initiatives with business goals and regulatory requirements.
• Report regularly to the board and executive leadership on cyber posture and risk.
• Oversee IT risk assessments, threat modeling, and mitigation strategies.
• Ensure compliance with frameworks like ISO 27001, NIST, GDPR, PCI-DSS, HIPAA, etc.
• Lead disaster recovery and business continuity planning.
• Manage incident response and breach investigations.
• Direct the implementation of security technologies and infrastructure.
• Monitor emerging threats and evaluate defensive capabilities
• Develop and enforce security policies, standards, and procedures.
• Lead security awareness and training programs across the organization.
• Liaise with legal, HR, IT, finance, and external regulators.
• Manage Vulnerability Management program
• Oversee audit activities and ensure closure of reported observations within defined TAT
• Manage security KPIs and metrics for security effectiveness
• Conduct regular security assessments and measure effectiveness of controls
• Review IT architecture and provide adequate security controls to mitigate risks.
• Consult, advice, coordinate and support Business, IT teams and other internal and external stakeholders to meet security requirements.