92 Cloud Security Specialist jobs in Chennai

About the company

Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.

Lexitas offers an array of services including local and national court reporting, medical record retrieval, process service, registered agent services and legal talent outsourcing. Our reach is truly national as well as international.

Lexitas is a MNC Company that has set up a subsidiary in Chennai, India – Lexitas India Pvt. Ltd. This Indian company will be the Lexitas Global Capability Center, helping build a world class IT development team, and over time serve as a Shared Services hub for several of the corporate functions.

For More Information -

This is a Full-Time Job located in Chennai, India.

Summary:

This position supports information security, privacy, risk and compliance programs and activities under the direction of the VP of Information Security or designated Information Security Manager. The position assists in developing and maintaining a comprehensive security program for Lexitas. Providing functional and technical support is important to maintain security posture and protection of electronically and physically stored information assets across our systems. Tasks include supporting design, implementation, configuration, documentation, and maintenance to mitigate risk to the business and its computing resources and assets, as well as collaborating with applicable providers, managing and monitoring tools, and facilitating applicable processes and procedures.

Key Roles and Responsibilities :

• Supports IT security, privacy, risk and compliance systems, processes, supporting activities, with the ability to lead activities and programs.
• Monitors computer networks and associated tools and provider services for security, privacy, risk and compliance issues
• Supports the project management, tracking, and documentation of Information, Privacy, Risk, and Compliance programs, processes, and activities
• Investigate security breaches and cybersecurity incidents.
• Documents security breaches and assesses impact.
• Performs and/or supports security tests, risk assessments, and audits to uncover network, application, and process vulnerabilities and provides guidance and training to ensure violations do not persist.
• Tracks and facilitates the mitigation of vulnerabilities to maintain a high security standard.
• Supports best practices for IT security, privacy and compliance.
• Performs and supports 3rd party vulnerability management and penetration testing.
• Research security enhancements and makes recommendations to management.
• Stays current on information technology trends and security standards.
• Prepares reports that detail security, privacy, and compliance risk assessment findings.
• Supports Security Operations Center functions including monitoring and supporting Incident Response activities.
• Supports all related IT Security, Privacy, Risk and Compliance policies and provides guidance to the business.
• Other Information Security, Privacy, Risk, and Compliance duties as required.

Skills and Abilities:

• Experience with computer network and application vulnerability management and penetration testing, and techniques.
• Solid understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Ability to identify and mitigate network and application vulnerabilities.
• Good understanding of patch management
• Proficient with various OS
• Excellent written and verbal communication skills
• Knowledge of firewalls, antivirus, and intrusion detection system concepts
• Ability to support and document areas of Information Security, Privacy, Risk, and compliance processes and programs.
• Ability to support incident response process.
• Experience directing 3rd Party providers in the areas of Information Security, Privacy, Risk and Compliance
• Support information security controls including physical and data security protecting the confidentiality, integrity and availability of information systems data.
• Preferred KSA’s:
• Strong working knowledge and experience with primary Information Security, Privacy, Risk, and compliance standards and frameworks such as NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc.
• Experience administering information security software and controls.
• Experience supporting process for managing network and application security.
• Network and system administration experience a plus.
• Good understanding of Standard Information Security Baseline Frameworks, Business Continuity, and Disaster Recovery protocols and best practices.
• Exposure to ITIL (Incident/Change Management) – ITIL v3F preferred.
• Learns and monitors the business processes for the areas of primary support responsibility.
• Support annual Security Baseline Audits and execution of recommendations.
• As part of the technology team, performs “Help Desk” day-to-day tasks in support of Information Security, Privacy, Risk, and Compliance.

Education and Experience:

• Bachelor’s degree in computer science or related field strongly preferred.
• IAT Level-2 technical certification strongly preferred (Comp TIA Security+ or CISSP) or ability to obtain within first 90 days of hire.
• 5+ years’ experience performing role of Information Security Analyst or SOC
• Demonstrated experience in responding to, managing, and resolving security incidents.
• Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
• Experience with Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
• Experience working with Security Information and Even Management (SIEM) system is a plus.

Yubi, formerly known as CredAvenue, is re-defining global debt markets by freeing the flow of finance between borrowers, lenders, and investors. We are the world's possibility platform for the discovery, investment, fulfilment, and collection of any debt solution. At Yubi, opportunities are plenty and we equip you with tools to seize it.

In March 2022, we became India's fastest fintech and most impactful startup to join the unicorn club with a Series B fundraising round of $137 million.

In 2020, we began our journey with a vision of transforming and deepening the global institutional debt market through technology. Our two-sided debt marketplace helps institutional and HNI investors find the widest network of corporate borrowers and debt products on one side and helps corporates to discover investors and access debt capital efficiently on the other side. Switching between platforms is easy, which means investors can lend, invest and trade bonds - all in one place. All of our platforms shake up the traditional debt ecosystem and offer new ways of digital finance.

Job Description 

Act as the liaison between business units and corporate security teams to align objectives with robust security strategies.

Serve as the primary point of contact for clients for all security-related questions, concerns, and communications.

Develop and implement security policies, standards, and procedures tailored to business needs.

Lead risk assessments, identifying vulnerabilities that may impact business operations.

Facilitate regular communication between IT, security, and business leaders to ensure alignment.

Guide business units in understanding and mitigating cybersecurity risks.

Oversee compliance with applicable data protection regulations and internal security requirements.

Foster a culture of security awareness through training and effective communication.

Drive incident response planning and coordinate swift actions during security breaches.

Monitor emerging threats and continuously refine security practices to pre-empt risks.

Report risk assessments, metrics, and progress updates to executive leadership for strategic decision-making.

Collaborate with procurement and business teams to assess the security and privacy risks associated with third-party vendors used by the business units, ensuring compliance with TPRM policies.

Facilitate external Infosec audits by coordinating with auditors, providing necessary documentation and access, and ensuring timely responses to audit findings.

Maintain a strong understanding of the organization's security compliance obligations and work with business units to ensure adherence.

Drive initiatives to address compliance gaps and implement necessary controls.

Requirement

Bachelor’s degree in Computer Science, Information Security, or a related field; a Master’s degree is often preferred.

Experience in “ISO 27001” is a must for the role.

2+ years of experience in cybersecurity, risk management, or IT security roles with increasing responsibilities.

Recognized certifications such as CISSP, CISM, or equivalent demonstrate proficiency in security best practices.

Proven track record in leading cross-functional teams and managing security programs in a complex business environment.

Deep understanding of compliance requirements, regulatory frameworks, and the ability to align security strategies with business objectives.

Excellent communication, interpersonal, and stakeholder management skills, with the ability to influence without authority

Strong analytical and problem-solving skills, with the ability to translate technical security concepts into business language.

Ability to work independently and collaboratively within a fast-paced, dynamic environment.

Strong understanding of information security principles, frameworks (e.g., ISO 27001, SOC2, NIST CSF), and relevant compliance regulations.

Role Overview

The Chief Information Security Officer (CISO) will be responsible for establishing and leading the information security strategy, governance, and execution across the Group's NBFC and Agro Trading entities. The role ensures compliance with RBI cybersecurity guidelines, data privacy laws, and sectoral best practices, while aligning security with business growth, digital initiatives, and risk management.

Key Responsibilities

1. Information Security Strategy & Governance

• Develop and implement the Group-wide Information & Cyber Security Framework aligned to RBI NBFC Cybersecurity Directions, ISO 27001, and NIST standards.
• Establish governance mechanisms to oversee security across both financial and agri-trading operations.
• Drive group-level cybersecurity policies, SOPs, and awareness programs .
• Report regularly to the Board / Risk & Audit Committee on cybersecurity posture, risks, and incidents.

2. Regulatory Compliance & Risk Management

• Ensure compliance with RBI's Cyber Security Framework for NBFCs , CERT-In directives, and relevant data privacy regulations (DPDP Act).
• Conduct periodic IT & IS audits, vulnerability assessments, and penetration tests.
• Manage regulatory inspections, audits, and reporting requirements.
• Establish a risk-based approach to protect sensitive customer, financial, and trading data.

3. Security Operations & Incident Response

• Establish a Security Operations Centre (SOC)  / outsource managed services for continuous monitoring.
• Define and lead the Incident Response Plan (IRP)  including detection, containment, investigation, and recovery.
• Coordinate cyber crisis management and business continuity planning across group entities.
• Oversee endpoint security, data protection, identity & access management, and fraud monitoring.

4. Technology & Process Security

• Implement and monitor network, application, and cloud security  controls.
• Secure digital lending platforms, Oracle NetSuite ERP, mobile apps, and multiple customer portals  for Agri Finance and Agri trading entities.
• Ensure trading operations (ERP, commodity platforms, Digital Marketplaces, External Interfaces) are safeguarded from cyber threats.
• Define secure DevSecOps practices for in-house and/or outsourced application development.

5. Leadership & Stakeholder Management

• Lead the Information Security team and coordinate with IT, Risk, Compliance, Legal, and Business Units.
• Work with external vendors, cybersecurity consultants, and regulators.
• Build a culture of security awareness across employees, agents, and third parties.
• Act as the single point of accountability  for group-level cybersecurity.

Qualifications & Experience

• Bachelor's degree in IT/Computer Science/Engineering; Master's preferred.
• Certifications: CISSP / CISM / CISA / ISO 27001 Lead Implementer / CRISC (preferred).
• 12+ years of IT/Information Security experience, with at least 5 years in a leadership role.
• Proven experience in NBFC / BFSI cybersecurity compliance . Exposure to agri trading systems  is an advantage.
• Strong understanding of RBI NBFC guidelines, DPDP Act, NIST, ISO 27001, cloud security, fraud risk management .

Key Competencies

• Strategic thinking with strong risk management mindset.
• Hands-on knowledge of security operations, threat management, and compliance.
• Ability to balance security with business agility and cost constraints of a mid-sized group.
• Excellent communication with senior management, regulators, and external partners.
• Leadership, influence, and cross-functional collaboration.

Success Metrics

• Zero major regulatory non-compliance findings.
• Timely reporting and closure of vulnerabilities and incidents.
• Improved security maturity score (e.g., ISO/NIST assessments).
• Enhanced employee security awareness levels.
• Reduced cyber risk exposure across NBFC and Agro Trading operations.

Network Security F5 WAF (L2 & above)

We are seeking an experienced Network Security Engineer to design, implement, and maintain the security of our enterprise network infrastructure. The ideal candidate will have a strong background in firewall management, intrusion detection/prevention systems, VPNs, and network security architecture. You will play a critical role in safeguarding the organization’s digital assets from internal and external threats.

KEY RESPONSIBILITIES:

Dear Candidate

Tata Consultancy Services is hiring for Cloud Security

Experience: 10+Years

Location: Bangalore / Pune / Hyderabad

Roles and Responsibilities:

We are seeking a Cloud DevOps Engineer with hands-on experience in cloud-native environments and preferably a strong working knowledge of Wiz Cloud Native Application Protection. You will be responsible for reliable delivery of Wiz capabilities and supporting Wiz integration with HSBC cloud (AWS, GCP, Azure, AliCloud) and containers infrastructure. This is a cross-functional role that bridges DevOps and Security, enabling secure and compliant cloud deployment and increased visibility of cloud and containers security posture.

• Wiz management plane: delivery and management to automate day-to-day operations – user onboarding, wiz policy and settings updates, migration between Wiz tenants, automate Wiz integration with cloud and containers platforms.
• Wiz Integration & Management: onboard new cloud and containers accounts into Wiz, recipes for integrating Wiz with CI/CD pipeline, containers registry, ticketing systems.
• Implement custom Wiz reports for different stakeholders by leveraging Wiz API and Graph using GraphLQ, Python etc.
• Build and maintain infrastructure-as-code for Wiz deployments and configurations.
• Contribute to security runbooks, incident response, and policy-as-code documentation.
• Responsible for updating and patching Wiz management plane software and infrastructure.
• Support integration efforts with downstream reporting tools by provisioning and maintaining service accounts and APIs catalogue needed.
• Experience in building management plane for IT systems on cloud platforms to monitor system health using gitOps and CICD pipelines, preferably using Google technology, e.g. CloudRun
• Experience in process automation for making changes to Wiz platform e.g. create new roles, updating roles, automate users onboarding
• Strong scripting or coding skills (Pythons, Go, etc.) to implement custom report and API in Wiz for vulnerability scanning reporting, configuration baseline, and runtime security
• Proficiency with at least one major cloud provider (GCP, AWS)
• Infrastructure-as-Code (iac) experience with terraform, Helm
• Experience in CICD tools (GitHub Actions, Jenkins, CloudRun, AWS system manager)
• Experience in debugging and troubleshooting for Wiz related issues

Regards

S.Shanbaga

Tata Consultancy Services

Human Resources- CSP TAG

Tanium Security Remediation Specialist

Job Description:

We are seeking a skilled security remediation specialist with expertise in Tanium to join our team. The successful candidate will be responsible for reviewing, implementing, and validating security remediations across enterprise environments. This includes running and analyzing Tanium reports, tracking remediation tasks, and providing clear, timely status updates to stakeholders. Tanium TCO certification required.

Experience: 9+ Years

Key responsibilities:

• Leverage Tanium for robust security hardening and compliance across Windows workstations, VDIs, and server infrastructure.
• Collaborate closely with IT directors, application owners, and technical teams to scope, prioritize, and execute remediation efforts.
• Run comprehensive Tanium reports to identify vulnerabilities and measure the effectiveness of implemented controls.
• Track remediation tasks through to completion, ensuring accountability and thorough documentation for audit purposes.
• Provide status updates and reporting to technical and business leadership in a clear, actionable manner.
• Apply best practices for local administration and system security, with hands-on experience in security hardening techniques.
• Maintain awareness of industry standards and frameworks related to endpoint security and vulnerability management.

Your Opportunity The SAP Security & GRC Specialist is responsible for performing all User Management (UM) functions such as user role creations, changes, assignments, and activities, including User Access Review, UM audit requests, and Segregation of Duties (SOD) Risk Assessment.

What you will do

• Develop and implement SAP security governance frameworks tailored to the organization’s needs and aligned with global IT and security best practices.

• Ensure compliance with corporate information security policies and local/international regulations (e.g., SOX, GDPR, LGPD) within SAP environments.

• Regularly review and update SAP security policies, procedures, and standards.

• Conduct periodic audits across SAP systems (e.g., ECC, S/4HANA, SAP B1) to ensure adherence to defined security controls, especially Segregation of Duties (SoD).

• Implement corrective actions to address identified vulnerabilities or non-compliance issues.

• Identify and assess SAP-related security risks and collaborate with stakeholders to define mitigation strategies.

• Maintain and periodically review SAP security risk management plans.

• Monitor and analyze SAP security performance indicators to identify improvement opportunities and support continuous improvement initiatives.

• Lead or actively participate in the design, implementation, and maintenance of User Access Management (UAM) processes for SAP systems.

• Design, review, and maintain SAP roles and authorization objects in accordance with SoD principles and security management standards.

• Analyze, design, implement, and test SAP GRC (Governance, Risk, and Compliance) components, such as Access Control, ARA (Access Risk Analysis), EAM (Emergency Access Management), BRM (Business Role Management), and ARM (Access Request Management).

• Support automation of user provisioning and access control processes, including integration with Active Directory and Identity & Access Management (IAM) tools.

• Work closely with project teams, internal/external auditors, information security, and compliance departments.

• Ensure that SAP Security activities are aligned with corporate governance policies and SOX audit requirements.

• Stay current with evolving security threats, SAP security patches, and relevant technology developments.

What we are looking for

• Proven experience in SAP Security (ECC, S/4HANA, SAP B1, or SAP GRC).

• In-depth understanding of SAP authorization concepts and architecture.

• Hands-on experience with SAP GRC Access Control and SoD analysis.

• Relevant certifications such as SAP Certified Technology Associate – System Security Architect or SAP GRC certifications are a plus.

• Familiarity with IT governance and security frameworks such as COBIT, ISO 27001, NIST, and SOX. • Strong analytical skills, attention to detail, and a high sense of responsibility regarding security and compliance.

Education Requirements

• Bachelor's degree in Information Technology, Information Systems, Computer Science, or related fields.

• Professional certifications such as Certified Information Systems Security Professional (CISSP) may also be desirable for IT Governance candidates.

• English fluency, written and spoken

Technical Requirements

• Solid knowledge of information technology and systems infrastructure.

• Familiarity with information on SAP security practices and compliance.

• Experience working in multicultural and multilingual environments.

• Experienced in strategic planning, compliance audits, and execution of countermeasures.

• High energy and results focused