217 Conducting Security Audits jobs in Mumbai
DCO – Risk & Control Assessment (RCA) – AVP
Posted today
Job Viewed
Job Description
Description
Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture.
The Corporate Bank (CB) DCO has functional responsibility for providing a central point of oversight over the CB Risk & Control Assessments (RCA).
This includes supporting the business by driving Risk & Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM guidelines. RCA is a key component of the bank's non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks.
What we will offer you
As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
Your Key Responsibilities
Your Skills & Qualifications:
How we’ll support you
AVP/Sr Manager - AI/ML Security Risk Assessment Specialist with a Large Private Bank
Posted today
Job Viewed
Job Description
Job Summary
The AIML Security Risk Assessment Specialist will play a critical role in validating reports and making final risk assessments for AIML models used in various business applications and use cases. This role will work closely with the Digital Risk Management Portfolio team to ensure the security and integrity of AIML models, use case along with applications.
Key Responsibilities
- Risk Assessment: understand the business requirement, finalise the scope and perform end to end risk assessment.
- Validate reports from various sources and make final risk assessments for AIML models, considering factors such as data quality, model performance, and potential security threats.
- Conduct Security Risk assessment for GenAI models, tools, and platforms risk assessment.
- Perform in-depth risk assessments of GenAI systems and associated data pipelines, both internally developed and third party.
- Evaluate the risk profile of different model architectures (e.g. transformer-based LLMs, multimodal models) and deployment types (cloud, edge, open-source, API-based)
- AIML Model Review: Review AIML models for potential security vulnerabilities, including data poisoning, model evasion, and adversarial attacks.
- Report Analysis: Analyse reports from AIML model testing and validation teams to identify potential security risks and provide recommendations for mitigation.
- Risk Classification: Classify risks associated with AIML models and provide recommendations for risk mitigation and remediation.
- Collaboration: Work closely with cross-functional teams, including data science, engineering, and security, to ensure secure AIML system development and deployment.
- Review AIML use cases and provide assurance/feedback/confirmation on feedback.
- Reasonable understanding on LLM security, Agentic and RAG security
Required Skills
- AIML Fundamentals: Strong understanding of AIML concepts, including machine learning, pipelines, model architecture deep learning, and natural language processing.
- Secure software development and MLOps (DevSecOps Principles)
- Hands-on experience with GenAI toolkits and APIs (e.g. OpenAI, Claude, Bard, LLaMA, Hugging face transformers.
- Security Expertise: Experience with security risk assessment, threat modelling, and vulnerability management.
- Analytical Skills: Excellent analytical and problem-solving skills, with the ability to interpret complex data and reports.
- Communication: Strong communication and collaboration skills, with the ability to provide clear and concise recommendations.
Experience
- Experience with AIML Security Frameworks: Familiarity with AIML security frameworks and guidelines Gartner / NIST 100 / ISO 42001
- Knowledge of Regulatory Requirements: Understanding of regulatory requirements, such as GDPR, HIPAA, or CCPA.
- Experience with Risk Management: Familiarity with risk management frameworks and methodologies, such as NIST or ISO 27001, ISO 31000.
- Experience overall in Information & cyber security domain
- Understanding of BFSI domain so that terms like DPSC, payments ecosystem, API banking, Cloud, IAM, application security etc in context of risk assessment and management.
Education
- Bachelor's or Master's degree in Computer Science, Information Security, or related field.
- Minimum 7-15 years of experience with 2-3 years of experience* in AIML / GenAI security, risk management, or related field.
- CISA, CISM or at least AIML security certification
This job description highlights the key responsibilities and required skills for an AIML / GenAI Security Risk Assessment Specialist role. The focus is on validating reports, making final risk assessments, and providing recommendations for risk mitigation and remediation.
FIC Risk and Control Assessment (RCA) - #VeteranHiring
Posted today
Job Viewed
Job Description
Description
The BCU team is principally responsible for:
In addition to working closely with the business heads, the group’s reach and interaction is broad, including engagement with the Corporate Relationship Management (Coverage) Divisional Control Officer (DCO) and those functions forming the 2nd and 3rd LoD, for example Compliance, Anti Financial Crime (AFC), Non-Financial Risk Management (NFRM), Legal, Group Audit and others. This role will be to support the Global BCU function in various capacities.
What we’ll offer you
As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
Your key responsibilities
The Candidate within the team would be primarily responsible for RCA and would be required to: -
Candidate would also be responsible for: -
Your skills and experience
How we’ll support you
Information Security Manager

Posted 17 days ago
Job Viewed
Job Description
This position is responsible for the leadership of the India Information Security (IS) department as part of the Global Information Security Directorate. Areas of responsibility will include coordination with the other IS Departments to ensure standard enforcement of security polices and controls, interfacing with local India IT teams and business leaders, and mitigating risks to the organization's information assets.
**Responsibilities :**
+ Manage India Information Security team's day to day operations.
+ Support the global Security Operations (SecOps) department to safeguard digital assets by assisting with detecting, investigating, and resolving cybersecurity threats
+ Assist the global Governance, Risk & Compliance (GRC) department with enforcing cybersecurity policies, overseeing cybersecurity risk, facilitating cybersecurity compliance audits, and conducting cybersecurity awareness training.
+ Assist the global Cybersecurity Infrastructure and Design (CID) department with management and maintenance of the cybersecurity systems, platforms, and controls.
+ Implement Secure Software Development Lifecycle (SSDLC) in India office by enforcing the compliance of global policies, processes, procedures and principles.
**Qualifications**
+ Bachelor's degree in Cyber/Information Security or Information Technology, Computer Science, Computer Engineering
+ Professional certifications such as CISSP, CISM, or equivalent multi-domain cybersecurity focused certification.
+ At least 10 years of experience in IT security management, with a proven track record of managing teams in global matrix environment
+ Experience with security technologies: EDR, SIEM, SOAR, CASM, CASB, CSPM, IAM, PAM
+ Excellent communication and interpersonal skills to effectively engage internal stakeholders.
+ Demonstrated ability to analyze complex security issues, devise solutions, and enforce established security controls.
+ Strong leadership skills to drive standardization of processes, procedures, and principles.
**Job** Engineering
**Primary Location** India-Maharashtra-Mumbai
**Schedule:** Full-time
**Travel:** No
**Req ID:**
**Job Hire Type** Experienced Not Applicable #BMI N/A
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Architect
Posted 5 days ago
Job Viewed
Job Description
Information Security Analyst
Posted 6 days ago
Job Viewed
Job Description
Key Responsibilities:
- Monitor security alerts and investigate potential security incidents.
- Conduct vulnerability assessments and penetration testing.
- Develop and implement security policies and procedures.
- Analyze security threats and recommend mitigation strategies.
- Assist in the development of incident response plans.
- Perform security configuration reviews and audits.
- Contribute to security awareness training.
- Stay updated on emerging cybersecurity threats and technologies.
- Collaborate with IT teams on security best practices.
- Bachelor's degree in Computer Science, IT, or Cybersecurity.
- 2-4 years of experience in information security or cybersecurity.
- Relevant certifications (e.g., CISSP, CEH, Security+).
- Experience with SIEM, IDS/IPS, and endpoint security solutions.
- Strong understanding of network security principles.
- Excellent analytical and problem-solving skills.
- Effective communication and interpersonal abilities.
Be The First To Know
About the latest Conducting security audits Jobs in Mumbai !
Information Security Architect
Posted 6 days ago
Job Viewed
Job Description
Information Security Analyst
Posted 7 days ago
Job Viewed
Job Description
Responsibilities:
- Monitor security systems for potential threats and anomalies.
- Investigate and respond to security incidents and breaches.
- Conduct vulnerability assessments and penetration testing.
- Implement and maintain security controls and countermeasures.
- Develop and update security policies, procedures, and guidelines.
- Perform regular security audits and compliance checks.
- Analyze security trends and recommend improvements to the security posture.
- Collaborate with IT and development teams on secure system design and implementation.
- Provide security awareness training to employees.
- Stay current with emerging cybersecurity threats and technologies.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Proven experience in information security or cybersecurity roles.
- Strong understanding of cybersecurity principles, best practices, and frameworks (e.g., NIST, ISO 27001).
- Proficiency with security tools such as SIEM, IDS/IPS, firewalls, and EDR solutions.
- Experience with vulnerability assessment and penetration testing methodologies.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong communication and interpersonal skills.
- Ability to work effectively in both a remote and office environment.
- Relevant security certifications (e.g., CISSP, CompTIA Security+) are a plus.
Information Security Analyst
Posted 7 days ago
Job Viewed