602 Cybersecurity Engineer jobs in Mumbai

• Designing, implementing, and maintaining enterprise-wide cybersecurity infrastructure and solutions.
• Developing and enforcing security policies, standards, and procedures across the organization.
• Leading the evaluation and adoption of new security technologies and best practices.
• Overseeing security operations, including threat detection, incident response, and vulnerability management.
• Architecting secure cloud environments (AWS, Azure, GCP) and ensuring their compliance.
• Conducting security risk assessments and developing mitigation strategies.
• Leading penetration testing exercises and coordinating remediation efforts.
• Mentoring and guiding junior cybersecurity engineers and analysts.
• Collaborating with IT and development teams to integrate security into the SDLC.
• Developing and delivering security awareness training programs.
• Managing security incidents, performing forensic analysis, and leading recovery efforts.
• Staying abreast of emerging threats, vulnerabilities, and cybersecurity trends.
• Representing the cybersecurity team in cross-functional projects and leadership meetings.
• Ensuring compliance with relevant security regulations and standards (e.g., ISO 27001, GDPR).
• Building and maintaining strong relationships with external security partners and vendors.

• Lead the development and implementation of automotive cybersecurity strategies, policies, and standards across the product lifecycle.
• Conduct threat modeling, risk assessments, and security analysis for in-vehicle networks, ECUs, and connected services.
• Define security requirements for hardware and software components, ensuring compliance with industry standards (e.g., ISO/SAE 21434, WP.29).
• Design and implement security solutions, including encryption, authentication, intrusion detection/prevention systems, and secure communication protocols.
• Collaborate with cross-functional teams (hardware, software, systems engineering, product management) to integrate security best practices into product development.
• Evaluate and select security technologies and vendors.
• Develop and deliver security training to engineering teams.
• Stay ahead of emerging automotive cybersecurity threats and vulnerabilities, and proactively develop mitigation strategies.
• Lead incident response activities for security breaches.
• Contribute to the company's intellectual property portfolio in automotive cybersecurity.

• Lead the definition and implementation of automotive cybersecurity architecture and requirements.
• Develop and deploy security solutions for in-vehicle networks (e.g., CAN, Automotive Ethernet), ECUs, and connected services.
• Conduct threat modeling, risk assessments, and vulnerability analysis for automotive systems.
• Design and implement secure coding practices and guidelines for embedded software development.
• Evaluate and integrate cryptographic solutions, secure boot, and intrusion detection systems.
• Develop and maintain security testing methodologies, including penetration testing and fuzzing.
• Collaborate with hardware and software engineering teams to ensure security is integrated throughout the product lifecycle.
• Stay current with automotive cybersecurity standards (e.g., ISO/SAE 21434, UNECE WP.29) and emerging threats.
• Mentor and guide junior cybersecurity engineers, fostering a strong security culture.
• Represent the company in industry forums and contribute to the advancement of automotive cybersecurity.
• Work closely with product management and legal teams on compliance and regulatory requirements.

• Master's degree or Ph.D. in Electrical Engineering, Computer Science, Cybersecurity, or a related field.
• Minimum of 10 years of experience in cybersecurity, with at least 5 years focused on automotive systems.
• In-depth knowledge of automotive architectures, ECUs, and communication protocols (CAN, LIN, Ethernet).
• Expertise in embedded systems security, cryptography, secure boot, and TLS/SSL.
• Proficiency in security analysis tools and techniques, including penetration testing and vulnerability assessment.
• Strong understanding of relevant cybersecurity standards and regulations.
• Experience with secure software development lifecycle (SSDLC) methodologies.
• Excellent analytical, problem-solving, and debugging skills.
• Strong communication and leadership abilities, with experience managing complex projects.
• Ability to work independently and effectively in a remote, collaborative environment.
• Relevant certifications (e.g., CISSP, automotive cybersecurity specific certs) are a plus.

Urgent Opening for Cyber security | Freshers | Navi Mumbai

Posting Title: Information Security Analyst (SOC)

Company Name: Inspiroz IT Services Pvt ltd

Job Location: Ghansoli, Mahape

Work Mode: Work from office

Job Description

The primary function of the SOC Associate is to analyse any incidents flagged by the Security Tools and undertake a detailed investigation of the Security Event. The SOC Associate shall determine whether the security event will be classified as an incident. They will be coordinating with the customer IT/ in house Managed services team for resolution of the Security Incident.

Responsibilities:

• Escalate validated and confirmed incidents to Managed Services team.
• Notify Account Managers of incident and required mitigation work.
• Fine-tune SIEM rules to reduce false positive and remove false negatives.
• Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation.
• Proactively research and monitor security information to identify potential threats that may impact the organisation.
• Develop and distribute information and alerts on required corrective actions to the organisation.
• Learn new attack patterns, actively participate in security forums.
• Work closely on Vulnerability Assessment and coordinate with Managed services team.
• Understand the structure and the meaning of logs from different log sources such as FW, Servers, and End User Devices.
• Perform analysis and report breaches in Backup Compliance such as Barracuda, EMC Avamar, Datto.
• Perform threat intel research.
• Open and update incidents in ConnectWise Manage to report the alarms triggered or threats detected. Analysts should properly include for each incident on CW Manage all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
• Track and update incidents and requests based on client's updates and analysis results.

Requirements

• Knowledge or hands-on experience of implementation and management of CrowdStrike Falcon, ConnectWise Manage, ConnectWise Automate, Windows AD, Linux and Infra technology.
• Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments.
• Should have expertise in TCP/IP network traffic and event log analysis.
• Knowledge and hands-on experience with Falcon CrowdStrike, ConnectWise Manage, Bit Defender Gravity would be nice to have.
• Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
• Configuration and Troubleshooting experience on Checkpoint, Cisco, FortiGate, Palo Alto and SonicWALL firewalls would be an added advantage.
• Knowledge of Scripting.

Timings for Shifts: (10 hrs Shift – 5 days working)

7:30 am - 5:30 pm

12:30 pm - 10:30 pm

7:30 pm - 5:30 am

9:30 pm - 7:30 am

Work Experience: 0 - 6 Months

Additional Skills: CCNA, MCP

Company Background:

Inspiroz IT Services Pvt Ltd - At Inspiroz IT, we solve technology challenges by providing unmatched expertise through strategy, implementation, and managed services. Inspiroz, IT provides ongoing support and maintenance services through a unique model that blends on site and remote support for existing IT infrastructure and devices to sustain their purpose and benefits. We partner with school leaders, educators and corporates to improve the way technology is used to drive transformational outcomes and achieve operational goals. With stable, portable and scalable IT, we prepare and support each technological environment through various phases of evolution and growth. We take a unique approach to the use of technology in schools and corporates. Our Customer Promise is to be Helpful, Responsive & Entrepreneurial.

Inspired by our core values of: Be Courageous, Extra Mile, Today, not Tomorrow, and Communicate, Communicate, Communicate.

For more information kindly visit on company website

Interested candidates can share their updated resume on email ID:

Note: Interview will be conducted face to face.

Job Types: Full-time, Permanent, Fresher

Benefits:

• Health insurance
• Provident Fund

Work Location: In person

Responsibilities:

* Conduct penetration tests, security assessments & SIEM monitoring

* Implement ISO standards & GDPR compliance

* Ensure SOC readiness & NIST framework adherence

* Manage Guard Duty program & Sophos/IDS systems

Health insurance

Provident fund

Flexi working

Cafeteria

Pregnancy care program

Employee Assistance Program (EAP)

Life insurance

Maternity policy

A. ITGC / IS – IT Audit

• Infrastructure Security Controls
• Change Management Controls
• User Access Management Controls
• HR Security Controls
• Application Controls
• Incident Management Controls
• Patch Management Controls
• Backup Management Controls
• BCP Controls
• DR Controls
• System Development Controls
• Communication Security Control
• Operational Security Controls

B. ISO 27001 Audit

• Information Security Policies Control
• HR Security Controls
• Asset Management Controls
• Access Control
• Cryptography Control
• Physical and Environmental Security Controls
• Operational Security Controls
• Communication Security Control
• System Acquisition and Maintenance Control
• Supplier Relationship control
• Security Incident Management Controls
• Business Continuity Management Controls
• Compliance

Job Type: Full-time

Pay: ₹30, ₹35,000.00 per month

Experience:

• IT auditing: 2 years (Preferred)

Work Location: In person

Gold is the most trusted asset across the entire world and one of the largest asset classes in India. The total traded value of gold in India exceeds $300 billion annually – nearly all of it in an unorganised, offline manner. We, at SafeGold, are building the digital infrastructure to organise the gold market using technology. SafeGold is India's largest digital gold platform with 55 million customers and 110+ distribution partners across India, Thailand and UAE. The focus has always been on revenues and profitability growth which has been widely recognised.

With revenues of more than Rs. 6000 Crs in the year ending March-24, we have been part of the Financial Times rankings of the fastest growing startups in the Asia-Pacific region since 2021 till date. SafeGold is backed by the World Gold Council and leading venture capital funds, Beenext and Pravega.

Key responsibilities

• Monitor security alerts and respond to incidents in a timely and effective manner
• Conduct regular vulnerability assessments, penetration tests, and security audits
• Analyze security breaches and recommend appropriate countermeasures .
• Review and improve existing security policies, procedures, and controls on an ongoing basis.
• Manage security tools such as SIEM, AWS GuardDuty, Sophos, IDS/IPS, etc.
• Support compliance efforts with frameworks such as ISO 27001, SOC 2, GDPR, etc.
• Work with DevOps/IT teams to ensure secure configuration of systems and cloud environments
• Conduct third-party risk assessments and vendor security evaluations
• Educate employees on security awareness and best practices and make sure that the annual security awareness training is completed by the entire organization.
• Document incidents, create reports, and maintain logs

Requirements

• Bachelor's degree in Information Technology, Computer Science, or a related field
• 2–5 years of experience in information security or a related field
• Familiarity with security tools (e.g., Nessus, Splunk, Qualys, Wireshark)
• Understanding of network protocols, system hardening, and incident response
• Strong knowledge of security standards (NIST, ISO 27001, CIS, OWASP)
• Excellent analytical and problem-solving skills

Qualifications - good to have.

• Professional certifications such as CompTIA Security+, CEH, CISSP, CISA, ISO 27001 LA/LI, or AWS Security Specialty
• Experience with compliance audits (e.g., SOC 2, PCI-DSS, ISO 27001)
• Knowledge of scripting (Python, Bash, etc.) for automation of tasks
• Experience working in a fintech/startup/regulated industry environment