3,055 Ids jobs in India

Summary/Objective :

Emburse software engineers contribute to the development of an engaging and interconnected set of system solutions. As an engineer, you will enhance the experiences of your customers, solve interesting challenges, and design new solutions. Emburse, known for its innovation and award-winning technologies, is strong on engineering. This ensures you will have access to the best and brightest minds in our industry to grow your experience and career within Emburse

As a Senior Security Engineer, you will play a crucial role in maintaining and enhancing our organization's security posture. You will be responsible for implementing and managing security systems, conducting incident response and analysis, reviewing identity & access management entitlements, and proactively identifying and mitigating potential security threats. This role requires a deep understanding of security technologies, excellent problem-solving skills, and team collaboration.

Essential Functions

• Manage security tools and systems (SIEM, IDS/IPS, endpoint protection, vulnerability management).
• Monitor, analyze, and triage security events, alerts, and logs to identify threats and vulnerabilities.
• Perform incident response activities, including containment, eradication, recovery, and documentation.
• Investigate and analyze security incidents, determine root cause, and recommend remediation.
• Execute incident response playbooks and SOPs.
• Triage and manage bug bounty submissions, code scanning results, and vulnerability findings, ensuring remediation and validation.
• Collaborate with engineering and product teams to embed “shift left” security practices in the software development lifecycle.
• Experience with DevSecOps, DevOps, CICD pipelines, and secure code development.
• Assist with internal and external vulnerability scanning, segmentation testing, and penetration testing programs.
• Create and maintain security metrics and reporting dashboards for leadership visibility.

• Stay current with evolving security threats, vulnerabilities, and industry best practices; recommend enhancements to improve the company’s security posture.
• Administer and monitor Identity & Access Management (IAM) systems, enforcing least privilege, segregation of duties, and periodic access reviews.
• Develop and maintain policies, procedures, and controls for privileged account management to reduce insider and external risk.

Education and Experience

Education:

• Required: Bachelor’s Degree; Minimum 5+ years of technology project/program management.

Experience:

• Experience in a senior security role with a proven track record of leadership and mentorship.
• Strong knowledge of security principles, technologies, and best practices, including network security, encryption, authentication, access control, and vulnerability management.
• In-depth experience with security tools such as SIEM, IDS, and vulnerability scanners.
• Deep understanding of cloud security concepts and technologies (e.g., AWS, Azure, GCP).
• Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash.
• Experience with incident response and forensics, including log analysis, malware analysis, and threat hunting.
• In-depth understanding of industry standards and frameworks such as ISO 27001, NIST, PCI DSS.
• Excellent analytical and problem-solving skills, with the ability to guide others in the analysis of complex security incidents and provide actionable recommendations.
• Strong communication skills, both written and verbal, with the ability to convey technical concepts to non-technical stakeholders.

Certifications:

• Preferred: Bachelor’s degree in Computer Science, Information Systems, or equivalent work experience.

Additional Eligibility Qualifications

Required Skills:

• Excellent analytical skills.
• Self-starter with the ability to work with minimal supervision.
• Experience working on large cross-functional teams, representing security on initiatives such as change management, identity and access management, policy management, and data retention.
• Strong writing skills and the ability to communicate information about complex issues to stakeholders in a clear and easy to understand way
• Ability to develop creative and adaptive solutions to unique and complex inquiries
• Comfortable with a rapid-pace working environment and meeting deadlines
• Team-focused, positive attitude, and good sense of humor

• Design, develop, and implement robust network security architectures and solutions to protect the organization's data and systems.
• Evaluate and select appropriate network security technologies, including firewalls, IDS/IPS, VPNs, and network access control solutions.
• Develop and maintain network security policies, standards, and procedures.
• Conduct risk assessments and security audits of network infrastructure.
• Oversee the implementation and management of security monitoring tools and incident response processes for network-related threats.
• Collaborate with IT operations and system administrators to ensure secure network configurations and operations.
• Provide technical leadership and guidance on network security best practices.
• Stay current with emerging network security threats, vulnerabilities, and technologies.
• Develop secure network designs for new projects and initiatives.
• Ensure compliance with relevant industry regulations and security frameworks.
• Participate in security awareness training for IT staff.

• Bachelor's degree in Computer Science, Information Technology, or a related field. Advanced degree or relevant certifications (e.g., CISSP, CCNA Security, CCNP Security) are highly desirable.
• Minimum of 7 years of experience in information security, with a strong emphasis on network security architecture and design.
• In-depth knowledge of network protocols, TCP/IP, routing, switching, and network segmentation.
• Hands-on experience with various network security technologies (firewalls, IDS/IPS, WAFs, VPNs, NAC).
• Experience with security architecture frameworks and best practices.
• Strong understanding of threat modeling and risk assessment methodologies.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong written and verbal communication skills, with the ability to explain complex technical concepts to both technical and non-technical audiences.
• Ability to work independently and collaboratively in a team environment.

Location

The successful candidate shall be placed at Pune Location. It is a Full-time Job, “No” remote work. Information Security Officer/Associate willing to work on a 12-month contract/full-time may apply.

Experience

Candidates should have experience between 4-6 years

Role Description

We’re Hiring: Information Security Officer/Associate

We are looking for people who are passionate about making data safer, secure, and accessible through appropriate systems, processes, and rules. Information Protection is the key function and additional data security sub-functions (like data discovery, classification, and protection), we would require a specialist like you to support with the below high-level responsibilities, amongst others.

Responsibilities

• Data Discovery and Classification(DDC): Design Data Discovery Processes, Develop comprehensive Data Lifecycle Management processes to identify, classify, and protect sensitive data across the organization.
• Create Standard Operating Procedures (SOPs): Draft and implement templatized SOPs for data analysis, ensuring consistency and focus on risk reduction.
• Automate Processes: Identify and coordinate automation opportunities within Data Discovery to improve efficiency and accuracy.
• Data Protection (DP) – DLP + CASB + Insider Threat Management: Perform detailed analysis of DLP incidents to identify policy violations, insider threats, or data exfiltration attempts. Investigate CASB alerts, Triage and categorize incidents by severity, business impact, and risk
• Reporting: Provide detailed reports to management stakeholders, highlighting the addressed risks, process improvements, and actionable insights
• Work closely with teams like IT Security Team, Cloud Centre of Excellence (CCoE), IT Help Desk, IP Management and IT GRC etc to develop systems & SOPs

Requirements

• Hands-on experience with Sentinel
• Proven experience in Data Security domain
• Training in any of SC 200 / SC 400/ CompTia Security+ / CEH
• Zscaler EDU 220/ Zscaler EDU -22/ Microsoft Ninja for Cloud Apps
• BigID Fundamentals / BigID Security Professional
• Proficiency in general system troubleshooting for Windows and MAC
• Configure advanced auditing and reporting capabilities to monitor compliance adherence.
• Ensure secure data governance across on-premises, cloud, and hybrid environments

About Us

Terra TCC is a Technology & Sustainability company offering services in Software, Environmental consulting, and Staff Augmentation to top-notch clients. We continuously strive to help companies find the right technology, the right services and the right talent for their needs. Learn more at

Any information that is shared with us, shall be retained as per company's data privacy policy. In case you wish to revise, modify or delete any of the submitted information, please write back to us. See contact details on

Join Verdantas – A Top #ENR 81 Firm,

We at Verdantas are seeking a highly motivated and detail-oriented Information Security Analyst, to protect our company’s critical systems and sensitive data. You will be an integral part of our security team, responsible for implementing, maintaining, and monitoring our security posture. The ideal candidate will have a strong technical background, a proactive mindset, and a passion for staying ahead of the latest security trends and threats.

Key Responsibilities

Security Operations & Monitoring:

• Monitor security alerts from SIEM, IDS/IPS, firewalls, and other security tools to identify and investigate potential security incidents.
• Perform vulnerability scans and assessments, prioritizing and tracking remediation efforts.
• Manage and configure security tools, including EDR/XDR, antivirus, and email security gateways.
• Conduct log analysis and forensic investigations to determine the root cause of security events.

Incident Response:

• Serve as a key member of the incident response team.
• Respond to and mitigate security incidents in a timely and effective manner.
• Document incidents and develop runbooks for future reference.

Security Architecture & Engineering:

• Design, implement, and maintain security controls and technologies to protect cloud (e.g., AWS, Azure, GCP) and on-premises infrastructure.
• Implement and manage identity and access management (IAM) policies and practices.
• Harden systems, networks, and applications based on industry best practices (e.g., CIS Benchmarks).
• Assist in the development and enforcement of security policies, standards, and procedures.

Governance, Risk, and Compliance (GRC):

• Participate in risk assessments and audits (e.g., SOC 2, ISO 27001, PCI-DSS, HIPAA).
• Assist in third-party security risk assessments.
• Promote security awareness across the organization through training and communication.

Required Qualifications & Skills

• Bachelor’s degree in computer science, Information Security, or a related field, or equivalent experience.
• (8+) years of experience in an information security role.
• Hands-on experience with core security technologies (SIEM, EDR, Firewalls, IDS/IPS, DLP).
• Strong understanding of networking protocols (TCP/IP, DNS, HTTP/S) and network security.
• Knowledge of operating systems (Windows, Linux, macOS) and their security aspects.
• Familiarity with cloud security principles (AWS, Azure, or GCP).
• Understanding of common attack vectors, malware, and threat actor tactics (e.g., MITRE ATT&CK framework).
• Excellent problem-solving and analytical skills.
• Strong written and verbal communication skills.

Preferred Qualifications & Skills

• Relevant industry certifications such as:
• Entry-Level: Security+, GIAC GSEC
• Mid-Level: CISSP, CISM, CEH, CompTIA CySA+
• Cloud-Specific: CCSP, AWS Certified Security - Specialty, Azure Security Engineer Associate
• Experience with scripting languages (e.g., Python, PowerShell, Bash) for automation.
• Knowledge of application security (SAST, DAST) and secure SDLC practices.
• Experience with penetration testing or red teaming tools and methodologies.
• Prior experience in a regulated industry (finance, healthcare, etc.)

The Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001:2022, ISO 27002, and SOC 2 standards for clients. This role involves working independently or alongside senior consultants to help clients achieve and maintain information security compliance and other best practices. The consultant will focus on assessing and ensuring compliance with key security frameworks and will provide vCISO support to various clients.

Key Responsibilities:

ISO 27001/27002 Compliance:

• Assist clients in achieving ISO 27001 certification by identifying and implementing the appropriate controls within the audit scope.
• Verify compliance with ISO 27001/27002 controls and provide recommendations for improvement.

SOC 2 Compliance:

• Assist clients in achieving SOC 2 compliance by identifying and implementing the appropriate Trust Service Criteria (TSCs).
• Conduct SOC 2 compliance assessments and ensure the proper implementation of required controls.

Risk Assessment and Mitigation:

• Conduct risk assessments of business activities, collaborating with stakeholders to manage risks until closure or acceptance.
• Provide actionable recommendations to mitigate identified risks.

Policy and Procedure Development:

• Define, develop, and review information security policies, procedures, guidelines, forms, and templates in line with best practices.
• Ensure documentation is up-to-date and aligned with industry standards.

Baseline Standards Review:

• Create and review baseline standards for operating systems, databases, web servers, and applications.
• Recommend improvements based on security assessments.

Post-Implementation Audits:

• Support post-implementation audits for ISO 27001:2022 to ensure ongoing compliance.
• Monitor and assess adherence to established information security standards.

Information Security Awareness:

• Create and execute organizational information security awareness programs.
• Conduct training sessions to ensure employees are knowledgeable about security best practices.

Security Standards Compliance:

• Assist clients in ensuring compliance with various security standards (ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, etc.).
• Recommend strategies to ensure long-term adherence to security best practices.

Incident Response:

• Develop and implement incident response plans to handle security breaches and cyberattacks.
• Ensure that clients have clear, actionable plans to address potential security incidents.

Gap Assessment:

• Conduct gap assessments to identify areas of non-compliance and provide remediation strategies.

vCISO Support:

• Provide virtual Chief Information Security Officer (vCISO) support to clients, advising on information security strategy and governance.

Skills and Qualifications:

Technical Skills:

• Strong background in Information Technology and/or Cybersecurity .
• Proficiency in auditing, policy development, database security, firewall design, risk analysis, identity management, access control, and web security.
• Knowledge of security frameworks including ISO 27001, SOC 2, HIPAA, NIST, CIS, PCI DSS, and other industry best practices.
• Hands-on experience with ISO 27001:2022 and SOC 2 implementations and assessments.
• Strong understanding of risk management and the ability to assess and mitigate security risks.

Presales and Communication Skills:

• Excellent client-facing communication skills.
• Strong problem-solving abilities and the capacity to work effectively in a team environment.
• Ability to communicate complex technical concepts to both technical and non-technical audiences.
• Demonstrated ability to deliver presentations and conduct training sessions.