342 Information Security jobs in India
Information Security Manager

Posted 1 day ago
Job Viewed
Job Description
This position is responsible for the leadership of the India Information Security (IS) department as part of the Global Information Security Directorate. Areas of responsibility will include coordination with the other IS Departments to ensure standard enforcement of security polices and controls, interfacing with local India IT teams and business leaders, and mitigating risks to the organization's information assets.
**Responsibilities :**
+ Manage India Information Security team's day to day operations.
+ Support the global Security Operations (SecOps) department to safeguard digital assets by assisting with detecting, investigating, and resolving cybersecurity threats
+ Assist the global Governance, Risk & Compliance (GRC) department with enforcing cybersecurity policies, overseeing cybersecurity risk, facilitating cybersecurity compliance audits, and conducting cybersecurity awareness training.
+ Assist the global Cybersecurity Infrastructure and Design (CID) department with management and maintenance of the cybersecurity systems, platforms, and controls.
+ Implement Secure Software Development Lifecycle (SSDLC) in India office by enforcing the compliance of global policies, processes, procedures and principles.
**Qualifications**
+ Bachelor's degree in Cyber/Information Security or Information Technology, Computer Science, Computer Engineering
+ Professional certifications such as CISSP, CISM, or equivalent multi-domain cybersecurity focused certification.
+ At least 10 years of experience in IT security management, with a proven track record of managing teams in global matrix environment
+ Experience with security technologies: EDR, SIEM, SOAR, CASM, CASB, CSPM, IAM, PAM
+ Excellent communication and interpersonal skills to effectively engage internal stakeholders.
+ Demonstrated ability to analyze complex security issues, devise solutions, and enforce established security controls.
+ Strong leadership skills to drive standardization of processes, procedures, and principles.
This job posting will remain open a minimum of 72 hours and on an ongoing basis until filled.
**Job** Engineering
**Primary Location** India-Maharashtra-Mumbai
**Schedule:** Full-time
**Travel:** No
**Req ID:**
**Job Hire Type** Experienced Not Applicable #BMI N/A
Information Security Project Manager
Posted 24 days ago
Job Viewed
Job Description
Job Title: Information Security Project Manager
Location : Guwahati (Assam)
Job Summary:
The Information Security Project Manager will oversee and manage security-related projects to ensure that they are completed on time, within scope, and within budget. This role requires a strong understanding of information security principles and practices, combined with exceptional project management skills. You will coordinate with cross-functional teams, manage project risks, and ensure that security initiatives align with organizational goals and compliance requirements.
Key Responsibilities:
Project Planning and Management: Develop and execute comprehensive project plans to ensure timely and successful completion of information security initiatives.
Stakeholder Coordination: Collaborate with key stakeholders to align project goals with organizational objectives and ensure smooth communication throughout the project lifecycle.
Risk Management: Identify, assess, and mitigate potential risks to the project, ensuring compliance with security protocols and minimizing vulnerabilities.
Budget Management: Oversee project budgets, ensuring resources are allocated effectively and financial constraints are adhered to while maintaining project scope and quality.
Team Leadership: Lead cross-functional teams, fostering collaboration, accountability, and performance to meet project objectives and deadlines.
Compliance and Quality Assurance: Ensure adherence to industry standards, regulatory requirements, and best practices to maintain high levels of security and quality assurance.
Reporting and Documentation: Prepare regular status reports and maintain detailed documentation on project progress, risks, and outcomes for stakeholder review.
Change Management: Manage and facilitate changes within the project scope, ensuring minimal disruption and alignment with evolving security needs.
Continuous Improvement: Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of project execution.
Vendor Management: Manage relationships with external vendors, ensuring they meet contractual obligations and deliver secure, high-quality solutions.
Prepare executive-level presentations for leadership, highlighting key updates and progress.
Share weekly status reports with stakeholders, summarizing project activities and timelines.
Create and manage a comprehensive project delivery plan to address cybersecurity requirements, ensuring alignment with national security priorities.
Partner with the Internal Centre of Excellence (COE) Security Leaders and Technical Leads to plan, monitor, and control project execution.
Provide regular updates to client stakeholders on project status, key security metrics, and SLA performance, fostering transparency and collaboration.
Collaborate with client stakeholders to ensure cybersecurity initiatives align with government and organizational objectives.
Qualifications:Education: Bachelors degree in Information Security, Computer Science, Business Administration, or a related field. Relevant certifications such as PMP (Project Management Professional), CISM (Certified Information Security Manager), or CISSP (Certified Information Systems Security Professional) are preferred.
Experience: 5+ years of experience in project management, with a focus on information security or IT projects. Demonstrated experience managing complex projects with cross-functional teams.
Technical Knowledge: Strong understanding of information security principles, practices, and technologies. Familiarity with security frameworks, standards, and compliance requirements (e.g., HIPAA, PCI-DSS).
Project Management Skills: Proven ability to manage projects effectively, including planning, execution, risk management, and reporting. Experience with project management tools and methodologies.
Leadership Skills: Excellent leadership and team management abilities, with experience leading diverse teams and managing stakeholder relationships.
Communication Skills: Strong written and verbal communication skills, with the ability to present complex information clearly and effectively to both technical and non-technical audiences.
Problem-Solving: Excellent analytical and problem-solving skills, with the ability to address issues proactively and make informed decisions.
To Apply
Please submit your resume and a cover letter outlining your qualifications and interest in the position
Information Security Project Manager
Posted 20 days ago
Job Viewed
Job Description
Job Title: Information Security Project Manager
Location : Guwahati (Assam)
Job Summary:
The Information Security Project Manager will oversee and manage security-related projects to ensure that they are completed on time, within scope, and within budget. This role requires a strong understanding of information security principles and practices, combined with exceptional project management skills. You will coordinate with cross-functional teams, manage project risks, and ensure that security initiatives align with organizational goals and compliance requirements.
Key Responsibilities:
Project Planning and Management: Develop and execute comprehensive project plans to ensure timely and successful completion of information security initiatives.
Stakeholder Coordination: Collaborate with key stakeholders to align project goals with organizational objectives and ensure smooth communication throughout the project lifecycle.
Risk Management: Identify, assess, and mitigate potential risks to the project, ensuring compliance with security protocols and minimizing vulnerabilities.
Budget Management: Oversee project budgets, ensuring resources are allocated effectively and financial constraints are adhered to while maintaining project scope and quality.
Team Leadership: Lead cross-functional teams, fostering collaboration, accountability, and performance to meet project objectives and deadlines.
Compliance and Quality Assurance: Ensure adherence to industry standards, regulatory requirements, and best practices to maintain high levels of security and quality assurance.
Reporting and Documentation: Prepare regular status reports and maintain detailed documentation on project progress, risks, and outcomes for stakeholder review.
Change Management: Manage and facilitate changes within the project scope, ensuring minimal disruption and alignment with evolving security needs.
Continuous Improvement: Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of project execution.
Vendor Management: Manage relationships with external vendors, ensuring they meet contractual obligations and deliver secure, high-quality solutions.
Prepare executive-level presentations for leadership, highlighting key updates and progress.
Share weekly status reports with stakeholders, summarizing project activities and timelines.
Create and manage a comprehensive project delivery plan to address cybersecurity requirements, ensuring alignment with national security priorities.
Partner with the Internal Centre of Excellence (COE) Security Leaders and Technical Leads to plan, monitor, and control project execution.
Provide regular updates to client stakeholders on project status, key security metrics, and SLA performance, fostering transparency and collaboration.
Collaborate with client stakeholders to ensure cybersecurity initiatives align with government and organizational objectives.
Qualifications:Education: Bachelors degree in Information Security, Computer Science, Business Administration, or a related field. Relevant certifications such as PMP (Project Management Professional), CISM (Certified Information Security Manager), or CISSP (Certified Information Systems Security Professional) are preferred.
Experience: 5+ years of experience in project management, with a focus on information security or IT projects. Demonstrated experience managing complex projects with cross-functional teams.
Technical Knowledge: Strong understanding of information security principles, practices, and technologies. Familiarity with security frameworks, standards, and compliance requirements (e.g., HIPAA, PCI-DSS).
Project Management Skills: Proven ability to manage projects effectively, including planning, execution, risk management, and reporting. Experience with project management tools and methodologies.
Leadership Skills: Excellent leadership and team management abilities, with experience leading diverse teams and managing stakeholder relationships.
Communication Skills: Strong written and verbal communication skills, with the ability to present complex information clearly and effectively to both technical and non-technical audiences.
Problem-Solving: Excellent analytical and problem-solving skills, with the ability to address issues proactively and make informed decisions.
To Apply
Please submit your resume and a cover letter outlining your qualifications and interest in the position
Analyst, Information Security

Posted 1 day ago
Job Viewed
Job Description
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology?
At Pall Corporation, one of Danaher's ( 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact.
You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life.
As a global leader in high-tech filtration, separation, and purification, Pall Corporation thrives on helping our customers solve their toughest challenges. Our products serve diverse, global customer needs across a wide range of applications to advance health, safety and environmentally responsible technologies. From airplane engines to hydraulic systems, scotch to smartphones, OLED screens to paper-everyday Pall is there, helping protect critical operating assets, improve product quality, minimize emissions and waste, and safeguard health. For the exponentially curious, Pall is a place where you can thrive and amplify your impact on the world. Find what drives you on a team with a more than 75-year history of discovery, determination, and innovation.
Learn about the Danaher Business System ( which makes everything possible.
The role of Analyst, Information Security is a critical function within our organisation, which primarily involves the protection of digital assets and data from cyber threats, by analysing and improving the security measures in place.
The analyst will be responsible for managing the day-to-day operations of our security infrastructure, including monitoring, responding to security incidents, risk management and policy enforcement. They will need to have a strong understanding of security principles, experience with security tools, and the ability to work in a fast-paced, agile environment.
This position reports to the Director, Information Security and is part of the Information Technology Department located in Pune, India and will be an on-site role.
In this role, you will have the opportunity to:
+ Monitor for security events and alerts to detect and respond to incidents in a timely manner, meeting required metrics.
+ Investigate security incidents to determine root cause and impact.
+ Respond to security incidents by implementing appropriate remediation actions.
+ Support and maintain incident response plans.
+ Investigate and resolve security incidents and breaches highlighted by the Security Operations Centre, providing recommendations to prevent future incidents.
+ Manage security tools and technologies, intrusion detection and prevention systems, antivirus software, content filters IDS/IPS & NGFW.
.
The essential requirements of the job include:
+ 2+ years of experience in a security operations role.
+ Hands-on experience with security tools, such as SIEM, IDS/IPS, and vulnerability scanners.
+ Strong knowledge of security principles and best practices.
+ Good analytical and problem-solving skills.
+ Knowledge of security standards and regulations such as ISO 27001, NIST, PCI DSS, and GDPR.
Travel, Motor Vehicle Record & Physical/Environment Requirements:
+ Ability to travel - international travel up to 10% per year.
It would be a plus if you also possess the following:
+ Bachelor's degree in computer science, Information Technology, or related field.
+ Relevant certifications such as Security+, CASP+, GIAC.
Pall Corporation, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info ( .
At Pall we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Pall can provide.
Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.
For more information, visit .
Senior Associate Information Security Incident Response Analyst

Posted 1 day ago
Job Viewed
Job Description
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Senior Associate Information Security Incident Response Analyst is a developing subject matter expert, responsible for assisting with the detection and monitoring of threats and suspicious activity affecting the organization's technology domain.
This role supports the work of technical staff from various business areas as well as third-party technical experts.
The Senior Associate Information Security Incident Response Analyst role uses their developing technical competencies of systems and automated mechanisms to detect unauthorized activity on company information assets.
**Key responsibilities:**
+ Assists with the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
+ Supports access management activities according to the policy.
+ Assists with the implementation of and discuss security service audit schedules, review access authorisation and perform the required access controls and testing to identify security weaknesses.
+ Supports global team of Cyber Security Analysts and specialists.
+ Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, 2nd level triaging of security alerts, events, and notifications.
+ Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
+ Ability to follow and update established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
+ Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.
+ Develops an understanding of current and emerging threats, vulnerabilities, and trends.
+ Supports the review of current configurations of company's production information systems and networks against compliance standards.
+ Provides support in the investigation of information security incident causes and follow processes to resolve these causes.
+ Assists configuration management by applying tools, techniques and processes to track, log and correct information related to CIs.
**To thrive in this role, you need to have:**
+ Knowledge of technological advances within the information security arena.
+ Understanding of inter-relationships in an overall system or process.
+ Knowledge of information security management and policies.
+ Ability to think critically, analyze information, and solve less complex problems.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in Information Technology, Computer Science or related preferred.
+ SANS GIAC Security Essentials (GSEC) or equivalent preferred.
+ SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
+ SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.
**Required experience:**
+ Moderate experience in a Technology Information Security Industry.
+ Moderate experience using End Point Protection Software.
+ Moderate experience using Enterprise Detection and Response software.
+ Moderate experience or knowledge of SIEM and IPS technologies.
+ Moderate experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.
**Workplace type** **:**
Remote Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
**Third parties fraudulently posing as NTT DATA recruiters**
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters-whether in writing or by phone-in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an **@nttdata.com** email address. If you suspect any fraudulent activity, please contact us ( ) .
Associate Information Security Analyst

Posted 1 day ago
Job Viewed
Job Description
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Additional Career Level Description:**
**Knowledge and application:**
+ Work is reviewed periodically based on a set of defined procedures or precedence.
+ Normally receives general instruction on work and new assignments.
+ Learns to use professional concepts.
**Problem solving:**
+ Applies knowledge and basic problem-solving techniques to define and resolve problems.
+ Works on problems of limited scope.
**Interaction:**
+ Exchanges standard/basic information with colleagues and immediate line manager/team leader.
+ Develops stable working relationships internally.
**Accountability:**
+ Determines a course of action based on guidelines and standard practices and procedures.
**Workplace type** **:**
On-site Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Senior Information Security Analyst

Posted 1 day ago
Job Viewed
Job Description
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Managed Services Information Security Analyst is a seasoned subject matter expert, responsible for working with security tools and other security teams to monitor, analyze, interpret and report on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services.
This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients.
**What you'll be doing**
**Key Responsibilities:**
+ Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts.
+ Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting.
+ Monitors security tools to review and analyze security logs from client environments.
+ Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience.
+ Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards.
+ Utilizes and documents best practices and amends existing documentation as required.
+ Identifies opportunities to make automations which will help the clients and security delivery teams.
+ Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics.,
+ Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S's, and general security infrastructure.
+ Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required.
+ Performs defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information.
+ Undertakes threat hunting activities across both individual client estates, as well as cross client hunting.
+ Manages unresolved incidents and follows up until incidents are resolved.
+ Works closely with client delivery teams to support their activities related to client delivery.
+ Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client.
+ Performs any other related task as required.
+ Customer interactions and attending bridge calls to work with customers and relative technical teams.
+ Understanding of threat hunt methodologies and perform threat hunting.
**Knowledge and Attributes:**
+ Seasoned knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts.
+ Seasoned knowledge on security architecture, worked across different security technologies.
+ Seasoned knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised.
+ Displays excellent customer service orientation and pro-active thinking.
+ Displays problem solving abilities and is highly driven and self-organized.
+ Excellent attention to detail.
+ Excellent analytical and logical thinking.
+ Excellent spoken and written communication abilities.
+ Team player with the ability to work well with others and in group with colleagues and stakeholders.
+ Ability to remain calm in pressurized situations.
+ Ability to keep current on emerging trends and new technologies in area of specialization.
**Academic Qualifications and Certifications:**
+ Bachelor's degree or relevant qualification in Information Technology or Computing or a related field.
+ Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous.
**Required Experience:**
+ Seasoned experience in SOC Analysis Operations.
+ Seasoned experience in SIEM usage for investigations.
+ Seasoned experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy.
+ Seasoned experience in dealing with technical support to clients.
+ Seasoned experience in handling security incidents end to end.
+ Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools.
+ Seasoned experience in Security Analysis or Engineering preferably gained within a global services organization.
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Be The First To Know
About the latest Information security Jobs in India !
Senior Information Security Analyst

Posted 1 day ago
Job Viewed
Job Description
The Information Security program protects Burns & McDonnell data, systems, and employees from evolving cyber threats with focus on continually reducing cybersecurity risk for the company.
The Senior Information Security Analyst functions as a subject matter expert in evaluating the overall security posture. They will assess and identify vulnerabilities, analyze risks, and recommend solutions to mitigate these risks.
Responsibilities :
+ Risk Assessment: Conduct regular assessments of the organization's cybersecurity measures to identify vulnerabilities and risks.
+ Monitoring and Analysis: Use various tools to monitor networks and systems for security breaches or intrusions. Analyze security breaches to understand their root causes.
+ Incident Response: Play a key role in responding to security incidents and breaches, including assisting with investigations and remediation efforts.
+ Reporting: Prepare detailed reports on security issues, such as breach incidents, current risk status, and improvement recommendations.
+ Policy Development Support: Assist in developing and updating the organization's security policies and procedures based on the findings and evolving threat landscape.
+ Training: Perform security awareness training program related to phishing campaigns.
+ All other duties as assigned.
**Qualifications**
+ Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology, or related field.
+ Minimum 8 years of experience in Information Security.
+ Information Security certification (CISSP, GSEC, Security )
+ Demonstrated expert knowledge with two or more Information Security technologies such as EDR, IPS, SIEM, SOAR, CASB, CAASM, IAM, PAM, NAC, MFA, and DLP
+ Broad understanding of network and security protocols such as, DNS, SPF/DKIM/DMARC, SSL/TLS, TCP/UDP, IPSec.
+ Experience with CIS Critical Security Controls, OWASP Top 10, and MITRE ATT&CK framework.
+ Demonstrated knowledge and experience of securing cloud environments such as Azure, AWS, and GCP.
+ Broad experience and familiarity with Information Technology such as routers, load balancers, web application gateways, PKI, and Active Directory.
+ Demonstrated knowledge of compliance frameworks (ISO 27001, SOC 2, NIST, FedRAMP, etc.).
+ Demonstrated ability to evaluate cybersecurity risk and propose risk mitigations to technical and non-technical audiences.
+ Highly effective oral and written communication skills with ability to convey security concepts and risks to non-technical personnel.
This job posting will remain open a minimum of 72 hours and on an ongoing basis until filled.
**Job** Engineering
**Primary Location** India-Maharashtra-Mumbai
**Schedule:** Full-time
**Travel:** No
**Req ID:**
**Job Hire Type** Experienced Not Applicable #BMI N/A
Information Security Engineer II

Posted 1 day ago
Job Viewed
Job Description
_Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._
**Title and Summary**
Information Security Engineer II
1. Overview
We are seeking a skilled and experienced security professional to manage and enhance our web application security infrastructure. The ideal candidate will bring expertise in application and network security, with a strong foundation in managing WAF platforms such as Imperva. This role requires a deep understanding of modern security frameworks, cloud environments, and incident response practices to ensure robust protection across systems.
2. Role
Manage and optimize the Imperva Web Application Firewall (WAF) or similar platforms.
Conduct application security assessments aligned with OWASP Top 10 and other industry standards.
Administer and review AWS IAM policies, roles, and access controls.
Support and maintain firewall infrastructure, with an emphasis on Palo Alto Networks.
Collaborate with IT and security teams to manage secure network architecture including load balancers, routers, and virtualized environments.
Drive incident response efforts, including root cause analysis, documentation, and mitigation strategies.
Participate in infrastructure design reviews to enforce security best practices.
Engage in security governance and compliance activities, contributing to a secure SaaS and cloud-based operational environment.
3. All About You / Experience
Proven experience managing Imperva WAF or similar web security platforms.
In-depth knowledge of OWASP Top 10, NVD databases, and CVSS scoring systems.
Strong background in application security testing and assessments.
Hands-on experience with AWS IAM, including creation of security policies and role-based access control.
Proficiency in core networking protocols and technologies: TCP/IP, HTTP, DNS, SSL/TLS, APIs, HTML, and JavaScript.
Familiarity with firewall systems, especially Palo Alto Networks.
Working knowledge of load balancing, network routing and switching, and virtualization platforms.
Demonstrated experience in security incident response, problem tracking, and reporting.
Understanding of IT infrastructure design with a security-first approach.
Exposure to AWS security controls and SaaS platforms is highly desirable.
Relevant certifications such as CISSP, AWS Security Specialist, or equivalent are preferred.
**Corporate Security Responsibility**
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
+ Abide by Mastercard's security policies and practices;
+ Ensure the confidentiality and integrity of the information being accessed;
+ Report any suspected information security violation or breach, and
+ Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
Business Information Security officer
Posted 157 days ago
Job Viewed
Job Description
Yubi, formerly known as CredAvenue, is re-defining global debt markets by freeing the flow of finance between borrowers, lenders, and investors. We are the world's possibility platform for the discovery, investment, fulfilment, and collection of any debt solution. At Yubi, opportunities are plenty and we equip you with tools to seize it.
In March 2022, we became India's fastest fintech and most impactful startup to join the unicorn club with a Series B fundraising round of $137 million.
In 2020, we began our journey with a vision of transforming and deepening the global institutional debt market through technology. Our two-sided debt marketplace helps institutional and HNI investors find the widest network of corporate borrowers and debt products on one side and helps corporates to discover investors and access debt capital efficiently on the other side. Switching between platforms is easy, which means investors can lend, invest and trade bonds - all in one place. All of our platforms shake up the traditional debt ecosystem and offer new ways of digital finance.
Job Description
Act as the liaison between business units and corporate security teams to align objectives with robust security strategies.
Serve as the primary point of contact for clients for all security-related questions, concerns, and communications.
Develop and implement security policies, standards, and procedures tailored to business needs.
Lead risk assessments, identifying vulnerabilities that may impact business operations.
Facilitate regular communication between IT, security, and business leaders to ensure alignment.
Guide business units in understanding and mitigating cybersecurity risks.
Oversee compliance with applicable data protection regulations and internal security requirements.
Foster a culture of security awareness through training and effective communication.
Drive incident response planning and coordinate swift actions during security breaches.
Monitor emerging threats and continuously refine security practices to pre-empt risks.
Report risk assessments, metrics, and progress updates to executive leadership for strategic decision-making.
Collaborate with procurement and business teams to assess the security and privacy risks associated with third-party vendors used by the business units, ensuring compliance with TPRM policies.
Facilitate external Infosec audits by coordinating with auditors, providing necessary documentation and access, and ensuring timely responses to audit findings.
Maintain a strong understanding of the organization's security compliance obligations and work with business units to ensure adherence.
Drive initiatives to address compliance gaps and implement necessary controls.
RequirementsRequirement
Bachelor’s degree in Computer Science, Information Security, or a related field; a Master’s degree is often preferred.
Experience in “ISO 27001” is a must for the role.
2+ years of experience in cybersecurity, risk management, or IT security roles with increasing responsibilities.
Recognized certifications such as CISSP, CISM, or equivalent demonstrate proficiency in security best practices.
Proven track record in leading cross-functional teams and managing security programs in a complex business environment.
Deep understanding of compliance requirements, regulatory frameworks, and the ability to align security strategies with business objectives.
Excellent communication, interpersonal, and stakeholder management skills, with the ability to influence without authority
Strong analytical and problem-solving skills, with the ability to translate technical security concepts into business language.
Ability to work independently and collaboratively within a fast-paced, dynamic environment.
Strong understanding of information security principles, frameworks (e.g., ISO 27001, SOC2, NIST CSF), and relevant compliance regulations.