What Jobs are available for Information Security Management in India?

• Conduct regular vulnerability scans using industry-standard tools (e.g., Nessus, Qualys, Rapid7) across servers, endpoints, and network devices.
• Analyze scan results, prioritize vulnerabilities based on risk and impact, and validate findings.
• Track the remediation of identified vulnerabilities, working closely with IT operations, development, and system administration teams.
• Develop and maintain comprehensive vulnerability management reports for technical teams and senior management.
• Assist in the selection, implementation, and configuration of vulnerability scanning tools and platforms.
• Contribute to the development and enforcement of vulnerability management policies and procedures.
• Stay current with emerging threats, vulnerabilities, and security best practices.
• Support incident response activities by providing context and information related to system vulnerabilities.
• Develop dashboards and metrics to measure the effectiveness of the vulnerability management program.
• Collaborate with security architects to ensure secure design principles are integrated into new systems and applications.
• Perform penetration testing exercises and report on findings as required.
• Provide guidance and support to other security team members.

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security, with a primary focus on vulnerability management.
• Hands-on experience with vulnerability scanning tools and techniques.
• Strong understanding of common vulnerabilities (e.g., OWASP Top 10), network protocols, and operating system security.
• Proficiency in analyzing scan reports and prioritizing remediation efforts.
• Familiarity with scripting languages (e.g., Python, PowerShell) for automating security tasks is a plus.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaborate effectively within a team.
• Knowledge of IT compliance frameworks (e.g., ISO 27001, NIST) is desirable.
• Relevant security certifications such as CompTIA Security+, CEH, or OSCP are advantageous.

Role: Manager Information Security (Release Management)

Experience-8+Yrs

Location-Hyderabad

Mandatory Skills- Cyber security & Security engineer, Release & Change Management, Vulnerability Management.

Domain Expertise:

• Strong understanding of the insurance industry.
• Experience working with multiple vendors and global teams.

Technical Skills:

• Proficient in tools like JIRA, ServiceNow, Fortify, and vulnerability management platforms.
• Basic knowledge of Java, Linux, and HTML.
• Skilled in running scans, generating reports, and troubleshooting tool issues.

Process & Operations:

• Hands-on experience in release and change management.
• Familiar with ISO and SOC audit processes.
• Manages L1 and L2 tickets, ensuring SLA compliance.
• Coordinates production releases and post-implementation reviews.

Access & Security Management:

• Manages application access and license renewals.
• Owns ServiceNow access/removal request process.
• Guides teams in resolving access and vulnerability issues.

Collaboration & Leadership:

• Participates in change advisory board meetings.
• Coordinates with stakeholders for smooth release execution.
• Leads scan template reviews and vulnerability assessments

Roles and Responsibilities,

This JD provides an overview of the Security Architect or Technology Leads role and responsibilities.

Skill Set

• Good domain knowledge in Insurance Industry.
• Hands-on experience on any vulnerability management tool
• Hands on experience in JIRA, ServiceNow and Fortify Tool.
• Exposure in release and change management process.
• Basic Knowledge in Java, Linux, and HTML.
• Experience in handling L1 and L2 tickets to adhere to SLA guidelines.
• Good to handle application access management process in automated way.
• Experience in working with multiple vendors and geographically distributed teams.
• Minimal knowledge in handling ISO and SOC audits.

2. Handling JIRA Activities

• Experience in creating projects in JIRA.
• Able to handle tickets, manage SLAs.
• Adhering to process in terms in JIRA setup while creating entries for different projects.

3. Release and change management process.

• Coordinate with different stake holders for successful implementation of production releases.
• Actively participating in change control and change advisory board meetings.
• Manage relationships and coordinate work between different teams.
• Review Post implementation issues coming out from Releases.

4. Managing audits

• Knowledge in handling SOC audits.
• Gathering data for SOC audits and able to project and explain the artifacts in External audits.
• Certifications on audit process would be preferred.

5. Handling ServiceNow development activities

• Complete ownership in handling ServiceNow user access/removal request process.
• Able to perform form level changes on Incident management module.
• Able to work on multi tenancy model.
• ITIL certification is preferred.

6. Handling vulnerability management

• Hands on experience on any vulnerability management tool.
• Able to run the scans/reports on any tool.
• Expertise in addressing tool issue.
• To Handle access related and license renewal related issues.
• Trouble shoot on any tool issues and guiding team in fixing them.
• Able to coordinate with external stake holders/vendors.
• Coordinating with project teams on scan template reviews.
• Identify the severity of vulnerability/issue and guide project teams in addressing the fixes.
• Handling code moves, ASAM tickets and SOC audits.
• Certifications on ITIL process mandatory.
• Certifications on Security process would be preferred.
• Able to setup the criteria and standards for vulnerabilities based on the application type (internet/intranet).
• Expertise in addressing tool issue.
• Creating and implementing security protocols and procedures to safeguard an organization's systems and data

Regards,

Infosys BPM Recruitment team

• Develop, implement, and maintain the organization's data protection strategy and framework.
• Ensure compliance with all applicable data protection laws and regulations.
• Advise business units on data protection obligations and risks associated with new projects and initiatives.
• Conduct regular data protection impact assessments (DPIAs) and monitor their outcomes.
• Manage and respond to data subject rights requests (e.g., access, rectification, erasure).
• Develop and deliver data protection training programs for employees.
• Oversee data breach incident response plans and manage breach notifications.
• Act as the primary liaison with data protection authorities and supervisory bodies.
• Maintain records of data processing activities and data protection policies.
• Monitor and audit compliance with data protection policies and procedures.
• Stay updated on evolving data privacy laws, regulatory guidance, and industry best practices.
• Lead and mentor a team of data privacy professionals.

• Bachelor's or Master's degree in Law, Information Security, Computer Science, or a related field.
• Minimum of 8 years of experience in data privacy, data protection, or legal/compliance roles, with at least 3 years in a senior or leadership position.
• In-depth knowledge of global data privacy regulations (e.g., GDPR, CCPA, PDPB) and their practical application.
• Proven experience conducting Data Protection Impact Assessments (DPIAs) and managing data subject rights requests.
• Strong understanding of data processing operations, IT security principles, and risk management.
• Excellent analytical, problem-solving, and strategic thinking skills.
• Exceptional communication, negotiation, and interpersonal skills.
• Ability to work independently, manage complex projects, and lead teams effectively in a remote environment.
• Professional certifications such as CIPP/E, CIPP/US, CIPM, or CDPSE are highly desirable.
• Experience in developing and delivering privacy training is a plus.

• Developing, implementing, and maintaining comprehensive data protection policies and procedures across the organization.
• Monitoring compliance with data protection laws, regulations, and internal policies.
• Conducting Data Protection Impact Assessments (DPIAs) and advising on privacy risks associated with new projects and technologies.
• Acting as the primary point of contact for data protection supervisory authorities.
• Handling data subject access requests (DSARs) and ensuring timely and compliant responses.
• Providing expert advice and training to employees on data protection principles and best practices.
• Investigating and managing data privacy breaches, including reporting to regulatory bodies where necessary.
• Staying abreast of evolving data protection legislation and guidance globally.
• Collaborating with legal, IT, security, and business units to embed privacy-by-design and privacy-by-default principles.
• Maintaining records of data processing activities.

• Advanced degree in Law, Information Security, or a related field.
• Certified Information Privacy Professional (CIPP/E, CIPP/US) or equivalent certification is highly preferred.
• Minimum of 8 years of experience in data protection, privacy law, or information security, with at least 3 years in a senior leadership role.
• In-depth knowledge of global data protection regulations (e.g., GDPR, CCPA, LGPD).
• Proven experience in developing and implementing privacy programs, conducting DPIAs, and managing DSARs.
• Expertise in risk management and privacy by design principles.
• Excellent communication, presentation, and interpersonal skills, with the ability to explain complex legal concepts to non-legal audiences.
• Experience in building and leading remote teams.
• Strong analytical and problem-solving abilities.
• Ability to work autonomously and manage time effectively in a remote setting.

Job Description   Server Management & Data Protection

Work Location: Guwahati

Responsibilities:

   Privacy Team @ Jio is focused on automating various aspects of the Privacy Program. Privacy Data Protection Technology Team specifically is engaged operationalizing state of the art technologies to drive the Privacy Automation Program in Jio.

   Deployment and management of IT infrastructure systems including the webservers, application servers and database servers

   Work with various Jio teams to setup the operating system and other infrastructure to deploy the IT infrastructure systems

   Deploy various system components including opensource technologies on for enabling the environment for the set up of IT infrastructure systems

   Deploy application and provide ongoing monitoring and maintenance support.

   Installation, administration & maintenance of ETL (Extract-Transform-Load) solution such as Informatica Solution components (PowerCenter, Test Data Management, Dynamic Data Management) or similar solution .

   Create Rules, Policies for identifying Sensitive Data stored in Jios Infrastructure. Hands on with Regular Expressions.

   Liaison with Application Support & DBA Team for establishing connectivity for discovery targets.

   Design, Configure & Implement Data Transformation Workflows.

   Troubleshoot and address errors encountered in scans & Data Transformation. Liaison with Product Support for troubleshooting and feature enhancement requirements.

   Integrate Incident Reports into Solutions Analytics Platform either inhouse or otherwise.

   Monitor & analyse Workflow Executions.

   Installation, administration & maintenance of DLP Solution or other similar leak detection components including developed inhouse

   Configure Targets, Policies & perform discovery scans for identifying Personally Identifiable data (PII) or other sensitive data.

   Troubleshoot and address errors encountered in scans. Liaison with Product Support for troubleshooting and feature enhancement requirements.

   Monitor & analyse Incidents and track to closure.

   Perform Rules, Policies fine tuning to enhance productivity of the process.

   Perform Rules, Policies, Workflow, Data Domains & Patterns fine tuning to enhance productivity of the process.

   Perform Data Classification to identify & categorize Sensitive, Personal data.

   Writing scripts (Shell, Python, AWK/GAWK, VBScript) for Data Discovery, Transformation.

   Integrate Incident Reports into Analytics Platform.

   Enhance Analytics platform to manage Incidents and generate actionable reports for management decisions.

   Assuring that the use of technologies to sustain, and do not erode, privacy protections relating to the use, collection, and disclosure of personal information.

   Conducting a privacy impact assessment of proposed rules on the privacy of personal information, including the type of personal information collected and the number of people affected

   Work with other internal stake holders to enable the implementation of privacy requirements within the organization

   Document identified issues and discuss with business owners for their review and acceptance.

   Communicate issues with various stake holder and track implementation and closure of these issues.

   Support periodic reporting of the issues as required by management.

Qualification : B.E./B.Tech/MCA

Work experience : 5-12 Years

   5-12 years of experience in Information Security and Privacy with atleast 2-3 years of experience in system administration preferably Linux based operating systems, experience in security technologies such Data Leak prevention systems or data classification, security incident handling, and similar.

   Systems administration experience in Data Leakage prevention (DLP), sensitive data scanning and searching.

   Database administration experience including performing of ETL functions. Experience in ETL tools similar to Informatica, etc.

   Exposure of Information Technology systems / services / for Security / Privacy implementation

   Exposure to technical application architecture that handle PII data

   Understanding of Privacy concepts and current use of technology in the area of Privacy.

   Strong conceptual understanding of IT technology, systems, concepts

   Good understanding cryptographic controls for the protection of data

   Good understanding of computer and networking protocols

   Strong interest in security vulnerability and conceptual understanding of security vulnerabilities

   Interest in project management, tracking and management activities

   Interest in the areas of risk management and security management standards such as ISO 27001, ISO 22301, Cobit, PCI-DSS, others

Competencies /Expertise Required (Functional & Behavioral)

• Systematic problem-solving skills, with the ability to think.
• Excellent in analytical thinking for translating data into informative visuals and reports.
• Adaptable to change.
• Quick Learner Open learn and work on new technologies and products

Job Description   Server Management & Data Protection

Work Location: Guwahati

Responsibilities:

   Privacy Team @ Jio is focused on automating various aspects of the Privacy Program. Privacy Data Protection Technology Team specifically is engaged operationalizing state of the art technologies to drive the Privacy Automation Program in Jio.

   Deployment and management of IT infrastructure systems including the webservers, application servers and database servers

   Work with various Jio teams to setup the operating system and other infrastructure to deploy the IT infrastructure systems

   Deploy various system components including opensource technologies on for enabling the environment for the set up of IT infrastructure systems

   Deploy application and provide ongoing monitoring and maintenance support.

   Installation, administration & maintenance of ETL (Extract-Transform-Load) solution such as Informatica Solution components (PowerCenter, Test Data Management, Dynamic Data Management) or similar solution .

   Create Rules, Policies for identifying Sensitive Data stored in Jios Infrastructure. Hands on with Regular Expressions.

   Liaison with Application Support & DBA Team for establishing connectivity for discovery targets.

   Design, Configure & Implement Data Transformation Workflows.

   Troubleshoot and address errors encountered in scans & Data Transformation. Liaison with Product Support for troubleshooting and feature enhancement requirements.

   Integrate Incident Reports into Solutions Analytics Platform either inhouse or otherwise.

   Monitor & analyse Workflow Executions.

   Installation, administration & maintenance of DLP Solution or other similar leak detection components including developed inhouse

   Configure Targets, Policies & perform discovery scans for identifying Personally Identifiable data (PII) or other sensitive data.

   Troubleshoot and address errors encountered in scans. Liaison with Product Support for troubleshooting and feature enhancement requirements.

   Monitor & analyse Incidents and track to closure.

   Perform Rules, Policies fine tuning to enhance productivity of the process.

   Perform Rules, Policies, Workflow, Data Domains & Patterns fine tuning to enhance productivity of the process.

   Perform Data Classification to identify & categorize Sensitive, Personal data.

   Writing scripts (Shell, Python, AWK/GAWK, VBScript) for Data Discovery, Transformation.

   Integrate Incident Reports into Analytics Platform.

   Enhance Analytics platform to manage Incidents and generate actionable reports for management decisions.

   Assuring that the use of technologies to sustain, and do not erode, privacy protections relating to the use, collection, and disclosure of personal information.

   Conducting a privacy impact assessment of proposed rules on the privacy of personal information, including the type of personal information collected and the number of people affected

   Work with other internal stake holders to enable the implementation of privacy requirements within the organization

   Document identified issues and discuss with business owners for their review and acceptance.

   Communicate issues with various stake holder and track implementation and closure of these issues.

   Support periodic reporting of the issues as required by management.

Qualification : B.E./B.Tech/MCA

Work experience : 5-12 Years

   5-12 years of experience in Information Security and Privacy with atleast 2-3 years of experience in system administration preferably Linux based operating systems, experience in security technologies such Data Leak prevention systems or data classification, security incident handling, and similar.

   Systems administration experience in Data Leakage prevention (DLP), sensitive data scanning and searching.

   Database administration experience including performing of ETL functions. Experience in ETL tools similar to Informatica, etc.

   Exposure of Information Technology systems / services / for Security / Privacy implementation

   Exposure to technical application architecture that handle PII data

   Understanding of Privacy concepts and current use of technology in the area of Privacy.

   Strong conceptual understanding of IT technology, systems, concepts

   Good understanding cryptographic controls for the protection of data

   Good understanding of computer and networking protocols

   Strong interest in security vulnerability and conceptual understanding of security vulnerabilities

   Interest in project management, tracking and management activities

   Interest in the areas of risk management and security management standards such as ISO 27001, ISO 22301, Cobit, PCI-DSS, others

Competencies /Expertise Required (Functional & Behavioral)

• Systematic problem-solving skills, with the ability to think.
• Excellent in analytical thinking for translating data into informative visuals and reports.
• Adaptable to change.
• Quick Learner Open learn and work on new technologies and products

• Developing, implementing, and managing comprehensive global data privacy policies and procedures.
• Providing expert legal advice on privacy implications of new products, services, and business initiatives.
• Conducting privacy risk assessments and advising on mitigation strategies.
• Managing data subject requests and breach notification processes.
• Drafting and negotiating data processing agreements and privacy clauses in vendor contracts.
• Staying current with evolving global privacy laws and regulations (e.g., GDPR, CCPA, India DPDP Act) and advising on necessary compliance measures.
• Collaborating with engineering, product, marketing, and security teams to embed privacy-by-design principles.
• Training employees on data privacy best practices and requirements.
• Representing the company in interactions with data protection authorities.
• Managing external counsel and coordinating privacy compliance efforts across different regions.