1,917 Information Security Management jobs in India

Cyber Security Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: -

• Working knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection
• Experience in leveraging industry standards and frameworks such as ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc.
• Demonstrates in-depth knowledge of security and privacy controls and risk management process
• Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc.
• Possesses certifications such as ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM certification- preferred

Desired qualifications

• Responsible for ISO 27001 based Information Security Management System implementation and sustenance
• Responsible for advising clients on Business Continuity Planning, IT Disaster Recovery planning
• Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk

Req ID:  314331 

We are currently seeking a Information Security-Management - Security Analysis Specialist Advisor to join our team in Noida, Uttar Pradesh (IN-UP), India (IN).

Role Overview

The NTT DATA Services Security Analysis Specialist Advisor works to ensure the seamless delivery of all information security services that NTT DATA provides to the customer.

This is an individual contributor role in which the person acts as a trusted information security partner with the customer and works collaboratively to understand, anticipate and recommend risk mitigation while promoting the overall information security protection for the customer’s information assets. You will partner with client to align information security with the customer’s business strategy, security policies and regulatory and compliance requirements resulting in increased protection and reduced risk.

Role Responsibilities (high level summary of key duties)

The responsibilities of the Security Analysis Specialist Advisor include:

Required Qualifications:

Preferences:

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at 

Req ID:  314331  

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Information Security-Management - Security Analysis Specialist Advisor to join our team in Pune, Mahārāshtra (IN-MH), India (IN).

Role Overview

The NTT DATA Services Security Analysis Specialist Advisor works to ensure the seamless delivery of all information security services that NTT DATA provides to the customer. 

This is an individual contributor role in which the person acts as a trusted information security partner with the customer and works collaboratively to understand, anticipate and recommend risk mitigation while promoting the overall information security protection for the customer’s information assets.  You will partner with client to align information security with the customer’s business strategy, security policies and regulatory and compliance requirements resulting in increased protection and reduced risk. 

Role Responsibilities (high level summary of key duties)

The responsibilities of the Security Analysis Specialist Advisor include:

• Ensure the delivery of information security services to the customer in compliance with the contract and any applicable standards and regulatory requirements (e.g., ISO, PCI, SOX)
• Assist client in the definition and implementation of information security policies, strategies, procedures and settings to ensure confidentiality, integrity and availability of client’s environment and data
• Participate with customer in the strategic design process to translate security and business requirements into processes and systems; evaluating new / emerging security products and technologies and making recommendations to customer leadership in regards to the security posture impact on the organization
• Identify, review and recommend information security improvements as they relate to the achievement of the customer’s business goals and objectives
• Governance and Compliance
  • Support the implementation of the client’s security governance frameworks within NTT DATA Delivery teams.
  • Collaborate with the client to review, implement, and monitor adherence to their security policies, procedures, and standards.
  • Conduct compliance reviews and assist in preparing for internal and external audits, ensuring alignment with client requirements.
  • Facilitate audits by providing evidence of compliance and addressing findings effectively in partnership with the client.
  • Maintain the Security Management Plan as a “statement of applicability”, defining relevant controls, responsibilities, and standards to align with both NTT DATA and client’s security objectives.
• Risk Assessment and Management
  • Perform risk reviews in collaboration with the client to identify and evaluate risks across NTT DATA Delivery teams.
  • Develop and monitor risk treatment plans aligned with the client’s risk management framework, ensuring mitigation of identified risks.
  • Incorporate the client’s threat intelligence into risk management strategies to proactively address emerging risks.
  • Escalate significant risks to NTT DATA and client senior management (as appropriate) with actionable recommendations for mitigation.

• Participate in internal and external audits for the customer (e.g., SOX, PCI) and coordinate information security services activities
• Good understanding of SIEM/SOC, Endpoint Security Tools (SentinelOne, MS Defender, etc.), Network Security tools including FW, IPS/IDS, Content Filter, etc.
• Drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and Critical Practice assessments
• Identify information security weaknesses and/or gaps in the customer’s current operations and work with the customer to bring information security operations up to standards
• Participate and represent IT Security in Delivery/Operational meetings
• Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes), related to information security, are being acknowledged, worked and Service Level Agreements are being met; provide direction on ticket remediation and ensure remediation is complete

Required Qualifications:

• 6+ years of relevant experience
• Knowledge of standards / regulations impacting information security (e.g., PCI, HIPAA, SOX)
• Applied knowledge of risk management concepts
• Experience with information security internal & external audits, contract compliance, and quality initiatives

Preferences:

• At least one of the following certifications: CISSP, SSCP, CISM,  CEH
• Undergraduate or graduate degree
• Customer relationship management experience at the senior level
• Strong knowledge of systems and network administration (i.e., Active Directory, Server, Desktop)
• Knowledge and application of Globally Accepted Information Security Principles
• Strong knowledge of network security that pertains to communications, computer system environments and related infrastructures
• Thorough knowledge of server and desktop configurations that will protect systems from unauthorized access and software invasion

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com

NTT DATA endeavors to make  accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at .  This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here . If you'd like more information on your EEO rights under the law, please click here . For Pay Transparency information, please click here .

The opportunity

This is an exciting time to join the GDS Data Protection team as we scale up our program to match the expansion of the business. You will build your professional knowledge and credentials, learn how EY operates globally and work within a cross functional team of professionals to embed and improve the GDS data protection program across its operating locations in Argentina, Hungary, India, Mexico, Philippines, Poland and Spain. 

Your key responsibilities require you to

Skills and attributes for success

To qualify for the role, you must have

Ideally, you should also have

What we look for 

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across seven locations – Argentina, Hungary, India, Mexico, Philippines, Poland and Spain – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

EY | Building a better working world 

Roles & Responsibilities :

About the Role

We are seeking a Data Protection Expert to join our dynamic team. In this role, you will provide expert advice and support to solution-oriented departments and projects, ensuring data protection compliance across engineering projects, products, services, and enterprise IT systems. You will work closely with Security Managers and cross-border partners to align with global data protection standards, including Bosch’s internal privacy regulations.

Key Responsibilities:

• Ensure compliance with data protection standards for the processing of personal data.
• Advise on data protection requirements during product development and solution design.
• Coordinate with Security Managers to define technical and organizational data protection measures.
• Guide teams on implementing Privacy by Design and Privacy by Default principles.
• Draft, review, and negotiate information security and data protection documents and agreements.
• Collaborate with international data protection teams to ensure Data Protection compliance with target market of business.
• Manage data protection aspects during the entire product lifecycle—from requirements analysis to deployment and end-of-life.
• Supplier assessment, vendor risk management and compliance checks for supplier scope.
• Support risk assessments, recommend mitigation measures, and participate in audits and quality gate (QG) reviews.
• Regularly update project master data and MIS reports for Data Protection compliance.

Qualifications

Educational qualification:

Required Qualifications:

• Bachelor’s degree (BE/BTech) in Computer Science, Information Science, or a related field.
• ISO 27001 or ISO 27701 Lead Auditor certification.
• CIPP/A or CIPP/E or DCPLA certification.
• Strong knowledge of regional and international Data Protection regulations.
• Hands-on experience in implementing Privacy by Design and Privacy by Default concepts.

Experience :

3 - 5 years

Mandatory/requires Skills :

Compliance and Data Protection expertise.

• Experience in Risk Assessment and Control Recommendation.
• Strong communication skills, both written and verbal.

Preferred Skills :

• Proficiency in general MS Office tools.
• Usage of collaborative working tools

ROLE SUMMARY

The Data Protection Officer (DPO) at Muthoot Fincorp Limited (MFL) will be responsible for overseeing the company's data protection strategy, ensuring compliance with applicable laws and data protection regulations (such as the Information Technology Act, 2000, DPDP act and other relevant guidelines). The DPO will develop and maintain data privacy policies, conduct risk assessments, and foster a culture of data privacy awareness across the organization.

.

KEY RESPONSIBILITIES

Data Privacy Strategy and Compliance

1. Develop and implement a comprehensive data protection strategy that aligns with MFLs strategic objectives and regulatory requirements.
2. Ensure compliance with all relevant data protection laws, including the IT Act, 2000, and RBI guidelines specific to NBFCs.
3. Monitor and evaluate the effectiveness of data protection policies, procedures, and controls

Risk Assessment and Mitigation

1. Conduct regular risk assessments and data protection impact assessments (DPIAs) to identify potential risks and vulnerabilities.
2. Develop and implement mitigation strategies to address identified risks, ensuring minimal impact on business operations.
3. Report data protection risks and incidents to the Chief Risk Officer and senior management.
4. Lead the investigation and management of data breaches or incidents, ensuring timely reporting to relevant authorities and stakeholders.
5. Develop and maintain an incident response plan, including communication protocols, investigation procedures, and remediation actions.
6. Draft, review, and update data protection policies, procedures, and guidelines in line with evolving regulations and industry standards.

Stakeholder Management

1. Design and deliver data protection training programs for employees to enhance awareness and compliance across all departments.
2. Promote a culture of data privacy through regular communication, workshops, and awareness campaigns.
3. Act as the primary point of contact for regulatory authorities, customers, and internal stakeholders on data protection matters.
4. Collaborate with internal and external auditors to ensure compliance and address findings related to data protection.
5. Coordinate with internal teams (e.g., IT, Legal, Compliance) to ensure data protection policies are integrated into all business processes.

Reporting, Governance and Monitoring

1. Develop and monitor key data protection performance indicators (KPIs) to measure the effectiveness of the data protection program.
2. Oversee data governance practices to ensure data accuracy, integrity, and security across the organization.
3. Prepare and present regular reports to the Chief Risk Officer and the Board on data protection compliance, risks, and incidents.
4. Maintain records of processing activities (ROPA) and ensure transparency in data handling practices.

KEY STAKEHOLDERS

Internal Stakeholders

External Stakeholders

1. Board of Directors
2. KMPs/SMPs
3. Legal and Compliance
4. Internal Audit and Quality Assurance
5. Technology
6. Information Security Team
7. Operations and Customer Service
8. Regulatory Authorities
9. External Auditors/Consultants

KEY SKILLS & BEHAVIOURAL ATTRIBUTES

1. Basic understanding of NBFC or financial services domain and applicability of data protection and privacy laws in India which includes Information Technology Act, 2000 and DPDP Act, 2023.
2. Ability to manage complex data protection projects and initiatives.
3. Proficiency in incident management and risk assessment techniques.
4. Experience in developing and delivering training programs.
5. Behavioral Attributes- Driven and in alignment with our Purpose “Transforming the life of the common man by improving their financial well-being” and anchored by our core value of integrity, collaboration, and excellence.

EDUCATION / EXPERIENCE

1. Bachelor’s degree in law, information security, risk management or related field. Professional certification in data protection (e.g., CIPP, CIPM, CIPT, CCDPO) is preferred.
2. At least 5-7 years of experience in data protection, privacy, information security, or risk management, preferably within the financial services sector.

Data Protection Specialist

Location: Bangalore

"Your Expertise. Our Security. Join Us as a Data Protection Specialist in our Risk department and help be at the core of our global growth journey!”

ABOUT THE ROLE:

“Provide effective and efficient administrative support to the business on data privacy and data protection obligations, including supporting the Data Protection Advisory Team in compliance matters linked to data processing activities, the NES Fircroft Privacy Notice and expected business standards.”

What You’ll Be Doing :

The main duties of the role will be to:

▪ Manage incoming queries and requests associated with data subjects, data privacy and general data usage.

▪ Satisfy data subject’s rights in accordance with legislation and process requests with internal system owners.

▪ Maintain comprehensive records of conformity on data protection tasks and performance.

▪ Support the existing data protection team in conducting privacy impact assessments.

▪ Maintain network structures for data protection governance and retention of files.

▪ Attend/Minute Information Security and/or Data Protection Advisory team management review meetings.

▪ Consult with internal departments on data impacts, retention of data and completion of questionnaires.

▪ Maintain registers and systems for risk assessments, non-conforming areas and performance.

▪ Produce periodic reports based on activity.

▪ Record security events and breaches, supporting the Team Lead with investigations and action.

▪ Generate data flows associated with data processing activities.

▪ Undertake information audits against defined criteria and published KPI.

▪ Act as a Data Protection Champion, raising awareness, managing data related training modules, and providing overall support across global operations.

General and Continuous Improvement:

▪ Observe a code of strictest confidentiality at all times.

▪ Maintain service standards associated with an internal management system.

▪ Adhere to NES Fircroft policy, practices and expectations including the prescribed Employee Handbook.

▪ Actively participate in improvement initiatives and cross-functional projects related to data protection, security and processing activities.

▪ Undertake other duties commensurate with the position to ensure the smooth operation of NES Fircroft’s data protection obligations, including supporting the Data Protection Team Lead and wider Risk & Special Projects team in satisfying NES Fircroft’s:

- Compliance to legislative and contractual requirements through process controls;

- Conformity to the Integrated Management System based on ISO standards;

- Adherence to obligations relating to data processing; and

- Implementation of data protection principles and security standards across global locations.

Health, Safety & Environmental (HSE)

Every employee of NES Fircroft holds a responsibility to:

▪ Take reasonable care for the health and safety of themselves and others whilst at work.

▪ Cooperate with the business and its representatives on HSE matters and participate in any HSE training prescribed by the business.

▪ Strictly follow safety procedures and guidelines in the workplace.

▪ Handle equipment (office, building or personally issued devices) in a safe manner and not intentionally interfere with or misuse such equipment that it may danger the safety, welfare or health of themselves or others.

▪ Report on any identified hazards in the workplace, any injuries, strains or illnesses as a result of conducting their role and/or any HSE issues arising during the course of their role.

What We’re Looking For :

The individual will have excellent time management, organizational and communication skills (both written and verbal), and a keen eye for detail. The ability to collaborate effectively with cross-functional teams and stakeholders at various levels is important as are strong ability on Microsoft Office applications. They will have proven experience in responding effectively and timely to data subject requests, maintaining records to support conformity to data protection laws, and documenting data processing activities successfully. The role is demanding, so ability to multi-task, change and re-prioritize quickly and effectively in a fast-paced environment as well as working with minimal supervision is important.

Essential Criteria

▪ Previous experience / knowledge of adhering to data privacy/protection policies and governance procedures.

▪ Previous experience of completing and/or administering data privacy assessments associated with data protection requirements.

▪ Proficient with Microsoft Office applications.

Desirable Criteria

Whilst desirable to have recruitment industry experience (but not a necessity), the preferred candidate should be familiar with working in an office environment or a setting where processing personal data is a major factor of their role/business. Ideally, the candidate would also have a working knowledge of one (or more) of the following:

▪ The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), CCPA and/or HIPPA;

▪ ISO Standards (Information Security (ISO/IEC 27001)/Privacy Information (ISO IEC 27701:2019); or

▪ Other international standard/specification on information management.

Why NES Fircroft?

Financial stability: Extremely competitive basic salary with a strong bonus scheme.

Work Life Balance: Generous WFH (working from home) policy, 2 days per week once you are established in your role and finish early on Fridays.

Time Off: 18 days of paid leave plus birthday leave, 12 days of casual/sick leaves, 12days of bank holidays. Paid leaves will be increased to 20days after 2yrs of service.

Onboarding & Development: Full training plan and guidance and clear career progression.

Securing your future: pension schemes, life & medical insurance, and more.

️Keeping fit: Discount on Curl Fit membership.