2,212 Security Auditor jobs in India

• Responsible for reviewing, maintaining, and updating security policies, procedures, and standards/baselines.
• Support all accreditation programs such as ISO27001, ISAE 3402 Type II, SOC2 Type 2, PCI-DSS and others as may be needed.
• Work with different stakeholders including external auditors, business leaders, DPO, Legal, HR, and CIO teams to understand all critical security requirements.
• Drive security compliance monitoring.
• Risk assessment for information security and cyber risks
• Adoption of global frameworks such as NIST Cyber Security and CIS etc.
• Work with internal Marketing team and external vendors for developing security awareness program.
• Support Business Continuity program including BC Plans, Crisis Management etc.
• Perform internal security audits. Manage certifications such as ISO 27001, SOC etc.
• Perform security audits on application and IT infrastructure including but not limited to network, operating systems (Windows and Linux), databases, access control, Firewalls, IDS/IPS, Web Application Firewalls, Proxies, Cloud infrastructure (Azure and Amazon), Web servers, data center, Email infrastructure, VPN infrastructure, routers, backups, Disaster Recovery, Endpoint Security.
• Perform security audits to ensure that controls related to these processes are adequate to mitigate risks.

1. Perimeter/Internal Security Technologies (Firewalls, IDS/IPS, Proxy, WAF etc.)
2. Data Loss Prevention technologies and support processes
3. Network Segmentation and Separation Solutions
4. Identity and Access Management, Privileged Access and Authentication Solutions
5. Platform and Configuration Hardening
6. IT incident and problem management
7. Threat Intelligence and Insider Threat Detection
8. Vulnerability assessment, Penetration Testing, and its mitigation
9. Security Incident and Event Management (SIEM) Technologies
10. Cyber Incident and response
11. Change Management
12. Role Based Access Controls
13. Business continuity and Disaster Recovery

• Vendor security assessments

Minimum Qualification & Background:

• 5-10 years of relevant experience
• Graduate with one or more professional certifications: ISO27001 LA, CISA, CRISC, CISSP and CISM
• Must have experienced a complete ISO27001 journey for a few years at a minimum.
• Knowledge and understanding of ISO27001, ISO27002, ISO27017, ISO27018, PCI DSS, NIST cyber security standards and CIS benchmarks.
• Must have performed audits of the cloud infrastructure.
• Knowledge and understanding of security related technologies and cloud security.
• Excellent written and verbal communication skills; Documentation and presentation skills

• Plan, execute, and manage information security audits.
• Assess security controls, policies, and procedures for effectiveness.
• Identify vulnerabilities and compliance gaps within client environments.
• Conduct risk assessments and develop mitigation strategies.
• Review system logs, network configurations, and security architectures.
• Prepare detailed audit reports with findings and recommendations.
• Communicate audit results to stakeholders at all levels.
• Ensure compliance with relevant regulatory and industry standards.

• Bachelor's degree in Computer Science, Information Systems, or a related field.
• 8+ years of experience in information security auditing or assessment.
• Mandatory certifications: CISA, CISSP, or CRISC.
• In-depth knowledge of security frameworks and best practices.
• Experience with vulnerability management and risk assessment tools.
• Familiarity with cloud security and data privacy regulations.
• Excellent report writing and presentation skills.
• Ability to work independently and lead audit engagements in a remote setting.

• Perform static and dynamic analysis of smart contracts (e.g., Solidity, Vyper) to identify security flaws such as reentrancy, integer overflows, gas limit issues, and access control vulnerabilities.
• Conduct comprehensive audits of blockchain protocols and network architectures to assess their security posture and identify potential attack vectors.
• Utilize various security tools and frameworks for vulnerability scanning, penetration testing, and code review.
• Document findings, technical vulnerabilities, and recommended solutions in clear and concise audit reports.
• Collaborate with development teams to explain identified risks and guide them through the remediation process.
• Stay abreast of the latest security threats, vulnerabilities, and best practices in the blockchain and cryptocurrency space.
• Participate in threat modeling and risk assessment exercises for new blockchain projects.
• Communicate effectively with clients and internal stakeholders regarding audit progress and outcomes.

• Proven experience in smart contract auditing or blockchain security analysis.
• Strong understanding of blockchain technology, cryptography, and consensus mechanisms.
• Proficiency in programming languages commonly used in smart contract development (e.g., Solidity, JavaScript, Python).
• Familiarity with security testing methodologies and tools.
• Excellent analytical and problem-solving skills, with a keen eye for detail.
• Ability to articulate technical vulnerabilities and solutions clearly in written reports and presentations.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

• Conduct comprehensive security audits of smart contracts, dApps, and blockchain protocols.
• Identify and analyze vulnerabilities, including reentrancy, integer overflows, and access control issues.
• Perform static and dynamic code analysis of smart contract code.
• Execute penetration testing against blockchain networks and applications.
• Develop and implement security testing methodologies and tools.
• Provide detailed reports with clear explanations of identified vulnerabilities and recommended remediation steps.
• Collaborate with development teams to implement security fixes and best practices.
• Stay updated on the latest blockchain security threats, attack vectors, and mitigation strategies.
• Contribute to the development of secure coding standards and guidelines.
• Educate and advise teams on blockchain security best practices.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Proven experience in smart contract auditing, security analysis, or penetration testing.
• Strong proficiency in Solidity and experience with other smart contract languages.
• Deep understanding of blockchain principles, consensus mechanisms, and cryptography.
• Familiarity with common smart contract vulnerabilities and exploitation techniques.
• Experience with security auditing tools and frameworks (e.g., Mythril, Slither, Hardhat).
• Knowledge of various blockchain platforms (e.g., Ethereum, Binance Smart Chain, Polygon).
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills for reporting and team collaboration.
• Ability to work independently and manage time effectively in a remote environment.

• Performing smart contract audits and code reviews for major blockchain protocols and decentralized applications (dApps).
• Identifying potential security flaws, including reentrancy vulnerabilities, integer overflows, and other common smart contract exploits.
• Conducting penetration testing and security assessments on blockchain infrastructure and networks.
• Developing and implementing security testing frameworks and methodologies.
• Collaborating with development teams to address identified security issues and ensure secure coding practices.
• Staying up-to-date with the latest security threats, vulnerabilities, and best practices in the blockchain space.
• Preparing detailed audit reports with findings, risk assessments, and mitigation strategies.
• Contributing to the development of secure coding standards and guidelines.
• Assisting in incident response and forensic analysis when security breaches occur.
• Providing expert advice on blockchain security architecture and design.

• Conducting comprehensive security audits of smart contracts (e.g., Solidity, Vyper) and blockchain platforms.
• Performing penetration testing and vulnerability assessments on dApps and associated infrastructure.
• Analyzing transaction data and blockchain states to detect anomalies and potential exploits.
• Developing and implementing security testing methodologies and tools.
• Documenting findings, providing clear explanations of vulnerabilities, and recommending remediation steps.
• Staying abreast of the latest security threats, attack vectors, and best practices in the blockchain industry.
• Collaborating with development teams to ensure secure implementation of blockchain solutions.
• Contributing to the development of security policies and procedures.

• Proven experience as a Blockchain Security Auditor, Smart Contract Auditor, or similar role.
• Strong proficiency in blockchain technologies, including Ethereum, Binance Smart Chain, and related protocols.
• Expertise in smart contract languages like Solidity.
• In-depth knowledge of common smart contract vulnerabilities (e.g., reentrancy, integer overflow, gas limits).
• Experience with security analysis tools and frameworks.
• Excellent analytical and problem-solving skills.
• Strong communication and reporting skills, with the ability to articulate complex technical issues clearly.
• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.