231 Security Best Practices jobs in Mumbai

Company Name: Qseap Infotech Pvt Ltd

Job Title: Security Consultant – RC

Experience: 0-3+ years.

Location: Navi Mumbai

Salary : - Upto 5-6LPA

Job Summary

We are looking security consultant, who will work for internal audits and ISO 27001:2013 framework. As a Consultant in our consulting team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations.

Job Description (Tasks to be performed during job role)

 Conduct InfoSec and IT operations project implementations such as
ISO 27001, ISO 22301 etc

Conduct fieldwork for audits and assessments

r>Analyze security gaps
, e
valuate risk for the corresponding findings, draft findings, drafting reports.

erform control testing and evidence validation.

r>Lead client-specific risk assessments, audits
or
consulting projects

rojects with ownership and minimum guidance for closure

nowledge sharing events/sessions

nsuring Timely project delivery

ontribute to documentation of
Information Security policies, standards, processes, and procedures

xamine internal
IT controls, evaluate the design
and
operational effectiveness
,
determine exposure to risk and develop remediation strategies.

reate innovative
insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies.

emonstrate strong
project execution skills

aintain a
strong client focus by effectively serving client needs
and
developing productive working relationships with client personnel.

emonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices)

eview status updates and prepare management presentations/audit committee presentations etc.

eep understanding of infrastructure (
data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management

xperience with security and standards frameworks especially
ISO/IEC 27000 series, NIST Cybersecurity Framework, PCI DSS, HIPAA, RBI Guidelines, SEBI Guidelines.

nowledge of
log analysis
and
event correlation

Qualifications and Skills required:

r>Bachelor or Master's degree,
preferably in STEM (Science, Technology, Engineering and Mathematics) or any related field of expertise.

ontinuously looking to grow and develop your technical and professional skills with a commitment to build and grow your cybersecurity career to the next level.

xcellent written and communications skills for both technical and non-technical stake holders.

r>If required, willing to travel inside and/or outside India
.

r>CISA Passed Candidate is preferred, ISO 27001 LA is Mandatory,
or any other relevant certification.

Location:
Navi Mumbai (Work from Office)

Experience:
Minimum 2+ Years

Employment Type:
Full-time

About the Role

We are seeking a dedicated Information Security Auditor from a CERT-IN empanelled firm for on-site IS-Audit work in Navi Mumbai. The role involves end-to-end monitoring, review, and assessment of IT security processes, tools, and infrastructure to ensure compliance, risk mitigation, and operational resilience.

Key Responsibilities

• User Access Management (UAM/UAR):
  Review and monitor access rights for critical systems (applications, tools, infra).
• Antivirus Management:
  Oversee antivirus and endpoint security tools with timely updates for servers.
• Patch Management:
  Monitor patch deployments and updates for operating systems and applications.
• Capacity Management:
  Manage centralized capacity utilization monitoring tools and review alerts.
• Backup & Retention Management:
  Validate backups, perform restoration testing, and review retention compliance.
• Change & Release Management:
  Review adherence to change and release processes, including aligned system logs.
• Incident & Problem Management:
  Review logs, records, and effectiveness of incident/problem management processes.
• Inventory Management:
  Validate hardware/software inventory completeness with EOL/EOS tracking.
• SIEM Monitoring:
  Analyze and review alerts generated from SIEM tools.
• Database Activity Monitoring (DAM):
  Conduct analysis and reviews of DAM logs and alerts.
• Security Assessments:
  Perform VA, CA, PT, AppSec, SCR, firewall rule assessments, and vulnerability tracking.
• BCP/DR (Business Continuity & Disaster Recovery):
  Review disaster recovery readiness, drill calendars, and execution reports.

Required Skills & Qualifications

• Bachelor's degree in Information Technology, Computer Science, or related field.
• Minimum
  2 years of relevant experience
  in IS Audit, IT Security, or Compliance.
• Practical exposure to tools like Patch Management, Antivirus, SIEM, DAM, and IT Inventory solutions.
• Knowledge of ITIL processes (Incident, Problem, Change, Release).
• Familiarity with CERT-IN guidelines and regulatory compliance frameworks.
• Strong analytical, documentation, and reporting skills.

Preferred Certifications

• CISA, ISO 27001 LA, CEH, CISSP, or any other relevant certification will be an added advantage.

How to Apply

Interested candidates can apply by sending their updated resume to

with the subject line
"Application for

Information Security Auditor"

Note: This is a full-time, on-site role based in Navi Mumbai. Remote work option is not available.

Urgent Opening for Cyber security | Freshers | Navi Mumbai

Posting Title: Information Security Analyst (SOC)

Company Name: Inspiroz IT Services Pvt ltd

Job Location: Ghansoli, Mahape

Work Mode: Work from office

Job Description

The primary function of the SOC Associate is to analyse any incidents flagged by the Security Tools and undertake a detailed investigation of the Security Event. The SOC Associate shall determine whether the security event will be classified as an incident. They will be coordinating with the customer IT/ in house Managed services team for resolution of the Security Incident.

Responsibilities:

• Escalate validated and confirmed incidents to Managed Services team.
• Notify Account Managers of incident and required mitigation work.
• Fine-tune SIEM rules to reduce false positive and remove false negatives.
• Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation.
• Proactively research and monitor security information to identify potential threats that may impact the organisation.
• Develop and distribute information and alerts on required corrective actions to the organisation.
• Learn new attack patterns, actively participate in security forums.
• Work closely on Vulnerability Assessment and coordinate with Managed services team.
• Understand the structure and the meaning of logs from different log sources such as FW, Servers, and End User Devices.
• Perform analysis and report breaches in Backup Compliance such as Barracuda, EMC Avamar, Datto.
• Perform threat intel research.
• Open and update incidents in ConnectWise Manage to report the alarms triggered or threats detected. Analysts should properly include for each incident on CW Manage all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
• Track and update incidents and requests based on client's updates and analysis results.

Requirements

• Knowledge or hands-on experience of implementation and management of CrowdStrike Falcon, ConnectWise Manage, ConnectWise Automate, Windows AD, Linux and Infra technology.
• Experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessments.
• Should have expertise in TCP/IP network traffic and event log analysis.
• Knowledge and hands-on experience with Falcon CrowdStrike, ConnectWise Manage, Bit Defender Gravity would be nice to have.
• Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
• Configuration and Troubleshooting experience on Checkpoint, Cisco, FortiGate, Palo Alto and SonicWALL firewalls would be an added advantage.
• Knowledge of Scripting.

Timings for Shifts: (10 hrs Shift – 5 days working)

7:30 am - 5:30 pm

12:30 pm - 10:30 pm

7:30 pm - 5:30 am

9:30 pm - 7:30 am

Work Experience: 0 - 6 Months

Additional Skills: CCNA, MCP

Company Background:

Inspiroz IT Services Pvt Ltd - At Inspiroz IT, we solve technology challenges by providing unmatched expertise through strategy, implementation, and managed services. Inspiroz, IT provides ongoing support and maintenance services through a unique model that blends on site and remote support for existing IT infrastructure and devices to sustain their purpose and benefits. We partner with school leaders, educators and corporates to improve the way technology is used to drive transformational outcomes and achieve operational goals. With stable, portable and scalable IT, we prepare and support each technological environment through various phases of evolution and growth. We take a unique approach to the use of technology in schools and corporates. Our Customer Promise is to be Helpful, Responsive & Entrepreneurial.

Inspired by our core values of: Be Courageous, Extra Mile, Today, not Tomorrow, and Communicate, Communicate, Communicate.

For more information kindly visit on company website

Interested candidates can share their updated resume on email ID:

Note: Interview will be conducted face to face.

Job Types: Full-time, Permanent, Fresher

Benefits:

• Health insurance
• Provident Fund

Work Location: In person

Bring more to life.
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology?

At Pall Corporation, one of Danaher's 15+ operating companies, our work saves lives—and we're all united by a shared commitment to innovate for tangible impact.

You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact – innovating at the speed of life.

As a global leader in high-tech filtration, separation, and purification, Pall Corporation thrives on helping our customers solve their toughest challenges. Our products serve diverse, global customer needs across a wide range of applications to advance health, safety and environmentally responsible technologies. From airplane engines to hydraulic systems, scotch to smartphones, OLED screens to paper—everyday Pall is there, helping protect critical operating assets, improve product quality, minimize emissions and waste, and safeguard health. For the exponentially curious, Pall is a place where you can thrive and amplify your impact on the world. Find what drives you on a team with a more than 75-year history of discovery, determination, and innovation.

Learn about the Danaher Business System which makes everything possible.

The role of Analyst, Information Security is a critical function within our organisation, which primarily involves the protection of digital assets and data from cyber threats, by analysing and improving the security measures in place.

The analyst will be responsible for managing the day-to-day operations of our security infrastructure, including monitoring, responding to security incidents, risk management and policy enforcement. They will need to have a strong understanding of security principles, experience with security tools, and the ability to work in a fast-paced, agile environment.

This position reports to the Director, Information Security and is part of the Information Technology Department located in Pune, India and will be an on-site role.

In this role, you will have the opportunity to:

• Monitor for security events and alerts to detect and respond to incidents in a timely manner, meeting required metrics.
• Investigate security incidents to determine root cause and impact.
• Respond to security incidents by implementing appropriate remediation actions.
• Support and maintain incident response plans.
• Investigate and resolve security incidents and breaches highlighted by the Security Operations Centre, providing recommendations to prevent future incidents.
• Manage security tools and technologies, intrusion detection and prevention systems, antivirus software, content filters IDS/IPS & NGFW.

The essential requirements of the job include:

• 2+ years of experience in a security operations role.
• Hands-on experience with security tools, such as SIEM, IDS/IPS, and vulnerability scanners.
• Strong knowledge of security principles and best practices.
• Good analytical and problem-solving skills.
• Knowledge of security standards and regulations such as ISO 27001, NIST, PCI DSS, and GDPR.

Travel, Motor Vehicle Record & Physical/Environment Requirements:

• Ability to travel – international travel up to 10% per year.

It would be a plus if you also possess the following:

• Bachelor's degree in computer science, Information Technology, or related field.
• Relevant certifications such as Security+, CASP+, GIAC.

Pall Corporation, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info.

At Pall we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Pall can provide.

Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.

For more information, visit

Job Description:

We are seeking an Information Security Manager with 2–4 years of experience to safeguard organizational data and IT infrastructure. The candidate will manage cybersecurity policies, incident response, and security audits.

Responsibilities:

• Implement and maintain IT security policies.
• Manage security operations, firewalls, and SIEM tools.
• Monitor and respond to cyber threats.
• Conduct vulnerability assessments and penetration testing.

Qualifications:

• Bachelor's in IT/Computer Science.
• 2–4 years of experience in Information Security.
• Certifications like CISSP, CISM, CEH preferred.

Salary: Up to 10 LPA

Job Type: Permanent

Pay: ₹800, ₹1,000,000.00 per year

Information Security Analyst - PAM specialist
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our
Enterprise Operations & Technology
teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Enterprise Operations & Technology re-engineers client and partner processes to deliver excellence through secure, reliable, and controlled services.

Trust is part of our DNA at Citi. As such, we take safeguarding our customer data very seriously. The Chief Information Security Office (CISO) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi's and our clients' assets and information. We manage information security as an end-to-end program – one with a clear mandate and accountability. Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.

Being talent-driven, we are focused on attracting, developing, and retaining diverse and inclusive talent with a high technical skill level. As a member of our team we will provide you with career development opportunities at all stages of your career. Our employees model a passion for protecting Citi and our clients and believe in treating others with dignity and respect.

This is an opportunity to work with Global Secrets Management Platforms team which is part of Citi's Cyber Security Services. We are responsible for secrets management on-prem and the cloud for several hundred applications across the firm.

Our commitment to diversity includes a workforce that represents the clients we serve globally from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We'll enable growth and progress together.

Information Security Engineer - Cyber Security
We are opening our doors for talented individuals who are passionate about Cyber Security, want to be part of innovation by implementing and driving cutting edge technologies within a world class organization.

If you have a background in technology and interested to learn and grow with a world class Cyber Security team, then Citi is a place for you to be.

Responsibilities:

• Provide BAU support for secrets management applications like CyberArk, HashiCorp Vault.
• Collaborate with various internal and external stakeholders/support teams as required to support the application and business needs.
• Work with client applications to provide integration/onboarding guidance.
• Identify security vulnerabilities in the system and implement necessary solutions to remediate the vulnerabilities.
• Strong Automation experience - Identify manual processes that can be smartly automated.
• Ensure security best practice is followed and provide solutions to improve existing infrastructure processes in the company.
• Be involved in the design and subsequent implementation of software and service infrastructure.
• Provide on-call support in rotation as required.
• Gather requirements and provide walkthroughs to businesses on usage of various SDKs and API services available for integration with Secrets/Identity and Access Management applications.

Qualifications:

• 8+ Years' experience as PAN Engineer
• Bachelor's in Engineering Degree (Computer Science or Equivalent)
• Any trainings/certifications in Cybersecurity will be considered a plus

Critical Competencies:

• CyberArk, HashiCorp Vault experience will be a big plus.
• Basic experience working with one or more of these scripting languages – Python, Unix Shell, Perl, Go & PowerShell scripting.
• Experience with one or more server operating system like Linux, Windows.
• Experience/basic understanding of CHEF, Ansible, Terraform, CI/CD.
• Experience with one or more cloud providers such as AWS, GCP, AZURE.
• Understanding of containers and associated technologies like Kubernetes/OpenShift.
• Excellent written and verbal communication skills
• Ability to work across all levels of the organization.
• Must have good analytical skills.
• Strong customer and quality-focus.
• Sound problem resolution, judgment, and decision-making skills .
• Ability to work well individually and as part of a team.

Education:

• Bachelor's/University degree or equivalent experience

Knowledge/Experience:
*Essential *

• CyberArk / Hashicorp / any other PAM tools
• Experience with one or more server operating system like Linux, Windows.

Desirable

• Understanding of containers and associated technologies like Kubernetes/OpenShift.
• Any trainings/certifications in Cybersecurity will be considered a plus

Skills: (Technical skills)
*Essential *

• Python, Unix Shell, Perl, Go & PowerShell scripting.

Desirable

• CyberArk, HashiCorp Vault experience will be a big plus.

*Competencies (Soft Skills ) *

• Strong communications skills
• Candidate should be responsible for reporting to both business and technology senior management
• Need to work with stakeholders and keep them updated on developments, estimation, delivery and issues.

Job Family Group:
Technology

Job Family:
Information Security

Time Type:
Full time

*Most Relevant Skills *
Please see the requirements listed above.

*Other Relevant Skills *
For complementary skills, please see above and/or contact the recruiter.

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review
Accessibility at Citi.
View Citi's EEO Policy Statement and the Know Your Rights poster.

We are seeking a proactive and technically sound Information Security Manager to lead and manage critical areas of enterprise security, including automation, AI integration, application and API security, continuous compliance, and risk governance. The ideal candidate will be responsible for establishing a secure, compliant, and resilient IT environment, while enabling business innovation through secure architecture and emerging technologies such as Agentic AI etc.,

1. Security Automation & Management

• Design, implement, and oversee automation solutions to streamline security processes.
• Drive integration of security tools and workflows to improve operational efficiency and incident response.
• Identify manual security tasks suitable for automation to reduce response time and human error.

2. IS / Cyber Risk Management

• Lead enterprise-wide information security risk assessments and mitigation planning.
• Identify, evaluate, and track remediation of technical and business risks.
• Provide regular risk posture reports and brief senior stakeholders.

3. Continuous Compliance Reviews

• Maintain and monitor ongoing compliance with regulatory standards (e.g., RBI, SEBI, ISO 27001, DPDP).
• Continuous monitoring of cyber security controls
• Manage and update policies and standards aligned to regulatory changes.

Dear Candidates,

Greetings

Enclosed below the Job description-

Key Responsibilities:

1. Security Operations & Incident Management

2. Monitor and manage daily security operations, including threat detection, incident response, and log analysis through SOC tools.

3. Coordinate incident handling activities and conduct root cause analysis and reporting.

4. Maintain and update the incident response playbook and ensure relevant stakeholders are informed.

5. Regulatory Compliance & Risk Management

6. Support internal and external audits related to RBI, NPCI, CERT-In, PCI DSS, and ISO 27001.

7. Maintain compliance documentation and evidence for inspections and partner audits.

8. Conduct risk assessments, BCP/DR drills, and vendor security reviews.

9. Cloud & Payment Systems Security

10. Work closely with DevOps and engineering teams to secure UPI, IMPS, AEPS, and other API-based payment platforms.

11. Ensure security best practices in deployment architectures on AWS, Azure, or OCI, including key management, encryption, and access controls.

12. Facilitate VAPT activities and follow-up on remediation.

13. Policy Implementation & Governance

14. Assist in the development and enforcement of security policies, standards, and procedures.

15. Track policy compliance and manage exceptions or deviations through a formal risk acceptance process.

16. Conduct periodic security awareness training across the organization.

17. Collaboration & Cross-Functional Support

18. Act as a liaison between security and other departments including product, engineering, legal, and compliance.

19. Support customer due diligence processes, including responding to security questionnaires.
20. Prepare and present periodic reports on the organizations security posture to leadership.

Qualifications & Experience:

• Bachelors degree in Computer Science, Information Security, or a related field. Master's preferred.
• 5–8 years of relevant experience in information security, preferably in a fintech, banking, or payments environment.
• Strong working knowledge of cloud security (AWS, Azure, OCI), API security, and payment platforms.
• Experience with regulatory audits, RBI/NPCI compliance, and security standards (ISO 27001, PCI DSS).

Certifications (Preferred):

• CISSP, CISM, CEH, CCSP, ISO 27001 Lead Auditor, or PCI DSS Implementer.

Desired Attributes:

• Strong analytical and problem-solving skills.
• Excellent communication and stakeholder management abilities.
• Detail-oriented with a focus on operational excellence.
• Passionate about secure digital payments and emerging fintech security trends.

Regards,

Human Resource