112 Security Compliance jobs in Chennai

Job Summary:

We are seeking a detail-oriented and proactive Security Analyst to join our Information Security team. The Security Analyst will be responsible for monitoring, analyzing, and responding to security threats and incidents across the organization's IT infrastructure. This role involves safeguarding company data, identifying vulnerabilities, ensuring compliance with security policies, and supporting initiatives to strengthen the overall security posture.

Key Responsibilities:

• Monitor and analyze security alerts, logs, and incidents to identify potential threats and vulnerabilities.
• Conduct security assessments, vulnerability scans, and penetration testing to identify risks and recommend mitigation measures.
• Investigate and respond to security incidents, ensuring timely resolution and documentation.
• Implement, maintain, and review security tools such as firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM solutions.
• Support the development and enforcement of security policies, standards, and procedures.
• Collaborate with IT teams to ensure systems, applications, and networks are secure by design.
• Conduct user awareness training and promote cybersecurity best practices across the organization.
• Prepare reports and metrics on security incidents, vulnerabilities, and compliance status.
• Stay updated on emerging threats, vulnerabilities, and regulatory requirements.

Qualifications & Skills:

Education & Experience:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 4-6 years of experience in an information security or IT security role.

Technical Skills:

• Strong knowledge of information security principles, practices, and technologies.
• Hands-on experience with SIEM, IDS/IPS, firewalls, endpoint security, and vulnerability management tools.
• Familiarity with standards and frameworks such as ISO 27001, NIST, GDPR, and SOC2, HIPAA, HITRUST
• Experience in incident response, digital forensics, and threat analysis.
• Knowledge of networking protocols, operating systems (Windows/Linux), and cloud security (AWS, Azure, GCP).

Soft Skills:

• Strong analytical and problem-solving abilities.
• Excellent communication and documentation skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• High level of integrity and attention to detail.

Preferred Certifications (nice to have):

• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)
• Certified Information Systems Security Professional (CISSP)

Why Join Us?

• Opportunity to work with cutting-edge security technologies.
• Collaborative and growth-oriented work culture.
• Exposure to diverse cybersecurity challenges and learning opportunities.
• Career progression in a fast-evolving security landscape.

Job Type: Full-time

Pay: ₹800, ₹1,200,000.00 per year

Benefits:

• Provident Fund
• Work from home

Application Question(s):

• What is your current CTC?
• What is your salary expectations?
• What is your joining time?

Experience:

• relevant: 4 years (Preferred)

Location:

• Chennai, Tamil Nadu (Preferred)

Work Location: Remote

Essential Job Functions

• Administers access control processes which may include badging, rights for accessing databases or other technologies by adding or removing user names from access control lists to ensure/maintain the integrity of and safeguard information.
• Oversees maintaining of current set of valid users, issuing and recalling certificates and secure identifications to and from individual users and defining groups. Ensures passwords are reset as needed to maintain appropriate access control. Coordinates the visitor control process to ensure that only authorized personnel are granted access to security information including badge requirements.
• Coordinates and monitors sensitive aspects of security programs to ensure compliance with client, government and/or company security policies and procedures. Administers the production and submission of appropriate government forms to ensure the proper guidance for the protection and handling of industrial security, NSI and other security information.
• Develops and implements security procedures, ensuring compliance with program requirements, policies, procedures and processes including personnel, physical and administrative security systems and procedures. Participates in security procedures associated with the accreditation of information systems. Conducts audits to ensure adherence.
• Ensures destruction of confidential information in accordance with policies and procedures.
• Develops, coordinates and may conduct security education programs to assist in educating personnel about security systems, individual security responsibilities and the importance of security.
• Investigates or oversees the investigation of losses and security violations and recommends corrective actions. Implements approved course of action as appropriate. Develops investigative reports and documentation as required.

Basic Qualifications

• Bachelor's degree or equivalent combination of education and experience
• Bachelor's degree in computer science, information technology, business management, criminal justice or related field preferred
• Three or more years of experience in security policies and procedures, information systems security or computer operations
• Experience working with company software and hardware products
• Experience working with domain structures, user authentication and digital signatures
• Experience working with industrial and/or National Security Information security systems and implementation procedures
• Possess a security clearance as required by contract or government regulations (i.e. at the Secret level and/or certified information security systems professional (CISSP) certification)

Other Qualifications

• Research skills
• Good personal computer and business solutions software skills
• Strong communication skills to interact with team members, customers, management and support personnel
• Strong analytical and problem solving skills for design, creation and testing of security systems
• Ability to work independently and as part of a team

Work Environment

• Office environment

Description

Essential Responsibilities:

Minimum Qualifications:

Preferred Qualification:

Qualifications:

Subsidiary:

Travel Percent:

PayPal does not charge candidates any fees for courses, applications, resume reviews, interviews, background checks, or onboarding. Any such request is a red flag and likely part of a scam. To learn more about how to identify and avoid recruitment fraud please visit .

For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations.

Our Benefits:

At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you.

We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit .

Who We Are:

to learn more about our culture and community.

Commitment to Diversity and Inclusion

PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at .

Belonging at PayPal:  

Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal.

Any general requests for consideration of your skills, please .

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply.

Job Description:

• The Third-Party Governance & Risk Analyst role will be positioned in the 2nd line of defense for third party risk.
• This role will be responsible for managing the monitoring of critical third parties for cyber, financial, and reputational health and actioning alerts as appropriate; development of metric and reporting to illustrate how our third parties are being managed as well as to provide insight into key drivers or risk and support strategic project initiatives to improve transparency and enhance program effectiveness.
• This individual will work closely with the Head of Third-Party Risk Management in US, key stakeholders across other risk teams in Sourcing, IT, Data Governance, and Cyber Security teams, and will have direct interaction with internal business partners.
• Perform monitoring of critical third parties for cyber, financial, and reputational health leveraging available tools (e.g., Security Scorecard, Credit Safe, etc.)
• Create and analyze various views of risks within the third-party portfolio and develop reports and insights into third-party risks and for updates to risk committees (e.g., KRIs, key risk drivers, data minimization results, etc.)
• Conduct third-party training and awareness and attestations of compliance
• Participate in risk mitigation projects by applying business process and technical knowledge and critical think ing – delivering on-scope, on-time. Projects such as data minimization activities.
• Work with stakeholders to understand potential solutions to exceptions and define roadmaps to execute.

Support audit and regulatory inquiries
Location:
This position can be based in any of the following locations:

Chennai

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday

Job description:

Minimum 15+ years of working experience with at least 5 years in a senior role; strong experience in areas including but not limited to risk management, operations, internal audit , controls, finance, treasury, vigilance and legal functions within the banking industry with a blend of financial, operational, and regulatory compliance from Banking only.

Strong Stakeholder relationship management and negotiation skills; credibility to positively influence and manage key stakeholders within and outside the organization.

Well aware of the guidelines issued by the Reserve Bank of India regulating market risk management in Indian banks

Company:

IT Analyst, Security, Risk and Compliance

Description

Do you want to build a career that is truly worthwhile? Working at the World Bank Group provides a unique opportunity for you to help our clients solve their greatest development challenges. The World Bank Group is one of the largest sources of funding and knowledge for developing countries; a unique global partnership of five institutions dedicated to ending extreme poverty, increasing shared prosperity and promoting sustainable development. With 189 member countries and more than 120 offices worldwide, we work with public and private sector partners, investing in groundbreaking projects and using data, research, and technology to develop solutions to the most urgent global challenges. For more information, visit

Vice Presidency Context:

Information and Technology Solutions (ITS) enables the WBG to achieve its mission of ending extreme poverty by 2030 and boosting shared prosperity in a sustainable manner by delivering transformative information and technologies to its staff working in over 130 client countries.
ITS services range from: establishing the infrastructure to reach and connect staff and development stakeholders; providing the devices and agile technology and information applications to facilitate the science of delivery through decentralized services; creating and maintaining tools to integrate information across the World Bank Group, the clients we serve and the countries where we operate; and delivering the computing power staff need to analyze development challenges and identify solutions.
The ITS business model combines dedicated business solutions centers that provide services tailored to specific World Bank Group business needs and shared services that provide infrastructure, applications and platforms for the entire Group. ITS is one of three VPUs that have been brought together as the World Bank Group Integrated Services (WBGIS), to provide enhanced corporate core services and enable the institution to operate as one strategic and coordinated entity.

Unit Context

The ITS Information Security and Risk Management (ITSSR) unit, headed by the Chief Information Security Officer (CISO), is responsible for providing leadership in managing the functions and activities of information security and risk across the World Bank Group, enabling the achievement of WBG’s business objectives. ITSSR enables and facilitates a risk aware culture, ensures that WBG information assets are protected in an effective, efficient, and balanced manner; and IT security and risk management efforts throughout the World Bank Group are coordinated and aligned to the Bank's business and IT strategy. ITSSR establishes and maintains the World Bank Group's IT and InfoSec policies and standards; develops and engineers the WBG’s information security plans and solutions; responds to security incidents; and ensures that the information risks are identified, assessed, and managed in consistent with the overall risk management approach and with the established appetite and tolerance.

Duties and Accountabilities:

ITSIS is seeking to fill the position of IT Analyst, Security, Risk and Compliance within ISOC. The IT Analyst serves across all areas of threat intelligence to help inform and defend the business and protect brand reputation. As a trusted member of the cybersecurity team and industry community, the analyst works closely with internal technical teams, business units and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, government agencies and public affiliation peers. The IT Analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. The analyst will also distill threat intelligence so technical and non-technical contacts can understand it and make educated decisions about next-step actions. In addition to applied experience, the individual will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus.

Note: If the selected candidate is a current Bank Group staff member with a Regular or Open-Ended appointment, s/he will retain his/her Regular or Open-Ended appointment. All others will be offered a 3 year term appointment.

Scope of Work

- Research current and emerging threats facing the business and industry sector.

- Lead production and delivery of recurring threat intelligence products including reports, one pager, threat briefs etc.

- Deliver threat briefings and awareness sessions to internal staff.

- Conduct and publish in-depth risk assessments to evaluate and categorize the risk posture of detected cyber threats while supporting development and refinement of risk assessment methodologies and tools used for threat categorization

- Collaborate with internal and external stakeholders, to gather and share relevant threat intelligence.

- Develop and maintain threat profiles and reports to enhance detection and response capabilities.

- Continuously update and refine existing threat intelligence processes and methodologies to ensure the organization remains at the forefront of cyber defense.

- Centralize multiple threat sources (premium, industry-shared, open-source, dark web), correlate indicators and threats, and distill actionable intelligence.

- Deliver on the digital risk management portfolio covering social media, brand protection p and maintain high quality PowerBI dashboards to show coverage and effectiveness.

- Automate routine tasks for efficient operations and support of the team.

- Document threats into contextual reports outlining severity, urgency and impact, and ensure they can be understood by both management and technical teams.

- Participate, implement and maintain deception technology

- Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities.

- Liaison with threat hunting, infrastructure, IT, vulnerability management, threat intelligence and software engineer team members.

- Understanding of various generative models (., GPT, GANs) and their applications.

- Plan and execute the implementation of threat management solutions through a data driven and agile approach.

- Perform other duties as assigned.

Selection Criteria

* Bachelor's degree in computer science, information technology, systems engineering, or a related field.

* Minimum 5 years of Information Security experience required with majority of time in a SOC.

* Strong written and verbal communication skills across all levels of the organization.

* Maintain a current understanding of advanced persistent threats (APTs), threat actor tactics, techniques, and procedures (TTPs), and cyber threat trends.

* Applicable knowledge of adversary tactics, techniques and procedures (TTPs), MITRE ATT&ACK framework, CVSS, open source intelligence (OSINT) and deception techniques.

* Demonstrated ability to investigate, handle and track incidents.

* Proficient in SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms and security orchestration, automation and response (SOAR) solutions to centralize and manage incident and remediation workflow.

* Ability to analyze incident logs, assess malware, and understand vulnerabilities and exploits, along with strong operating systems knowledge.

* Experience in incident handling, vulnerability management, hacking tools, intelligence gathering and kill chain methodology.

* Capable of working with diverse teams and promoting an enterprise-wide positive security culture.

* Ability to maintain a high level of integrity, trustworthiness and confidence, with the highest level of professionalism.

* Strong project management, multitasking and organizational skills.

* Ability to preserve credibility with the team and external constituents through sustained industry knowledge.

* Ability to motivate teammates to achieve excellence and willingly shares knowledge.

* Proven experience executing cyber threat hunting, incident response, or other relevant security operations.

* Familiarity with common enterprise scripting languages (PowerShell, Python, Bash, .

* Leverage diverse ideas, experiences, thoughts, and perspectives to the benefit of the organization.

* Excellent problem solving, communication and collaboration skills.

* Understanding of how operating systems work and how malware exploits them.

* Past exposure to handle malware and financial crime malware related incidents.

* Familiarity with industry-standard processes defined for systems design, database design, development, testing, and integration phases of a project, including Agile-based implementations.

* Experience working in Agile environments, participating in Agile ceremonies, and utilizing Agile methodologies for security operations and threat investigations.

* Knowledge of common hacking tools and techniques

Preferred Skillsets / Requirements

• GIAC Certified Incident Handler (GCIH), GIAC Cyber Threat Intelligence (GCTI), GIAC Reverse Engineering Malware Certification (GREM) preferred, but not required.

Competencies

• Client Understanding and Advising - Looks at issues from the client’s perspective and takes action beyond normal expectations to ensure client satisfaction.

• Learning Orientation - Stays abreast of new trends and developments in own specialty area, the broader industry, and exposes self to increasingly more challenging projects and opportunities to learn.

• Broad Business Thinking - Maintains an in-depth understanding of the long term implications of decisions both for department and the client’s business. Ensures that decisions are supported by relevant stakeholders as well as sound performance data.

• Compliance with Standards - Monitors and maintains records on requests for information and assistance.

• Knowledge of Emerging Technology - Tests new technology to evaluate capability compared to specifications.

WBG Culture Attributes:

1. Sense of Urgency – Anticipating and quickly reacting to the needs of internal and external stakeholders.
2. Thoughtful Risk Taking – Taking informed and thoughtful risks and making courageous decisions to push boundaries for greater impact.
3. Empowerment and Accountability – Engaging with others in an empowered and accountable manner for impactful results.

The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.

Job title: Third Party Risk Management Analyst - Vendor Management

Key Skills: Third-Party Risk Management, Due Diligence, Vendor Management, Compliance, Risk Assessment, Google Sheets, Vendor Management Systems, Project Management, Communication, Investigative Research

Search Keywords: TPRM, Due Diligence, Vendor Risk, Third Party Risk, Risk Management, Compliance Analyst, Google Sheets, Risk Analyst, Financial Crime, Vendor Lifecycle Management

Job Overview

• We are seeking a Third-Party Due Diligence Analyst to join our Third-Party Risk Management (TPRM) team.
• This role is critical for maintaining and monitoring the vendor due diligence program to ensure compliance with company policies and regulatory requirements.
• You will work closely with internal stakeholders and vendors to drive effective risk management across the enterprise.

Key Responsibilities

• Support the third-party risk management program through daily operations, due diligence activities, and follow-ups.
• Monitor and update the status of vendor Due Diligence Questionnaires (DDQs) using internal tracking systems.
• Manage the TPRM tier register to ensure accurate tracking and documentation of all data and records.
• Conduct comprehensive research and investigations on vendors across the organization.
• Collaborate with a fast-paced and geographically distributed team of experts.

Skills & Attributes

• 2+ years of experience in vendor risk management, TPRM, or a related domain.
• Proficiency with third-party risk management processes and frameworks.
• Strong experience in synthesizing information from various sources to drive issue resolution.
• Experience using vendor management systems and Google Suite (especially Google Sheets).
• Excellent attention to detail, organizational, written, and verbal communication skills.
• Ability to effectively manage projects and communicate within cross-functional teams.

Contact Person : Brindha Kamaraj

Email : -