About the Role
Location: Hyderabad
Timings: Full Time (As per company timings)
Notice Period: (Immediate Joiner - Only)
Experience: 6-10 Years
Key Responsibilities:
- Serve as a subject matter expert on information and cybersecurity governance, risk, and compliance (GRC) services and solutions.
- Execute security assessments of on-premise/cloud IT environments aligned with business objectives and regulatory requirements.
- Conduct testing and validation of IT security controls, documenting findings, and preparing detailed reports.
- Manage and perform internal audits as per the CISO’s directives, contributing to risk posture improvements and present the metrics to the CISO regularly.
- Apply knowledge of the Digital Personal Data Protection Act, 2023, and other global data protection laws.
- Utilize and manage GRC tools and platforms.
- Conduct security control assessments for web/mobile applications and enterprise systems.
- Drive third-party risk management and support client-facing initiatives.
- Deliver complex GRC projects in dynamic, fast-paced environments.
- Engage in knowledge-sharing forums to strengthen team capabilities.
- Continuously enhance the cybersecurity strategy based on evolving threats and technologies.
Job Requirements:
1. Qualifications:
- Bachelor’s degree in Engineering or a related technology discipline.
- Mandatory Certification:
- Must possess CISA or ISO 27001 Lead Auditor certification.
- Additional certifications preferred:
- ISO 27001 Lead Implementer
- CISSP, CIPP, CCSK, or CCSP
- Public Cloud certifications (AWS, Azure, GCP)
2. Experience:
- 6 to 10 years of total experience with proven exposure to both IT and GRC functions.
- Experience in internal audits, consulting, and cybersecurity risk advisory.
3. Desired Skills:
- Deep understanding of information security principles and compliance frameworks.
- Strong understanding of the IT topology and application development principles
- Hands-on experience with security tools (e.g., vulnerability scanners, code review platforms).
- Strong exposure to IT/cybersecurity standards: ISO 27001/27005, NIST CSF, PCI DSS, SOC 1/2, GDPR, COBIT.
- Excellent communication skills, documentation abilities, and stakeholder engagement.
- Experience in program and project management within cybersecurity initiatives.
4. Personal Attributes
- Self-starter with strong problem-solving skills.
- Highly motivated and able to work with minimal supervision.
- Strong prioritizations and multitasking abilities under pressure.
Job Type: Full-time
Pay: ₹85,000.00 - ₹90,000.00 per month
Work Location: In person