Job Description

This role is for one of our clients

Industry: Technology, Information and Media
Seniority level: Associate level

Min Experience: 3 years
Location: Bengaluru
JobType: full-time
We are looking for a

Cybersecurity Developer

who can strengthen our defenses, embed security into our processes, and ensure compliance with international standards. This role combines technical expertise, risk management, and compliance know-how, with a focus on ISO frameworks (ISO 27001, ISO 27002, and ISO 13485). You'll work closely with IT, product, and business teams to safeguard critical systems and data while continuously enhancing our security posture.
What You'll Do

Implement Security Frameworks:

Design, deploy, and maintain policies and controls aligned with ISO 27001, ISO 27002, and ISO 13485.

Risk & Compliance Management:

Conduct security risk assessments, identify vulnerabilities, and recommend mitigation strategies. Support internal/external audits with evidence, reports, and corrective actions.

Incident Response:

Lead investigations of security incidents, perform root-cause analysis, and drive remediation efforts.

Security Awareness:

Build a culture of security by delivering training, workshops, and guidance across teams.

Vulnerability & Threat Management:

Run regular assessments, coordinate penetration tests, and oversee timely remediation of issues.

Secure Development Support:

Partner with IT and engineering teams to embed secure design principles into products, applications, and infrastructure.

Monitoring & Reporting:

Use security monitoring tools to detect anomalies, policy violations, and threats. Prepare clear reports for leadership and auditors.

Documentation & Governance:

Maintain detailed records of policies, risks, incidents, and compliance activities.

Continuous Improvement:

Track emerging cyber threats, compliance regulations, and best practices, and proactively recommend updates to policies and systems.
What You'll Bring
Bachelor's degree in Computer Science, Cybersecurity, IT, or a related discipline.

3-6 years

of professional experience in cybersecurity, with direct exposure to ISO 27001/27002 (required) and ISO 13485 (preferred).
Strong understanding of security frameworks, governance, risk management, and compliance practices.
Hands-on experience with tools such as SIEM, IDS/IPS, firewalls, endpoint protection, encryption, and vulnerability scanners.
Solid grounding in

network security, cloud environments, identity & access management, and data protection principles

.
Proven experience conducting

risk assessments, gap analyses, and audits

.
Strong analytical mindset, problem-solving abilities, and attention to detail.
Excellent written and verbal communication for collaborating with technical and non-technical stakeholders.
Nice-to-Have
Certifications such as

CISSP, CISM, CISA, CEH, ISO 27001 Lead Auditor/Implementer

.
Experience in

regulated industries

like healthcare, medical devices, or pharmaceuticals.
Knowledge of

data protection regulations

(GDPR, HIPAA, etc.).