Job Description

About the Role

Location: Hyderabad

Timings: Full Time (As per company timings)

Notice Period: (Immediate Joiner - Only)

Experience: 6-10 Years

Key Responsibilities:

Serve as a subject matter expert on information and cybersecurity governance, risk, and compliance (GRC) services and solutions. Execute security assessments of on-premise/cloud IT environments aligned with business objectives and regulatory requirements. Conduct testing and validation of IT security controls, documenting findings, and preparing detailed reports. Manage and perform internal audits as per the CISO's directives, contributing to risk posture improvements and present the metrics to the CISO regularly. Apply knowledge of the Digital Personal Data Protection Act, 2023, and other global data protection laws. Utilize and manage GRC tools and platforms. Conduct security control assessments for web/mobile applications and enterprise systems. Drive third-party risk management and support client-facing initiatives. Deliver complex GRC projects in dynamic, fast-paced environments. Engage in knowledge-sharing forums to strengthen team capabilities. Continuously enhance the cybersecurity strategy based on evolving threats and technologies.

Job Requirements:

1. Qualifications:

Bachelor's degree in Engineering or a related technology discipline. Mandatory Certification: Must possess CISA or ISO 27001 Lead Auditor certification. Additional certifications preferred: ISO 27001 Lead Implementer CISSP, CIPP, CCSK, or CCSP Public Cloud certifications (AWS, Azure, GCP)
2. Experience:

6 to 10 years of total experience with proven exposure to both IT and GRC functions. Experience in internal audits, consulting, and cybersecurity risk advisory.
3. Desired Skills:

Deep understanding of information security principles and compliance frameworks. Strong understanding of the IT topology and application development principles Hands-on experience with security tools (e.g., vulnerability scanners, code review platforms). Strong exposure to IT/cybersecurity standards: ISO 27001/27005, NIST CSF, PCI DSS, SOC 1/2, GDPR, COBIT. Excellent communication skills, documentation abilities, and stakeholder engagement. Experience in program and project management within cybersecurity initiatives.
4. Personal Attributes

Self-starter with strong problem-solving skills. Highly motivated and able to work with minimal supervision. Strong prioritizations and multitasking abilities under pressure.
Job Type: Full-time

Pay: ?85,000.00 - ?90,000.00 per month

Work Location: In person