11+ Digital forensics Jobs in India

Provides technical expertise and guidance in the identification, preservation, collection and analysis of digital evidence in various digital formats from computers, servers, mobile devices, and other electronic or online storage media.

Presents recommendations and findings to internal and external customers including Legal, Compliance, HR, Outside Counsel, and Law Enforcement.

Develops and maintains processes, procedures, and methodologies for collecting and analyzing digital evidence.

Maintains strong working relationships with other corporate investigation team members, subject matter experts, 3rd party vendors, and outside law firms.

achelor of Engineering or Technology; or any degree on par;

·  12-15 years of Experience in security and similar areas solution/product development, design, etc

·  Minimum 7-8 years of experience in an Enterprise or Cyber Security practice dedicated role

·  Experience in Enterprise deployment of security with in depth knowledge of security, implementing security solutions and working closely with global customer accounts.

·  Proficient with concepts like SOC, OWASP Top 10 etc

·  Understanding of Enterprise Cyber security models like Mitre ATTACK and roadmap modelling.

·  Excellent analytical and problem-solving skills to drive product development

·  Excellent communicator, whether writing, speaking or presenting

·  Experience gathering and analysing data to create useful metrics that support positive change

Job Responsibilities:

·       Assist the Security Manager in developing and implementing security policies and procedures.

·       Conduct regular security risk assessments and audits.

·       Monitor security systems, including firewalls, intrusion detection systems, and access controls.

·       Respond to security incidents and provide recommendations for remediation.

·       Assist in managing user access and authentication.

·       Provide security awareness training to employees.

·       Maintain and improve endpoint security solutions (e.g. antivirus, endpoint detection and response).

·       Collaborate with other departments to ensure security is integrated into all aspects of the organization's operations.

·       Stay up to date on the latest security threats and industry trends.

Qualifications and skills:

·       Bachelor’s degree in computer science, Information Security, or a related field.

·       4-5 years of experience in security-related roles.

·       Knowledge of security systems and protocols.

·       Familiarity with risk management frameworks.

·       Knowledge of compliance regulations and standards.

·       Excellent communication and interpersonal skills.

·       Strong analytical and problem-solving skills.

·       Ability to work independently and as part of a team.

·       Attention to detail and accuracy.

Experience:- Overall 10 to 12 years of experience of which atleast 5 to 7 years’ experience should be in Information Security. Mandatory is 5 to 7 years’ experience in Information security and with one full end to end implementation experience.

Base location: - Bengaluru - Must

Requirements: -

1. Mandatory - ISO 27001:2013 lead implementor certified
2. Mandatory - ISO 27001:2013 lead auditor certified (but if it is a good candidate, we can still consider)
3. Good to have – CISA, CISM, Risk management certification, Privacy certifications.
4. Mandatory - Atleast one end to end implementation experience of ISO 27001 standard. The candidate should have a good implementation knowledge of ISO 27001, ISO 27002 standards and is required to implement the ISO requirements and run the ISMS program for multiple countries.
5. This immediate requirement is for implementing the ISMS program for our Canadian office location. The candidate should be willing to work from Bengaluru in EST time zone during this implementation phase whenever required.
6. Good documentation skills.
7. Develop, implement, maintain, review and continually improve Information Security policies.
8. Good understanding and knowledge of applicable legal and regulatory requirements as relevant to information security.
9. Manage and maintain a risk register / risk database along with risk treatment plans.
10. Good understanding of physical and environmental security.
11. Conduct Internal Audits based ISO 27001 standards and Personal Data Protection policies. A good experience in independently conducting Internal and supplier audit with respect to information security.
12. Provide training to the employees on Privacy & Information Security Management System on regular intervals.
13. The greater part of the job involves interacting with people, interviewing them / auditing, Preparing audit reports, discussing / persuading / influencing.
14. Mandatory: Good verbal and written communication skills. Eye for details.
15. Good presentation skills.
16. Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.

·        Maximum 5 years of Information Technology/Technology Operations/Information Security experience required.

·        Minimum 3 years of experience in Cybersecurity, Identity & Access Management, Role Based Access Control, and Identity Governance is mandatory.

·        Knowledge on User Life Cycle Management, Access provisioning, Access administration is must.

·        Experience with technologies such as Role-Based Active Control (RBAC) and Attribute Based Access Control (ABAC) is required.

·        Experience in User Access Re-certification activities is mandatory.

·        Working knowledge on Active Directory is must.

·        Working experience on any IAM tool (SailPoint/Okta/OneIdentity/Varonis/MIM) would be added advantage.

·        Knowledge on Identity and Access Management role/processes/tools is must.

·        Prior experience in processing IAM requests (Add/Modify/Delete) is must.

·        Experienced in Incident management & Change Management processes.

·        Knowledge of and the ability to adhere to SAS and SOX audit requirements pertaining to Identity & Access Management job requirements.

·        Experience with work-flow management tools such as ServiceNow.

·        Leveraging creative thinking and problem solving skills, individual initiative, and utilizing MS Office (Word, Excel, Access, and PowerPoint).

·        Understanding personal and team roles; contributing to a positive working environment by building solid relationships with team members; proactively seeking guidance, clarification and feedback.

·        Identifying and addressing business needs: building relationships with Stake Holders; developing an awareness of Firm services; communicating with the business/stake holders in an organized and knowledgeable manner; delivering clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating potential conflicts to a supervisor

·        Experience performing user administration tasks for various in-house and third-party applications.

·        Analyzing, prioritizing, and resolving faults to resolution. Resolve tickets according to SLAs and escalation procedures.

·        Strong analytical, problem solving and organizational skills. Be proactive, dynamic, and flexible.

·        Good Communication skills, able to articulate well with business and stakeholders.

·        Education Qualification : Any graduate/post graduate with Computer Science background.

We are seeking a highly skilled and experienced Subject Matter Expert (SME) to join our team and provide valuable insights and analysis on our cybersecurity training content and competitors. Our business vertical focuses on delivering automated cybersecurity training through a software platform to over 1 million employees of our 150+ global customers. We cater to various industries and diverse backgrounds, with different levels of technical expertise. Thus, we create a diversified variety of content to cater to the training requirements of different user groups and personas. The SME's role will be pivotal in ensuring efficient and effective cybersecurity awareness training by creating high-quality content. 

Responsibilities: 

● Review and evaluate cybersecurity awareness content to ensure accuracy, relevance, and effectiveness. 

● Write industry-specific technical content to cater to the diversified audience.

● Provide feedback and recommendations to improve content quality and alignment with industry standards. 

● Conduct competitive analysis to identify industry trends, best practices, and potential gaps in our offerings. 

● Analyze global competitor strategies and offerings to identify strengths, weaknesses, and opportunities that benefit our customers. 

● Stay up-to-date with the latest cybersecurity trends and industry developments to ensure our offerings remain competitive. 

● Collaborate with cross-functional teams to ensure content is aligned with marketing and sales strategies. 

● Identify and refine complex security problems in a simplified and layman way. 

Qualifications: 

● Bachelor's degree or certifications in cybersecurity, computer science, or a related field.

● Minimum of 3-5 years of experience in cybersecurity content writing and competitive analysis.

● Strong knowledge of cybersecurity concepts and best practices. 

● Experience with analyzing competitor strategies and offerings. 

● Excellent communication and collaboration skills. 

● Strong analytical and critical thinking skills. 

● Self-motivated and able to work independently. 

● Ability to adapt to changing priorities and deadlines. 

If you are a cybersecurity professional with a passion for creating high-quality content and analyzing the cybersecurity industry's latest trends and developments, we encourage you to apply. Join our team and help us deliver top-notch cybersecurity awareness training to our global customers.

Role : Full-Time Individual Contributor (IC)

Reporting to : Solution Architect / Program Manager

Education : BTech/ BE / MCA / MSc Computer Science

Industry : Product Engineering Services or Enterprise Software Companies

About Us

CLOUDSUFI is a Silicon Valley-based specialist Data Engineering & Cloud Technologies player with top-tier clients, favorable revenue mix, strong financial performance, and robust management. We pride ourselves in helping in the Data Discovery, Insights and Monetization for organizations. We offer quality of work, opportunities to learn new platforms/technologies that will help young engineers put themselves ahead in their careers compared to their peers in the IT Services industry. CLOUDSUFI is a Data Science and Product Engineering company building Products/Solutions for Technology and Enterprise industries leveraging the advent of Cloud Hyper Scalers and AI/ML, NLP technologies. The organization is built to scale with strong external/ internal tech capabilities and governance standards. Started in 2019, CLOUDUSUFI is a family of 250 members working towards a common goal of making the enterprise data dance. To know more, please visit https://cloudsufi.com

ABOUT THE ROLE

InfoSec Engineers will participate in all phases of a typical DevOps pipeline: plan, code, build, test, release, and deploy. He/she will be scanning our networks, applications, and containers (images). In addition to the Vulnerability Management platform, this individual will support and/or serve as a backup for AWS WAF, Guard Duty, PagerDuty, and CloudFlair security platforms.

This Includes: ● Work independently with vendors and collaborate with colleagues ● -Experience on monitoring and operation of AWS cloud infrastructure ● -Experience with AWS automation tools Terraform ● -Analyzing, Troubleshooting and resolving issues with the cloud monitoring tools as Datadog and Cloudflare ● -The ability and skill to train other people in procedural and technical topics ● -Strong communication and collaboration skills

ABOUT YOU ● 3+ years’ experience with Tenable.io platform ● 3+ years’ experience with AWS orchestration via Terraform script ● 3+ years’ experience with CloudWatch/CloudTrail/Guard Duty ● 3+ years’ experience with AWS WAF ● 3+ years’ experience with CloudFlare ● 2+ years’ experience with DataDog ● Experience with PagerDuty ● Ability to make nuanced threat assessments ● Experience with the NIST family of Information Security-related publications including 800-37, 800-30, and 800-53 ● Significant experience with PCI, SOC2, SOX, HIPAA, or other compliance regimes Salary: Best as per Industry Standards

Job description – Information Security (Network)

Roles and Responsibilities

Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills

Work profile of individual

• As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
• Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
• Will be an active participant in internal / third party system security reviews and audits on customer engagements
• Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
• Will be responsible for implementation of new projects under Information Security Domain
• Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
• Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
• Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
• Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
• Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.

Team work

• Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
• Individual would predominately work with off-shore engagement teams and relevant  teams on presale and cyber security delivery.
• Communication, written and verbal, with these teams would be expected.
• Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
• Team members would be required to handle multiple tasks at the same time.
• Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.

Desired Candidate Profile

• Bachelors
• Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
• Experience : 3-5 years
  
  

Knowledge Required:

• Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
• Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
• Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
• Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
• Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
• Good knowledge on Privacy, Governance and reporting
• Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
• Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
• Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.

Additional Responsibilities:

• Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
• Good knowledge on software configuration management systems and license Management systems
• Awareness of latest technologies and Industry trends
• Logical thinking and problem solving skills along with an ability to collaborate
• Understanding of the financial processes for various types of projects and the various pricing models available
• Ability to assess the current processes, identify improvement areas and suggest the technology solutions
• One or two industry domain knowledge
• Client Interfacing skills
• Project and Team management

• Must have good exposure working in SOAR (Security, Orchestration, Automation, Response)
• Strong knowledge in End user/ point security.
• Good hands on Cyber security like SIEM, IAM, PAM.
• Sound Knowledge into automated incident management using Demisto (or similar technology)
• Hands on creating playbooks in Python Scripting.