11+ Information security management system Jobs in India

Roles and responsibilities:

- Audit the current Information Security system and procedures and do a Gap analysis

- Identify immediate potential Information Security Risks and manage remediation tasks through to closure

- Create an Information Security Compliance Roadmap and execute end-to-end compliance initiatives by that roadmap

- Design high-quality test plans and direct Data/Information security control test activities

- Continuously improve Octro Data/Information security control framework

- Maintain handbook pages and procedures related to Information security compliance

- Identify opportunities for Information security compliance control automation, execute them and then maintain

- Provide actionable and constructive advisement to cross-functional teams, including driving remediation activities for high and select moderate-risk Observations across all Octro departments

- Design, develop, and deploy scripts to automate continuous control monitoring, administrative tasks and metric reporting for all security compliance programs

- Direct and support external audits as and when necessary

Requirements

- A minimum of 6-8 years' experience working with Data/Information Security Compliance programs

- Detailed knowledge of common information security management frameworks, regulatory requirements and applicable standards such as: ISO, SOC 2, GDPR, PCI etc.

About Octro Inc :

We are one of the fastest-growing mobile gaming companies around, a technology-driven organization at heart, and take pride in the platforms we create.

Founded in 2006 with a mission to create productivity applications for Mobile Devices. After pioneering one of the first mobile Voice-over-IP infrastructures called OctroTalk, the company ventured into building mobile gaming platforms. Sequoia Capital has invested in Octro. The funding was announced in June 2014.

About Us

We are an AI-Powered CX Cloud that enables enterprises to transform customer experience and boost revenue with our APIs by automating and analyzing customer interactions at scale. We assist across multiple voices and non-voice channels in 30+ languages whilst coaching and training agents with minimal costs.

The problem we are solving

In comparison to worldwide norms, customer support in traditional contact centers is quite appalling, due to a high number of queries, insufficient capacity of agents and inane customer support systems, businesses struggle with a multi-fold rise in customer discontent and bounce rate, resulting in connectivity failure points between them and customers.

To address this issue, IITian couple Manish and Rashi Gupta founded Rezo's AI-Powered CX Cloud for Enterprises 2018 to help businesses avoid customer churn and boost revenue without incurring financial costs by

providing 24x7 real-time responses to customer inquiries with minimal human interaction.

Roles and Responsibilities:-

• To Maintain the required uptime for Azure Cloud and IT Infrastructure.
• To provide the earliest resolution of the reported issues, which may include but are not limited to cloud & end-user related issues.
• Configuring and managing the alerts through Nagios, which may include but is not limited to scripting knowledge.
• Linux and Windows Server administration.
• Managing Firewalls and Domain Controllers.

Requirements

• Having relevant experience of 3+ yrs.
• Sound knowledge of Linux & Windows System administration
• Good Hands-on experience on Azure/AWS ( Willing to work on Azure only)
• Must be an expert in at least one of OpenStack, Cloudify, SaltStack, Rundeck, Ansible
• Good knowledge of networking, firewall & domain controller
• Basic knowledge of DevOps/Scripting
• Should be willing to work in rotational day shifts and WFO
• Flexibility to be able to work in a 24/7/7 environment

Life at Rezo.AI

• We take transparency very seriously. Along with a full view of team goals, get a top-level
• View across the board with our regular town hall meetings.
• A highly inclusive work culture that promotes a relaxed, creative, and productive
• environment.
• Practice autonomy, open communication, and growth opportunities, while maintaining a
• perfect work-life balance.
• Go on company-sponsored offsites, and blow off steam with your work buddies.

Perks & Benefits

Learning is a way of life. Unlock your full potential backed with cutting-edge tools and mentor-ship

Get the best in class medical insurance, programs for taking care of your mental health, and a Contemporary Leave Policy (beyond sick leaves)

Why Us?

We are a fast-paced start-up with some of the best talents from diverse backgrounds. Working together to solve customer service problems. We believe a diverse workforce is a powerful multiplier of innovation and growth, which is key to providing our clients with the best possible service and our employees with the best possible career. Diversity makes us smarter, more competitive, and more innovative.

Explore more here

http://www.rezo.ai/" target="_blank">www.rezo.ai

Job Brief

QwikSkills is seeking an extremely knowledgeable Azure Cloud Engineer with a passion for problem-solving. You will make recommendations and help to create and maintain cloud services for developers that use this infrastructure for their software. You will need great collaboration and communication skills as you will spend a large part of your role interacting with developers and non-technical stakeholders.

Who We Are

QwikSkills is a one-stop platform to learn & practice hands-on cloud skills, cloud certification preparation and practice needs. We offer affordable world-class online certification practice tests and hands-on cloud labs for individuals as well as teams for AWS, Google Cloud, Azure, VMware etc.

As an Azure Cloud Engineer, your responsibilities include:-

• Developing and deploying Cloud solutions in collaboration with the cloud team.
• Managing and maintaining Cloud Labs portfolio.
• Creating, debugging, testing, and documenting Cloud Labs. 
• Identifying, analysing, and resolving Cloud infrastructure vulnerabilities and application deployment issues.
• Regularly reviewing existing systems and making recommendations for improvements.
• Generating curriculum for technical training.
• Working with the internal team to design, own, and deliver advanced training courses.
• Handling a group of 50-100 mentees/students and constantly guiding them through the course curriculum.

What We Are Looking for, in a Candidate

• Energy and enthusiasm to work in a fast-paced start-up culture
• Valuable degree in Computer Science or other technical discipline or equivalent
• Good understanding of the various Azure services and how they work together
• Superior programming knowledge, Python needed
• Good creativity and ideas for creating new Lab content that is engaging, relevant, and useful for the learners
• Good understanding of finding quality content for Labs Doc Creation
• Demonstrable problem-solving skills and logical thinking techniques, and have excellent attention to detail
• Excellent teamwork/collaboration skills
• Effective time management skills
• Proven work experience in a similar role

Fringe Benefits of Working with Us

• Assured winsome compensation
• An inclusive team of like-minded professionals
• An energetic and positive working space
• Collateral creative freedom
• Personal and professional development
• A major scope for career progression

Experience:- Overall 10 to 12 years of experience of which atleast 5 to 7 years’ experience should be in Information Security. Mandatory is 5 to 7 years’ experience in Information security and with one full end to end implementation experience.

Base location: - Bengaluru - Must

Joining requirement: - Not later than second week of June 2023.

Requirements: -

1.      Mandatory - ISO 27001:2013 lead implementor certified

2.      Mandatory - ISO 27001:2013 lead auditor certified (but if it is a good candidate, we can still consider)

3.      Good to have – CISA, CISM, Risk management certification, Privacy certifications.

4.      Mandatory - Atleast one end to end implementation experience of ISO 27001 standard. The candidate should have a good implementation knowledge of ISO 27001, ISO 27002 standards and is required to implement the ISO requirements and run the ISMS program for multiple countries.

5.      This immediate requirement is for implementing the ISMS program for our Canadian office location. The candidate should be willing to work from Bengaluru in EST time zone during this implementation phase whenever required.

6.      Good documentation skills.

7.      Develop, implement, maintain, review and continually improve Information Security policies.

8.      Good understanding and knowledge of applicable legal and regulatory requirements as relevant to information security.

9.      Manage and maintain a risk register / risk database along with risk treatment plans.

10.  Good understanding of physical and environmental security.

11.  Conduct Internal Audits based ISO 27001 standards and Personal Data Protection policies. A good experience in independently conducting Internal and supplier audit with respect to information security.

12.  Provide training to the employees on Privacy & Information Security Management System on regular intervals.

13.  The greater part of the job involves interacting with people, interviewing them / auditing, Preparing audit reports, discussing / persuading / influencing.

14.  Mandatory: Good verbal and written communication skills. Eye for details.

15.  Good presentation skills.

16.  Since this is a trusted role, candidates must be willing to undergo extensive background checks to verify their identity, character, qualifications, skills and experience.

Dear Candidate,

Greetings from HCL Technologies Ltd.

• Make sense of Cyber security and compliance frameworks that apply to your business or industry
  • Identify business risks, taking into account the role of your hosting service provider
  • Determine which Cyber security controls are required to mitigate your identified risks
  • Improve collaboration and communication during Cyber security Incident mitigation and response.
  • Establish the necessary framework based on NIST Framework to maintain and continually improve your information security program over time based on evolving scope and emerging risks
  • Document and track efforts for evidence collection and audit preparation

• will have primary responsibility for coordinating and implementing effective Cyber Security management across the account. This role will ensure that all Supplier obligations are met regarding compliance with Security guidelines, data protection, regulations, Supplier policies, and key controls.
• provide implementation and ongoing operation of Security management framework;
• be responsible for coordinating activities to address the key Security risk exposures;
• ensure Security awareness training of, and assistance in the implementation of robust Security management practices across Security operations;
• direct the design of controls to address emerging or new Security risk and compliance requirements;
• carry out regular and frequent assurance reviews of the design and operating effectiveness of Security controls;
• implement, monitor and report on key Security risk indicators to identify and address emerging risks;
• coordinate with other Service Providers and Security functions, to facilitate client’s audits and inspections;
• manage and report on responses and actions to address Security audit points, inspection deficiencies, or control weakness identified during normal operations.
• review outcome of cyber security risk assessment, timely implement open action items and report progress to stakeholders
• incorporate vulnerability testing as an integral part of change management
• Should have good knowledge of Cyber Security Framework and controls
• CISA ,CISM or CISSP certification should be preferred.
• Have good understanding of Security policy and process along with ITSM process.

Experience: 6+ years

Location: Pune

Lead/support implementation of core cloud components and document critical design and configuration details to support enterprise cloud initiatives. The Cloud Infrastructure Lead will be primarily responsible for utilizing technical skills to coordinate enhancements and deployment efforts and to provide insight and recommendations for implementing client solutions. Leads will work closely with Customer, Cloud Architect, other Cloud teams and other functions.

Job Requirements:

• Experience in Cloud Foundation setup from the hierarchy of Organization to individual services
• Experience in Cloud Virtual Network, VPN Gateways, Tunneling, Cloud Load Balancing, Cloud Interconnect, Cloud DNS
• Experience working with scalable networking technologies such as Load Balancers/Firewalls and web standards (REST APIs, web security mechanisms)
• Experience working with Identity and access management (MFA, SSO, AD Connect, App Registrations, Service Principals)
• Familiarity with standard IT security practices such as encryption, certificates and key management.
• Experience in Deploying and maintaining Applications on Kubernetes
• Must have worked on one or more configuration tools such an Terraform, Ansible, PowerShell DSC
• Experience on Cloud Storage services including MS SQL DB, Tables, Files etc
• Experience on Cloud Monitoring and Alerts mechanism
• Well versed with Governance and Cloud best practices for Security and Cost optimization 
• Experience in one or more of the following: Shell scripting, PowerShell, Python or Ruby. 
• Experience with Unix/Linux operating systems internals and administration (e.g., filesystems, system calls) or networking (e.g., TCP/IP, routing, network topologies and hardware, SDN)
• Should have strong knowledge of Cloud billing and understand costing of different cloud services 
• Prior professional experience in IT Strategy, IT Business Management, Cloud & Infrastructure, or Systems Engineering

Preferred 

• Compute: Infrastructure, Platform Sizing, Consolidation, Tiered and Virtualized Storage, Automated Provisioning, Rationalization, Infrastructure Cost Reduction, Thin Provisioning
• Experience with Operating systems and Software
• Sound background with Networking and Security 
• Experience with Open Source: Sizing and Performance Analyses, Selection and Implementation, Platform Design and Selection
• Experience with Infrastructure-Based Processes: Monitoring, Capacity Planning, Facilities Management, Performance Tuning, Asset Management, Disaster Recovery, Data Center support

About Us!

A global Leader in the Data Warehouse Migration and Modernization to the Cloud, we empower businesses by migrating their Data/Workload/ETL/Analytics to the Cloud by leveraging Automation.

We have expertise in transforming legacy Teradata, Oracle, Hadoop, Netezza, Vertica, Greenplum along with ETLs like Informatica, Datastage, AbInitio & others, to cloud-based data warehousing with other capabilities in data engineering, advanced analytics solutions, data management, data lake and cloud optimization.

Datametica is a key partner of the major cloud service providers - Google, Microsoft, Amazon, Snowflake.

We have our own products!

Eagle – Data warehouse Assessment & Migration Planning Product

Raven – Automated Workload Conversion Product

Pelican - Automated Data Validation Product, which helps automate and accelerate data migration to the cloud.

Why join us!

Datametica is a place to innovate, bring new ideas to live and learn new things. We believe in building a culture of innovation, growth and belonging. Our people and their dedication over these years are the key factors in achieving our success.

Benefits we Provide!

Working with Highly Technical and Passionate, mission-driven people

Subsidized Meals & Snacks

Flexible Schedule

Approachable leadership

Access to various learning tools and programs

Pet Friendly

Certification Reimbursement Policy

Check out more about us on our website below!

www.datametica.com

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

• Establish, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide leadership to the enterprise's information security organization
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Conduct regular internal audits in compliance with applicable legal and contractual requirements, ISO 27001 and PCI DSS requirements and companies internal requirements
• Conduct regular Management reviews and update the management on information security aspects. The MRMs shall also focus on drawing Management attentions to the key areas for required management actions.
• CISO is also responsible to ensure customer audits as well as re-certification and surveillance audits and successful.
• Coordinate with relevant stakeholders to address the NC closures.
• CISO shall ensure the information incidents are responded and resolved on time to ensure compliance with legal and contractual requirements.

• Degree in business administration or a technology-related field required.
• Professional security management certification
• Minimum of 5 years of experience in a combination of risk management, information security and IT jobs
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and PCI DSS.
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management including managed services.
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing/Elastic computing across virtualized environments.