143 Information Security jobs in India

Job Overview

We are seeking an experienced professional to lead our Identity and Access Management services. As a key member of our team, you will be responsible for managing security operations, technology governance, and external/internal interfaces according to service operations and management processes.

Main Responsibilities:

• Oversight of identity and access management services for customers inside and outside the global IT infrastructure.
• Management of processes and resources delivering identity and access management services, ensuring coordination of teams in overall planning activities, service delivery, and issue resolution.
• Sustained integrated service management of global supporting components, including associated SLAs, OLAs, and UCs.
• Delivery of continuous improvement, cost reduction, and performance of services.
• Assistance with regional and global monitoring, reviewing, and reporting of performance against SLA/OLA service and/or portfolio.
• Performance of service reviews, qualifications, and self-assessments to ensure conformance with service-, quality-, audit, compliance, security, and SOX requirements, and industry best practices.
• Collaboration with architecture and governance to establish overall services and delivery roadmaps.
• Participation in engineering and/or development activities to ensure timely delivery of objectives.

Key Qualifications:

• University-level education in computer science or comparable experience with 10+ years of IT experience.
• Excellent understanding of Identity and Access Management concepts.
• Engineering (L3) and developer experience with Oracle Identity Manager (OIM).
• Experience in Onboarding applications on OIM IAM tool.
• Managing 24*7 engineering activities, including L3 and code development, of OIM.
• Prior experience in Saviynt engineering, developer, or operations.
• Knowledge of regulatory frameworks like SOX and GxP.
• Proven ability to manage multiple projects, initiatives, and deliverables involving service providers.
• Ability to work independently and with service provider resources to deliver identity and access management services/solutions.

Benefits and Perks:

• Dedicated training program for upskilling and reskilling.
• Opportunities for career advancement and growth.
• Collaborative and dynamic work environment.

Skills and Certifications:

• Information Security Risk Management.
• ITIL.
• Quality Management.
• Root Cause Analysis (RCA).
• Sec Ops (Security Operations).
• Vendor Management.

Job Title: Manager – Information Security

Job Summary

We are seeking an accomplished Information Security professional with extensive experience in cybersecurity best practices, enterprise security architecture, data protection, first-line information security risk management, and conducting security assessments. The Manager – Information Security will be instrumental in developing, evaluating, and ensuring alignment with cybersecurity controls and policies, maintaining compliance with standards, and embedding security into the organization's products, services, and technology infrastructure. This position demands a subject matter expert capable of bridging the gap between security policy, risk, and technical implementation. A solid understanding of the latest security frameworks and technologies, including Cloud and AI, is essential to effectively inform and support risk-based decision-making.

Key Responsibilities

Cybersecurity Policy & Governance

• Develop, review, and maintain cybersecurity policies, standards, and procedures consistent with NIST, Cloud Security Alliance, CIS, and other global security frameworks.
• Convert identified security risks into policy requirements while ensuring alignment with business objectives.
• Work with security, engineering, architecture, and operational teams to confirm that policies are technically feasible and provide guidance on implementing and enforcing controls.

Risk Management and Assessments

• Function as a security specialist, providing advisory support or directly conducting comprehensive risk assessments and control gap analyses across services, products, infrastructure, and applications.
• Offer recommendations and guidance on effective risk mitigation strategies that align with business objectives and maintain appropriate security standards.
• Track emerging threats, evolving industry standards, best practices, and regulatory changes in order to proactively advise on necessary updates to policies, controls, or other measures required to strengthen and modernize our risk management posture.

Security Architecture

• Provide guidance on secure cloud, network architecture, segmentation, and system hardening.
• Work with engineering teams to monitor and maintain secure configurations and access controls.
• Lead or advise on security reviews of new technologies and system changes.
• Carry out Security Architecture Integration by conducting ongoing or targeted architecture reviews to confirm that security is incorporated, integrated, and verified in designs and implemented services.
• Establish and uphold architectural security principles throughout the technology and services ecosystem.
• Assess and integrate security tools and technologies to support the enterprise security posture.

Security Assurance and Attestations

• Maintain documentation and evidence repositories to facilitate internal and external support.
• Utilize platforms such as SharePoint and Jira to ensure optimal assessment preparedness.
• Collaborate with control owners to monitor, address, and close findings efficiently.

Awareness & Communication

• Develop and implement cybersecurity awareness programs designed for both technical and non-technical teams.
• Prepare concise communications regarding policy changes, risk advisories, and incident notifications.
• Deliver training sessions to stakeholders on security controls and risk management procedures.

Required Qualifications

• Bachelor's / Master's degree in Information Security, Computer Science, or related field.
• 12 – 15 years of experience in Information Security with a strong focus on risk management, network security, and security architecture.
• Hands-on experience in system/network administration (Windows/Linux/Cloud).
• Deep understanding of frameworks such as ISO 27001, NIST, PCI DSS, and COBIT.
• Proven experience in drafting and implementing security policies and technical standards.
• Strong knowledge of identity lifecycle management and access governance.
• Experience with audit documentation and evidence management tools (e.g., SharePoint, Jira).
• Excellent communication and stakeholder engagement skills.

Preferred Qualifications

• Certifications: CISSP, CISM, CISA, CRISC, or equivalent.
• Experience with GRC platforms and risk assessment methodologies.
• Familiarity with regulatory standards such as GDPR, CCPA, and other data protection laws.
• Exposure to cloud platforms (Azure, AWS) and security tools (e.g., Defender, CrowdStrike, Tenable).
• Knowledge of enterprise architecture frameworks and secure design principles.

Overview

The Business Security Engineering Guild is looking for a Senior Information Security Engineer to contribute and maintain reusable security requirements that software engineering teams will leverage. The ideal candidate is passionate about cybersecurity, has broad knowledge & experience in various security domains and has a creative mindset. In this role, you will:

Develop, deliver and maintain the reusable security requirements.

Create and maintain documentation, procedures and analytics with respect to the security requirements.

Work with cross-functional teams to help them understand security requirements and gather feedback to make the process more efficient.

Consult with development and operational teams to securely design applications and services following industry best practices.

Demonstrate a working knowledge of information security principles, theories and concepts.

Perform security reviews and threat modelling for Mastercard applications.

Identify methods to mitigate threats, attacks, and risks to

#Hirning #Radiant Logic #Oracle Unified Directory #My SQL #Oracle #MySQL #Powershell #AppViewX

Job Title: Information Security Engineer 3

Location: Bangalore(Hybrid)Work from office 3 days a week

Exp:5+ years

Mandatory Skill Set:

• Radiant Logic
• Oracle Unified Directory

The ideal candidate will have understanding of identity management systems, with a focus on Radiant Logic (Must have), Oracle Unified directory, Active Directory (AD) and LDAP technologies (Good to have))

• This role requires hands-on experience in managing and troubleshooting identity environments, and the ability to work on complex integration projects. (Radiant Logic (Must have), Oracle Unified directory)

• Review and correlate security logs

• Identity Management Solutions: implement and manage identity management solutions using Radiant Logic's platform.

• Radiant Logic /Oracle Unified directory (must know), Active Directory & LDAP Integration: Integrate and synchronize data from AD and LDAP directories into Radiant Logic's virtual directory.

• Troubleshooting: Diagnose and resolve issues related to identity synchronization, data flow, and directory services.

• System Configuration: Configure and optimize the Radiant Logic platform to meet customer-specific requirements.

• Collaboration: Work closely with cross-functional teams, including IT, security, and business units, to deliver identity solutions that align with organizational goals

• Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives

• Create and maintain F5 UI in AppViewX /Or any other Load balancer management experience for individual applications and maintain access

Essential Qualifications:

• A bachelor's degree in information systems, Computer Science, Engineering and/or other related discipline or equivalent experience

•
2+ years of information security experience or experience in working with
information security products/platforms

•
Hands-on experience with identity synchronization, virtual directory services, and federation.

• Platform familiarization with Microsoft Windows Servers, IIS, Critical services etc.

•
SQL experience (Basic administration and SQL query) , Familiarization with any of the following database platforms: MS SQL, Oracle, MySQL.

•
Knowledge and work experience with the Change Management process and tools

• Experience supporting and troubleshooting of production and Ops Infra support.

• Incident and Change Management Experience is a Must (Service Now Preferred) .

• Handling Major Incidents and informing the stakeholders about the periodic updates with full ownership of incidents till closure.

Desired Qualifications:

• Any security certification is a plus.

• Fluent in scripting or querying languages utilizing SQL/ Powershell.

• Strong understanding of LDAP protocols, schema, and directory services, Radiant logic , Oracle Unified directory.

• Familiarity with identity federation and single sign-on (SSO) solutions.

• Experience with scripting and automation tools (e.g., PowerShell, Python) is a plus.

• Platform familiarization with Windows Servers (Must), Linux/Unix (good to have)

• Experience in IAM tools, process, Privileged accounts, Monitoring etc.

Lead the Maintenance of ISO 27001:2013 and support the organization in achieving SOC 2 Type II certification.

Develop, review, and maintain information security policies, procedures, and guidelines tailored to organizational needs.

Own and manage internal and external audits including coordination, evidence gathering, remediation tracking, and closure of findings.

Conduct periodic internal audits and client-specific assessments, ensuring compliance with regulatory and customer requirements.

Deliver security awareness training, workshops, and compliance-related sessions across teams.

Create, update, and maintain clear process documentation and standard operating procedures.

Collaborate with IT and engineering teams to support network design, infrastructure audits, and security hardening.

Lead incident response activities including root-cause analysis, documentation, lessons learned, and implementation of corrective/preventive actions (CAPA).

Manage SOC strategy, processes, alerts, case aggregation, and SLA optimization.

Perform vulnerability assessments, risk analysis, and application security testing as required.

Analyse and report IS events, track incidents, identify weaknesses, and ensure timely escalation and resolution.

Work closely with stakeholders on custom alert integrations, tuning detection logic, and managing logs and monitoring tools.

Apply knowledge of IT infrastructure, including Windows, Linux, firewalls, IDS/IPS, VPNs, proxies, and endpoint security.

Ensure continuous improvements in the security posture and compliance maturity of the organization.

Position Title

AVP – Information Security Governance & Compliance

Role

Managing Information Security Governance, Risk & Compliance, and Awareness Activities.

Reporting To

VP – Information Security Governance & Compliance

Key Responsibilities

1. To manage

2. Compliance with "Guidelines on Information and Cyber Security for Insurers" issued by the Insurance regulator, IRDAI

3. Compliance with other guidelines related to Information Security/Data Security/Cyber Security/Information Security Management System (ISMS), issued by the Insurance regulator and/or any other regulator
4. Compliance with information security requirements of government of India like CERT-In, MeitY etc.
5. Compliance information security policies, standards, procedures and guidelines
6. Compliance with

CISO will be responsible for developing, implementing, and overseeing Vastus cybersecurity

strategy to protect its assets, data, and reputation. This role will involve leading the

organization's response to cyber threats, ensuring regulatory compliance, and maintaining a

strong security posture.

Key Responsibilities:

• Cybersecurity Governance: Establish, implement, and maintain a robust

cybersecurity governance framework aligned with industry best practices and

regulatory requirements.

• Risk Management: Conduct risk assessments, identify vulnerabilities, and develop

mitigation strategies to protect Vastus assets.

• Compliance: Ensure compliance with applicable cybersecurity regulations,

standards, and policies, including those from NHB and RBI.

• Incident Response: Develop and maintain incident response plans, procedures, and

capabilities to effectively manage and mitigate cyber incidents.

• Threat Intelligence: Collect, analyze, and disseminate threat intelligence to identify

and address emerging risks.

• Awareness and Training: Develop and deliver cybersecurity awareness and training

programs to employees.

• Technology Oversight: Select, implement, and manage cybersecurity technologies

and solutions.

• Vendor Management: Evaluate and manage third-party security risks.

• Regulatory Engagement: Coordinate with regulators and industry peers to stay

informed of emerging threats and best practices.

Specific Duties:

• Lead internal response to regulatory requests, audits, and inspections.

• Monitor and ensure compliance with applicable regulations.

• Implement cybersecurity remediation programs.

• Collaborate with branches to identify and mitigate cyber risks.

• Evaluate and manage security exceptions.

• Serve as a subject matter expert on cybersecurity topics.

• Maintain and improve Vastu's cyber defense capabilities.

• Define and implement cybersecurity governance.

• Schedule and manage penetration testing and vulnerability scans.

• Align cybersecurity strategy with organizational objectives.

Why join us?

Our purpose is to design for the good of humankind. It's the ideal we strive toward each day in everything we do. Being a part of MillerKnoll means being a part of something larger than your work team, or even your brand. We are redefining modern for the 21st century. And our success allows MillerKnoll to support causes that align with our values, so we can build a more sustainable, equitable, and beautiful future for everyone.

Governance, Risk and Compliance Engineer

Purpose / Profile

The MillerKnoll Governance, Risk, and Compliance Engineer will work collaboratively with the global cross-functional teams to centrally perform Cybersecurity and Privacy compliance, data governance, and risk management functions. The engineer will have primary responsibility for managing the GRC platform, implementing API and automations to support the cybersecurity and privacy practices, and investigate the use of AI to improve the GRC. This position works closely with the Legal, Internal Audit, Cybersecurity and Technology teams to help ensure that contractual, policy, control, procedural, legal, and regulatory obligations are effectively defined and implemented.

The engineer must be collaborative and flexible while developing solutions that meet changing cybersecurity and privacy requirements while supporting business function needs. This individual will help grow and mature risk and compliance processes to gain efficiencies and effectiveness in collaboration with all departments to ensure an acceptable risk posture for the organization. This position requires a deep understanding of existing data protection laws and regulations, such as the EU-GDPR and CCPA/CPRA, but also be focused on broader implications of protections as a function of information/system lifecycle management and security and privacy by design. The engineer must possess high standards of legal and business ethics and a demonstrated ability to understand technology, independently problem solve, analyze large quantities of data, and clearly summarize and communicate facts.

Essential Functions

• Managing the GRC platform and all its modules.
• Develop of compliance automation to improve business processes.
• Investigates AI opportunities to improve the GRC functions.
• Implements APIs between OneTrust and other systems to support GRC Controls and requirements.
• Collaborate with key business partners on use cases for the GRC platform.
• Develop documentation on how to use the GRC platform.
• Train business partners on how to use the GRC platform.
• Interpret and apply laws, regulations, policies, standards, or procedures to specific issues.
• Work cooperatively with applicable organization units in implanting consumer information access rights.
• Serve as liaison for the GRC platform to the organization.
• Support privacy initiatives through Data Discovery.
• Monitor systems development and operations for security and privacy compliance

Additional Functions

• Stay current with compliance news and trends relevant to the business and industry.
• Participate in providing support for compliance-related incidents.
• Interface with other business units such as Cybersecurity to communicate program status and overall compliance and training posture.
• Promote a positive security/compliance culture through knowledge sharing, influences, and conduct.
• Create and maintain role-specific documentation.
• Assist with our government, risk, and compliance projects as time permits.

Knowledge, Skills, and Abilities

• Knowledge of

Responsibilities:

* Conduct penetration tests, security assessments & SIEM monitoring

* Implement ISO standards & GDPR compliance

* Ensure SOC readiness & NIST framework adherence

* Manage Guard Duty program & Sophos/IDS systems

Health insurance

Provident fund

Flexi working

Cafeteria

Pregnancy care program

Employee Assistance Program (EAP)

Life insurance

Maternity policy