Careers

The Senior Information Security Manager will deliver comprehensive information security and governance, risk, and compliance (GRC) services to global clients. This position requires a deep understanding of international security standards and regulations, focusing on ISO 27001 and CISA certifications. The successful candidate will lead the development and execution of security strategies, conduct risk assessments, manage security incidents, and ensure compliance across various industries and geographies.

• Develop and implement information security policies, procedures, and practices for global clients in alignment with their business objectives.
• Lead the information security team, providing mentorship, training, and performance evaluations.
• Collaborate with client management teams to integrate security into their organizational culture and operations.
• Oversee daily security operations, including monitoring, incident response, and vulnerability management for clients.
• Provide GRC services, including compliance assessments, policy development, and audit support for various regulatory frameworks.
• Conduct regular risk assessments and client audits to identify potential security threats and vulnerabilities.
• Ensure client compliance with relevant regulations, standards, and best practices, including ISO 27001 and other industry-specific requirements.
• Promote a security-conscious culture within client organizations.
• Evaluate and manage relationships with third-party vendors and service providers for clients.

• Bachelor’s degree in Information Security, Computer Science, or a related field. Master’s degree preferred.
• Certifications in ISO 27001, CISA, or equivalent information security certifications.
• Minimum of 7-10 years of experience in information security, with at least three years in a managerial role providing services to global clients.
• Strong knowledge of information security principles, frameworks, and best practices.
• Experience with auditing firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams and global clients.

This is a full-time on-site role as an Information Technology Sales Specialist at ShieldByte Infosec Pvt. Ltd in Mumbai. The Sales Specialist will be responsible for IT Sales, lead generation, account management, and effective communication to drive sales and foster client relationships.

• IT Sales and Information Technology skills
• Lead Generation and Account Management expertise
• Strong communication skills
• Excellent interpersonal skills
• Ability to work collaboratively in a team setting
• Experience in the cyber security industry is a plus
• Bachelors degree in Business Administration or related field
• Experience in cyber security sales is preferred.

As a Cyber Security Analyst - VAPT, you will perform vulnerability assessments and penetration testing to identify and mitigate security risks for our clients. This is a full-time on-site role in Mumbai, where you will work closely with cross-functional teams to evaluate and enhance the security posture of our clients networks, systems, and applications. You can also provide recommendations and guidance on security best practices and help develop and implement security policies and procedures.

• Strong understanding of cyber security principles, methodologies, and technologies
• Knowledge and experience in vulnerability assessment and penetration testing methodologies
• Proficiency in using tools such as Nessus, Burp Suite, Metasploit, and Wireshark
• Experience in identifying and remediating common security vulnerabilities
• Understanding of network protocols, firewall configurations, and intrusion detection/prevention systems
• Knowledge of web application security testing and secure coding practices
• Ability to analyze and interpret security assessment reports and provide actionable recommendations
• Certifications such as CEH, eJPT, eCCPT, OSWA, OSWE, OSCP, or CISSP are preferred
• Excellent problem-solving and communication skills
• Bachelors or Masters degree in Computer Science, Cyber Security, or a related field

• Experience in managing security audits, such as, ISO 27001, HIPAA, SOC 1, SOC2 
• In-depth knowledge of security controls, interpreting control requirements for SOC 2, ISO audits, reviewing control evidence for completeness an accuracy, and ensuring evidence provided to auditors satisfies control requirements. 
• Manages subordinate staff in the day-to-day performance of their jobs. 
• Implement ISO 27001 framework and Information Security Management System (ISMS). 
• Ability to of plan and lead meetings with internal team and clients 
• Conduct ISMS and other audits 
• Prepare detailed and summary reports of assessments, and remediation plans as needed and advise internal stakeholders 
• Ensuring any customer requirements are adequately addressed as part of BISO objectives. 
• Driving GRC objectives with department heads. 
• Conduct risk assessments and internal audits and support external audits to identify weaknesses in processes and controls and implementing corrective action plans. 
• Ensure accurate and timely reporting to regulatory authorities, stakeholders, and senior management on risk and compliance-related matters. 
• Develop and implement plans for responding to compliance breaches, ensuring that incidents are properly investigated, reported, and addressed.

• Hands-on experience with security technologies in Information security and other audits. 
• Strong Knowledge in risk management, ISO 27001, ISO 22301 PCI DSS, HIPAA, GDPR, SOC 2 
• Knowledgeable in security concepts, techniques, tools, methods, and practices 
• Good technical in cyber security products 
• Individually to perform the technical audits 
• Freshers can apply