Job Title: Executive / Senior Executive / Assistant Manager / Manager – Statutory Audit Location: Gurgaon Experience: 2+ years (post-qualification) Qualification: Chartered Accountant (CA) – Mandatory Practice: India Practice Job Summary: We are hiring qualified and experienced Chartered Accountants for Assistant Manager and Manager positions in our Statutory Audit – India Practice team in Gurgaon . The role involves managing statutory audits for Indian entities, ensuring compliance with relevant regulatory frameworks, and leading audit teams to deliver high-quality results. Key Responsibilities: Manage statutory audit assignments end-to-end in line with Ind AS , Indian GAAP , and the Companies Act, 2013 . Lead audit planning, execution, and finalization, ensuring adherence to timelines and quality standards. Supervise, mentor, and review the work of junior team members. Prepare and review audit documentation, financial statements, and audit reports. Communicate effectively with clients to understand requirements, resolve issues, and maintain strong relationships. Stay current with changes in audit, tax, and accounting regulations applicable in India. Drive process improvements, contribute to knowledge building, and support business development activities. Key Requirements: CA qualification is mandatory with a minimum of 3+ years of post-qualification experience in Statutory Audit – India Practice . Strong technical expertise in Ind AS , Indian GAAP , and audit procedures under the Companies Act . Demonstrated ability to lead audits independently and manage client expectations. Proficiency in audit tools, MS Excel, and documentation software. Strong interpersonal, analytical, and problem-solving skills. Ability to manage multiple assignments and meet deadlines in a fast-paced environment. Show more Show less

Job Title: Consultant / Senior Consultant – VAPT Location: Gurgaon Experience: 2+ years Work Mode: Onsite (Gurgaon) Certification: OSCP – Mandatory Notice Period: Immediate joiners preferred Role Overview: We are looking for highly motivated and technically skilled Consultants / Senior Consultants with a passion for offensive security to join our Vulnerability Assessment and Penetration Testing (VAPT) team in Gurgaon . The ideal candidate will possess strong hands-on experience in application and infrastructure security testing, with the ability to identify and exploit vulnerabilities using both manual and automated techniques. Key Responsibilities: Perform manual and automated penetration testing of web applications, mobile apps, infrastructure, network, and cloud environments . Identify vulnerabilities, simulate real-world attacks, and provide actionable remediation steps. Conduct source code reviews to identify security flaws in programming logic. Create and deliver detailed technical reports and executive summaries . Stay up to date with the latest vulnerabilities, attack vectors, and security trends. Adhere to industry standards and frameworks such as OWASP, NIST, ISO 27001, PCI-DSS, and RBI cybersecurity guidelines . Collaborate with internal stakeholders and clients to explain findings and support remediation. Required Skills & Qualifications: Minimum 2 years of relevant experience in VAPT / offensive security . Strong command of manual testing techniques beyond tool-based assessments. Hands-on experience with tools like Burp Suite, Nmap, Metasploit, Nessus, Wireshark, AppScan, Fortify , etc. Experience in web, mobile, infrastructure, and source code assessments . Solid understanding of network protocols, operating systems (Linux/Windows), firewalls, proxies, and security controls . Mandatory: Valid OSCP certification . Proficiency in one or more scripting languages (e.g., Python, Bash) is an advantage. Excellent analytical, documentation, and communication skills. Show more Show less

Job Title: GRC Deputy Manager / Manager Location: Gurgaon Experience: 4+ Years Employment Type: Full-Time Join Time: Immediate joiners preferred Job Summary: We are looking for an experienced GRC Professional to join our Gurgaon office. The ideal candidate will be responsible for managing and enhancing our Governance, Risk, and Compliance (GRC) framework, with a strong emphasis on risk management, regulatory compliance, security governance, and business continuity planning. This role is critical in ensuring that our IT operations align with regulatory standards, industry best practices, and organizational risk appetite. Key Responsibilities: GRC Strategy & Framework: Develop, implement, and maintain policies, procedures, and controls aligned with industry standards such as ISO 27001, NIST, and regulatory requirements (e.g., GDPR, RBI, SEBI). Monitor and assess the effectiveness of the organization's internal controls and GRC framework. Perform periodic risk assessments and control testing to ensure compliance and identify potential areas of improvement. Security & Compliance Oversight: Oversee governance for key security tools and technologies (e.g., SIEM, DLP, EDR, IAM). Coordinate with security operations to ensure compliance with policies and address vulnerabilities. Support compliance audits, prepare documentation, and track remediation activities. Business Continuity Management (BCM): Maintain and enhance the organization's Business Continuity Management System (BCMS) . Conduct Business Impact Analysis (BIA) and support the development, testing, and maintenance of Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) . Stakeholder Collaboration & Reporting: Work closely with cross-functional teams including IT, InfoSec, Legal, and Internal Audit. Prepare and deliver regular reports on risk posture, compliance status, and control effectiveness to senior management. Support internal training and awareness programs related to GRC and security compliance. Qualifications: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Minimum of 4 years of experience in GRC, risk management, IT audit, or related roles. Solid understanding of GRC frameworks, standards, and regulatory environments. Hands-on experience with security tools governance and policy enforcement. Preferred Certifications (Nice to Have): ISO 27001 Lead Auditor/Implementer, CISA, CRISC, CISSP, or equivalent. Show more Show less

Job Title: Associate Director / Director – VAPT Location: Mumbai Experience: 10+ years Work Mode: Onsite (Mumbai) Certification: OSCP preferred; other relevant certifications (e.g., OSCE, CISSP, CISM, GPEN) are an added advantage Role Overview: We are seeking an experienced cybersecurity leader to join our team as an Associate Director / Director – VAPT in Mumbai . The role demands a seasoned professional with deep expertise in Vulnerability Assessment and Penetration Testing across web, mobile, network, infrastructure, cloud, and source code environments. The ideal candidate will bring strong technical capabilities along with proven leadership in managing high-performing teams and driving large-scale security engagements for enterprise clients. Key Responsibilities: Leadership & Strategic Oversight: Lead the VAPT practice for the region, ensuring alignment with organizational goals and client expectations. Define and evolve methodologies, standards, and best practices for VAPT engagements. Collaborate with senior leadership and clients (CIOs, CISOs, Risk Heads) on cybersecurity strategy, roadmap, and execution. Lead business development , proposal creation, RFP responses, and pre-sales activities. Delivery & Engagement Management: Oversee multiple VAPT projects spanning web, mobile, infrastructure, cloud, IoT, and source code . Ensure high-quality delivery of technical assessments, risk reporting, and mitigation recommendations . Monitor project performance, client satisfaction, and profitability. Act as a technical escalation point for complex and critical vulnerabilities. Team Development & Mentorship: Build, mentor, and retain a team of high-caliber security professionals. Conduct knowledge-sharing sessions, lead training initiatives, and promote internal capability building. Encourage a culture of continuous learning, innovation, and ethical hacking . Desired Skills & Experience: 12+ years of overall cybersecurity experience with a strong focus on VAPT and Red Team assessments . Proven expertise in conducting and managing manual and advanced penetration testing of applications, networks, and cloud environments. Familiarity with tools like Burp Suite, Metasploit, Nmap, Nessus, Qualys, AppScan, Fortify, Wireshark , etc. Solid understanding of security frameworks and standards : OWASP, NIST, MITRE ATT&CK, ISO 27001, PCI-DSS, RBI guidelines. Strong knowledge of secure coding practices and experience in reviewing source code in multiple languages. Exposure to cloud platforms (AWS, Azure, GCP) and DevSecOps is preferred. Excellent communication, stakeholder management, and team leadership skills. OSCP certification is preferred ; additional credentials such as OSCE, CISSP, CISM, GPEN are a plus. Show more Show less

Job Title: Cloud Security Consultant Location: Mumbai Experience: 5+ years Availability: Immediate Joiners Preferred Job Description: We are seeking an experienced Cloud Security Consultant to implement and maintain robust cloud security standards across leading platforms (AWS, Azure, GCP). The candidate must have a deep understanding of cloud provisioning, identity and access management, encryption standards, and network security. Key Responsibilities: Implement Secure Cloud Account & Environment Provisioning Standards (SCAEPS) including: Account/subscription setup protocols Root/owner account security controls Baseline configurations and naming standards Deploy and manage Cloud IAM Technical Baseline (IAMTB) such as: Password policies, RBAC, and MFA enforcement SSO/federation with enterprise identity systems Secure management of service principals and cross-account access Design and implement Network Security Configurations (NSCD) : Secure VPC/VNet design and subnet configurations Routing, firewall, and IDS/IPS configurations Enforce Data Encryption Standards (DETS) : AES-256 encryption and KMS key lifecycle management TLS/SSL configuration and certificate management Apply Cloud Storage Security Configurations (CSSCD) : Prevent public access to storage Encryption and access policy implementation for cloud storage Requirements: Minimum 5 years of experience in cloud security Hands-on experience with AWS/Azure/GCP security best practices Expertise in IAM, encryption, and network architecture Strong knowledge of regulatory standards (e.g., ISO, NIST, CIS) Relevant certifications preferred: AZ-500, AWS Security Specialty, CCSP, etc. Show more Show less

Job Title: GRC Consultant Location: Chennai Experience: 3+ years Availability: Immediate Joiners Preferred Language Requirement: Proficiency in Tamil (Mandatory) Job Description: We are hiring a GRC Consultant in Chennai who will be responsible for governance, risk, and compliance-related activities. The role involves working closely with internal teams and clients to assess and improve the risk posture of the organization. Key Responsibilities: Implement and maintain GRC frameworks, policies, and controls Conduct risk assessments, gap analyses, and internal audits Assist in preparing compliance documentation for ISO 27001, SOC 2, GDPR, etc. Coordinate with audit teams and facilitate external assessments Monitor regulatory changes and ensure timely updates to policies and controls Develop and deliver training sessions and awareness programs in Tamil and English Requirements: Minimum 3 years of experience in GRC, IT Risk, or Compliance Proficient in Tamil (both spoken and written) Sound understanding of risk management frameworks and standards Good communication and documentation skills Preferred certifications: ISO 27001 LA, CISA, CRISC, etc. Show more Show less

Job Title: Network Security Analyst – IT Audit & ISO 27001 Location: Coimbatore (Work from Office) Experience: 2+ years Availability: Immediate Joiners Preferred Job Description: We are seeking a motivated and skilled Network Security Analyst with experience in IT Audit and ISO 27001 implementation to join our team in Coimbatore. The ideal candidate will play a key role in assessing and strengthening our network security infrastructure while ensuring compliance with information security standards. Key Responsibilities: Perform regular network security assessments and vulnerability reviews Monitor and manage firewalls, IDS/IPS, VPNs, and endpoint security controls Conduct IT audits focusing on infrastructure, access control, and change management Assist in implementing and maintaining ISO 27001 standards , including risk assessments, controls mapping, and documentation Coordinate with internal teams to remediate audit findings and ensure continuous compliance Maintain and update security policies, procedures, and incident response plans Support security awareness initiatives and training programs Requirements: Minimum 2 years of experience in network security and IT audits Solid understanding of TCP/IP, network protocols, and security controls Working knowledge of ISO 27001 framework, including internal audits and documentation Experience with firewalls, IDS/IPS, antivirus, SIEM tools Strong analytical, communication, and documentation skills Preferred certifications: ISO 27001 LA , CEH , CompTIA Security+ Show more Show less

Job Title: VAPT Consultant Location: Coimbatore (Work from Office) Experience: 3+ years Availability: Immediate Joiners Preferred Job Description: We are looking for a skilled Vulnerability Assessment and Penetration Testing (VAPT) Consultant to join our team in Coimbatore. The ideal candidate will have a solid understanding of information security principles and hands-on experience in identifying and exploiting vulnerabilities across a variety of platforms. Key Responsibilities: Conduct end-to-end VAPT assessments for web applications, networks, APIs, cloud, and mobile applications Identify security vulnerabilities and provide detailed risk analysis reports Recommend appropriate remediation measures and assist in retesting Maintain documentation of all testing results, tools used, and findings Collaborate with clients and internal teams to ensure implementation of security best practices Stay updated with the latest vulnerabilities, exploits, and security trends Requirements: Minimum 3 years of relevant experience in VAPT Strong knowledge of tools like Burp Suite, Nessus, Metasploit, Nmap, etc. Familiarity with OWASP Top 10 and SANS CWE Good communication and reporting skills Certifications like CEH, OSCP (preferred but not mandatory) Show more Show less

Job Title: Data Privacy Manager – Mumbai(WFO) Location: Mumbai Experience: 5+ years Work Mode: Work from Office (WFO) Joining: Immediate Joiners Preferred Background: Technical (Non-Legal Preferred) Job Summary: We are looking for a skilled and technically proficient Data Privacy Manager to join our Mumbai office. This role will focus on the implementation and management of data privacy frameworks, tools, and processes across our organization. The ideal candidate should come from a technical background (IT/Cybersecurity/GRC) and have practical experience in data classification, privacy impact assessments, and privacy technologies. Key Responsibilities: Lead and execute data privacy programs aligned with global data protection regulations (e.g., GDPR, DPDP, CCPA). Conduct Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA). Work with cross-functional teams (IT, Security, Product) to integrate privacy-by-design principles into systems and applications. Manage data subject access request (DSAR) workflows and automation. Oversee implementation of data discovery, classification, and minimization tools. Conduct internal audits and risk assessments related to data privacy. Maintain privacy governance documentation, including records of processing activities (RoPA). Monitor emerging privacy technologies and recommend tools and improvements. Requirements: Minimum 5 years of experience in Data Privacy, GRC, or Information Security roles. Hands-on experience with privacy management platforms (e.g., OneTrust, TrustArc). Good understanding of cloud environments, data encryption, and anonymization techniques. Technical background – preferred from IT, Cybersecurity, Data Governance, or GRC functions. Strong interpersonal and stakeholder management skills. Certifications like CIPT, CDPSE, CIPP/IT (preferred but not mandatory). Show more Show less

Job Title: Data Privacy Manager – Gurgaon (WFO) Location: Gurgaon Experience: 5+ years Work Mode: Work from Office (WFO) Joining: Immediate Joiners Preferred Background: Technical (Non-Legal Preferred) Job Summary: We are looking for a skilled and technically proficient Data Privacy Manager to join our Gurgaon office. This role will focus on the implementation and management of data privacy frameworks, tools, and processes across our organization. The ideal candidate should come from a technical background (IT/Cybersecurity/GRC) and have practical experience in data classification, privacy impact assessments, and privacy technologies. Key Responsibilities: Lead and execute data privacy programs aligned with global data protection regulations (e.g., GDPR, DPDP, CCPA). Conduct Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA). Work with cross-functional teams (IT, Security, Product) to integrate privacy-by-design principles into systems and applications. Manage data subject access request (DSAR) workflows and automation. Oversee implementation of data discovery, classification, and minimization tools. Conduct internal audits and risk assessments related to data privacy. Maintain privacy governance documentation, including records of processing activities (RoPA). Monitor emerging privacy technologies and recommend tools and improvements. Requirements: Minimum 5 years of experience in Data Privacy, GRC, or Information Security roles. Hands-on experience with privacy management platforms (e.g., OneTrust, TrustArc). Good understanding of cloud environments, data encryption, and anonymization techniques. Technical background – preferred from IT, Cybersecurity, Data Governance, or GRC functions. Strong interpersonal and stakeholder management skills. Certifications like CIPT, CDPSE, CIPP/IT (preferred but not mandatory). Show more Show less

Job Title: GRC Professional Location: Mohali - Gurgaon Delhi Noida Experience: 3+ Years Employment Type: Full-Time Job Summary: We are seeking a skilled and proactive GRC Professional to join our team in Mohali. The ideal candidate will play a pivotal role in developing and maintaining the organization’s Governance, Risk, and Compliance (GRC) framework, with a strong emphasis on Business Continuity Management (BCM) and the governance of security tools . This role serves as a bridge between security operations and compliance requirements, ensuring a resilient and well-governed IT environment. Key Responsibilities: GRC & Compliance Governance: Develop, implement, and maintain GRC policies, procedures, and standards aligned with industry best practices (e.g., ISO 27001, NIST) and applicable regulatory frameworks. Conduct regular assessments of internal controls, identify gaps, and recommend improvements. Support internal and external audit processes by preparing documentation and evidence of compliance. Business Continuity Management (BCM): Govern and continuously improve the organization's Business Continuity Management System (BCMS) . Lead efforts in Business Impact Analysis (BIA) , Business Continuity Planning (BCP) , and Disaster Recovery Planning (DRP) . Coordinate testing and review of continuity plans to ensure organizational resilience. Security Tool Governance: Oversee the governance of critical security tools including SIEM, DLP, EDR, IAM, and Firewalls . Define and enforce policies for the effective configuration, deployment, and monitoring of these tools. Establish accountability frameworks for tool ownership, usage, and compliance. Performance Metrics & Reporting: Develop and maintain dashboards and reports to track GRC, BCM, and security tool effectiveness. Present insights and recommendations to senior stakeholders. Cross-Functional Collaboration: Work closely with IT security, infrastructure, and business units to embed GRC practices into daily operations. Ensure security governance is aligned with business and IT strategies. Qualifications: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline. Minimum of 3 years of hands-on experience in GRC, with strong exposure to BCM and security tool governance . Sound understanding of security frameworks and regulatory requirements. Experience with tools such as SIEM, DLP, IAM, EDR, and firewalls. Strong analytical, documentation, and communication skills. Preferred Skills (Nice to Have): Relevant certifications such as ISO 27001 Lead Implementer/Auditor , CBCP , CISA , or CISSP . Experience in managing third-party risk or vendor assessments. Immediate joiners preferred. Show more Show less

Job Title: DLP Operations Analyst Location: Mumbai Experience: 3+ Years Joiners: Immediate Joiners Preferred Role Overview: We are seeking a skilled DLP Operations Analyst to join our security operations team in Mumbai . The ideal candidate should have hands-on experience in managing Data Loss Prevention (DLP) tools, especially Zscaler , and must be well-versed in operational workflows and incident response related to data protection. Key Responsibilities: Monitor, analyze, and respond to DLP alerts and incidents in accordance with defined processes. Investigate potential data leakage incidents and coordinate with internal stakeholders for resolution. Maintain incident documentation and ensure timely closure of cases. Generate and distribute regular reports and dashboards related to DLP incidents and trends. Optimize DLP policies based on alerts, false positives, user behavior, and emerging security threats. Collaborate with InfoSec, IT, and compliance teams to strengthen data protection frameworks. Stay informed about evolving DLP technologies and industry best practices to propose process improvements. Required Skills & Qualifications: 2–5 years of experience in security operations, with a strong focus on DLP . Practical knowledge of Zscaler DLP or similar DLP tools. Familiarity with incident handling and triage in a security operations environment. Strong analytical, documentation, and reporting abilities. Ability to interpret and fine-tune DLP policies for better detection and minimal false positives. Effective verbal and written communication skills, with a collaborative work approach. Preferred: Candidates available to join immediately or within a short notice period . Show more Show less

Job Title: GRC Consultant – Remote Location: Remote (India) Experience Required: 3+ years Notice Period: Immediate joiners preferred Job Summary: We are looking for an experienced GRC Consultant with a strong background in Third Party Risk Management (TPRM), ISO 27001, and ISMS . The ideal candidate will support governance, risk, and compliance initiatives with a particular focus on vendor risk assessments, control design and implementation, and compliance program enhancement. This is a remote role , open to candidates based in India, and demands strong communication, stakeholder management, and documentation skills. Key Responsibilities: Conduct Third Party Risk Assessments (TPRAs) and support end-to-end TPRM lifecycle processes. Assess vendor risk profiles and control maturity against ISO 27001, NIST, and other relevant frameworks. Develop, review, and maintain policies and procedures related to ISMS and GRC programs. Support the implementation and maintenance of Information Security Management System (ISMS) aligned with ISO 27001 standards. Perform gap assessments, risk evaluations, and control validations. Collaborate with internal teams to close findings and remediate risks. Assist in internal and external audits related to compliance and certifications. Maintain accurate and detailed documentation for audits and regulatory requirements. Deliver reports and dashboards to management regarding compliance status, risk trends, and mitigation plans. Key Skills & Qualifications: Minimum 3 years of experience in GRC, TPRM, ISO 27001, and ISMS . Solid understanding of information security principles and risk management practices. Experience conducting third-party/vendor assessments and preparing risk reports. Working knowledge of regulatory and compliance standards like SOC2, GDPR, etc. (preferred). Strong analytical, communication, and documentation skills. Relevant certifications such as ISO 27001 LA/LI, CISA, or CRISC are a plus. Preferred Attributes: Immediate joiners are strongly preferred. Ability to work independently and manage multiple priorities in a remote environment. Detail-oriented with a problem-solving mindset. Show more Show less

Job Title: GRC Consultant Location: Chennai Experience: 3+ years Availability: Immediate Joiners Preferred Language Requirement: Proficiency in Tamil (Mandatory) Job Description: We are hiring a GRC Consultant in Chennai who will be responsible for governance, risk, and compliance-related activities. The role involves working closely with internal teams and clients to assess and improve the risk posture of the organization. Key Responsibilities: Implement and maintain GRC frameworks, policies, and controls Conduct risk assessments, gap analyses, and internal audits Assist in preparing compliance documentation for ISO 27001, SOC 2, GDPR, etc. Coordinate with audit teams and facilitate external assessments Monitor regulatory changes and ensure timely updates to policies and controls Develop and deliver training sessions and awareness programs in Tamil and English Requirements: Minimum 3 years of experience in GRC, IT Risk, or Compliance Proficient in Tamil (both spoken and written) Sound understanding of risk management frameworks and standards Good communication and documentation skills Preferred certifications: ISO 27001 LA, CISA, CRISC, etc.

Job Title: TPRM Manager Location: Bangalore and Delhi (Work From Office) Experience: 6+ Years Employment Type: Full-Time Job Summary: We are seeking an experienced and proactive Third Party Risk Management (TPRM) Manager to join our growing risk and compliance team. The ideal candidate will be responsible for managing the end-to-end third-party risk lifecycle, driving compliance with regulatory and organizational standards, and collaborating with cross-functional teams to ensure robust information security and risk management practices. Key Responsibilities: Lead and manage third-party risk assessments across vendors, service providers, and partners. Evaluate vendor controls around cybersecurity, data privacy, compliance, and operational risk. Collaborate with procurement, legal, IT security, and business teams to ensure third-party risks are identified, assessed, monitored, and mitigated effectively. Ensure compliance with ISO 27001, regulatory requirements, and internal GRC frameworks. Develop and maintain TPRM documentation, policies, processes, and metrics. Work closely with audit and compliance teams for periodic reviews, internal audits, and external regulatory audits. Monitor vendor performance and maintain an updated risk register. Conduct control testing, review vendor SOC reports, and track remediation plans for non-compliance or control gaps. Provide training and awareness sessions on third-party risk, GRC, and IT security standards to stakeholders. Required Skills and Experience: Minimum 6 years of hands-on experience in Third Party Risk Management (TPRM) . Strong knowledge of GRC frameworks , ISO 27001 , IT Audit , and Network Security . Experience with cloud security and assessing cloud-based vendors (AWS, Azure, GCP). Familiarity with regulatory frameworks such as GDPR, RBI, SEBI, etc. Experience in risk assessment methodologies, control frameworks (NIST, COBIT), and issue tracking/remediation processes. Strong stakeholder management, analytical thinking, and problem-solving skills. Excellent communication, documentation, and presentation skills. Preferred Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. Certifications such as CISA , CRISC , ISO 27001 Lead Auditor/Implementer , CISSP , or similar are a plus. Prior experience working in BFSI, IT/ITES, or consulting firms will be advantageous. Immediate joiners preferred.

Job Title: Data Privacy Consultant / Senior Consultant Location: Mumbai, Pune & Chennai Experience: 2+ Years Work Mode: Work from Office (WFO) Position Level: Consultant / Senior Consultant Joining: Immediate joiners preferred Job Summary: We are seeking experienced and passionate Data Privacy professionals for Consultant and Senior Consultant roles, who have hands-on experience in privacy frameworks implementation. The ideal candidate should be able to drive end-to-end privacy program activities, support privacy compliance efforts, and assist in developing privacy strategies for clients across various industries. Key Responsibilities: Assist in the design, implementation, and management of data privacy programs in alignment with applicable regulations such as GDPR, DPDPA, HIPAA, etc. Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs). Support the implementation of privacy governance frameworks, policies, and procedures. Collaborate with cross-functional teams to identify and mitigate privacy risks. Map data flows, maintain data inventory, and conduct gap analysis for privacy compliance. Work with clients to implement privacy-enhancing technologies and tools. Provide guidance on best practices for consent management, data subject rights, data retention, and breach management. Contribute to client proposals, solutioning, and delivery of privacy engagements. Stay updated on privacy regulations, emerging risks, and industry trends. Key Requirements: Minimum 2+ years of relevant experience in data privacy implementation. Strong understanding of privacy laws such as GDPR, DPDPA, CCPA, etc. Experience with privacy frameworks and tools (OneTrust, TrustArc, etc.) is preferred. Exposure to security and privacy certifications like CIPP/E, CIPM, ISO 27701, etc., is an added advantage. Strong analytical, communication, and stakeholder management skills. Ability to work independently as well as in a team-oriented environment. Preferred Qualifications: Bachelor's or Master’s degree in Information Technology, Law, Cybersecurity, or a related field. Relevant certifications (CIPP/E, CIPM, ISO 27001, ISO 27701, DSCI Certified Privacy Professional) are a plus. Experience working with IT, legal, compliance, and risk teams.

Job Title: Data Privacy Consultant / Senior Consultant Location: Mumbai, Pune & Chennai Experience: 2+ Years Work Mode: Work from Office (WFO) Position Level: Consultant / Senior Consultant Joining: Immediate joiners preferred Job Summary: We are seeking experienced and passionate Data Privacy professionals for Consultant and Senior Consultant roles, who have hands-on experience in privacy frameworks implementation. The ideal candidate should be able to drive end-to-end privacy program activities, support privacy compliance efforts, and assist in developing privacy strategies for clients across various industries. Key Responsibilities: Assist in the design, implementation, and management of data privacy programs in alignment with applicable regulations such as GDPR, DPDPA, HIPAA, etc. Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs). Support the implementation of privacy governance frameworks, policies, and procedures. Collaborate with cross-functional teams to identify and mitigate privacy risks. Map data flows, maintain data inventory, and conduct gap analysis for privacy compliance. Work with clients to implement privacy-enhancing technologies and tools. Provide guidance on best practices for consent management, data subject rights, data retention, and breach management. Contribute to client proposals, solutioning, and delivery of privacy engagements. Stay updated on privacy regulations, emerging risks, and industry trends. Key Requirements: Minimum 2+ years of relevant experience in data privacy implementation. Strong understanding of privacy laws such as GDPR, DPDPA, CCPA, etc. Experience with privacy frameworks and tools (OneTrust, TrustArc, etc.) is preferred. Exposure to security and privacy certifications like CIPP/E, CIPM, ISO 27701, etc., is an added advantage. Strong analytical, communication, and stakeholder management skills. Ability to work independently as well as in a team-oriented environment. Preferred Qualifications: Bachelor's or Master’s degree in Information Technology, Law, Cybersecurity, or a related field. Relevant certifications (CIPP/E, CIPM, ISO 27001, ISO 27701, DSCI Certified Privacy Professional) are a plus. Experience working with IT, legal, compliance, and risk teams.

Job Title: VAPT Consultant Location: Gurgaon, Delhi NCR (Work from Office) Experience: 4+ Years Certifications: OSCP - Mandatory Joining: Immediate joiners preferred Job Description: We are seeking a highly skilled and motivated VAPT Consultant with a strong background in Vulnerability Assessment and Penetration Testing. The ideal candidate must hold an OSCP certification and possess hands-on experience in identifying and mitigating security vulnerabilities in networks, web applications, and infrastructure. Key Responsibilities: Perform Vulnerability Assessments and Penetration Testing (Web, Mobile, Network, APIs, Cloud, etc.) Simulate real-world attacks to identify and exploit vulnerabilities Prepare detailed technical reports , risk ratings, and remediation recommendations Collaborate with development and infrastructure teams to close security gaps Stay updated with the latest vulnerabilities, hacking techniques, and threat vectors Assist in security audits , threat modeling, and risk assessments Contribute to red team/blue team security exercises and internal security knowledge building Required Skills: Minimum 4 years of hands-on VAPT experience OSCP Certification is mandatory Strong knowledge of OWASP Top 10, MITRE ATT&CK framework Proficient in using tools like Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, Wireshark, etc. Experience in scripting (Python, Bash, or PowerShell) is an added advantage Understanding of network protocols, firewalls, and security controls Excellent analytical, communication, and reporting skills Preferred Qualifications: Experience with cloud security assessments (AWS, Azure, GCP) Exposure to red teaming or purple teaming engagements Ability to clearly communicate findings to both technical and non-technical stakeholders

Job Title: Data Privacy Consultant / Senior Consultant Location: Mumbai, Pune & Chennai Experience: 2+ Years Work Mode: Work from Office (WFO) Position Level: Consultant / Senior Consultant Joining: Immediate joiners preferred Job Summary: We are seeking experienced and passionate Data Privacy professionals for Consultant and Senior Consultant roles, who have hands-on experience in privacy frameworks implementation. The ideal candidate should be able to drive end-to-end privacy program activities, support privacy compliance efforts, and assist in developing privacy strategies for clients across various industries. Key Responsibilities: Assist in the design, implementation, and management of data privacy programs in alignment with applicable regulations such as GDPR, DPDPA, HIPAA, etc. Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs). Support the implementation of privacy governance frameworks, policies, and procedures. Collaborate with cross-functional teams to identify and mitigate privacy risks. Map data flows, maintain data inventory, and conduct gap analysis for privacy compliance. Work with clients to implement privacy-enhancing technologies and tools. Provide guidance on best practices for consent management, data subject rights, data retention, and breach management. Contribute to client proposals, solutioning, and delivery of privacy engagements. Stay updated on privacy regulations, emerging risks, and industry trends. Key Requirements: Minimum 2+ years of relevant experience in data privacy implementation. Strong understanding of privacy laws such as GDPR, DPDPA, CCPA, etc. Experience with privacy frameworks and tools (OneTrust, TrustArc, etc.) is preferred. Exposure to security and privacy certifications like CIPP/E, CIPM, ISO 27701, etc., is an added advantage. Strong analytical, communication, and stakeholder management skills. Ability to work independently as well as in a team-oriented environment. Preferred Qualifications: Bachelor's or Master’s degree in Information Technology, Law, Cybersecurity, or a related field. Relevant certifications (CIPP/E, CIPM, ISO 27001, ISO 27701, DSCI Certified Privacy Professional) are a plus. Experience working with IT, legal, compliance, and risk teams.

Job Title: TPRM Consultant Locations: Mumbai & Coimbatore (Work From Office) Experience: 3+ Years Joining: Immediate / Early Joiners Preferred Job Summary: We are looking for a Third Party Risk Management (TPRM) Consultant with strong experience in risk assessment, ISO 27001, GRC frameworks , and Information Security Management Systems (ISMS) . The ideal candidate will be responsible for evaluating and mitigating risks posed by third-party vendors and ensuring compliance with regulatory and internal security requirements. Key Responsibilities: Conduct end-to-end third-party risk assessments including due diligence, security control reviews, and vendor profiling. Evaluate vendors against frameworks such as ISO 27001 , NIST , and internal risk policies. Collaborate with business units and procurement teams to support secure onboarding and continuous monitoring of vendors. Design, implement, and maintain GRC processes for third-party risk tracking and reporting. Identify gaps in vendor security postures and recommend mitigation strategies. Support internal and external audits by providing evidence and documentation for TPRM controls. Maintain and improve Information Security Management System (ISMS) documentation related to third-party management. Track, escalate, and report risk remediation plans and performance metrics. Required Skills & Qualifications: Minimum 3 years of experience in Third Party Risk Management , GRC , or Information Security . Strong understanding of ISO 27001 , risk assessment methodologies , and ISMS implementation . Hands-on experience with risk assessment tools, security questionnaires, and audit processes. Ability to interpret and communicate security risk and compliance findings to technical and non-technical stakeholders. Excellent analytical, documentation, and stakeholder management skills. Relevant certifications such as ISO 27001 LA , CISA , or CRISC are a plus.