59 Soc 2 Jobs

Information Security Head : Responsibilities: Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program Work directly with the business units to facilitate risk assessment and risk management processes Develop and enhance an information security management framework Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services Partner with business stakeholders across the company to raise awareness of risk management concerns Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems Requirements: Degree in business administration or a technology-related field required Professional security management certification Minimum of 7+ to 11 years of experience in a combination of risk management, information security and IT jobs Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST, SOC 2 and GDPR Excellent written and verbal communication skills and high level of personal integrity Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams Hands-on experience in managing information /cyber security systems and solutions Having exposure in formulation and implementation of information security policies and procedures Experience with contract and vendor negotiations and management including managed services Specific experience in Agile (scaled) software development or other best in class development practices Experience with Cloud computing/Elastic computing across virtualized environments A good understanding or working knowledge of, Vulnerability assessments and penetration testing Application security source code reviews Incident management and investigations life cycle Security Architecture design principles and its applications in real world scenarios Show more Show less

We are looking for an experienced Information Security professional with certifications like CISSP or CISA, and a strong background in leading compliance initiatives for SOC 2 Type II, ISO 27001, PCI DSS, and IOCFR. Direct experience working with RBI regulations and auditors is mandatory . The ideal candidate should have hands-on knowledge of AWS cloud security, and familiarity with tools such as GuardDuty, Wiz/Orca, Splunk, Crowdstrike, and Vanta. Experience in fast-paced sectors like FinTech, E-commerce, or Payment Solutions is a strong plus. What You&aposll Do: Governance & Compliance: Develop and maintain information security policies and drive compliance with ISO 27001, SOC 2, and RBI guidelines. Act as the primary contact for audits and inspections. Risk Management: Conduct risk assessments, manage risk registers, and oversee third-party/vendor security reviews. Security Operations: Oversee tools and processes for SIEM, DLP, EDR, patch management, and incident response. Lead security incident simulations and resolution. Cloud & App Security: Manage AWS security architecture, implement CSPM programs, and embed secure coding and DevSecOps practices across CI/CD pipelines. Business Continuity & DR: Maintain and test disaster recovery and continuity plans (RTO: 60 mins; near-zero RPO). Awareness & Culture: Run regular security training, phishing drills, and promote a security-aware culture across the organization. Reporting & Strategy: Present security metrics, dashboards, and risk reports to leadership and participate in strategic IT governance forums. What Were Looking For: 8+ years in cybersecurity or information security roles; at least 3 years in a leadership capacity. Background in fintech, NBFC, or regulated financial services preferred. Proven track record in managing audits (ISO 27001, SOC 2), incident response, and cloud security (AWS). Strong knowledge of cybersecurity tools and frameworks: AWS, SIEM, CSPM, IAM, patch management, DLP, EDR. Familiar with secure SDLC, DevSecOps, threat modeling, and regulatory compliance. Effective communicator with experience working across cross-functional teams. Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, AWS Security Specialty. Bonus: DCPP, CIPP/E, or other data privacy/RBI-focused certifications. About Kissht: Kissht, a Great Place to Work certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology. Show more Show less

We are seeking a technically strong IT person to oversee IT operations, infrastructure, software development, and cybersecurity practices in alignment with ISO/IEC 27001:2022.

Information Security Analyst Job Description: Position Summary: The position will support the organizational initiatives and activities on Cyber Security/Information Security. This involves the development, im plementation, and support of various security programs, processes, best practices and controls across the organization. It also requires to continuously monitor, review and report of the compliance & security posture of the organization. Responsibilities: . Conduct Risk assessments, information security internal audits . Provide consultation on remediating controls and follow up . Perform reviews and conduct internal security audits on Cyber Security/Information security and ensure the organizational security controls are appropriate and effective . Ensure compliance to client security requirements . Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc. . Participate in various organizational initiatives and activities to maintain the Information Security Management System (ISMS) based on ISO 27001 . Develop and maintain Information Security policies, procedures, standards and guidelines . Coordinate response to information security incidents . Provide awareness and training in relevant areas . Collaborate with IT, Finance, HR and other departments for various security related activities . Conduct security research and keep abreast of latest security trends and issues Desired Skills/Experience: . 4+ years of experience in Information Security . Knowledge of Information security standards & best practices (e.g., ISO 27001, NIST, etc.), and regulations related to information security and privacy . Strong analytical and problem solving skills . Excellent communication and interpersonal skills . Knowledge of security tools, techniques and methodologies . Professional/Technical Certifications (Security +, ISO 27001 LA, CISA, CISSP, CCSE, CCSP, etc.) desirable

Cloud Security EngineerCloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Information Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Information Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Senior Cloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITGC Knowledge about regulators RBI, IRDA, SEBI Fresher 2023 /2024 in B. Tech or Cybersecurity

Key Responsibilities: Lead internal and external ISMS audits as per ISO/IEC 27001:2022 standards. Conduct risk assessments, gap analyses and identify areas for improvement. Prepare audit reports with findings, risks and corrective actions. Track remediation and conduct follow-up audits. Collaborate with IT, HR, Legal and Business teams to resolve audit issues. Support ISO 27001 certification and surveillance audits. Conduct security awareness and training programs. Stay updated on cybersecurity regulations and frameworks. Assist in audits related to SOC 2, GDPR, NIST, etc. Required Skills: ISO 27001:2022 Lead Auditor certification (mandatory). 5 to 8 years in information security auditing with 23 years as Lead Auditor. Strong knowledge of ISMS, risk management and audit practices. Familiarity with NIST, SOC 2, GDPR, COBIT, PCI-DSS frameworks. Excellent communication, reporting and stakeholder engagement skills. Preferred Skills: Experience with GRC tools (Archer, ServiceNow GRC, One Trust). Knowledge of cloud security (AWS, Azure, GCP). Additional certifications like CISA, CISSP, CRISC, ISO 22301/27701.

The position will be primarily responsible for implementation and / or assessment of ISO 27001:2022, 27002, SOC 2 standard for clients. The position will work independently or with senior consultants for the implementation and management of information security compliance and/or other best practices. Key Performance Indicators Experience in ISO 27001/27002 controls verification and compliance: Assist Clients to get ISO 27001 certification by identification and implementation of appropriate controls in the Audit scope. Conduct Risk assessment of activities and coordinate with stakeholders till closure signoff / risk acceptance. Define, Develop and review information security policies, procedures, guidelines, forms and templates as per best practice Create and review baseline standards for OS, Database, webservers and applications and recommend improvements Support post implementation and continuous audits for ISO 27001:2013 and ensure compliance. Create organizational information security awareness program and conduct awareness. Assist and recommend measures to ensure compliance with Security standards (ISO, NIST, CIS, PCI DSS etc) or any best practices. Skills: Information Technology and/or Cybersecurity skills: Information Technology and/or Cybersecurity skills a solid IT foundation, ability to communicate technical information verbally and through written documentation, Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred Presales skills: Excellent communication, problem-solving, client-facing, ability to work as a team Competence: ISO 27001 / Cybersecurity Certifications. Willingness to obtain the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designations.

We are seeking a GRC Consultant to support risk assessments, compliance audit(ISO 27001, SOC 2, GDPR), and policy development. The candidate will have strong knowledge of regulatory frameworks, risk management, and hands-on experience with GRC tools.

Infosec Engineer Experience: 4 - 7 Years Exp Salary : Competitive Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Onsite (Mumbai) Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, AWS, GCP, Azure, public cloud IDfy (One of Uplers' Clients) is Looking for: Infosec Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Who are we? Trust isnt a given, it needs to be built. And in a world where fraud is evolving faster than ever, trust must be safeguarded at every step. At IDfy, we make trust scalable. As an Integrated Identity Platform, we help businesses verify identities, detect fraud, and stay compliant—ensuring every interaction starts with confidence. Our clients include HDFC Bank, Zomato, Amazon, PhonePe, Paytm, HUL and many others. With more than 13+ years of experience and 2 million verifications per day, we are pioneers in this industry. We do this through three interconnected platforms: Onboarding Platform: Our IDfy360 and Video Solutions make KYC and identity verification seamless, turning compliance into a frictionless experience. Fraud & Risk Management Platform: We stay ahead with CrimeCheck, RiskAI, and our Transaction Intelligence Platform— identifying synthetic identities, financial risks, and bad actors before they cause damage. Privacy & Data Governance Platform: With PRIVY, businesses can navigate evolving data protection laws with ease, ensuring security and transparency at every step. Infosec Engineer As an Information Security Engineer at IDfy, you’ll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, you’ll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if you’ve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) —either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Here’s what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: IDfy is an Integrated Identity Platform offering products and solutions for KYC, KYB, Background Verifications, Risk Assessment, and Digital Onboarding. We establish trust while delivering a frictionless experience for you, your employees, customers and partners. About Uplers: Our goal is to make hiring and getting hired reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant product and engineering job opportunities and progress in their career. (Note: There are many more opportunities apart from this on the portal.) So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Information Security Engineer Experience: 4 - 7 Years Exp Salary : Competitive Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Onsite (Mumbai) Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, AWS, GCP, Azure, public cloud IDfy (One of Uplers' Clients) is Looking for: Infosec Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Who are we? Trust isnt a given, it needs to be built. And in a world where fraud is evolving faster than ever, trust must be safeguarded at every step. At IDfy, we make trust scalable. As an Integrated Identity Platform, we help businesses verify identities, detect fraud, and stay compliantensuring every interaction starts with confidence. Our clients include HDFC Bank, Zomato, Amazon, PhonePe, Paytm, HUL and many others. With more than 13+ years of experience and 2 million verifications per day, we are pioneers in this industry. We do this through three interconnected platforms: Onboarding Platform: Our IDfy360 and Video Solutions make KYC and identity verification seamless, turning compliance into a frictionless experience. Fraud & Risk Management Platform: We stay ahead with CrimeCheck, RiskAI, and our Transaction Intelligence Platform identifying synthetic identities, financial risks, and bad actors before they cause damage. Privacy & Data Governance Platform: With PRIVY, businesses can navigate evolving data protection laws with ease, ensuring security and transparency at every step. Infosec Engineer As an Information Security Engineer at IDfy, you’ll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, you’ll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if you’ve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) —either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Here’s what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: IDfy is an Integrated Identity Platform offering products and solutions for KYC, KYB, Background Verifications, Risk Assessment, and Digital Onboarding. We establish trust while delivering a frictionless experience for you, your employees, customers and partners. About Uplers: Our goal is to make hiring and getting hired reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant product and engineering job opportunities and progress in their career. (Note: There are many more opportunities apart from this on the portal.) So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Lead internal/external security audits (HITRUST, ISO27001, SOC2) collect evidence, map controls, Maintain compliance docs, risk registers, track remediation. Coordinate cross-functional teams, review policies, assess vendors.

Hello Connections, Looking for companies: Aujas Cybersecurity, Sattrix InfoSec, Infopercept, Eventus Security, Network Intelligence (NII), Ziroh Labs, Riskpro India Job Title: Cybersecurity Sales Manager USA Market (SOC Services) Location : India (Remote / Pune / Mumbai / Bengaluru / NCR) Experience : 5+ years in International IT / Cybersecurity Sales (USA Market) About the Role We are seeking a high-performing Sales Manager to drive business growth for our Managed SOC (Security Operations Center) services in the United States . The ideal candidate will have a strong background in cybersecurity, cloud security, SIEM/SOAR , and selling to mid-market or enterprise clients in the U.S. region. Key Responsibilities Develop and execute a sales strategy to target and acquire new clients in the USA for Managed SOC, SIEM, SOAR, MDR, and vCISO services. Own the end-to-end sales cycle : lead generation, prospecting, pitch, proposal, negotiations, and closure. Build relationships with CIOs, CISOs, IT Heads, Compliance Managers , and decision-makers in Healthcare, BFSI, Tech, and Retail sectors in the U.S. Collaborate with technical presales and delivery teams to tailor solutions for U.S. clients. Maintain accurate forecasting and CRM reporting . Participate in cybersecurity conferences/webinars targeted at the U.S. market. Stay updated on compliance drivers like HIPAA, PCI-DSS, NIST, and SOC 2 that influence U.S. buyer behavior. Key Requirements Proven track record of selling cybersecurity solutions (SOC, SIEM, VAPT, MDR) in the USA market . 510 years of B2B enterprise sales experience in IT or Cybersecurity domain . Strong understanding of U.S. compliance landscape (HIPAA, NIST, SOC 2, GDPR). Experience working with or for a Managed Security Service Provider (MSSP) or Cybersecurity consulting firm. Excellent communication, negotiation, and presentation skills. Ability to work independently, drive pipeline, and deliver targets. Preferred U.S. work exposure (past clients or travel). Familiarity with Microsoft Azure Sentinel, Splunk, Seceon, or IBM QRadar. Contacts or channel partnerships in the U.S. MSP/MSSP ecosystem. Interested candidates kindly share your updated resume on nikita.telgu@ibntech.com

We are looking for UI Developer & DevOps - Cybersecurity Engineer for Hyderabad Location, if interested share your profiles to sushma.p@s9tech.in Required Technical Skills - *Frontend Development*: Proficiency in Angular (latest versions preferred) - *DevOps*: Experience with CI/CD pipelines, containerization (Docker/Kubernetes), and cloud platforms - *Security Tools Experience*: Hands-on development experience with any of the following: - *SIEM Tools*: Security Information and Event Management platforms - *XDR Tools*: Extended Detection and Response solutions - *MDR Tools*: Managed Detection and Response platforms ## Preferred Experience - Previous work experience at leading cybersecurity product companies such as: - *Splunk* - Security and observability platforms - *IBM QRadar* - SIEM and security analytics - *Stellar Cyber* - Open XDR platform - Other established cybersecurity product vendors ## Additional Qualifications - Strong understanding of cybersecurity concepts and threat landscapes - Experience with security data visualization and analytics dashboards - Knowledge of security compliance standards (SOC 2, ISO 27001, etc.) - Familiarity with threat intelligence and security orchestration workflows - Experience working in agile development environments

About the Role: We are seeking a skilled and proactive Technical Operations Engineer to join our growing technology team. You will be responsible for managing the infrastructure, ensuring high availability of production environments, streamlining deployments, and resolving critical incidents. You will work closely with engineering, DevOps, and support teams to ensure a stable, scalable, and secure technology platform Key Responsibilities: Lead and manage the day-to-day technical operations across production, staging, and development environments. Monitor system performance, availability, and security using modern monitoring tools. Troubleshoot complex incidents and outages, performing root cause analysis and implementing long-term solutions. Automate routine tasks and improve system reliability through scripting and infrastructure-as-code (IaC). Maintain CI/CD pipelines and support engineering teams in their deployment workflows. Ensure robust backup and disaster recovery processes are in place and tested regularly. Collaborate with DevOps, Security, and Engineering teams to uphold best practices for system architecture, data protection, and compliance. Participate in on-call rotation and incident response. Mentor junior team members and promote operational excellence. Qualifications: Must-Have: 3+ years of experience in technical operations, system administration, or related roles. Strong experience with Linux/Unix systems and cloud platforms (AWS, Azure, or GCP). Hands-on experience with containerization (Docker, Kubernetes). Familiarity with CI/CD tools such as Jenkins or similar. Expertise in monitoring and alerting systems Proficiency in scripting languages (Bash, Python, or equivalent). Solid understanding of networking, firewalls, DNS, load balancing, and VPN. Nice-to-Have: Experience in high-availability and distributed systems. Exposure to compliance standards (ISO, SOC 2, GDPR, etc.). Background in DevOps or Site Reliability Engineering (SRE) is a plus. Experience working in Agile or DevOps environments. Soft Skills: Strong problem-solving and analytical thinking skills. Excellent communication and collaboration abilities. Comfortable working in a fast-paced, high-pressure environment. Passion for continuous learning and process improvement.

6 months Contract Work Location: Remote Description of Duties: Prepare and maintain all mandatory documentation for SOC 2 (Type 1 or Type 2) and ISO 27001 compliance, ensuring everything is audit ready.

As an associate in RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Responsibilities include Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOBs and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements. Qualifications: B.Tech/MCA/MBA with ISO 27001 Lead Auditor and up to 2 years of relevant experience in Information Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, and IT Application Controls. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL etc.) Qualified to pursue a job-relevant certification (CIA, CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (Vlookups, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients

Job Summary: We are seeking an experienced and strategic Manager of Data Conversion to lead all data migration efforts for the implementation of the Viventium Payroll and HRIS platform . This role is responsible for managing a team of data conversion specialist, coordinating cross-functional stakeholders, and supporting the data conversion strategy across legacy systems. The ideal candidate brings deep expertise in data governance, system integrations, and payroll/HRIS implementations, paired with a strong focus on continuous process and tool improvement. Key Responsibilities: Strategic Leadership Lead and support the overall data conversion strategy for the Viventium implementation, from discovery through go-live. Oversee a team of data conversion specialists, including internal staff. Serve as a key decision-maker for data-related issues, collaborating with Viventium Implementation teams. Manage the data conversion roadmap, timelines, and resources to align with the broader implementation plan. Represent the data workstream in executive-level meetings, status reviews, and risk discussions. Data Management & Execution Oversight Direct the extraction, transformation, and loading (ETL) of complex payroll, HR, tax, and benefits data from multiple legacy systems into Viventium. Own the development and approval of data mapping documents, templates, and validation procedures. Ensure complete, accurate, and auditable data through rigorous quality control, reconciliation, and testing processes. Process & Tool Improvement Identify and implement opportunities to streamline and automate data conversion workflows. Standardize tools, templates, and processes to support both current and future implementations. Evaluate third-party tools and work with IT to enhance or build conversion utilities (e.g., for formatting, validation, reconciliation). Establish metrics and KPIs to monitor conversion quality, readiness, and progress. Compliance & Governance Ensure compliance with all relevant data privacy and regulatory requirements (HIPAA, GDPR, SOC 2, etc.). Maintain detailed documentation, including audit trails, issue logs, data dictionaries, and process guides. Collaborate with Legal, IT Security, and Compliance to support internal audits or external reviews. Promote strong data governance practices in partnership with HRIS and Data Governance teams. Required Qualifications: Bachelors degree in Information Systems, Computer Science, HR Technology, Business, or a related field. 7+ years of experience in data migration, system implementations, or payroll/HRIS transformation projects. 3+ years in a leadership or managerial role overseeing technical or data teams. Strong expertise in payroll and HR data domains (e.g., employee data, compensation, taxes, benefits, garnishments). Experience with Viventium or similar payroll/HR platforms (e.g., Workday, ADP, Paychex, UKG). Proven ability to lead large, cross-functional projects with tight timelines and high accuracy requirements. Strong Excel and data handling skills; familiarity with SQL, Power Query, or data preparation tools. Preferred Qualifications: Direct experience managing a Viventium implementation or data migration . Experience in regulated industries (e.g., healthcare, staffing, education, nonprofit). Familiarity with data automation tools (e.g., Alteryx, Python, Power Automate). Project management certification (PMP, PMI-ACP) or data certification (CDMP, CBIP). Understanding of compliance reporting (W-2, ACA, 1095-C) and labor regulations.

We're Hiring: Cyber Security Analyst Location: Vijayawada Experience: 5-10 Years | Type: Full-Time | Industry: Cybersecurity, IT Security, Risk & Compliance Are you passionate about protecting digital assets and staying ahead of cyber threats? Join our cybersecurity team and help defend against evolving threats while ensuring enterprise-wide security and compliance. Role Overview We are seeking a Cyber Security Analyst to play a critical role in threat detection, vulnerability management, and compliance enforcement across our security infrastructure. Key Responsibilities Threat Detection & Response: Monitor security tools and logs, detect potential threats, and respond to incidents Vulnerability Management: Perform regular assessments, patch vulnerabilities, and enforce security standards Security Operations & Compliance: Operate and maintain SIEM tools, support internal/external audits, and ensure adherence to security policies Required Skills Proficiency in SIEM tools (Splunk, Microsoft Sentinel, IBM QRadar) and threat analysis techniques Strong understanding of network security, firewalls, antivirus, and endpoint protection Familiarity with compliance and risk frameworks: ISO 27001, NIST, GDPR, SOC 2 Ability to work collaboratively in a fast-paced security operations environment Preferred Certifications CISSP Certified Information Systems Security Professional CEH – Certified Ethical Hacker

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech. The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally.Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States. It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment's notice, and mastering consistency in an ever-changing world. What We Offer: At TaskUs, we prioritize our employees well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First. The Business Continuity Governance Officer reports to the Sr. Business Continuity Executive. This role requires a significant understanding of business continuity planning methodologies, compliances & reporting and support of critical business operations. The business continuity governance executive is responsible for overseeing the implementation of best practices and ensuring compliance with regulations, providing a level of assurance that contributes to the success of the program. Partners with Sr. Director and Sr. BC Executive in developing and implementing business continuity governance frameworks Shape and implement business continuity governance structures. This involves creating or reviewing the BC system of rules, practices, and processes that direct and control program Develop, implement and review informed and appropriate systems, procedures and controls to ensure continuous improvement is integrated into delivery of the governance and risk management functions. Particularly this would include the necessity to: Improve efficiency and effectiveness of the program Develop & maintain processes to ensure that the compliance audit requirements is completed accurately and within the required timeframe Accountable in ensuring all TaskUs Business Continuity Policy, SOPs and all associated documents are up-to-date and properly uploaded in the PowerUs KA. Compliance monitoring Ensure that the program complies with all pertinent policies, or regulation based on international standards. Identity potential areas of compliance vulnerability and risk, implementing corrective measures to address the risk or issues that may affect the BC program Develop, administer and monitor the Business Continuity Activity Calendar ensuring organizational and team compliance is maintained throughout the year Ensures business continuity partners are compliant with the requirements set forth for the program. This includes but is not limited to: IT Disaster Recovery, Physical Safety & Security Represents BCM in internal and external compliance requirements such as audits and other relevant assessments Coordinates with the Senior Management Team, in real-time, during actual incidents or potential unplanned business interruptions. Subject-Matter-Expert in administering Risk Assessment, Business Impact Analysis, and identifying BC strategies required in the development of Business Continuity Plans supported in the organization. Works closely with Operations and Client Services across the organization to ensure an effective understanding of BCDR Plans of the organization and their campaigns. Accountable for identification, understanding, management, mitigation, remediation, or acceptance of (planned or unplanned) risks and issues assigned to the organization globally. Kept abreast of current events, and global news on a daily basis, specifically to Geos with TU sites, events that may lead to business interruption or the safety of the employees and the organization. Monitor and provide periodic updates to IMC for any potential or ongoing incidents/crises. Qualifications: Must be a Bachelor's degree holder Professional certification and training are an advantage (DRII, BCI, etc.) Knowledge of the Business Continuity Life Cycle, Methodologies and Policies Experience in Audits i.e. ISO 27001, ISO 23001, HIPAA, SOC 2, PCI, etc. Knowledge of IT disaster recovery and Facilities redundancies, an advantage Ability to develop reports and decks/powerpoint presentations Experience in stakeholder management, an advantage Strong knowledge and experience in BPO are an advantage Ability to work under extreme pressure Ability to coordinate and communicate effectively during a crisis, emergency, disaster, or security incident Strong oral and written communication and interpersonal skills Able to effectively plan and organize work. Availability when needed 24x7 basis and ability to participate in an on-call and shifting schedule. Work effectively with ambiguity and change (i.e work on a shifting schedule, long hours, weekends, holidays, and on-call) Ability to communicate clearly and appropriately based on the audience with excellent facilitation and customer service skills. Willingness to travel for ocular inspections, audits, client presentations, and other purposes as deemed necessary Knowledge and experience in using Smartsheet, Google Slide, and Google Sheet is a must How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs. DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to We invite you to explore all TaskUs career opportunities and apply through the provided URL .

Shift: (GMT+05:30) Asia/Kolkata (IST) What do you need for this opportunity? Must have skills required: ISO 27001, SOC 2, AWS, GCP, Azure, public cloud Infosec Engineer As an Information Security Engineer at IDfy, youll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, youll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if youve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Heres what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

IT Audit planning & management, ISO27001 audits & implementation, corrective actions & follow-up, ITGC, Cyber Security, SOC 2. Experience in IT regulatory compliance (RBI, IRDA, SEBI), IT risk & controls review, app & infra security.