Associate Security Consultant - ISO
Bengaluru, Karnataka, India
Weekday
At Weekday, we help companies hire engineers who are vouched by other software engineers. We are enabling engineers to earn passive income by leveraging & monetizing the unused information in their head about the best people they have worked...This role is for one of the Weekday's clients
Salary range: Rs 600000 - Rs 1500000 (ie INR 6-15 LPA)
Min Experience: 2 years
Location: Bangalore
JobType: full-time
This role is ideal for professionals with a passion for cybersecurity and compliance, looking to contribute to ISO 27001 implementation, audits, and security best practices.
Requirements
Job Responsibilities:
- Independently conduct ISO 27001 audits for internal teams and clients.
- Perform network architecture reviews to assess security risks.
- Evaluate system configurations for Windows, Linux, Servers, Databases, Routers, Switches, and Firewalls to ensure compliance with security standards.
- Review firewall rules and application code to identify potential vulnerabilities.
- Conduct Risk Management and ISMS audits for clients.
- Perform Business Impact Analysis (BIA) and assist clients in Business Continuity Planning (BCP) and Disaster Recovery (DR) exercises.
- Develop and maintain audit checklists, documentation, and reports.
- Design and implement ISMS frameworks based on ISO 27001 requirements.
- Manage and maintain an ISO 27001-compliant Document Management System, including policies, procedures, and records.
- Collaborate with internal Engineering and VAPT teams to support Vulnerability Analysis and Penetration Testing (VAPT) activities.
- Conduct Security Awareness Training sessions for clients and internal teams.
Skills & Qualifications:
- Experience in IT security, infrastructure audits, and compliance assessments.
- Hands-on experience with cloud platforms such as AWS, Azure, and GCP.
- Successfully audited at least three clients and implemented ISO 27001 standards and processes for a minimum of two clients.
- Strong understanding of Risk Management, Business Continuity Planning (BCP), and Disaster Recovery (DR).
- Proven ability to conduct ISMS audits independently.
- Good knowledge of networking, operating systems, endpoint security, and security devices.
- Basic understanding of compliance frameworks like PCI DSS, HIPAA, and GDPR.
- Knowledge of PCI DSS standards and implementation is an added advantage.
- Self-motivated with a strong ability to stay updated on emerging security threats, vulnerabilities, and technologies.
- Experience in conducting IT General Controls Audits.
- Skilled in delivering Security Awareness Training for clients and internal teams.
- Strong written and verbal communication skills.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS Azure Cloud Compliance Endpoint security Firewalls GCP GDPR HIPAA ISMS ISO 27001 Linux PCI DSS Pentesting Risk management Vulnerabilities Windows
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.