Lead Engineer, Information Security

3 months ago


Gurugram, India Acuity Knowledge Partners Full time

Acuity Knowledge Partners


Acuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry experts, combined with proprietary technology, supports more than 500 financial institutions and consulting companies to operate more efficiently and unlock their human capital, driving revenue higher and transforming operations. Acuity is headquartered in London and operates from 10 locations worldwide.


The company fosters a diverse, equitable and inclusive work environment, nurturing talent, regardless of race, gender, ethnicity or sexual orientation.


Acuity was established as a separate business from Moody’s Corporation in 2019, following its acquisition by Equistone Partners Europe (Equistone). In January 2023, funds advised by global private equity firm Permira acquired a majority stake in the business from Equistone, which remains invested as a minority shareholder.


For more information, visit


Basic Information


Position Title – Lead Engineer, Information Security

Experience Level – 2 to 3 years

Department - Information Security

Location – Gurgaon

Position reports to – Director

Shift Timings - Gurgaon (Support Beijing), Work Shift 8:30am IST to 5:30pm IST

Job Purpose


By working with global clients, Acuity Knowledge Partners provides its employees the opportunity to gain valuable experience and to benchmark themselves against some of the finest institutions in the world. We have a strong performance-driven culture, one that is entrepreneurial and fun to be part of.


Key Responsibilities


  • This is a challenging position within the Acuity Information Security team, reporting up to Director, CISO.
  • Responsible to Run and maintain of ISO27001, conduct Internal Audit, Information security risk management, Cyber Security, BCMS and SOC 2 framework implementation and maintenance along with other relevant guidelines and regulations for the organization. Provide an oversight and enforce Information Security controls to ensure information security Compliance & Assurance.
  • The candidate is very motivated and willing to take on challenges, able to multitask to succeed, and has the ability to work independently with minimal oversight.

Key Competencies


  • Work with functional groups (HR, Compliance, IT & facilities, Client Accounts) in the validation of organizational security and maintain a process to ensure maintenance of organization’s ISO27001 certification along with risk management framework and BCMS requirements.
  • Conduct periodic internal ISMS audits and risk assessments to assess the adequacy of the security controls and provide recommendations.
  • Facilitate external audits for different industry certifications e.g. ISO 27001, SOC2 audits, client audits.
  • Ensure coordination with IT team for implementing best industry practice for network, Cloud and Cyber security.
  • Work closely with other support function to implement best security controls w.r.t. cyber/cloud and data security.
  • Identify and implement corrective action plan to address external / internal audit findings and updating statement of applicability.
  • Documentation of Security Policies, Standards, Guidelines & Standard Operating Procedures.
  • Coordinate with multiple teams for management and investigation of security incidents and perform root cause analysis.
  • Conduct periodic Security Awareness Training programs.
  • Develop, test and maintain business continuity and Disaster Recovery plans.
  • Ensure compliance to Regulatory compliance requirements applicable to the organization. In- depth knowledge of Information Security risk and industry best practices. Assists departments to ensure regulatory compliance in areas such as ISO: 27001, SOC II, GDPR and so on.
  • Coordinate with functional support groups and operational groups for generation of security metrics to track compliance.
  • Perform vendor risk assessments, maintain the process in the GRC tool.
  • Serve as a SME on cloud cyber risk for leading cloud platforms AWS, Azure/ office 365.1.
  • Lead cybersecurity controls testing across On-prem & Cloud Environment to determine control effectiveness and adherence to both internal cybersecurity policies and external requirements e.g. Industry Certifications, Laws, Regulations and Contracts.
  • Develop and lead cyber risk Initiative as part of cloud transformation projects on AWS\Azure cloud services.
  • Design and develop cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration e.g. azure policy, azure security center, AWS Infra Security, IAM control, firewall management, auditing and monitoring, DLP, security incident and event management, data protection, SSO and conditional access controls.
  • Ensure RFP responses and helping delivery team to meet contractual security requirements.
  • Bachelor’s Degree in Engineering or Equivalent area of study
  • Relevant certifications such having CISSP, CISA, CISM, CCSP is an advantage, ISO 27001 LA/LI preferred.
  • Minimum 2 or 3 years’ of experience in Information Security, Risk Management and Business Continuity management in a corporate environment.
  • Excellent understanding of ISO27001, ISO 31000, InfoSec Risk Management, Cyber Security, BCMS and SOC 2 framework along with controls used for securing a business' computer networks and digital information.
  • Knowledge of cyber security frameworks
  • Working experience of best industry practices of Vulnerability management; Cloud Security; Cyber Security and network security.
  • Ability to identify, observe and analyze potential information security risks and develop strategies for preventing threats and quickly addressing breaches
  • Good understanding with regulatory compliance requirements such as SOX, PCI-DSS, HIPPA; DPA 2018 / GDPR compliance etc.
  • Understanding of IT/Cyber security concepts i.e. IDAM; Active Directory; Firewall; IDS/IPS; Email Security; DLP; Cryptography; Vulnerability management; etc.
  • Demonstrated capability for high ownership, hands-on, capable to deliver by self.
  • Worked on controls based on ITIL, ISO 20000, ISO 27001, ISO 31000, PCI DSS, CSA, CIS, NIST, GDPR and relevant standards.
  • Work shift may require to extend occasionally.



  • gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge Partners Acuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and...


  • gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge PartnersAcuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry...


  • gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge Partners Acuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and...


  • Gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge PartnersAcuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry...


  • Gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge PartnersAcuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry...


  • Gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge PartnersAcuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry...


  • Gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge PartnersAcuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry...


  • Gurugram, India Ameriprise Financial Full time

    Information Security Engineer required for Security Infrastructure Management team, with relevant experience in Security tools Operations (DLP, UEBA/Securonix, Zscaler) Key responsibilities: i) Configure and manage security tools Securonix,DLP, Zscaler ii) Perform independent assignments - RIN installation, upgrades, DLP policy configuration iii) Ensure...


  • Gurugram, India AMEX Full time

    You Lead the Way. Weve Got Your Back. With the right backing, people and businesses have the power to progress in incredible ways. When you join Team Amex, you become part of a global and diverse community of colleagues with an unwavering commitment to back our customers, communities and each other. Here, youll learn and grow as we help you create a...


  • Gurugram, India Ameriprise Financial Full time

    This position accounts for Information Security Engineer that specializes in Endpoint Protection. The person should have Working knowledge of endpoint protection methods and cybersecurity technologies, including adaptive technologies, antivirus, firewalls, and intrusion detection systems. The person is responsible for designing implementing and managing the...


  • Gurugram, India Randstad Digital Full time

    Hiring for Lead - Information Security, Risk and Audit ComplianceExperience : 6+ YearsLocation : Gurgaon (WFO)Need only Immediate JoinersJob Description :This is a full-time role for an Information Security Manager (Lead). The Information Security manager will be responsible for managing the information security program for PSS Systems and Services.This...


  • Gurugram, India Transformative Learning Solutions Full time

    Information Security Manager Job Summary: The Information Security Manager is responsible for overseeing and implementing the organization's information security program to ensure the confidentiality, integrity, and availability of information assets. This includes leading ISO 27001 certification efforts, ensuring GDPR compliance, managing risk...


  • Gurugram, India Transformative Learning Solutions Full time

    Information Security ManagerJob Summary:The Information Security Manager is responsible for overseeing and implementing the organization's information security program to ensure the confidentiality, integrity, and availability of information assets. This includes leading ISO 27001 certification efforts, ensuring GDPR compliance, managing risk assessments,...


  • Gurugram, India Transformative Learning Solutions Full time

    Information Security ManagerJob Summary:The Information Security Manager is responsible for overseeing and implementing the organization's information security program to ensure the confidentiality, integrity, and availability of information assets. This includes leading ISO 27001 certification efforts, ensuring GDPR compliance, managing risk assessments,...


  • gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge PartnersAcuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and industry...


  • gurugram, India Acuity Knowledge Partners Full time

    Acuity Knowledge Partners Acuity Knowledge Partners (Acuity) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms. Its global network of over 6,000 analysts and...


  • Gurugram, India NCR Corporation Full time

    About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction...


  • Gurgaon/Gurugram, India Randstad Digital Full time

    Hiring for Lead - Information Security, Risk and Audit ComplianceExperience : 6+ Years Location : Gurgaon (WFO)Need only Immediate Joiners Job Description : This is a full-time role for an Information Security Manager (Lead). The Information Security manager will be responsible for managing the information security program for PSS Systems and Services. ...


  • Gurgaon/Gurugram, IN Randstad Digital Full time

    Hiring for Lead - Information Security, Risk and Audit ComplianceExperience : 6+ YearsLocation : Gurgaon (WFO)Need only Immediate JoinersJob Description :This is a full-time role for an Information Security Manager (Lead). The Information Security manager will be responsible for managing the information security program for PSS Systems and Services.This...


  • gurugram, India ETS Full time

    About ETS:ETS is a global education and talent solutions organization, enabling lifelong learners to be future ready. We advance the science of measurement to build the benchmarks for fair and valid skill assessment. We are committed to powering human progress by promoting skill proficiency, empowering upward mobility, and unlocking more opportunities for...