
Information Security Expert
4 weeks ago
Job Description Information Security Expert
Location: Remote
Department: Information Security & Compliance
Employment Type: Full-Time
Shift Timing: 2:00 PM to 11:30 PM OR 4:00 PM – 1:30 AM IST (to align with U.S. client)
Reports To: Manager – Compliance
About Us
We are a HITRUST-certified Business Associate (BA) operating in the healthcare domain and serving global clients with the highest standards of data protection and regulatory compliance. Our mission is to safeguard sensitive information by aligning with HIPAA, HITRUST, ISO 27001, and other industry standards while driving risk-aware business processes.
Role Summary
The Information Security Expert plays a strategic and hands-on role in strengthening our organization's information security, governance, and compliance frameworks. This includes driving risk management initiatives, auditing and improving internal security controls, contributing to regulatory compliance efforts, and supporting security governance at an enterprise level.
The role also requires proactive collaboration across departments to support business impact analysis, lead control implementation reviews, and ensure continuous alignment with evolving cybersecurity standards.
Key Responsibilities
- Lead and support activities related to Audit, Compliance, Risk Management, and Governance(GRC).
- Draft and update information security and compliance policies, standard operating procedures (SOPs), and internal control documentation.
- Conduct induction training for new joiners and lead ongoing awareness training programs for employees.
- Design and distribute security awareness flyers and educational content to promote best practices.
- Work closely with department heads to assess compliance expectations and gather security and privacy-related inputs.
- Identify compliance gaps, track remediation efforts, and ensure implementation of corrective actions across business units.
- Respond to RFPs, RFIs, client questionnaires, and other security and compliance assessments.
- Coordinate and support client audits, attestations, and external assessments, ensuring timely and accurate responses.
- Review vendor contracts, NDAs, and client agreements from an information security and compliance perspective, in collaboration with legal and procurement teams.
- Maintain a catalog of all internal security controls with mapping to frameworks like HIPAA, HITRUST, ISO 27001, and NIST.
- Perform Business Impact Analysis (BIA), risk assessments, and gap analysis across systems, infrastructure, and business processes.
- Conduct targeted internal control reviews and fieldwork to test implementation of technical and administrative safeguards.
- Lead or assist in incident management, including investigation, documentation, and coordination of corrective actions.
- Maintain security documentation, diagrams, and control records in a professional, audit-ready format.
- Partner with the Compliance Head in building and maintaining a Global Compliance Program, ensuring risks are addressed and best practices are implemented.
- Drive security governance alignment, facilitate internal compliance initiatives, and support maturity improvement efforts.
- Build and foster cross-functional relationships to drive collaboration and enhance the security posture organization-wide.
Required Qualifications
- Bachelor's degree in information security, Computer Science, IT, or a related field.
- 5+ years of experience in information security, IT governance, or compliance domains.
- Strong expertise in implementing and managing controls aligned to frameworks like HIPAA, HITRUST, ISO 27001, or NIST CSF.
- Excellent verbal and written communication skills, with a strong ability to create structured reports and risk summaries.
- Experience with BIA, Risk Treatment Planning, Policy Governance, and Audit Coordination.
- Strong analytical, documentation, and project management abilities.
Preferred Qualifications
- Certifications such as CISM, CISA, ISO 27001 Lead Auditor/Implementer, CISSP.
- Experience working in a healthcare domain or with Business Associate clients.
- Hands-on exposure to security tools (GRC platforms).
- Prior experience supporting external assessments or certifications (e.g., HITRUST audits, ISO audits).
Why Join Us?
- Be part of a high-impact team protecting sensitive health and business data.
- Opportunity to shape compliance and security governance across global operations.
- Exposure to leading security and compliance frameworks (HITRUST, HIPAA, ISO
- Collaborative environment with strong leadership support and growth pathways.
- Continuous learning and mentoring from domain experts.
-
Cyber Security Associate
5 days ago
Ahmedabad, India Sattrix Information Security Full time**Job description** - Understand cyber-attack methods, perform analysis of security logs in an attempt to detect/uncover and respond to cybersecurity threats and provide daily reports to Management/CXO - Runs compliance reports and supports the audit process. Measures SOC performance metrics and communicates the value of security operations to business...
-
Sr. security analyst
4 weeks ago
Ahmedabad, India Eventus Security Full timePosition Title: Sr. Security Analyst Experience: 3yrs +Location: Ahmedabad (candidate based out at Gujarat preferred)Qualifications:BE/ B. Tech/ M. Tech/ MSc/ MCA qualification or equivalentAt least one of the following certifications - GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH, CSA.Responsibilities:• Should have minimum of 3 years of experience in...
-
Security Guard
1 week ago
Ahmedabad, India Angel Security Service Full time**Job Summary** Secures premises and personnel by patrolling property; monitoring surveillance equipment; inspecting buildings, equipment, and access points; permitting entry. Obtains help by sounding alarms. Prevents losses and damage by reporting irregularities; informing violators of policy and procedures; restraining trespassers. **Responsibilities and...
-
Information Security Officer
1 day ago
Ahmedabad, Gujarat, India Acute Informatics Pvt. Ltd Full timeKey Responsibilities: - Develop, implement, and maintain information security policies, standards, and procedures aligned with organizational goals. - Monitor security incidents and events, utilizing security information and event management (SIEM) tools to identify and respond to threats. - Conduct risk assessments and vulnerability assessments to...
-
Chief Information Security Officer
2 weeks ago
Ahmedabad, Gujarat, India Lakshya Asset Management Pvt. Ltd Full time ₹ 20,00,000 - ₹ 25,00,000 per yearJob Title: Chief Information Security Officer (CISO)Location: AhmedabadCompany: Lakshya Asset Management Company (In-principle SEBI-approved Mutual Fund)Role Summary:The Chief Information Security Officer (CISO) will be responsible for developing and implementing the information security framework of the Asset Management Company. The role demands a seasoned...
-
Cybersecurity Associate
2 weeks ago
Ahmedabad, Gujarat, India SATTRIX Information Security Pvt Ltd Full timeI am glad to introduce you to Sattrix Group - a trusted name in the IT space. We started our journey by offering Professional and Managed Services in the cybersecurity industry and have added a slew of services along the way of our 10-year long journey. A brief about the Sattrix Group of companies is given below. Sattrix Group currently has two companies...
-
Chief Information Security Officer
1 week ago
Ahmedabad, Gujarat, India Phoenix Technologies Full time**Position Description**: Interprets information security policies, standards, and other requirements related to internal information systems and coordinates the implementation of these and other information security requirements. The Information Security Specialist redesigns and reengineers internal information handling processes so that information is...
-
Cyber Security Expert – SOC Operations
3 weeks ago
Ahmedabad, India Tekskills Inc. Full timeCyber Security Expert – SOC OperationsLocation: GurgaonExperience: 10+ YearsRole Overview:Seeking experienced Cyber Security professionals to lead and manage Security Operations Center (SOC) activities in large-scale environments. The ideal candidates will demonstrate deep expertise in SOC operations, incident response, threat management, and the ability...
-
Senior Information Security Engineer
2 weeks ago
Ahmedabad, India TechifySolutionsAgency Full timePosition Name: Senior Information Security Engineer Primary Skill: Full lifecycle supporting PCI compliance, Splunk – searches, alerts, Experience in Endpoint security (EDR) Experience: Total 8+ years Work Mode: On Site Location: Ahmedabad Project Period: 6 Months. Selection Process: 2 Rounds of Client Interview Subcontractor Allowed: Yes Strong...
-
Senior Information Security Engineer
2 weeks ago
Ahmedabad, India TechifySolutionsAgency Full timePosition Name: Senior Information Security Engineer Primary Skill: Full lifecycle supporting PCI compliance, Splunk – searches, alerts, Experience in Endpoint security (EDR) Experience: Total 8+ years Work Mode: On Site Location: Ahmedabad Project Period: 6 Months. Selection Process: 2 Rounds of Client Interview Subcontractor Allowed: Yes Strong...