Cyber Security Engineer

3 weeks ago


Yelahanka, India Anumana Full time

Position: Cyber Security Engineer Experience Range: 3 to 5 yrs Job Location: Bangalore Work Mode: Hybrid (3 days in the office, 2 days remote) Job Summary Anumana is seeking a skilled and motivated Cybersecurity Engineer to ensure the security, integrity, and compliance of our Software as a Medical Device (SaaMD) products. This position is critical in maintaining our adherence to global security standards and regulations, specifically ISO/IEC 27001, ISO/IEC 27002, and ISO 13485. You will play a key role in implementing and monitoring security controls throughout the software development lifecycle while ensuring that our systems meet the highest standards of security and quality. Additionally, you will support audits, create threat models, conduct penetration testing, and produce comprehensive reports. Key Responsibilities: Security Control Implementation - Design, implement, and monitor security controls within the SaaMD development lifecycle. - Ensure security controls align with ISO/IEC 27001, 27002, and ISO 13485 standards. - Collaborate with software development teams to integrate security best practices throughout the development pipeline. - Provide guidance on secure coding practices, vulnerability management, and secure software development principles. - Maintain a risk-based approach to security, identifying potential threats and vulnerabilities early in the development lifecycle. Compliance & Audit Support - Provide evidence of implemented controls and participate in internal and external audits for ISO/IEC 27001 and 27002. - Collaborate with Quality and Regulatory teams to ensure ongoing compliance with ISO 13485. - Develop and maintain documentation, policies, and procedures to demonstrate compliance with relevant standards. - Implement and manage a robust change management and documentation process to align with audit requirements. Threat Modeling & Penetration Testing - Create, maintain, and refine threat models to identify security vulnerabilities, using tools like LucidChart. - Conduct penetration testing and security assessments using tools such as BurpSuite, nmap, Wireshark, and Deptrack. - Regularly perform static and dynamic analysis to identify potential vulnerabilities in the software. Vulnerability Management - Conduct vulnerability scans and assessments using tools like Grype, Dockle, and Trivy. - Work with development teams to triage and prioritize vulnerabilities for remediation. - Track and document vulnerabilities through their lifecycle from identification to resolution. - Develop and maintain a comprehensive vulnerability management process, including reporting metrics and key performance indicators (KPIs). Reporting & Communication - Create detailed security assessment and penetration testing reports, including actionable remediation recommendations. - Communicate findings and collaborate with cross-functional teams to ensure vulnerabilities are addressed. - Provide regular updates to management on security posture, vulnerability trends, and remediation efforts. Security Awareness & Training - Contribute to the development and delivery of security awareness training for software development teams. - Advocate for a culture of security within the organization, promoting adherence to security best practices. Preferred: - Professional certifications such as CISSP, CEH, OSCP, CISM, or ISO/IEC 27001 Lead Implementer. - Experience in security in highly regulated environments, especially SaaMD or healthcare applications. - Knowledge of risk management frameworks (NIST, HITRUST) and cybersecurity standards. - Experience with Continuous Integration/Continuous Deployment (CI/CD) pipelines and DevOps environments. Required Qualification: - Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). - 3+ years of experience in cybersecurity engineering, preferably within the medical device or healthcare sector. - In-depth knowledge of ISO/IEC 27001, 27002, and ISO 13485 standards and requirements. - Experience with threat modeling and penetration testing methodologies and tools (e.G., BurpSuite, nmap, Wireshark, LucidChart). - Hands-on experience with vulnerability assessment tools such as Grype, Dockle, Trivy, and Deptrack. - Strong understanding of secure software development practices, including secure coding and DevSecOps principles. - Experience in providing evidence for security audits and ensuring regulatory compliance. - Familiarity with cloud security best practices, container security, and modern development environments (e.G., Docker, Kubernetes).


  • Cyber Security

    3 weeks ago


    Yelahanka, India Computacenter Full time

    Life on the team Operates the Third-Party Cyber Risk Management framework to ensure cybersecurity risks related to our supply chain are effectively, managed to maintain a resilient and compliant security posture. What you’ll do Operate the Third-Party Cyber Risk Management Framework (~ 90%) - Third-Party Risk Management framework: operate processes and...


  • Yelahanka, India Airtel Business Full time

    Job Role & Requirements: - Business Development experience, able to work with Sales teams to generate opportunities for Security Product offerings. - Design, Presents, demonstrates the Network Architecture for the Security domain(s) and provide technical consulting to Mid, Enterprise and Government customers. - Required to understand customer requirements...


  • Yelahanka, India NAZZTEC Full time

    Role Overview We are hiring an experienced Cyber Security Architect – PSAP to join a prestigious client in Riyadh, Saudi Arabia. This senior-level position involves leading the design, implementation, and governance of cybersecurity architecture and frameworks in alignment with national regulatory requirements, especially SAMA Cybersecurity Framework and...


  • Yelahanka, India Raytheon Technologies Full time

    Unspecified Role Overview The Cyber Solutions Architect (CSA) is an individual contributor responsible for designing secure, scalable solutions that enable digital transformation across RTX Collins Aerospace. This role supports critical projects by applying deep technical expertise, aligning to enterprise architecture standards, and integrating...


  • Yelahanka, India Raytheon Technologies Full time

    Unspecified Role Overview The Cyber Solutions Architect (CSA) is an individual contributor responsible for designing secure, scalable solutions that enable digital transformation across RTX Collins Aerospace. This role supports critical projects by applying deep technical expertise, aligning to enterprise architecture standards, and integrating...


  • Yelahanka, India Talent500 Full time

    Job Profile: Job Title: Cyber Security Architect Corporate Title: AVP/VP Experience: 10-15 years Location: Bangalore No. of Positions: 1 Role Description: The Security Architect is a senior manager aligned CISO’s Organisation. Security Architect is responsible to enforce Information Security compliance within their area of responsibility in line with the...


  • Yelahanka, Karnataka, India Black & White Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Job Role Application Security Lead Education BSC IT/CS, any BE/B Tech, BCA/MCA/MS/M Tech, Cyber Security Experience years and above Must have skill CISSP, CISA, CISM, CRISC, OSCP, CCSP, ISACA. Good to have skill: VAPT Domain for RBI, ReBIT Locations: Mumbai Roles & Responsibilities; Project Management - Lead and manage the...


  • Yelahanka, India Versa Networks Full time

    Job Title: Network and Security Engineer (1-3 Years Experience) Location: [Bengaluru] Job Type: Full-Time Department: Professional Services Company: Versa Networks About Versa Networks: Versa Networks is a leading provider of next-generation software-based network and security solutions. Our industry-leading Secure Access Service Edge (SASE) platform enables...


  • Yelahanka, India Andromeda Security Full time

    Distributed Systems Development Engineer Summary: We are a stealth startup, top-tier Silicon Valley VC-funded multinational startup building a team in Bengaluru, India. You will have the opportunity to grow with the company and help secure enterprises from cloud security breaches. Job Description: Looking for dreamers, coders, hackers who want to explore the...


  • Yelahanka, India HCLTech Full time

    OVERVIEW OF THE ROLE As a Technology Resilience & Recovery Consultant, you will play a pivotal role in fortifying the organization's cyber resilience and disaster recovery capabilities. This role is critical to ensuring the continuous operation and rapid recovery of technology infrastructure and critical systems in the face of cyber threats and disruptions....