Information Security Lead
3 days ago
Experience : 8 Years
Function : Security Assessments (Web, API, Mobile, Infra, Cloud) | Customer/Delivery Support
Location : Bangalore
Employment Type : Full-Time (In Office)
Role Purpose :
We are seeking an experienced Information Security Lead to drive and oversee end-to-end security assessments across diverse technology stacks including web, mobile, API, infrastructure, and cloud. The role involves hands-on testing, validating findings with technical evidence or PoC, mapping results to standards (OWASP, NIST, CIS), and ensuring closure through effective remediation. The candidate will also act as a technical interface with customers, delivery teams, and internal stakeholders.
Key Responsibilities :
1. End-to-End VAPT Delivery :
- Plan, scope, and execute Vulnerability Assessment and Penetration Testing (VAPT) across applications, APIs, infrastructure, and cloud workloads.
- Focus on manual-first testing to uncover complex issues like IDOR/BOLA, broken access control, SSRF, logic abuse, and weak authentication.
- Deliver detailed reports with proof-of-concept, impact assessment, and remediation guidance.
2. Application / API / Mobile Security
- Conduct security testing of web and APIs aligned with OWASP Top 10 (Web & API) standards.
- Perform mobile app testing (Android/iOS) per OWASP MASVS/MSTG, using tools like MobSF, Frida, and Objection.
- Work closely with developers and DevOps teams to clarify findings, verify fixes, and perform retests.
3. Cloud Security Review
- Review AWS, Azure, and GCP configurations for misconfigurations, weak IAM policies, and exposed services.
- Recommend security hardening in line with CIS benchmarks.
- Validate cloud-exposed endpoints and configurations to prevent SSRF and metadata exposure attacks.
4. Defensive Integration :
- Translate assessment findings into actionable defensive controls SIEM rules, WAF policies, and API gateway configurations.
- Collaborate with SOC/Defensive teams to enhance visibility and detection based on VAPT results.
5. Customer / Delivery / Internal Support
- Join client and internal calls to explain methodologies, findings, and risk ratings.
- Provide inputs for SOWs, level of effort (LoE), and environment requirements.
- Conduct walkthroughs of assessment results with app, infra, and cloud teams for effective remediation.
6. Process & Team Enablement
- Maintain and update SOPs, templates, and checklists in line with OWASP and NIST frameworks.
- Integrate testing processes into SDLC and CI/CD pipelines for continuous security assurance.
- Mentor junior team members, review reports, and ensure quality in assessment delivery.
Required Technical Skills :
- Strong hands-on experience in VAPT, WAPT, API, and Mobile Application Testing.
- Proficiency with tools: Burp Suite Pro, Nmap, MobSF, Frida, Objection, Postman,sqlmap, cloud consoles.
- Deep understanding of HTTP, OAuth2/OIDC/JWT, TLS, REST, GraphQL, and CORS.
- Familiarity with security frameworks and standards OWASP, NIST CSF, CIS Benchmarks, CVSS v3.x.
- Scripting ability in Python/PowerShell for automation and PoC generation.
Preferred Certifications :
- Offensive Certifications: OSCP, OSWE, eWPTX, GWAPT, GMOB
- Cloud & Security Certifications: AZ-500, AWS Security Specialty, CCSP
- Exposure to SAST, DAST, SCA, and DevSecOps pipeline integration
-
Information Security Lead
7 days ago
Bengaluru, Karnataka, India Narayana Health Full time ₹ 12,00,000 - ₹ 36,00,000 per yearAbout the Role:The Information Security Lead will be responsible for developing and implementing the organization's information security framework to safeguard patient data, clinical systems, and enterprise IT infrastructure. This role ensures compliance with healthcare regulations, international standards, and hospital group policies, while building a...
-
Information Security Lead
4 weeks ago
Bengaluru, Karnataka, India, Karnataka Narayana Health Full timeAbout the Role:The Information Security Lead will be responsible for developing and implementing the organization’s information security framework to safeguard patient data, clinical systems, and enterprise IT infrastructure. This role ensures compliance with healthcare regulations, international standards, and hospital group policies, while building a...
-
Information Security Lead Auditor
1 week ago
Bengaluru, Karnataka, India Infosys Full time ₹ 5,00,000 - ₹ 15,00,000 per yearInformation Security Lead AuditorInformation security standards ISO 27001, ISO 31000 risk management standards, ISO 22301, CISA (certified information systems auditor), CISM/CISSP/CEH/CIPP-E / CIPP -US /CCIE/CCNA/ COBIT/SOX/ SSAE18, CISM etc • Advanced Networking principles/ software engineering principles/ information security principles, Additional...
-
Information Security Engineer Lead
2 weeks ago
Bengaluru, Karnataka, India Benchire Full time ₹ 20,00,000 - ₹ 25,00,000 per yearKey Responsibilities:Develop and implement comprehensive information security strategies, policies, standards, and proceduresaligned with industry best practices and regulatory standards while working directly with CISO.Lead the creation and maintenance of robust security controls to protect all information assets, includingnetworks, systems, applications,...
-
Information Security
17 hours ago
Bengaluru, Karnataka, India BSR & Co Full time ₹ 12,00,000 - ₹ 24,00,000 per yearDescriptionAbout KPMG in IndiaKPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices...
-
Information Security Team Lead
10 hours ago
Bengaluru, Karnataka, India Ocwen Financial Solutions Pvt. Ltd Full time ₹ 12,00,000 - ₹ 36,00,000 per yearDescription : POSITION SUMMARY : This position will allow working for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US. This position will report to the Senior Manager,...
-
Information Security Consultant
2 weeks ago
Bengaluru, Karnataka, India Scrut Automation Full time ₹ 6,00,000 - ₹ 18,00,000 per yearJob Description: Information Security ConsultantRole DetailsPosition : Information Security ConsultantLocation:BangaloreAbout SCRUT AutomationScrut Automation is an information security and compliance monitoring platform, aimed at helping small and medium cloud-native enterprises develop and maintain a robust security posture, and comply with various infosec...
-
Head of Information Security
3 days ago
Bengaluru, Karnataka, India Pixis Full time ₹ 20,00,000 - ₹ 25,00,000 per yearDescription : Why Pixis ? We at Pixis believe that nothing is impossible, when you fail fast you learn faster, zero hierarchy, put the team above everything else, get constructive feedback that helps you build better products, and disagree if you disbelieve. These values guide us in everything we do, and is reflected in our employees and the...
-
Lead Information Security Analyst
9 hours ago
Bengaluru, Karnataka, India InMobi Full time ₹ 12,00,000 - ₹ 36,00,000 per yearInMobi Advertising is a global technology leader helping marketers win the moments that matter. Our advertising platform reaches over 2 billion people across 150+ countries and turns real-time context into business outcomes, delivering results grounded in privacy-first principles. Trusted by 30,000+ brands and leading publishers, InMobi is where...
-
Opening For Information Security
1 week ago
Bengaluru, Karnataka, India Acesoft Labs Full time ₹ 15,00,000 - ₹ 25,00,000 per yearWe are hiring for Information Security for Bangalore location.Exp- 3-7 yrsNP- 0-15 days3 to 6 years experience in Information Security or Information Technology field, vulnerability management and network scanning toolsTechnical cyber security certification CISSP, SANS, GSEC, CISA, etc are a plus Min 5+ years of experience of in enterprise vulnerability...
