InfoSec Lead

About the job

Department: Cybersecurity / Information Security

Location: Bangalore (On-site)

Employment Type: Full-time

About the Roles

We're hiring experienced professionals to join our Cybersecurity team in two key positions:

• VAPT Engineer (L2/L3) – leading advanced vulnerability assessment and penetration testing across enterprise and cloud environments.
• Information Security Lead – Managed Security Services – managing SOC operations, cloud security governance, risk management, and incident response.

Both roles demand strong technical depth, leadership maturity, and hands-on expertise in enterprise and cloud security ecosystems.

1. VAPT Engineer (L2/L3)Experience: 5+ years (hands-on)

Reporting To: VAPT Lead

Certification: OSCP preferred

Mode: In-office

Key Responsibilities

• Lead penetration testing across web, mobile, cloud, and infrastructure (Black/Grey/White box).
• Perform manual and automated vulnerability assessments using tools like Burp Suite, Nessus, Metasploit, Nmap, and custom scripts.
• Conduct threat modeling, cloud environment reviews, and risk assessments for business-critical systems.
• Execute security testing on public, private, and hybrid cloud platforms (AWS, Azure, GCP).
• Document findings and provide actionable remediation recommendations.
• Collaborate with DevOps, IT, and Cloud Engineering teams to address vulnerabilities.
• Mentor junior engineers and review reports for accuracy.
• Stay updated with emerging threats, zero-days, and modern attack vectors.
• Align testing with OWASP, NIST, ISO 27001, and cloud security best practices.
• Participate in red team assessments and security audits.

Requirements

• Bachelor's or Master's in Computer Science, Cybersecurity, or related field.
• Deep understanding of network protocols, OS internals (Linux/Windows), and cloud architectures.
• Strong knowledge of cloud-native security tools (AWS Security Hub, Azure Defender, etc.).
• Hands-on scripting in Python, Bash, or PowerShell.
• Familiarity with DevSecOps, CI/CD pipelines, and container security (Docker/Kubernetes).
• Experience in secure coding, exploit development, and reverse engineering.

• Certifications like OSCP, CEH, GPEN, LPT, or CISSP are highly preferred.

• Information Security Lead – Managed Security ServicesExperience: 8–10+ years (with 5+ in SOC Leadership)

Certification: OSCP required

Mode: In-office

Key Responsibilities

• Lead SOC operations across L1–L3 analysts, ensuring 24/7 threat monitoring.
• Drive vulnerability management, patch governance, and proactive threat mitigation.
• Manage and secure multi-cloud environments, ensuring compliance and incident readiness.
• Oversee cloud security posture management (CSPM) and identity access governance (IAM).
• Lead incident response, RCA, and recovery for major on-prem and cloud-based incidents.
• Conduct enterprise-wide risk assessments, audits, and compliance checks.
• Ensure alignment with frameworks like NIST, GDPR, HIPAA, PCI-DSS, and ISO 27001.
• Define and implement security policies, playbooks, and automation workflows for cloud and on-prem systems.
• Present dashboards, risk reports, and threat trends to executive leadership.
• Manage relationships with technology partners, MSSPs, and cloud vendors.

Requirements

• 10+ years in Information Security, with at least 5 in SOC or Managed Security leadership.
• Deep understanding of cloud architectures, workload protection, and identity management.
• Hands-on experience with SIEM/SOAR tools (Splunk, ArcSight, Cortex XSIAM, QRadar, Microsoft Sentinel).
• Expertise in threat hunting, malware analysis, endpoint security (EDR/XDR), and cloud security monitoring.
• Proficiency in tools such as WAF, DLP, Burp Suite, and Nessus.
• Strong understanding of hybrid security models and advanced persistent threat (APT) response.
• Familiarity with ITIL or service delivery frameworks is a plus.
• Certifications such as CEH, OSCP, CISSP, or relevant cloud security credentials (CCSP, AWS Security Specialty) preferred.

Please select the role you're applying for and share your details accurately.

Or Send your resume to ,