Talent.com
Softpath Technologies - Cyber Security Audit/VAPT/Compliance Specialist
Softpath Technologies - Cyber Security Audit/VAPT/Compliance SpecialistSoftpath Technologies LLC • Mumbai
Softpath Technologies - Cyber Security Audit / VAPT / Compliance Specialist

Softpath Technologies - Cyber Security Audit / VAPT / Compliance Specialist

Softpath Technologies LLC • Mumbai
30+ days ago
Job description

Job Title : Cybersecurity Audit / VAPT / Compliance Specialist

Location : Mumbai

Experience : 3 to 7 Years

About the Role :

We are seeking a detail-oriented and proactive Cybersecurity Audit / VAPT / Compliance Specialist to join our security team. The ideal candidate will have solid hands-on experience in cybersecurity audits, vulnerability assessment and penetration testing (VAPT), regulatory compliance, and governance, risk, and compliance (GRC) functions.

This role is crucial for ensuring the organization maintains a robust security posture in alignment with internal policies and external regulatory requirements. You will collaborate with IT, risk, audit, and business teams to identify security gaps, perform vulnerability assessments, conduct red team exercises, and drive remediation efforts. Your expertise will directly contribute to safeguarding the companys data, systems, and reputation.

Key Responsibilities :

1. Cybersecurity Audits & Compliance

  • Support the planning and execution of internal, external, and regulatory cybersecurity audits.
  • Prepare audit documentation, manage audit findings, and work with stakeholders to implement corrective actions.
  • Ensure continuous compliance with standards such as ISO 27001, NIST, RBI, SEBI, CERT-In, and other relevant frameworks.
  • Collaborate with the GRC team to implement security controls, policies, and procedures.
  • Maintain compliance dashboards and produce regular reports for senior management and regulators.

2. Vulnerability Assessment & Penetration Testing (VAPT)

  • Conduct end-to-end VAPT activities across infrastructure, applications (web & mobile), networks, and cloud environments.
  • Leverage both commercial and open-source tools (e.g., Burp Suite, Nessus, Nmap, Metasploit, OWASP ZAP, etc.).
  • Perform manual testing to validate vulnerabilities and simulate real-world attacks.
  • Generate detailed reports, highlighting vulnerabilities, risk levels, and actionable remediation plans.
  • Coordinate with application and infrastructure teams for patch management and risk mitigation.

    • 3. Red Team & Threat Simulation

  • Participate in red teaming and adversarial simulation exercises to identify blind spots in detection and response capabilities.
  • Mimic attacker behavior to test incident response readiness and breach detection mechanisms.
  • Document red team findings, and contribute to blue team improvements for enhancing defensive strategies.

    • 4. Governance, Risk & Compliance (GRC)

  • Contribute to the development and enforcement of IT security policies, SOPs, and controls.
  • Conduct regular risk assessments and gap analyses to identify and prioritize security risks.
  • Maintain an inventory of IT and security risks, and track their status using a structured risk management approach.
  • Engage in security awareness initiatives and contribute to the training of staff on cybersecurity best practices.

    • 5. Incident Handling & Error Management

  • Assist in tracking security incidents, conducting root cause analysis, and ensuring appropriate resolution.
  • Maintain logs, incident records, and post-incident reviews to ensure continuous improvement.
  • Work with the SOC team to monitor SIEM alerts, analyze incidents, and escalate as needed.

    • 6. Reporting & Documentation

  • Produce comprehensive audit and VAPT reports tailored for both technical and executive audiences.
  • Track and follow up on remediation efforts with relevant teams to ensure timely closure of issues.
  • Maintain up-to-date documentation for security practices, controls, and assessment results.

    • Required Skills & Experience :

  • 37 years of experience in cybersecurity roles involving VAPT, audits, and compliance.
  • Strong understanding of cybersecurity frameworks, standards, and regulatory requirements (ISO 27001, NIST, PCI DSS, RBI, SEBI, etc.).
  • Proven experience in performing security audits and managing compliance activities.
  • Hands-on experience with VAPT tools like Burp Suite, Nessus, Nmap, Acunetix, Kali Linux, etc.
  • Good knowledge of GRC tools and methodologies.
  • Familiarity with SOC operations, SIEM tools, incident response procedures.
  • Strong analytical, problem-solving, and risk assessment skills.
  • Excellent written and verbal communication skills.
  • Proficiency in Microsoft Office (Excel, Word, PowerPoint, Outlook).

    • (ref : hirist.tech)

    Create a job alert for this search

    Cyber Security Specialist • Mumbai

    Related jobs
    VAPT

    VAPT

    Acme Services Private Limited • Mumbai, Maharashtra, India
    Experience on Vulnerability Assessment and Penetration Testing for Infrastructure / network / web application / databases. Web Services Knowledge / Penetration Testing.Good Knowledge on Secure Code ...Show more
    Last updated: 25 days ago • Promoted
    Cyber Security Analyst

    Cyber Security Analyst

    DraconX • Mumbai, IN
    DraconX is at the forefront of transforming cutting-edge ideas into intelligent, scalable digital solutions.As pioneers in AI business automation and AI-driven SaaS platforms, we specialize in crea...Show more
    Last updated: 16 days ago • Promoted
    Security Analyst - Threat Hunting

    Security Analyst - Threat Hunting

    SHI Solutions India Pvt. Ltd. • Mumbai, Maharashtra, India
    We have an immediate requirement for.SHI Locuz Enterprise Solutions Pvt Ltd.Work Experience - 3+years(relevant).Work Location – Mumbai (Aeroli). Install, configure, and manage.Create and deploy cust...Show more
    Last updated: 30+ days ago • Promoted
    AI Security Lead

    AI Security Lead

    Delphi Consulting Middle East • Mumbai, IN
    Join Delphi - Where Innovation meets transformation.At Delphi, we believe in creating an environment where our people thrive. We are committed to supporting your personal goals, family, and overall ...Show more
    Last updated: 10 days ago • Promoted
    TPRM Consultant - Cyber

    TPRM Consultant - Cyber

    Cubical Operations LLP • Mumbai, Maharashtra, India
    Consultant / Senior Consultant – Third-Party Risk Management (TPRM).Minimum 2 to 6 years in TPRM / Vendor Risk / Information Security / Risk Advisory. We are looking for a skilled and motivated.Senior...Show more
    Last updated: 30+ days ago • Promoted
    TAVS Tech Cyber Security Specialist / Engineer | Pune | Immediate

    TAVS Tech Cyber Security Specialist / Engineer | Pune | Immediate

    DigiHelic Solutions Pvt. Ltd. • Mumbai, IN
    Title : TAVS Tech Cyber Security Specialist.Vault & Privileged Access Management (Core Requirement).HashiCorp Enterprise Vault (preferred). Experience building, deploying, and maintaining Vault clust...Show more
    Last updated: 6 days ago • Promoted
    Senior Consultant (Forensic Audit)

    Senior Consultant (Forensic Audit)

    Acme Services Private Limited • Mumbai, Maharashtra, India
    Work on projects related to Information Security Management System (ISO 27001 : 2022) certification.Conduct ISO 27001 : 2022 internal audits and comprehensive gap assessments.Execution of Cybersecurit...Show more
    Last updated: 23 days ago • Promoted
    Trellix - Endpoint Security Encryption

    Trellix - Endpoint Security Encryption

    ITC Infotech • Mumbai, Maharashtra, India
    Trellix - Endpoint Security Encryption.Location : Mumbai (Andheri East).The ITCI Cybersecurity team is seeking an Endpoint Security Specialist (L2) to support and maintain enterprise antivirus and e...Show more
    Last updated: 13 days ago • Promoted
    Cyber Security Specialist

    Cyber Security Specialist

    Tata Consultancy Services • mumbai, maharashtra, in
    TCS is Hiring – Saviynt / IAM Integration.Are you skilled in Saviynt and passionate about Identity & Access Management (IAM) and Integration Technologies?. Here’s your chance to join Tata Consultanc...Show more
    Last updated: 26 days ago • Promoted
    Cyber Security Specialist

    Cyber Security Specialist

    Innefu Labs • Mumbai, IN
    We are seeking experienced and detail-oriented professionals for the role.The selected candidates will be responsible for assisting cybercrime investigations by collecting and analysing digital evi...Show more
    Last updated: 25 days ago • Promoted
    AVP Compliance

    AVP Compliance

    TAAS Partners • Mumbai, Maharashtra, India
    Client is a leading financial app available on both Android and iOS platforms.They have garnered over 8 million downloads, maintaining a high user satisfaction level with 4+ star ratings and approx...Show more
    Last updated: 12 days ago • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.ai • Mumbai, IN
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show more
    Last updated: 30+ days ago • Promoted
    Lead Security Engineer

    Lead Security Engineer

    Arcana • Mumbai, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show more
    Last updated: 30+ days ago • Promoted
    Senior 3D Secure Implementation specialist

    Senior 3D Secure Implementation specialist

    Art Technology and Software • Mumbai, IN
    Client Implementation & Onboarding : .Lead end-to-end client 3DS implementations, including onboarding, integration, testing, and go-live for 3DS solutions. Collaborate with cross-functional teams to ...Show more
    Last updated: 24 days ago • Promoted
    TPRM Assistant Manager - Cyber

    TPRM Assistant Manager - Cyber

    Cubical Operations LLP • Mumbai, Maharashtra, India
    Third-Party Risk Management (TPRM) - Deputy Manager.Minimum 3 to 8 years in TPRM / Vendor Risk / Information Security / Risk Advisory. We are looking for a skilled and motivated.Third-Party Risk Man...Show more
    Last updated: 5 days ago • Promoted
    Information Security / ITGC Audit

    Information Security / ITGC Audit

    Digihelic Solutions Private Limited • Mumbai, India
    Conduct IT General Controls (ITGC) and Information Security audits.Review compliance with ISO 27001, SOC, and IT security standards. Evaluate access controls, change management, and incident respons...Show more
    Last updated: 30+ days ago • Promoted
    Sap Security

    Sap Security

    TalentBridge • Mumbai, IN
    Sap Security – Finance (SAP S / 4HANA Security).Months of Contract (With high possibility of Full Time).We are seeking an experienced SAP S / 4 Security Specialist with strong expertise in designing, b...Show more
    Last updated: 7 days ago • Promoted
    CyberArk Lifecycle Management Engineer

    CyberArk Lifecycle Management Engineer

    Saunders Scott • Mumbai, IN
    Freelance role for 18 months, remote working.Cyber Security Professional (CyberArk Specialist – 5 Years Experience, Remote – India). Manage end-to-end CyberArk lifecycle activities, including onboar...Show more
    Last updated: 4 days ago • Promoted