Talent.com
This job offer is not available in your country.
Softpath Technologies - Cyber Security Audit / VAPT / Compliance Specialist

Softpath Technologies - Cyber Security Audit / VAPT / Compliance Specialist

Softpath Technologies LLCMumbai
10 days ago
Job description

Job Title : Cybersecurity Audit / VAPT / Compliance Specialist

Location : Mumbai

Experience : 3 to 7 Years

About the Role :

We are seeking a detail-oriented and proactive Cybersecurity Audit / VAPT / Compliance Specialist to join our security team. The ideal candidate will have solid hands-on experience in cybersecurity audits, vulnerability assessment and penetration testing (VAPT), regulatory compliance, and governance, risk, and compliance (GRC) functions.

This role is crucial for ensuring the organization maintains a robust security posture in alignment with internal policies and external regulatory requirements. You will collaborate with IT, risk, audit, and business teams to identify security gaps, perform vulnerability assessments, conduct red team exercises, and drive remediation efforts. Your expertise will directly contribute to safeguarding the companys data, systems, and reputation.

Key Responsibilities :

1. Cybersecurity Audits & Compliance

  • Support the planning and execution of internal, external, and regulatory cybersecurity audits.
  • Prepare audit documentation, manage audit findings, and work with stakeholders to implement corrective actions.
  • Ensure continuous compliance with standards such as ISO 27001, NIST, RBI, SEBI, CERT-In, and other relevant frameworks.
  • Collaborate with the GRC team to implement security controls, policies, and procedures.
  • Maintain compliance dashboards and produce regular reports for senior management and regulators.

2. Vulnerability Assessment & Penetration Testing (VAPT)

  • Conduct end-to-end VAPT activities across infrastructure, applications (web & mobile), networks, and cloud environments.
  • Leverage both commercial and open-source tools (e.g., Burp Suite, Nessus, Nmap, Metasploit, OWASP ZAP, etc.).
  • Perform manual testing to validate vulnerabilities and simulate real-world attacks.
  • Generate detailed reports, highlighting vulnerabilities, risk levels, and actionable remediation plans.
  • Coordinate with application and infrastructure teams for patch management and risk mitigation.

    • 3. Red Team & Threat Simulation

  • Participate in red teaming and adversarial simulation exercises to identify blind spots in detection and response capabilities.
  • Mimic attacker behavior to test incident response readiness and breach detection mechanisms.
  • Document red team findings, and contribute to blue team improvements for enhancing defensive strategies.

    • 4. Governance, Risk & Compliance (GRC)

  • Contribute to the development and enforcement of IT security policies, SOPs, and controls.
  • Conduct regular risk assessments and gap analyses to identify and prioritize security risks.
  • Maintain an inventory of IT and security risks, and track their status using a structured risk management approach.
  • Engage in security awareness initiatives and contribute to the training of staff on cybersecurity best practices.

    • 5. Incident Handling & Error Management

  • Assist in tracking security incidents, conducting root cause analysis, and ensuring appropriate resolution.
  • Maintain logs, incident records, and post-incident reviews to ensure continuous improvement.
  • Work with the SOC team to monitor SIEM alerts, analyze incidents, and escalate as needed.

    • 6. Reporting & Documentation

  • Produce comprehensive audit and VAPT reports tailored for both technical and executive audiences.
  • Track and follow up on remediation efforts with relevant teams to ensure timely closure of issues.
  • Maintain up-to-date documentation for security practices, controls, and assessment results.

    • Required Skills & Experience :

  • 37 years of experience in cybersecurity roles involving VAPT, audits, and compliance.
  • Strong understanding of cybersecurity frameworks, standards, and regulatory requirements (ISO 27001, NIST, PCI DSS, RBI, SEBI, etc.).
  • Proven experience in performing security audits and managing compliance activities.
  • Hands-on experience with VAPT tools like Burp Suite, Nessus, Nmap, Acunetix, Kali Linux, etc.
  • Good knowledge of GRC tools and methodologies.
  • Familiarity with SOC operations, SIEM tools, incident response procedures.
  • Strong analytical, problem-solving, and risk assessment skills.
  • Excellent written and verbal communication skills.
  • Proficiency in Microsoft Office (Excel, Word, PowerPoint, Outlook).

    • (ref : hirist.tech)

    Create a job alert for this search

    Cyber Security Specialist • Mumbai

    Related jobs
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Paramount Computer SystemsKalyan-Dombivli, IN
    Identity Governance and Administration (IGA).The role involves designing, implementing, and supporting enterprise-grade IGA solutions to ensure secure, efficient, and compliant identity lifecycle m...Show moreLast updated: 9 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.aimumbai city, maharashtra, in
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    TAC SecurityMumbai, Maharashtra, India
    As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies.Leveraging y...Show moreLast updated: 13 days ago
    • Promoted
    Security Lead

    Security Lead

    Eventus SecurityNavi Mumbai, Maharashtra, India
    Job Title : Security Lead (SOC) Location : Ahmedabad and Navi Mumbai Experience : 5+ yrs Responsibility Areas – Security Lead (L3) – SOC Security Incident Leadership Lead high-priority security i...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst - Threat Hunting

    Security Analyst - Threat Hunting

    SHI Solutions India Pvt. Ltd.mumbai, maharashtra, in
    We have an immediate requirement for.SHI Locuz Enterprise Solutions Pvt Ltd.Work Experience - 3+years(relevant).Work Location – Mumbai (Aeroli). Install, configure, and manage.Create and deploy cust...Show moreLast updated: 9 days ago
    • Promoted
    Cyber Security Consulting Manager - Vulnerability Assessment

    Cyber Security Consulting Manager - Vulnerability Assessment

    Uniqus ConsultechMumbai
    Responsibility : We endeavour to guide sustainable transformation in business and society at large, with the vision to shape a more balanced planet for the coming generations....Show moreLast updated: 27 days ago
    • Promoted
    Security Testing Lead - VAPT

    Security Testing Lead - VAPT

    Impeccable HR ConsultingMumbai
    Job Description : Information Security - SOC and Security Testing Lead Role and Responsibilities : - Participate in information Securi...Show moreLast updated: 5 days ago
    • Promoted
    Director - Datacenter / Cyber Security Domain

    Director - Datacenter / Cyber Security Domain

    Talent WorxMumbai
    Key Responsibilities : - Design, document, and enforce cybersecurity policies and protocols tailored for an AI data center, integrating best practi...Show moreLast updated: 20 days ago
    • Promoted
    Uniqus - Cyber Security Consulting Manager

    Uniqus - Cyber Security Consulting Manager

    Uniqus ConsultechMumbai, India
    Cyber Security Consulting Manager Job Description : Position Overview : The Cyber Securi...Show moreLast updated: 27 days ago
    • Promoted
    Cyber Security Specialist

    Cyber Security Specialist

    Tiger AdvisoryMumbai, IN
    Tiger Advisory provides premier cybersecurity consulting services, helping clients manage risks, strengthen resilience, and achieve compliance in an ever-evolving digital landscape.Our mission is t...Show moreLast updated: 9 days ago
    • Promoted
    Cyber Security Manager

    Cyber Security Manager

    DeloitteMumbai, Maharashtra, India
    India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organisations ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer – Audit & Compliance

    Security Engineer – Audit & Compliance

    ConfidentialMumbai, India
    We are looking for a highly skilled.The ideal candidate will have a blend of technical proficiency and regulatory understanding, with hands-on experience in security assessments, vulnerability mana...Show moreLast updated: 23 days ago
    • Promoted
    Cyber Forensic

    Cyber Forensic

    KPMGMumbai, Maharashtra, India
    We are seeking a dynamic and detail-oriented.Forensic Team in Risk Advisory practice.The ideal candidate will have hands-on experience in cyber incident response, digital forensics, and threat inve...Show moreLast updated: 30+ days ago
    • Promoted
    NFRM Information Security & Technology Risk Specialist, AVP

    NFRM Information Security & Technology Risk Specialist, AVP

    ConfidentialMumbai, India
    NFRM Information Security & Technology Risk Specialist, AVP.NFRM Information Security & Technology Risk Specialist.An Information Technology & Security Risk Specialist to join the 2nd LoD Informati...Show moreLast updated: 23 days ago
    • Promoted
    ISMS Audit Consultant – Cyber Security

    ISMS Audit Consultant – Cyber Security

    Cubical Operations LLPMumbai, Maharashtra, India
    ISMS Audit – Cyber Security Associate / Consultant.We are seeking a cyber security professional with strong expertise in. The role involves conducting audits, evaluating cyber risk controls, and ens...Show moreLast updated: 29 days ago
    • Promoted
    Cyber Security Consultant

    Cyber Security Consultant

    Paramount Computer SystemsMumbai, IN
    As a IAM Consultant in Access Management, your role will involve : .Designing, implementing, optimizing and supporting.IAM) solutions for enterprise clients. Single Sign-On (SSO), Multi-Factor Authent...Show moreLast updated: 9 days ago
    • Promoted
    Endpoint Security & Compliance Specialist

    Endpoint Security & Compliance Specialist

    Lenovo IndiaMumbai, Maharashtra, India
    Hiring : Security Compliance Engineer / Endpoint Security Administrator.Endpoint Security, Compliance (ISO 27001, PCI DSS), Antivirus, Incident Management. We’re looking for a motivated and detail-or...Show moreLast updated: 30+ days ago
    • Promoted
    iRage - Security Engineer - Audit & Compliance

    iRage - Security Engineer - Audit & Compliance

    iRageMumbai
    We are looking for a highly skilled Security Engineer with strong expertise in audits, compliance, and penetration testing to strengthen the security posture of our high-frequency trading (HFT) inf...Show moreLast updated: 30+ days ago