HamburgerMenu
hirist

Artificial Intelligence

Machine Learning

NLP

Generative AI

Predictive Modeling

Query Segmentation

AI Interface

LLM

Deep Learning

MLOps

Security Architect - AI

Cloud Architect - ML/AI

Data Scientist

Data Modeling

Data Analytics & BI

Data Engineering

Backend Development

Frontend Development

Full Stack

Mobile Applications

Emerging Technologies

DevOps / SRE

CyberSecurity

Quality Assurance

Platform Engineering / SAP/Oracle

Product Management

Business Analysis and Project Management

UI & Design

Semiconductor/VLSI/EDA

Others

Cyber Security Governance Specialist

TALWORX SOLUTIONS PRIVATE LIMITED
Anywhere in India/Multiple Locations
3 - 5 Years
Cyber SecuritySecuritySystem ConfigurationApplication ArchitectureVulnerability ManagementIT GovernanceIT AuditIT ComplianceCloud SecuritySecurity ToolsDevSecOps

Posted on: 23/07/2025

Job Description

Job Purpose :


We are seeking a highly motivated and technically proficient Cyber Security Governance Specialist to strengthen our organization's security posture.


In this role, you will be instrumental in translating security policies and regulatory requirements into actionable technical controls and ensuring their effective implementation across our IT infrastructure and applications.


You will work hands-on with security tools, analyze technical configurations, and collaborate closely with engineering and operations teams to embed security by design and ensure continuous compliance with industry standards and internal policies.


Key Responsibilities :


Technical Control Implementation & Validation :


- Assist in the technical implementation and enforcement of security controls derived from industry frameworks (e.g., NIST, ISO 27001, CIS Controls) across various technical domains (network, endpoint, application, cloud).


- Perform technical reviews of system configurations, network diagrams, and application architectures to ensure adherence to security policies and standards.


- Validate the effectiveness of implemented security controls through technical testing, log analysis, and configuration audits.


Risk Assessment & Vulnerability Management Support :


- Support the technical aspects of risk assessments by analyzing vulnerability scan reports (e.g., Nessus, Qualys, Tenable.io), penetration test findings, and security audit results.


- Work with technical teams to understand the root cause of vulnerabilities and track remediation efforts from a technical perspective.


- Contribute to the identification and classification of technical security risks based on their potential impact and likelihood.


Compliance & Audit Technical Support :


- Gather and prepare technical evidence (e.g., system logs, configuration files, access controls, network flow data) required for internal and external security audits (e.g., SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS).


- Assist auditors in understanding technical control implementations and provide technical explanations during audit walkthroughs.


- Track the technical remediation of audit findings and ensure timely closure.


Security Policy & Standard Adherence :


- Translate high-level security policies into detailed technical standards and guidelines for various technologies and platforms.


- Educate and guide technical teams on the practical application of security policies and standards in their day-to-day operations.


Cloud Security Governance (Technical) :


- Assist in defining and monitoring technical security configurations and controls for cloud environments (AWS, Azure, GCP).


- Utilize Cloud Security Posture Management (CSPM) tools to identify and remediate cloud security misconfigurations.


- Ensure cloud deployments adhere to security baselines and compliance requirements.


Security Tooling & Automation :


- Work with GRC (Governance, Risk, and Compliance) platforms to manage control mappings, risk registers, and compliance reporting.


- Utilize SIEM (Security Information and Event Management) systems (e.g., Splunk, Azure Sentinel) to monitor security events and identify potential policy violations.


- Contribute to the automation of security governance processes and metric collection using scripting (e.g., Python, PowerShell) where applicable.


Security Metrics & Reporting :


- Develop and report on technical security metrics (e.g., patch compliance, vulnerability remediation rates, configuration drift) to demonstrate control effectiveness.


- Prepare technical reports for management on the status of security controls and compliance.


Required Skills & Qualifications :


Experience : 3 - 5 years of dedicated experience in Cyber Security, IT Audit, IT Risk Management, or a similar role with a strong technical focus.

Core Technical Security Knowledge :


- Solid understanding of fundamental cybersecurity domains : network security (firewalls, IDS/IPS, VPNs), endpoint security, application security (OWASP Top 10), and identity and access management (IAM).


- Familiarity with common operating systems (Windows, Linux) and their security configurations.

Security Frameworks & Standards : Practical, hands-on experience with implementing and assessing controls based on industry security frameworks such as ISO 27001, NIST Cybersecurity Framework, or CIS Controls.


Cloud Security : Technical understanding of security concepts and controls within at least one major cloud platform (AWS, Azure, or GCP). Experience with cloud native security services.

Security Tools Experience :


- Hands-on experience with vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS).


- Familiarity with SIEM platforms (e.g., Splunk, Azure Sentinel, ELK Stack) for log analysis and security monitoring.


- Exposure to GRC platforms or similar tools for managing security controls and risks.

Technical Problem Solving : Strong analytical and technical troubleshooting skills to diagnose security issues and identify root causes.


Scripting (Basic) : Ability to read and understand basic scripts (e.g., Python, PowerShell) for automation or data extraction.


Compliance Understanding : Basic understanding of common regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS) and their technical implications.


Education : Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related technical field.


Nice to Have :


- Relevant industry certifications such as CompTIA Security+, CySA+, Microsoft Certified : Azure Security Engineer Associate (AZ-500), ISC2 CCSP, or similar.


- Experience with DevSecOps practices and integrating security into CI/CD pipelines.


- Familiarity with container security (Docker, Kubernetes).


- Experience in a specific industry (e.g., financial services, healthcare, manufacturing) with its unique compliance landscape.


Soft Skills :


- Excellent verbal and written communication skills, with the ability to articulate technical security concepts to both technical and non-technical audiences.


- Strong interpersonal skills and the ability to collaborate effectively with diverse teams (developers, operations, business).


- High attention to detail and a methodical approach to problem-solving.


- Proactive, self-motivated, and eager to learn new technologies and security practices


info-icon

Did you find something suspicious?

Posted By

Naim Punasiya

Co-Founder at TALWORX SOLUTIONS PRIVATE LIMITED

Last Active: 28 Jul 2025

Job Views:  
103
Applications:  60
Recruiter Actions:  0

Posted in

CyberSecurity

Functional Area

IT Security

Job Code

1518065

Jobs by location

Interview Questions for you

View All
Blog for regisnation

How to Write Leave Application for Urgent Work: Format & Samples (2025)

Blog for regisnation

Top 90+ Machine Learning Interview Questions and Answers

Blog for regisnation

Top 40+ Deep Learning Interview Questions and Answers