Role : Security & Compliance Lead

Location : Delhi 100% Onsite

Client : Government Department

Qualifications :

- B.Tech/B.E. in CS/InfoSec (M.Tech/MS in Cybersecurity a plus).

- 10+ years in cybersecurity/IT risk; 4+ years leading org-wide security programs.

Key Responsibilities :

- Define and run OURs cybersecurity strategy, policies, and architecture for applications, data, infra, and endpoints.

- Enforce rigorous controls for biometric/face data, Aadhaar eKYC, and payments; ensure consent, logging, and compliance with national standards.

- Coordinate CERT-In security audits; track remediation; maintain continuous assurance and documentation.

- Operate monitoring & incident response (SIEM, playbooks, drills) to detect and contain data breaches/fraud attempts swiftly.

- Secure all external integrations (UIDAI, DigiLocker, PFMS, etc.) with encryption, zero-trust principles, and third-party risk management.

Essential Skills :

- Compliance : CERT-In, UIDAI eKYC safeguards, DPDP controls.

- IAM & AppSec : Keycloak hardening, OAuth2/OIDC, SAST/SCA/DAST in Jenkins/SonarQube.

- Cloud security : AWS IAM, KMS, WAF, GuardDuty, CloudTrail.

- IR & monitoring : SIEM (Graylog/Dynatrace), playbooks, tabletop exercises.

- Data protection : Encryption at rest/in transit (TLS/PKI), secrets mgmt, anonymization.

Desirable Skills :

- Certifications : CISSP, CISM, CEH, ISO 27001 LA.

- DevSecOps policy-as-code (OPA/Kyverno), image signing.

- Aadhaar Act/NPCI UPI/DigiLocker security standards.

- Pen-testing/red/purple teaming, chaos security drills.

- Privacy-enhancing tech (pseudonymization/PETs).