Location: Navi Mumbai (Work from Office)
Experience: Minimum 2+ Years
Employment Type: Full-time
About the RoleWe are seeking a dedicated Information Security Auditor from a CERT-IN empanelled firm for on-site IS-Audit work in Navi Mumbai. The role involves end-to-end monitoring, review, and assessment of IT security processes, tools, and infrastructure to ensure compliance, risk mitigation, and operational resilience.
Key Responsibilities- User Access Management (UAM/UAR): Review and monitor access rights for critical systems (applications, tools, infra).
- Antivirus Management: Oversee antivirus and endpoint security tools with timely updates for servers.
- Patch Management: Monitor patch deployments and updates for operating systems and applications.
- Capacity Management: Manage centralized capacity utilization monitoring tools and review alerts.
- Backup & Retention Management: Validate backups, perform restoration testing, and review retention compliance.
- Change & Release Management: Review adherence to change and release processes, including aligned system logs.
- Incident & Problem Management: Review logs, records, and effectiveness of incident/problem management processes.
- Inventory Management: Validate hardware/software inventory completeness with EOL/EOS tracking.
- SIEM Monitoring: Analyze and review alerts generated from SIEM tools.
- Database Activity Monitoring (DAM): Conduct analysis and reviews of DAM logs and alerts.
- Security Assessments: Perform VA, CA, PT, AppSec, SCR, firewall rule assessments, and vulnerability tracking.
- BCP/DR (Business Continuity & Disaster Recovery): Review disaster recovery readiness, drill calendars, and execution reports.
Required Skills & Qualifications- Bachelor's degree in Information Technology, Computer Science, or related field.
- Minimum 2 years of relevant experience in IS Audit, IT Security, or Compliance.
- Practical exposure to tools like Patch Management, Antivirus, SIEM, DAM, and IT Inventory solutions.
- Knowledge of ITIL processes (Incident, Problem, Change, Release).
- Familiarity with CERT-IN guidelines and regulatory compliance frameworks.
- Strong analytical, documentation, and reporting skills.
Preferred Certifications- CISA, ISO 27001 LA, CEH, CISSP, or any other relevant certification will be an added advantage.
How to Apply
Interested candidates can apply by sending their updated resume to [Confidential Information]
with the subject line Application for Information Security Auditor
Note: This is a full-time, on-site role based in Navi Mumbai. Remote work option is not available.
