Posted 02 June, 2026
Cyber Security Audit Cycle
NR Consulting - India
Bangalore, IN
Full Time
Reference: 26-05691-2220-1
Title: Cyber Security Audit Cycle
Location: Bangalore
Exp: 6+ Years
Job Description:
The role requires strong expertise in security audits| risk assessments| and Governance| Risk| and Compliance (GRC)| along with excellent communication and stakeholder management skills. Lead the implementation and governance of Group and Ayvens Application Security policies| standards| and procedures across the application landscape. Provide functional leadership for Application Security activities| including Application Sensitivity Assessments (ASA)| Secure by Design (SBD)| and penetration testing oversight. Ensure security requirements| risk management| and compliance are applied consistently across applications| infrastructure| and thirdparty contracts. Drive completion| tracking| and remediation of applications lacking mandatory ASA or SBD reviews to meet Group Key Risk Indicators (KRIs). Monitor| assess| and escalate application security risks| including oversight of HIGH and CRITICAL ASA ratings and associated CISO validations. Steer and report on application security posture| SBD maturity| and compliance progress using enterprise tooling (e.g.| LeanIX| Kear| MASAI| SBD). Detect security anomalies and lead remediation actions in collaboration with application owners and technical teams. Integrate securitybydesign principles and best practices throughout the Software Development Lifecycle (SDLC). Perform risk analysis for new business initiatives| applications| and technologies| providing pragmatic and risk based security recommendations. Manage Risk Acceptance Framework (RAF) and exception processes| ensuring proper documentation| approvals| and lifecycle governance. Support application owners| managers| and Entity ISOs in achieving compliance with Group security requirements and regulatory obligations. Monitor and coordinate response to application related security incidents in alignment with incident management processes. Ensure alignment with industry standards and frameworks (OWASP| NIST| CIS| ISOIEC 27034) and regulatory requirements (e.g.| GDPR| AAS). Prepare and present clear application security and compliance reporting to senior management and key stakeholders. Provide expert guidance| mentoring| and awareness to development teams on secure coding and application security practices. Coordinate with LOD2 and internal stakeholders to define| review| and enhance application security policies| standards| and procedures. Continuously monitor the threat landscape and evolving compliance requirements to strengthen application security governance.
Location: Bangalore
Exp: 6+ Years
Job Description:
The role requires strong expertise in security audits| risk assessments| and Governance| Risk| and Compliance (GRC)| along with excellent communication and stakeholder management skills. Lead the implementation and governance of Group and Ayvens Application Security policies| standards| and procedures across the application landscape. Provide functional leadership for Application Security activities| including Application Sensitivity Assessments (ASA)| Secure by Design (SBD)| and penetration testing oversight. Ensure security requirements| risk management| and compliance are applied consistently across applications| infrastructure| and thirdparty contracts. Drive completion| tracking| and remediation of applications lacking mandatory ASA or SBD reviews to meet Group Key Risk Indicators (KRIs). Monitor| assess| and escalate application security risks| including oversight of HIGH and CRITICAL ASA ratings and associated CISO validations. Steer and report on application security posture| SBD maturity| and compliance progress using enterprise tooling (e.g.| LeanIX| Kear| MASAI| SBD). Detect security anomalies and lead remediation actions in collaboration with application owners and technical teams. Integrate securitybydesign principles and best practices throughout the Software Development Lifecycle (SDLC). Perform risk analysis for new business initiatives| applications| and technologies| providing pragmatic and risk based security recommendations. Manage Risk Acceptance Framework (RAF) and exception processes| ensuring proper documentation| approvals| and lifecycle governance. Support application owners| managers| and Entity ISOs in achieving compliance with Group security requirements and regulatory obligations. Monitor and coordinate response to application related security incidents in alignment with incident management processes. Ensure alignment with industry standards and frameworks (OWASP| NIST| CIS| ISOIEC 27034) and regulatory requirements (e.g.| GDPR| AAS). Prepare and present clear application security and compliance reporting to senior management and key stakeholders. Provide expert guidance| mentoring| and awareness to development teams on secure coding and application security practices. Coordinate with LOD2 and internal stakeholders to define| review| and enhance application security policies| standards| and procedures. Continuously monitor the threat landscape and evolving compliance requirements to strengthen application security governance.
