Cybersecurity Professional

AB7 Solutions

📌 job description – cybersecurity professional

position title: cybersecurity professional

location: chandigarh

department: it security & compliance

employment type: full-time

reporting to: chief information security officer (ciso) / it security manager

role overview

we are seeking a highly skilled cybersecurity professional to safeguard our it infrastructure, applications, and data assets against evolving cyber threats. the role involves conducting vulnerability assessments, penetration testing, network and cloud security, compliance audits, incident response, and employee training. the ideal candidate should have hands-on expertise across prevention, detection, response, and compliance frameworks (., nist, iso , hipaa, soc2).

key responsibilities

🔍 security assessments & audits

perform vulnerability assessments and penetration tests across networks, servers, endpoints, and applications.

conduct configuration audits of firewalls, routers, and cloud environments.

support and maintain compliance with hipaa, pci dss, soc2, iso , gdpr, nist.

🌐 network, infrastructure & cloud security

configure, monitor, and manage firewalls, ids/ips, and vpns.

implement zero trust security models and secure remote access.

secure cloud environments (aws, azure, gcp) with iam, encryption, and monitoring.

protect wireless and iot networks from unauthorized access.

💻 endpoint & application security

deploy and manage edr/xdr solutions across endpoints.

ensure timely patch management for all critical systems.

perform secure code reviews, api testing, and devsecops integration.

manage mobile device management (mdm) for byod and enterprise devices.

📊 threat monitoring & detection

operate and maintain siem platforms (splunk, qradar, elk).

work with soc teams to monitor logs and detect anomalies.

conduct threat hunting activities to uncover hidden risks.

respond to security alerts in real time.

🚨 incident response & recovery

lead incident detection, containment, and eradication efforts.

perform digital forensics on compromised systems.

develop and maintain disaster recovery (dr) and business continuity plans (bcp).

conduct post-incident analysis and provide lessons learned reports.

🔑 identity & access management (iam)

manage user provisioning, role-based access control, and privileged access management (pam).

implement multi-factor authentication (mfa) and single sign-on (sso).

ensure compliance with least-privilege and zero trust principles.

📜 governance, risk & compliance (grc)

develop and enforce cybersecurity policies, sops, and guidelines.

conduct risk assessments and maintain a risk register.

collaborate with auditors for compliance certifications (soc2, iso, hipaa, gdpr).

assess and monitor third-party vendor security.

🎓 security awareness & training

deliver cybersecurity awareness training for employees.

conduct phishing simulations and share reports.

educate executives and stakeholders on cyber risks and strategy.

🔒 data protection & privacy

implement data encryption (at rest and in transit) and dlp controls.

manage secure data backup and recovery processes.

conduct privacy impact assessments to ensure regulatory compliance.

key performance indicators (kpis)

≥ 95% critical vulnerabilities remediated within sla.

≥ 99% uptime of security monitoring tools.

zero major security incidents causing data loss/financial loss.

achieve/maintain compliance certifications (soc2, iso , hipaa, pci dss).

≥ 90% employee completion of cybersecurity awareness training.

qualifications & skills

🎓 education & experience

3–7 years of experience in cybersecurity roles (analyst, engineer, consultant).

experience working with north american/global clients preferred.

🛠 technical skills

strong knowledge of firewalls, siem, ids/ips, edr/xdr, and iam solutions.

hands-on with penetration testing tools (nmap, metasploit, burp suite, nessus, wireshark).

familiarity with cloud security (aws/azure/gcp).

knowledge of compliance standards: hipaa, pci dss, soc2, iso , nist csf.

scripting/automation in python, powershell, or bash is a plus.

📜 certifications (preferred)

ceh (certified ethical hacker)

cissp (certified information systems security professional)

cism (certified information security manager)

comptia security+ / cysa+

ccsp (certified cloud security professional)

iso lead auditor (advantageous)

why join us?

work on cutting-edge cybersecurity projects with global clients.

gain cross-industry exposure in healthcare, fintech, retail, logistics, it.

opportunity to lead projects in cloud security, compliance, and incident response.

competitive salary, certification sponsorship, and performance incentives.

• Experience

  3 - 7 Years

• No. of Openings

  100

• Education

  Higher Secondary, Secondary School, B.C.A, B.B.A, B.Com, B.Ed, B.Sc, B.Tech, Any Bachelor Degree, Any Master Degree

• Role

  Cybersecurity Professional

• Industry Type

  IT-Hardware & Networking / IT-Software / Software Services

• Gender

  [ Male / Female ]

• Job Country

  India

• Type of Job

  Full Time

• Work Location Type

  Work from Home