Careers
” We offer more than just a job. We offer the chance to shape the future of technology with a team of passionate innovators. We invest in your growth through continuous learning and development, and empower you to make a real difference in the success of our clients. “
Why Work at Sein Consulting?
At Sein Consulting, we offer more than just a job; we provide a unique opportunity to be part of a mission-driven team dedicated to shaping the future of technology. Our culture is built on collaboration and creativity, where every team member’s ideas are valued and encouraged.
Future-proof your career
Stay ahead of the curve with cutting-edge technology and continuous learning opportunities at Sein Consulting.
Shape the future of tech
Work on groundbreaking projects that make a real difference in the world with our team of passionate innovators.
Empowered by learning
Develop your skills and expertise through comprehensive training programs and a culture of continuous growth.
Join Our Team and Shape the Future
We’re passionate about innovation and creating a positive impact. Are you a talented individual looking to make a difference? Explore our open positions and join the Sein family.
Job ID: Sein SA 1001
Experience: 5 – 8 years
Location: Hyderabad
Employment Type: Full Time, Permanent
Work mode: Onsite
Education
UG: Bachelors in Computer science and Information Technology
PG: Any Postgraduate in IT
Key Skills : PCI DSS Manager Internal Audit Automation diligent external Risk assessment SOC ISO 27001AWSFinancial services
Job description
- Maintain security policies, procedures, standards, checklists, and other necessary documentation.
- Conduct gap assessments and implement/mature security processes and controls in line with industry frameworks and regulations.
- Conduct comprehensive risk assessments, including technical security risks, threat modelling, and compliance evaluations. Develop and implement mitigation strategies to address identified risks.
- Utilize advanced technical knowledge to identify, analyze, and mitigate security risks, focusing on both existing and emerging threats.
- Perform periodic due diligence and risk assessment for Vendors, Sub-Processors.
- Own the compliance monitoring program for security controls. Communicate with and present to Senior Management on progress and testing results.
- Manage external compliance audits and other reviews, working with audit firms and internal parties.
- Respond to customer due diligence requests; Attend customer calls (if required) and work closely with customer-facing teams on security-related matters.
- Develop and deliver cybersecurity training and awareness programs to educate employees on security best practices and compliance.
- Track compliance requirements and contractual obligations related to security.
- Monitor and track relevant metrics for the security program’s effectiveness.
- Work closely with all engineering and product teams to ensure consistent and practical implementation of requirements.
- Keep abreast of best practices, framework changes, and new regulations to identify key risk areas.
- Help develop technology solutions to support the various compliance programs.
- Showcase a robust understanding of cloud services and related technologies, contributing to a secure cloud environment.
What you will bring:
- 5-8 years of working experience in a GRC role.
- Excellent understanding of regulatory compliance requirements
- Experience in evaluating and implementing SOC 2, ISO 27001, and PCI DSS.
- Experience documenting policies and procedures, attention to detail, and analytical skills.
- Experience in risk assessment methodologies, tools, and technical risk assessments.
- Practical experience or a solid conceptual understanding of the AWS cloud platform to define controls for cloud environments and recommend best practices. (Certification is a plus)
- Experience in implementing security controls to address requirements of privacy regulations, including GDPR, CCPA, and other international regulations
- Experience in developing test plans, testing security controls, internal audit
- Experience in handling & managing external audits and auditors.
- Ability to communicate with various stakeholders effectively across the organization.
- Ability to prioritize identified areas for improvement and propose practical solutions.
- Ability to work in a remote environment with teams in India and in the United States.
- Excellent verbal and written communication skills (in English).
- Desire to continuously seek and update technical security skills as required for the job.
- Being Proactive and able to work with little direct supervision.
Additionally (a great plus)
- Security certifications such as CISSP, CRISC, and AWS certifications.
- Knowledge of the Financial Services domain (Mortgage, Lending, etc..)
Job ID: Sein SA 1003
Experience: 4 – 8 years
Location: Hyderabad
Work Mode: Onsite
Job description
This is a very dynamic high-growth environment and requires being agile and flexible. Successful candidates for this role should be experienced in evaluating, ever-evolving compliance requirements and conducting gap assessments, documenting compliance-related governance documents (policies, standards, etc.), and experienced in third-party compliance audits. The successful candidate will be knowledgeable with risk management and risk treatment methodologies working in a similar fast-paced organization.
The candidate is expected to have an understanding of the Cloud SaaS technical environment and translate the compliance requirements into language Developers, DevOps, and Leadership can apply to our environments and work closely with cross-functional teams spread across multiple geographies.
Major Responsibilities/Activities
• Evaluate new and evolving certification programs, regulatory requirements, and technologies.
• Conduct comprehensive assessments of technical controls, information security policies, and procedures against applicable regulations and compliance requirements. Assessments include GAP analysis, recommendations and prioritize enhancements to the security and privacy infrastructure to remove or mitigate risk.
• Effectively communicate execution status, key accomplishments, and risks that impact Cloud’s ability to achieve or maintain compliance accreditations or certifications to line management.
• Evaluate and audit security control systems to address requirements.
• Advise process/control owners with the preparation and ongoing maintenance of controls and control documentation (e.g., policies, procedures, etc.).
• Guide Development Operations on the appropriate selection, design, implementation, and configuration of security controls.
• Identify control deficiencies make appropriate recommendations and drive remediation of control deficiencies.
• Proactively identify gaps or conflicts in existing processes and work to develop solutions with cross-functional teams.
• Program manage Third-party compliance audits.
• Collaborate effectively across multiple organizations with diverse personalities and expertise to drive agreement on complex issues.
• Support the annual review of information security and privacy policies, standards, and guidelines covering all areas within the environment.
• Engage with Infrastructure and/or Architect Teams to assess the security risk of proposed projects and system/application modifications.
• Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency.
Minimum Requirements
• 4+ years of related Governance Risk and compliance and/or security experience.
• Knowledge and experience in audit execution of a global security certification such as ISO 27001/17/18, PCI, HIPAA, ENS, HDS, SOC 1 / 2 etc.
• Knowledge of compliance frameworks (NIST etc.).
• Good understanding of security concepts and practical usage.
• Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS), is a plus.
• Working knowledge of GRC tools and technologies.
• Understanding of current Cyber Security trends.
• Experience managing GRC projects and project management skills.
• Focus on team and organizational goals, building accountability and a positive team culture.
• Proactive achiever and comfortable working in a fast-paced, dynamic environment incorporating constant change as we grow.
• Excellent written and verbal English communication skills; ability to communicate effectively across all levels of the organization.
• Analytical problem solver with organizational skills and an eye for detail.
• Prior Big-4 consulting experience or prior professional experience in similar cloud-based organizations is a plus.
Desirable certifications
• One or more Information Security Certifications: CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CRISC ( Certified in Risk and Information Systems Control) , ISO 27K Lead Auditor/ Implementor or other security certification/accreditation.