Security Consultant at Bosch Group

Hyderabad, Telangana, India -

Full Time

Start Date

Immediate

Expiry Date

22 Dec, 25

Salary

0.0

Posted On

23 Sep, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Testing, Governance, Risk Management, Compliance, Penetration Testing, Vulnerability Assessment, Risk Assessment, ISO 27001, NIST, PCI-DSS, GDPR, HIPAA, Incident Response, Threat Modeling, Analytical Skills, Communication Skills

Industry

Software Development

Description

Company Description Bosch Global Software Technologies Private Limited is a 100% owned subsidiary of Robert Bosch GmbH, one of the world's leading global supplier of technology and services, offering end-to-end Engineering, IT and Business Solutions. With over 28,200+ associates, it’s the largest software development center of Bosch, outside Germany, indicating that it is the Technology Powerhouse of Bosch in India with a global footprint and presence in the US, Europe and the Asia Pacific region. Job Description Roles & Responsibilities : ob Summary: We are looking for a Security Consultant with a strong background in security testing and Governance, Risk, and Compliance (GRC) to bolster our organization’s cybersecurity posture. This hybrid role demands hands-on technical expertise in identifying vulnerabilities and executing penetration tests, coupled with a deep understanding of risk frameworks, compliance standards, and regulatory requirements. Key Responsibilities: Security Testing: Conduct penetration testing and vulnerability assessments across web, network, mobile, and cloud environments. Identify and exploit vulnerabilities using tools such as Burp Suite, Metasploit, Nmap, Nessus, and OWASP ZAP. Simulate real-world cyberattacks to evaluate system resilience and generate actionable remediation insights. Perform Secure Development Lifecycle (SDL) reviews and threat modeling exercises. Collaborate with application, DevOps, and infrastructure teams to validate fixes and improve security controls. GRC Responsibilities: Develop, implement, and maintain security policies, procedures, and controls aligned with leading frameworks and best practices. Conduct risk assessments, maintain the enterprise risk register, and support risk mitigation activities. Ensure and track compliance with standards including ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA. Facilitate internal/external audits by preparing documentation, conducting gap analyses, and driving remediation. Collaborate with business and technical stakeholders to embed security into processes and projects. Conduct privacy impact assessments and Responsible AI reviews. Required Skills & Qualifications: Bachelor’s degree in Cybersecurity, Information Technology, or a related field. 4 to 8 years of combined experience in security testing and GRC functions. Proficient in the OWASP Top 10, CVE database analysis, and secure coding practices. Hands-on experience with SIEM tools, incident response, and threat modeling methodologies. Strong analytical and problem-solving skills with excellent verbal and written communication abilities. Ability to translate technical vulnerabilities into business impact and risk language. Preferred Certifications: Technical: CEH, OSCP, GPEN GRC: CISA, CISM, CRISC, ISO 27001 Lead Implementer/Auditor Experience with GRC platforms like RSA Archer, ServiceNow GRC, or LogicGate is a plus. Qualifications Educational qualification: Experience : Mandatory/requires Skills : Preferred Skills : Additional Information Experience - 4 to 8 years

Responsibilities

The Security Consultant will conduct penetration testing and vulnerability assessments across various environments while collaborating with teams to improve security controls. Additionally, they will develop and maintain security policies and ensure compliance with relevant standards.