Company Description

Bosch Global Software Technologies Private Limited is a 100% owned subsidiary of Robert Bosch GmbH, one of the world's leading global supplier of technology and services, offering end-to-end Engineering, IT and Business Solutions. With over 28,200+ associates, it’s the largest software development center of Bosch, outside Germany, indicating that it is the Technology Powerhouse of Bosch in India with a global footprint and presence in the US, Europe and the Asia Pacific region.

Job Description

Roles & Responsibilities :
ob Summary: 

We are looking for a Security Consultant with a strong background in security testing and Governance, Risk, and Compliance (GRC) to bolster our organization’s cybersecurity posture. This hybrid role demands hands-on technical expertise in identifying vulnerabilities and executing penetration tests, coupled with a deep understanding of risk frameworks, compliance standards, and regulatory requirements. 

 

Key Responsibilities: 

Security Testing: 

Conduct penetration testing and vulnerability assessments across web, network, mobile, and cloud environments. 

Identify and exploit vulnerabilities using tools such as Burp Suite, Metasploit, Nmap, Nessus, and OWASP ZAP. 

Simulate real-world cyberattacks to evaluate system resilience and generate actionable remediation insights. 

Perform Secure Development Lifecycle (SDL) reviews and threat modeling exercises. 

Collaborate with application, DevOps, and infrastructure teams to validate fixes and improve security controls. 

GRC Responsibilities: 

Develop, implement, and maintain security policies, procedures, and controls aligned with leading frameworks and best practices. 

Conduct risk assessments, maintain the enterprise risk register, and support risk mitigation activities. 

Ensure and track compliance with standards including ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA. 

Facilitate internal/external audits by preparing documentation, conducting gap analyses, and driving remediation. 

Collaborate with business and technical stakeholders to embed security into processes and projects. 

Conduct privacy impact assessments and Responsible AI reviews. 

 

Required Skills & Qualifications: 

Bachelor’s degree in Cybersecurity, Information Technology, or a related field. 

4 to 8 years of combined experience in security testing and GRC functions. 

Proficient in the OWASP Top 10, CVE database analysis, and secure coding practices. 

Hands-on experience with SIEM tools, incident response, and threat modeling methodologies. 

Strong analytical and problem-solving skills with excellent verbal and written communication abilities. 

Ability to translate technical vulnerabilities into business impact and risk language. 

 

Preferred Certifications:  

Technical: CEH, OSCP, GPEN 

GRC: CISA, CISM, CRISC, ISO 27001  

Lead Implementer/Auditor Experience with GRC platforms like RSA Archer, ServiceNow GRC, or LogicGate is a plus. 

 
 

Qualifications

Educational qualification:

 

Experience :

 

Mandatory/requires Skills :

Preferred Skills :

Additional Information

Experience - 4 to 8 years