Token Metrics logo

Token Metrics

Security Consultant

full-timeOn-site
consultant
security
grc
cybersecurity

Company Description

Bosch Global Software Technologies Private Limited is a 100% owned subsidiary of Robert Bosch GmbH, one of the world's leading global supplier of technology and services, offering end-to-end Engineering, IT and Business Solutions. With over 28,200+ associates, it’s the largest software development center of Bosch, outside Germany, indicating that it is the Technology Powerhouse of Bosch in India with a global footprint and presence in the US, Europe and the Asia Pacific region.

Job Description

Roles & Responsibilities :
ob Summary: 

We are looking for a Security Consultant with a strong background in security testing and Governance, Risk, and Compliance (GRC) to bolster our organization’s cybersecurity posture. This hybrid role demands hands-on technical expertise in identifying vulnerabilities and executing penetration tests, coupled with a deep understanding of risk frameworks, compliance standards, and regulatory requirements. 

 

Key Responsibilities: 

Security Testing: 

  • Conduct penetration testing and vulnerability assessments across web, network, mobile, and cloud environments. 

  • Identify and exploit vulnerabilities using tools such as Burp Suite, Metasploit, Nmap, Nessus, and OWASP ZAP

  • Simulate real-world cyberattacks to evaluate system resilience and generate actionable remediation insights. 

  • Perform Secure Development Lifecycle (SDL) reviews and threat modeling exercises. 

  • Collaborate with application, DevOps, and infrastructure teams to validate fixes and improve security controls. 

GRC Responsibilities: 

  • Develop, implement, and maintain security policies, procedures, and controls aligned with leading frameworks and best practices. 

  • Conduct risk assessments, maintain the enterprise risk register, and support risk mitigation activities. 

  • Ensure and track compliance with standards including ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA

  • Facilitate internal/external audits by preparing documentation, conducting gap analyses, and driving remediation. 

  • Collaborate with business and technical stakeholders to embed security into processes and projects

  • Conduct privacy impact assessments and Responsible AI reviews

 

Required Skills & Qualifications: 

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field

  • 4 to 8 years of combined experience in security testing and GRC functions

  • Proficient in the OWASP Top 10, CVE database analysis, and secure coding practices

  • Hands-on experience with SIEM toolsincident response, and threat modeling methodologies

  • Strong analytical and problem-solving skills with excellent verbal and written communication abilities. 

  • Ability to translate technical vulnerabilities into business impact and risk language. 

 

Preferred Certifications:  

  • Technical: CEH, OSCP, GPEN 

  • GRC: CISA, CISM, CRISC, ISO 27001  

Lead Implementer/Auditor Experience with GRC platforms like RSA Archer, ServiceNow GRC, or LogicGate is a plus. 

 
 

Qualifications

Educational qualification:

 

Experience :

 

Mandatory/requires Skills :

Preferred Skills :

Additional Information

Experience - 4 to 8 years