Job Description

 We need Data Privacy Auditor with GDPR experience  Pune location , urgent role.

The Information Security Compliance Specialist will perform a comprehensive review of the organization’s applications, APIs, and supporting infrastructure to ensure compliance with information security best practices, internal policies, and regulatory frameworks such as NESA, ISO 27001, GDPR, PCI-DSS and industry standards.

The specialist will assess current controls, identify security gaps, and produce a detailed audit report outlining findings, risks, and actionable recommendations to strengthen the security posture.

Key Responsibilities:

• Conduct end-to-end security compliance reviews for all applications, APIs, and supporting systems.
• Evaluate system configurations, access controls, data flows, encryption practices, and deployment environments.
• Review application development and change management processes for secure coding and deployment practices.
• Assess compliance with NESA, ISO 27001, NIST, GDPR, PCI-DSS and internal information security policies.
• Identify and document non-compliance areas, control weaknesses, and potential risks.
• Provide practical, prioritized recommendations for remediation and improvement.
• Collaborate with application owners, IT, and development teams to validate findings and clarify technical aspects.
• Deliver a final audit report summarizing the assessment results, risk ratings, and compliance status.
• Transform the findings into actionable items along with different stakeholders and keep a track on progress.