Back to Top

IT Destination

The Premium
It Infrastructure
in Kerala

Company Jobs

ValueMentor Infosec Pvt. Ltd.

'Indeevaram', Infopark Thrissur, Koratty, Kerala, India – 680308 Ph : +91 - 487 - 2970 700

Phone+919745037742
emailhelp@valuementor.com

Career Opportunities:

GRC Analyst - Payment Security

Key Responsibilities of the Position

As a GRC Analyst in the Payment Security Team, you will play a pivotal role in supporting the organization’s compliance assessments, focusing on PCI DSS and SWIFT CSP standards across multiple client environments. Your responsibilities will include assisting lead assessors, gathering and validating compliance evidence, managing timelines, and contributing to risk management initiatives. Working closely with cross-functional teams, you will provide technical and strategic support to ensure secure, compliant operations that align with industry standards.

1. Assist lead assessors in conducting comprehensive PCI DSS and SWIFT CSP assessments for multiple client entities.
2. Collect, validate, and organize required documentation and evidence for compliance assessments, ensuring accuracy and completeness.
3. Manage assessment timelines and milestones, collaborating with assessors and client stakeholders to ensure deadlines are met.
4. Coordinate with client teams to gather essential documentation, system logs, configurations, and evidence, ensuring it aligns with assessment standards.
5. Review collected evidence against PCI DSS and SWIFT CSP requirements, identifying any discrepancies or missing elements and following up as needed.
6. Ensure organized, accessible evidence storage for assessors to streamline audit processes and facilitate thorough evaluations.
7. Assist in the preparation of assessment reports, including documentation reviews, gap analysis findings, and risk assessment summaries.
8. Help assessors generate final reports for PCI DSS and SWIFT CSP assessments, ensuring they are clear, accurate, and aligned with compliance standards.
9. Support the creation and maintenance of checklists, templates, and other assessment documentation to enhance efficiency and consistency.
10. Work with assessors to identify and prioritize security risks based on assessment findings, helping clients address compliance-related vulnerabilities.
11. Support the development of remediation plans that align with compliance requirements, ensuring that client teams understand and implement corrective actions.
12. Track remediation activities, regularly following up with clients to confirm timely closure of compliance gaps.
13. Contribute to the development and updating of comprehensive information security policies, procedures, and documentation to protect cardholder data and assets.
14. Participate in post-assessment reviews to identify process improvement opportunities and contribute to efficiency enhancements in assessment workflows.
15. Share insights and best practices with team members, aiding in the standardization of procedures across diverse client assessments.
16. Stay updated on changes to PCI DSS and SWIFT CSP standards, communicating relevant updates with the team to strengthen compliance support.
17. Actively pursue knowledge-building opportunities in PCI DSS, SWIFT CSP, and other relevant industry standards, including training and certification.
18. Expand your technical understanding of security frameworks, supporting assessors and clients with updated expertise.
19. Contribute to a knowledge-sharing culture by participating in team discussions and providing insights gathered from assessments.
20. Demonstrate a customer-centric approach, actively managing client expectations and delivering value through each stage of the compliance process.
21. Foster collaboration with clients and internal teams to create a positive assessment experience, meeting and exceeding compliance requirements.
22. Ensure that all interactions reflect the organization’s values, contributing to a culture of cybersecurity excellence and continuous improvement.
23. Prepare and present briefings for senior management and stakeholders, translating complex security concepts into understandable terms.
24. Consistently take ownership of tasks, meeting deadlines and demonstrating accountability in managing compliance-related activities.
25. Ensure a customer-centric approach, actively managing expectations and delivering value through the compliance process.
26. Support a collaborative work environment, emphasizing open communication and shared success within the team and with clients.

Email: lakshmi.rajendran@valuementor.com

Jr. Security Analyst (WEB, NETWORK, MOBILE TESTING)

As a Junior Security Analyst specializing in WEB, Network or Mobile Penetration Testing, you will assist in identifying vulnerabilities and assessing the security posture of mobile applications. You will work under the guidance of senior team members, helping to conduct mobile penetration tests, analyze mobile application security, and contribute to delivering high-quality security assessments for mobile platforms.


Mobile penetration tests Responsibility:
Key Responsibilities, Deliverables / Outcomes:
Assist in performing mobile penetration tests on both iOS and Android applications (manual and automated).
Identify, exploit, and document vulnerabilities such as insecure data storage, improper session management, and API vulnerabilities under guidance.
Conduct vulnerability assessments on mobile applications using both manual testing techniques and automated tools.
Use tools like Burp Suite, Frida, MobSF, and other mobile-specific security tools for mobile application testing.
Assist in testing APIs used by mobile applications for security flaws such as broken authentication, insecure communication, and authorization vulnerabilities.
Analyze mobile application architectures and workflows to identify potential security risks related to data leakage, insecure code, and other mobile-specific vulnerabilities.
Document security findings, weaknesses, and suggested remediation steps in detailed reports.
Collaborate with senior team members to refine findings and ensure professional-grade reports are delivered to clients.
Ensure that mobile testing tools and systems are kept up-to-date to maximize efficiency and to address emerging mobile security threats and vulnerabilities.
Stay updated with the latest trends in mobile application security, emerging vulnerabilities, exploits, and penetration testing techniques.
Participate in internal training sessions, contribute to team knowledge sharing, and enhance your expertise in mobile application security.
Follow industry standards, such as OWASP Mobile Security Testing Guide and OWASP
Mobile Top 10, and other relevant guidelines during mobile security assessments.
Adhere to internal and client-specific security policies to ensure compliance with industry best practices and security regulations


Web Penetration Testing Responsibility:
Key Responsibilities, Deliverables / Outcomes:
As a Junior Security Analyst specializing in Web Penetration Testing, you will assist in identifying
vulnerabilities and assessing the security posture of web applications. You will work closely with senior team members to enhance your skills, perform web penetration testing, and contribute to delivering high-quality security assessments.
Assist in performing web application penetration tests (both manual and automated) on internal and external web applications.
Identify, exploit, and document web vulnerabilities (e.g., SQL injection, XSS, CSRF, etc.) under guidance.
Conduct vulnerability assessments using automated web application testing tools like OWASP ZAP, Burp Suite, and other relevant tools.
Analyze web application architectures and workflows to identify security risks.
Document findings, security weaknesses, and suggested remediation steps in detailed reports.
Collaborate with senior team members to refine findings and deliver professional-grade reports to clients.
Utilize tools such as Burp Suite, OWASP ZAP, Nikto, and Nmap for web security testing.
Ensure that testing tools and systems are kept up-to-date to ensure efficiency and coverage of emerging vulnerabilities.
Stay updated with the latest web security threats, exploits, and penetration testing techniques.
Participate in internal training sessions, contribute to team knowledge sharing, and expand your knowledge of web application security.
Follow industry standards such as OWASP Top 10, PTES, and other relevant guidelines during assessments.
Adhere to internal and client-specific security policies, ensuring compliance with industry best practices and security regulation.


Network Penetration Testing:
Key Responsibilities, Deliverables / Outcomes:
As a Junior Security Analyst specializing in Network Penetration Testing, you will assist in identifying vulnerabilities and assessing the security posture of networks and systems. You will work closely with senior team members to enhance your skills and deliver high-quality security assessments.
Assist in performing internal and external network penetration tests.
Identify, exploit, and document network vulnerabilities under guidance.
Conduct vulnerability assessments using automated tools.
Document findings, recommendations, and remediation steps in detailed reports.
Collaborate with the team to refine and deliver professional-grade reports to clients.
Use tools such as Nmap, Metasploit, Burp Suite, and Wireshark for penetration testing and analysis.
Ensure tools and systems are updated for maximum efficiency and accuracy.
Stay updated with the latest security threats, exploits, and penetration testing techniques.
Participate in internal training sessions and contribute to knowledge sharing.
Follow industry standards like OWASP, NIST, and PTES during assessments.
Adhere to internal and client-specific security policies and procedures.

Email: joshny.antony@valuementor.com

Account Executive

Job Summary
We are seeking a results-driven Account Executive with expertise in selling cybersecurity services in the XXX market. The ideal candidate will have a strong track record in sales, particularly within the IT or cybersecurity sectors, and possess deep technical knowledge of cybersecurity solutions. The ideal candidate should possess good experience in remote selling of IT or cybersecurity services and solutions to the designated geographies. Key responsibilities include building and managing client relationships, achieving sales targets, and developing strategic plans to drive business growth. Essential skills include client-centric sales, technical proficiency, strategic planning, and up-to-date industry insight. The role requires excellent presentation and communication skills and the ability to stay current with cybersecurity trends and innovations.

Key Responsibilities, Deliverables / Outcomes
• Account Management: Maintain and nurture relationships with existing clients and generate/increase revenue from them through upselling or cross-selling.
• Tailor Solutions to Client Needs: Assess and understand clients' cybersecurity needs and challenges to recommend customized solutions that effectively address their requirements.
• Achieve and Exceed Sales Targets: Drive sales performance by actively promoting and selling cybersecurity services, aiming to meet and surpass assigned sales targets.
• Account Creation: Identify potential clients with strong potential and generates sales from them.
• Develop and Execute Sales Strategies: Create and implement effective strategies to grow market share and expand the client base.
• Conduct Client Presentations: Prepare and deliver persuasive presentations and proposals to prospective clients, demonstrating the value and benefits of our cybersecurity solutions.
• Knowledge Updation: Have a considerable understanding of the services offered and effectively communicate them to clients. Stay updated on industry trends, competitor offerings, and emerging threats in the market.
• Reporting: Prepare regular sales reports and forecasts for management in company CRM tool. Update all sales activities in company CRM tool.

Key Skills
1. Sales planning - Ability to develop and execute sales plans to penetrate markets and maximize revenue.
2. Sales Skills – Proficiency in understanding customer needs and offering solutions that provide value, using a consultative approach to sales.
3. Relationship Management - Nurture and establish relationships with key customer stakeholders, especially C-Levels, to build trust, uncover requirements, and propose effective solutions.
4. Technical Knowledge – A solid understanding of cybersecurity, digital transformation, and the technical aspects of managed security solutions and services.
5. Exhibit an entrepreneurial mindset, taking ownership of your client portfolio and driving innovative solutions to meet their cybersecurity needs.

Key Competencies
1. Customer Focus
2. Communication & Presentation Skills – Excellent verbal and written communication skills, along with the ability to prepare and deliver persuasive formal presentations to senior management.
3. Persuasion & Negotiation
4. Result Oriented
5. Forecasting and Analytics: Competence in managing sales forecasts with accuracy and using data analytics to drive sales.

Email: lakshmi.rajendran@valuementor.com

GRC Analyst- Risk and Compliance

Key Responsibilities:

As a GRC Analyst, you will support the customer organization’s governance, risk, and compliance initiatives, helping maintain a secure and compliant environment. Working closely with cross-functional teams, you will assist in ensuring compliance with industry standards and the development of risk management frameworks:
• Support the implementation and maintenance of ISO 27001:2022 standards by assisting in ensuring
compliance with security controls and helping prepare for internal and external audits.
• Assist in conducting internal audits and security assessments, gathering and validating evidence to
ensure compliance with regulatory requirements.
• Collaborate with senior team members during external compliance assessments and audits, providing
support in audit preparation, evidence collection, and report generation.
• Identify and document security risks, help to assess their impact on the organization, and support the
development of risk mitigation strategies.
• Contribute to the development and updating of information security policies, procedures, and related
documentation, ensuring alignment with ISO 27001 and other regulatory frameworks.
• Participate in the monitoring and review of security controls, supporting efforts to enhance their
effectiveness and alignment with business objectives.
• Provide analysis and reporting on the performance of security controls, helping identify areas for
improvement and supporting the implementation of corrective actions.
• Gather and validate technical evidence for compliance reviews and audits, ensuring thorough and
accurate documentation is maintained.
• Assist in the preparation of detailed reports, summarizing audit findings, risk assessments, and policy
updates for leadership review.
• Communicate security and compliance requirements clearly and effectively to team members and
stakeholders, ensuring understanding and alignment across the organization.
• Collaborate with cross-functional teams to ensure that GRC activities integrate seamlessly with broader
business processes and goals.
• Maintain accountability for assigned tasks, ensuring deadlines are met and deliverables are completed
with attention to detail.
• Ensure a customer-centric approach, understanding client and stakeholder needs while delivering
solutions that add value.
• Demonstrate a proactive attitude toward learning and development, continually seeking to improve
knowledge and skills in GRC and information security practices.

Deliverables and Outcomes:

• Help build and maintain strong customer relationships, ensuring their business goals and objectives are
met and incorporated in the security program.
• Successfully complete project tasks on time.
• Enable customers to comply with their regional IS regulations and keep customers informed of emerging
cybersecurity threats.
• Support in Identification, assessment, and enhancement of customer environment security controls to
meet industry standard benchmarks.
• Develop, document, and communicate comprehensive Information Security framework policies and
procedures.
• Continuously monitor adherence to legal and regulatory requirements.
• Help define customer risk appetite, perform risk assessments, and assist in implementation of Risk
Treatment Plans.

Key Skills:
• Customer relationship management and relationship building
• Knowledge on ISO 27001:2022 standard clauses and ISO 27002 Annexure Control guidance
• Understanding about information security principles (CIA) and its application on information system
security
• Technical know-how (based on ISO 27002 Annex guidelines) for evidences validation as part of Security
Assessments and assurance audits (internal & certification audits)
• Creating elaborate reports and presentations about Security assessments/audits findings/observations
• Writing/ Documentation of organization level security policies, processes and procedures in collaboration
with multiple stakeholders

Email: joshny.antony@valuementor.com