Job Title:  Assistant Manager | Risk Management | Pune | Cyber Strategy & Transformation

Job requisition ID ::  108631
Date:  Jul 14, 2026
Location:  Bengaluru
Designation:  Assistant Manager
Entity:  Deloitte Touche Tohmatsu India LLP

Assistant Manager | Risk Management | Bengaluru | Cyber Strategy & Transformation
Job requisition ID : 108631 
Location: Bengaluru
Entity: Deloitte Touche Tohmatsu India LLP 

The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at     how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about  Cybersecurity  

 

Your Work Profile

Responsible for validating security controls and remediation measures implemented by Development and DevOps teams, ensuring vulnerabilities are effectively addressed and applications meet Secure SDLC and compliance requirements.

Key Responsibilities

• Validate security controls and vulnerability remediations across applications and cloud environments.

• Verify authentication, authorization (RBAC/ABAC), input validation, secure configurations, and API security controls.

• Re-test vulnerabilities and confirm remediation effectiveness using positive, negative, and edge-case testing scenarios.

• Perform security regression testing to ensure fixes do not introduce new risks.

• Review and validate findings from SAST, DAST, SCA, and Threat Modeling activities.

• Collaborate with Development, DevOps, Security, and QA teams throughout the Secure SDLC lifecycle.

• Maintain security testing evidence, reports, and vulnerability tracking.

Core Skills

• Secure SDLC

• OWASP Top 10

• Threat Modeling

• Application Security Controls

• DevSecOps Practices

• Vulnerability Management

Security Testing Expertise

• SAST, DAST, SCA Validation

• Security Control Verification

• Remediation Testing & Validation

• REST API Security Testing

Tools & Technologies

SAST/SCA: SonarQube, Coverity, Black Duck, IriusRisk

Testing: Burp Suite, OWASP ZAP, Nmap, Postman, Swagger

Tracking/DevOps: Jira, Azure DevOps

Cloud Skills

• Azure Cloud Security (Preferred)

• AWS/GCP (Good to Have)

• IAM, Data Protection, Cryptography

• Cloud Security Controls & CIS Benchmarks

Good to Have

• CI/CD Security & DevSecOps Pipeline Experience

• Python, Bash, or JavaScript Scripting

• Security Design Reviews & Threat Model Validation

Certifications (Preferred)

CEH, CISSP, CISM, Microsoft Azure Security Engineer Associate, or equivalent

Ideal Candidate

Hands-on Application Security/DevSecOps professional with experience in security control verification, remediation validation, and secure application delivery, capable of partnering with engineering teams to strengthen overall security posture.

Education:: Btech. BE , BSC