Dataction Analytics Private Limited
Website:
dataction.in
Job details:
About Dataction
Dataction is a new age technology services firm that offers best in class information technology, analytics, and consulting services to renowned international companies. Dataction was established in 2010 and has grown rapidly over the last decade. Dataction has built a reputation for providing differentiated and reliable services to a wide range of customers across multiple sectors.
At Dataction we connect every dot and reimagine every business process. Our lean, agile, and consultative approach towards problem solving and execution, helps our client achieve sustainable growth and secure a profitable business, while safeguarding a viable future. Our people are committed, courageous, and unafraid of pushing boundaries. They help our clients make decisions that deliver immediate and measurable outcomes, justifying investments. Our engagement models provide the perfect blend of quality, control, and cost for our customers.
To know more about Dataction, please visit https://dataction.co
Job Purpose
The successful candidate will work closely with the in-house and client-side teams from one of our esteemed clients based in the UK. Our client is a global leader in gym and personal training (PT) management, delivering exceptional customer experiences through innovative and cutting-edge proprietary technology platforms.
The primary responsibility of this role is to strengthen and secure enterprise applications, cloud infrastructure, and digital platforms by implementing robust security controls, monitoring threats, managing risks, and ensuring compliance across the technology landscape. This is an exciting opportunity for IT Security professionals passionate about cloud security, identity and access management, threat detection, DevSecOps, and securing scalable, customer-centric enterprise systems.
We are looking for someone with a strong security-first mindset, proven experience in cybersecurity and cloud security environments, and the technical expertise to support secure, scalable, and high-performing enterprise platforms while collaborating effectively with global engineering, infrastructure, and business teams.
Responsibilities
- Security Architecture & Design:
- Design and implement secure architecture across Microsoft-based systems (Azure, M365, Active Directory) along with AWS environments and integrated third-party platforms.
- Cloud Security Management:
- Secure cloud environments across Microsoft Azure and AWS, including identity, network security, data protection, and workload security.
- Identity & Access Management (IAM):
- Implement and manage IAM solutions including Azure AD / Entra ID, RBAC, SSO, MFA, OAuth/OpenID Connect, privileged access management (PAM), and federated identity access across cloud environments.
- Threat Detection & Incident Response:
- Monitor, detect, investigate, and respond to security incidents using tools like Microsoft Defender, Sentinel, and AWS security services.). Lead incident triage, containment, eradication, and recovery activities while supporting incident response playbooks and tabletop exercises. Investigate suspicious activities through log correlation, identity signals, and cloud security telemetry.
- Security Assessments & Audits:
- Conduct regular vulnerability assessments, penetration testing coordination, and security audits across applications, infrastructure, and third-party integrations.
- Third-Party Risk Management:
- Evaluate and secure integrations with external vendors, SaaS platforms, and APIs used across gym operations, customer apps, and payment systems.
- Compliance & Governance:
- Ensure adherence to relevant standards such as ISO 27001, GDPR, PCI-DSS (if applicable), and internal security policies.
- DevSecOps Enablement:
- Embed security into CI/CD pipelines, ensuring secure coding practices, automated security scans, and compliance checks across development workflows.
- Data Security & Privacy:
- Implement encryption, data classification, DLP policies, and secure data handling practices across customer, membership, and transactional data. Support data governance and insider risk monitoring through Microsoft security and compliance capabilities.
- Security Awareness & Training:
- Promote security best practices through training, awareness programs, and guidance to engineering and business teams.
- Continuous Improvement:
- Stay updated with evolving threat landscapes, recommend security enhancements, and implement modern security tools and frameworks.
Experience
Qualifications, Skills and Experience:
8+ years of experience in IT Security, Cybersecurity, or Information Security roles, preferably in cloud-first and integration-heavy environments.
Microsoft Security Expertise
Strong handson experience with Microsoft security stack including Microsoft Defender, Sentinel (including investigation and alerting capabilities), Conditional Access, Purview, and M365 security controls.
AWS Security Knowledge
Experience with AWS security services such as IAM, GuardDuty, Security Hub, Shield, and VPC security controls.
Identity & Access Management
Deep understanding of IAM concepts, SSO, OAuth, OpenID Connect, MFA, privileged access controls, and federated identity management across hybrid/cloud environments.
Network & Infrastructure Security
Knowledge of firewalls, VPNs, WAF, zero-trust architecture, and secure network design across hybrid environments.
Application Security
Understanding of secure coding practices, OWASP Top 10, API security, and experience integrating security into SDLC/DevOps pipelines.
Security Tools & Technologies
Experience with SIEM, EDR/XDR tools, vulnerability scanning tools (e.g., Nessus, Qualys), and endpoint security solutions.
Compliance & Risk Management
Familiarity with security frameworks and standards such as ISO 27001, NIST, CIS benchmarks GDPR, and PCI-DSS.
Third-Party & SaaS Security
Experience securing and assessing third-party services, APIs, and SaaS platforms.
Analytical & Problem-Solving Skills
Strong ability to identify risks, analyze threats, and implement effective mitigation strategies.
Communication & Collaboration
Ability to work with crossfunctional teams including engineering, DevOps, and business stakeholders in a global setup.
Certifications (Preferred)
Certifications such as CISSP, CISM, CEH, Microsoft Security certifications (e.g., SC-200, AZ-500), or AWS Security Specialty.
Education
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field (or equivalent practical experience).
Why should you join Dataction?
Fairness, Meritocracy, Empowerment, And Opportunity Are Pillars Of Our Work Culture. In Addition To a Competitive Salary, You Can Look Forward To
- Great work-life balance through hybrid work arrangement.
- Company funded skill enhancement and training.
- Exciting reward and recognition programme.
- Opportunity to bond with colleagues through exciting employee engagement initiatives.
- Great on the job learning opportunity through involvement in new product/ ideation teams.
- 60 minutes with the CEO each quarter to pick his brains on any topic of your choice.
Click on Apply to know more.