Sr Specialist IT Security-India

📍 Bengaluru, Karnataka, India
Full-time Other-General Posted January 20, 2026
Apply Now Similar Jobs
Job Description

Summary  
The Senior Cybersecurity Risk & Compliance Analyst is responsible for executing and maintaining Kennametal’s enterprise cybersecurity risk management and compliance monitoring activities. This role leads structured cyber risk assessments, supports information classification and protection programs, and monitors the effectiveness of risk mitigation activities. 
The role operates as a senior individual contributor and works closely with IT, Security Engineering, Legal, Privacy, and business stakeholders to ensure cybersecurity risks are identified, analyzed, documented, and communicated in alignment with regulatory and business requirements. 
Key Job Responsibilities  
Cybersecurity Risk Management  
• Lead structured cybersecurity risk assessments across business, IT, and OT environments. 
• Perform qualitative and quantitative risk analysis using recognized methodologies (, NIST 800-30, FAIR, OCTAVE). 
• Maintain cybersecurity risk register entries, including risk statements, impact analysis, likelihood assessments, and remediation tracking. 
• Monitor and report the status and effectiveness of risk mitigation plans. 
• Develop and present cybersecurity risk status metrics and summaries for leadership review. 
• Serve as a subject-matter expert for cybersecurity risk identification and treatment guidance. 
Information Security  
• Identify confidentiality, integrity, and availability (CIA) requirements for information assets. 
• Support Kennametal’s information classification and data protection programs. 
• Provide risk-based input into data protection controls, including Data Loss Prevention (DLP) strategies. 
• Advise stakeholders on appropriate handling, labeling, and protection of sensitive data. 
Cybersecurity Compliance Management  
• Research and investigate laws and compliance requirements related to information security, including data privacy, data protection, and data breach disclosure 
• Support internal and external audit activities by providing risk and control documentation. 
• Assist in mapping cybersecurity risks to compliance obligations and control frameworks. 
• Track compliance-related remediation actions and report status to stakeholders. 
Stakeholder Engagement  
• Act as a trusted advisor to business and IT stakeholders on cybersecurity risk topics. 
• Collaborate with SOC, IT Operations, Security Engineering, Legal, Privacy, and Third-Party Risk teams. 
• Translate technical cybersecurity risks into business-impact language for non-technical audiences. 
Years of Relevant Work Experience Required:  3- 5 Years 
Bachelor’s degree in information security, Information Systems, Computer Science, or related field. 
5–8 years of experience  in cybersecurity risk management, GRC, or enterprise risk roles. 
Demonstrated hands-on experience conducting formal cybersecurity risk assessments. 
Working knowledge of major cybersecurity frameworks (NIST RMF, NIST CSF, ISO 27001). 
Strong written and verbal communication skills with the ability to brief technical and non-technical audiences. 
Ideal, but not required  
Experience working in a global enterprise environment. 
Exposure to data privacy and regulatory compliance (GDPR, , SOX). 
Familiarity with IT service management concepts (ITIL). 
Experience with enterprise risk management programs or GRC platforms. 
CISSP, CISM, CRISC, or similar certification 
Equal Opportunity Employer 
Apply for this Position

Ready to join ? Click the button below to submit your application.
Submit Application
Job Details

Location
Bengaluru, Karnataka, India
Job Type
Full-time