46 Cis Controls Jobs - Page 2

About Certify: At CertifyOS, we're building the infrastructure that powers the next generation of provider data products, making healthcare more efficient, accessible, and innovative. Our platform is the ultimate source of truth for provider data, offering unparalleled ease and trust while making data easily accessible and actionable for the entire healthcare ecosystem. What sets us apart Our cutting-edge, API-first, UI-agnostic, end-to-end provider network management platform automates licensing, enrollment, credentialing, and network monitoring like never before. With direct integrations into hundreds of primary sources, we have an unbeatable advantage in enhancing visibility into the enti...

Job Description: About the Job: The Cybersecurity Risk Management team is part of Chief Security Office (CSO) and responsible for managing multiple teams that facilitate external audits, internal audits, analyze policy exceptions, conduct risk assessments, and run enforceable governance across processes. They work closely with the AT&T Technology Services (ATS) teams and Technology Risk Management (TRM) teams and other CSO teams to ensure the effective and efficient GRC processes. Below are the key responsibilities of the Specialist Audit Management (ISO 27001) position: Develop and maintain audit plans to ensure all activities supporting the annual internal and external ISO 27001 audits are...

The GRC Lead will be responsible for overseeing the governance, risk management, and compliance functions within the organization. Responsibilities Strategic Governance & Leadership Lead the design, execution, and maturation of the organization's comprehensive GRC strategy, encompassing policy governance, risk management frameworks, compliance programs, and continuous improvement initiatives. Own the governance structure including policy lifecycle management, control frameworks, and compliance awareness programs. Align GRC objectives with business goals and regulatory mandates through close collaboration with executive leadership and key stakeholders. Provide leadership, mentoring, and devel...

The CoinDCX Journey: Building Tomorrow, Today At CoinDCX, we believe CHANGE STARTS TOGETHER. You are the driving force that will help us make Web3 accessible to all. In the last six years, we have skyrocketed from being India's first crypto unicorn to carrying a community of over 125 million with us. To continue maximising the adoption and acceleration of Web3, we are now focused on developing cutting-edge products, addressing accessibility and security challenges, and bridging the gap between people and Web3 technologies. While we go ahead and keep dominating the Web3 world, we would like to HODL you on our team! Join our team of passionate innovators who are breaking barriers and building ...

Key Deliverables (Essential Functions & Responsibilities of the Job) : Provide support as Lead implementor towards ISMS and PIMS policies, procedures, and guidelines and ensure to perform regular review and update. Gather evidence of continuous compliance with ISO 27001:2022 and ISO 27701:2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management. Conduct regular, documented information security and privacy risk assessments on Security Tools and Technologies by identifying assets, threats, vulnerabilities, likelihood, and impact. Prioritize identified vulnerabilities, detailed findings, re...

Role Overview: As a Team Lead Vulnerability Management Analyst, you will be responsible for leading a team in identifying, assessing, and managing security vulnerabilities within the organization's IT environment. Your role will involve ensuring timely remediation of risks to maintain the overall health and security posture of enterprise systems. Key Responsibilities: - Lead and mentor a team of vulnerability management analysts. - Assign and prioritize tasks for vulnerability assessments and remediation tracking. - Provide technical guidance and career development support to team members. - Foster collaboration with cross-functional teams including IT, security operations, DevOps, and appli...

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future-you'll create it. About the Job: The Cybersecurity Risk Management team is part of Chief Security Office (CSO) and responsible for managing multiple teams that facilitate external audits, inte...

Profile description We are seeking an Information Security Professional to join our team. The successful candidate will be responsible for monitoring, detecting, and analyzing security incidents, as well as performing risk assessments, implementing security measures, and ensuring compliance with ISO 27001/ ISO 22301 standards. Job description KEY SKILLS AND CAPABILITIES Support the implementation and maintenance of ISO 27001 and ISO 22301 compliance programs across global offices and vessels. Conduct risk assessments, manage risk registers, and track remediation actions with stakeholders. Develop, review, and update information security policies, procedures, and standards. Perform vendor/3rd...

Role Overview: At EG, we develop industry-specific software that focuses on the needs of our customers. Our team, consisting of industry peers, is dedicated to creating innovative and secure solutions to address challenges in various industries. As part of our Cyber Security team in Mangalore, we are seeking a Junior Penetration Tester/Penetration Tester to contribute to our mission of providing top-notch security services and competencies in the ever-evolving cybersecurity landscape. Key Responsibilities: - Perform penetration tests on web & mobile applications and define security improvements. - Conduct penetration tests on cloud & IT infrastructure and establish secure architecture and ha...

How is this team contributing to the vision of Providence Enterprise Security & Infrastructure (ESI) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients). What will you be responsible for Lead the development, implementation, and continuous improvement of the organizations security governance, risk management, and compliance (GRC) strategies. Establish and maintain a comprehensive governance management framework, ensuring effective operational controls to address information security risks. Create, update, and ...

Enterprise Information Security (EIS) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients). What will you be responsible for Develop, maintain, monitor and enforce IT policies and procedures Development, implementation and compliance of information risk management across the enterprise Support establishing information security governance framework Manage risks related to the use of information technology, information security, privacy, regulatory compliance and governance. Drive risk management and governance s...

Bring more to life. Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology At Cytiva, one of 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact. You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life. Working at Cytiva means being at the forefront of providing new solutions to transform human health. Our incredible customers undertake life-saving activities ranging from fundamental biological research ...

Overview The Stacks team is dedicated to standardizing and improving the backend technology stacks at Atlassian, with a focus on Java, Node.js, Python, and Golang. Our mission is to provide a robust, secure, and developer-friendly platform that enables teams to build high-quality apps at scale. We are the center of excellence for engineering standards. If you are passionate about technology with deep expertise in Java, Node or other supported stacks and want to help drive forward the state of the art for all of Atlassian, we would love to have you on the team. What We Do Deliver and maintain Golden Images for all supported tech stacks, ensuring secure and reliable base images for app develop...

Company Overview:? Leading with our core values of Quality, Integrity, and Opportunity, MedInsight is one of the healthcare industrys most trusted solutions for healthcare intelligence.?Our company purpose is to empower easy, data-driven decision-making on important healthcare questions. Through our products, education, and services, MedInsight is making an impact on healthcare by helping to drive better outcomes for patients while reducing waste. Over 300 leading healthcare organizations have come to rely on MedInsight analytic solutions for healthcare cost and care management. MedInsight has been ranked #1 for Payer Quality Analytics by clients for the last three years in the Best in KLAS ...

As an experienced professional in Governance, Risk, and Compliance, you will be responsible for developing and maintaining information security policies in alignment with organizational goals and regulatory frameworks. Your role will involve coordinating annual reviews and obtaining executive approval to ensure policies remain relevant across various domains such as access control and secure software development. In this position, you will design and implement IT Service Management workflows and runbooks to enhance operational efficiency and promote cross-functional alignment. Additionally, you will conduct scheduled vulnerability scans and comprehensive risk assessments, leveraging AI-drive...

#Dear Associates, #Hope you are doing well & Safe! #Greetings from Rrootshell #We have URGENT & MULTIPLE Requirements and Hiring for #GRC Analyst Position. # Work Location: Bangalore (Hybrid) #This is for FULL -TIME role Required Skills: Role: GRC Analyst Must-Have Skills: Duties (Shortened): Conduct vendor risk and technical security assessments (API, SFTP, etc.) Validate secure third-party integrations Support customer security audits and assessments Maintain customer trust documentation Key Skills (Shortened): Strong knowledge of security frameworks : ISO 27001, NIST 800-53, CIS, SOC2, PCI DSS Expertise in vendor risk assessments , security architecture, and IT controls (COBIT) Hands-on w...

Job Title: Sr GRC Analyst Duration: Full time role Location: Bengaluru (Hybrid) Note: Looking for immediate joiners OR who can join in at least 20-30 days of notice. Job Description: Duties: Perform vendor risk assessments against all security domains Perform technical implementation assessments from a security perspective related to vendor integrations (i.e. API integrations, SFTP integrations, etc.) to validate the secure implementation of the third party service at the client Maintain and expand Customer Trust knowledge base Support customer security assessment requests Support customer audits Skills: Excellent understanding and practical application of industry security frameworks includ...

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated w...

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated w...

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated w...

Job Summary: We are seeking an experienced Cybersecurity Strategy & Security Engineer to develop and implement security policies, frameworks, and architectures that align with organizational goals. This role is critical for defining security roadmaps, evaluating current capabilities, and ensuring robust protection across networks and cloud environments. We are looking for immediate joiners or a notice period less then a month is preferrable. Work from office and will have rotational shifts. Key Responsibilities: Develop and maintain IT security policies and standards for infrastructure components (firewalls, routers, VPNs, etc.) Design and implement cybersecurity strategies and roadmaps alig...