752 Cism Jobs - Page 13

In this role, you will: Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners and management Required Qualifications: 2+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Good experience in IT Risk, IT Control Testing, IT Audit Certified Information Security Auditor (CISA) Certified Information Security Manager (CISM Job Expectations: Shift Timing: 1.30 PM - 10.30 PM

About Us We are a global leader in food & beverage ingredients. Pioneers at heart, we operate at the forefront of consumer trends to provide food & beverage manufacturers with products and ingredients that will delight their consumers. Making a positive impact on people and planet is all part of the delight. With a deep-rooted presence in the countries where our ingredients are grown, we are closer to farmers, enabling better quality, and more reliable, traceable and transparent supply. Supplying products and ingredients at scale is just the start. We add value through our unique, complementary portfolio of natural, delicious and nutritious products. With our fresh thinking, we help our customers unleash the sensory and functional attributes of cocoa, coffee, dairy, nuts and spices so they can create naturally good food & beverage products that meet consumer expectations. And whoever we re with, whatever we re doing, we always make it real . Main Purpose of the Role We are seeking an OT Security Engineer to join our Cybersecurity team. This role plays a key part in protecting our operational technology (OT) environments by designing, implementing, and managing security controls across systems, networks, and integrations. Key Responsibilities Risk Management: Conduct risk assessments and vulnerability scans for OT systems. Recommend and implement mitigation strategies. Security Assessments: Lead OT cybersecurity reviews, including network topology and data flow mapping. Policy Development: Support the creation and maintenance of security policies and procedures aligned with secure-by-design principles. System Design & Integration: Collaborate with cross-functional teams to design and validate secure OT systems and ensure compatibility with legacy infrastructure. Security Implementation: Deploy and manage firewalls, IDS/IPS, and other security technologies. Configure network segmentation to protect critical assets. Incident Response: Lead incident detection, response, and root cause analysis. Maintain and improve incident response plans. Training & Awareness: Develop and deliver OT-specific security training in collaboration with Governance, Risk, and Compliance teams. Stakeholder Engagement: Work closely with plant managers, IT teams, and service providers to align OT security with business needs. Vendor Management: Assist in evaluating and managing vendor relationships, ensuring compliance with security standards. Reporting & Metrics: Track and report on the effectiveness of security controls and system resilience. Qualifications, Skills and Experience required Degree in Engineering, Information Technology, Cybersecurity, or a related field. 5+ years of hands-on experience in cybersecurity, including OT/ICS environments. Familiarity with industries such as food & beverage, pharmaceuticals, or critical infrastructure is a plus. Experience in security architecture domains (e.g., IAM, networking, information protection). Relevant certifications (e.g., CISSP, CISM, ISSAP) are preferred. Strong understanding of OT/ICS systems, network design, and cybersecurity principles. Proficiency with tools such as firewalls, SIEM, SOAR, and identity management systems. Excellent communication and collaboration skills across diverse teams and stakeholders. Ability to analyze complex problems and develop effective solutions. ofi is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, nationality, disability, protected veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants are requested to complete all required steps in the application process including providing a resume/CV in order to be considered for open roles.

Hire Top Talents from Largest Talent Network | TESTQ. TQUKI0404_4412 - SIEM Implementation Job Title: SOC (Security Operations Center) Lead Required Expertise Minimum 7 10 years of experience in Security Operations and Incident Response Expertise in using SIEM tools (Sumo Logic), EDR , Email Security , and Incident Response Responsible for providing advanced technical support and incident response Key Responsibilities Utilize SIEM tools such as Sumo Logic , QROC , and Azure Sentinel to monitor the security environment for potential threats and incidents Analyze and triage security alerts generated by SIEM, EDR, and other security tools Respond to security incidents: contain, mitigate, and remediate security threats Analyze, review, and validate logs from various log sources Suggest use case fine-tuning and create new use cases Troubleshoot SIEM issues related to log sources Collaborate with SOC team members and internal/external stakeholders to resolve complex incidents Stay updated on latest cybersecurity threats, trends, and technologies to improve response effectiveness Document security incidents and responses as per established procedures Create SOPs and Playbooks for SOC incident triage Establish KPIs , manage security logs, and provide reports based on metrics Respond to client requests, concerns, and suggestions Track SOC performance in terms of SLAs and incident quality Prepare Daily , Weekly , and Monthly reports as required by clients Develop and provide reporting metrics to demonstrate the SOC s role and function Lead governance calls with customers, presenting KPI and SLA reports Requirements Experience as a Senior Security Analyst leading a team Hands-on experience in a Security Operations Center (SOC) Experience in network event analysis and/or threat analysis Proven Incident Responder experience Strong knowledge of various security methodologies and technical security solutions Ability to analyze data from cybersecurity monitoring tools Skilled in analyzing endpoint , network , and application logs Solid understanding of Internet protocols and common applications Bachelor s degree in Computer Science , Information Technology , or equivalent experience Certifications (Preferred) CEH , CISM , CompTIA Security+ , Sumo Logic , QROC Any of the above certifications are an added advantage Apply NOW We can only accept MS Word and PDF format under 10 MB

SOC Manager (10 to 13 Years Experience) Overview As a SOC Manager , you will be responsible for leading a team of security professionals and managing all aspects of the Security Operations Center for client engagements. You will oversee the delivery of SOC services, ensure effective threat detection and incident response, and maintain strong client relationships. Leveraging your leadership and deep cybersecurity expertise, you will drive service excellence, implement best practices, and support the overall success of each client s security program. Key Responsibilities 1. Client Engagement Management Serve as the primary point of contact for client engagements Build and maintain strong relationships with client stakeholders Understand client requirements , objectives , and expectations Ensure SOC services are aligned with client needs 2. Team Leadership and Management Lead and manage a team of SOC analysts , engineers , and specialists Provide mentorship , guidance , and career development support to team members 3. Service Delivery Oversight Oversee SOC service delivery , including monitoring , detection , analysis , and response to incidents Ensure SOC operations adhere to SLAs and meet performance and quality standards 4. Incident Response and Threat Management Lead and coordinate incident response activities , including triage, investigation, and remediation Manage incidents according to established procedures and protocols 5. Security Tool Management and Optimization Manage and optimize security tools and technologies used within the SOC Evaluate and recommend new security solutions to improve SOC capabilities 6. Process Improvement and Best Practices Continuously assess and improve SOC processes , procedures , and workflows Implement industry best practices to ensure high-quality service delivery 7. Client Communication and Reporting Provide regular updates to clients on SOC operations, incidents, and posture Prepare and deliver detailed reports and presentations on SOC performance and security metrics 8. Compliance and Risk Management Ensure SOC operations comply with regulatory requirements and industry standards Conduct risk assessments and implement controls to mitigate client risk 9. Training and Development Identify training needs within the SOC team Facilitate workshops , certifications , and skill development programs Qualifications Bachelor s degree in Computer Science , Information Security , or related field (or equivalent experience) 10 to 13 years of experience in cybersecurity , with focus on SOC operations, incident response, and client management Proven experience managing SOC teams and delivering security services to clients Strong technical knowledge of security tools , technologies , and best practices Excellent leadership , communication , and stakeholder management skills Relevant certifications such as CISSP , CISM , or GIAC are preferred

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNowMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security solutions for cloud environments- Conduct security assessments and audits to identify vulnerabilities- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ- Good To Have Skills: Experience with SailPoint IdentityNow- Strong understanding of identity and access management- Knowledge of cloud security best practices- Experience in designing and implementing security controls for cloud environments Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities:- Expected to be an SME in Security Architecture Design.- Collaborate and manage the team to perform effectively.- Responsible for team decisions and ensuring adherence to security best practices.- Engage with multiple teams and contribute to key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Ensure the implementation of robust security controls.- Conduct risk assessments and vulnerability testing.- Develop and maintain security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST).- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Architecture Design.- This position is based in Mumbai.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, designing robust security solutions, and documenting the implementation of cloud security controls. You will also oversee the transition to cloud security-managed operations, ensuring that all processes align with industry standards and best practices. Engaging in continuous improvement initiatives will be a key part of your role, as you strive to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure security requirements are integrated into all phases of project development. Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with security compliance standards and regulations.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 3 years of experience in Okta Identity Management.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your role will play a crucial part in safeguarding the organization's data and infrastructure in the cloud environment. Roles & Responsibilities:- Expected to be an SME in Okta Identity Management- Collaborate and manage the team to perform effectively- Responsible for team decisions and ensuring adherence to security best practices- Engage with multiple teams and contribute to key decisions- Expected to provide solutions to problems that apply across multiple teams- Ensure the implementation of cloud security controls align with the defined framework- Document the cloud security architecture and ensure it meets business requirements- Transition to cloud security-managed operations Professional & Technical Skills: - Must To Have Skills: Proficiency in Okta Identity Management- Strong understanding of cloud security frameworks and best practices- Experience in designing and implementing secure cloud architectures- Knowledge of identity and access management principles- Experience with cloud security tools and technologies Additional Information:- The candidate should have a minimum of 12 years of experience in Okta Identity Management- This position is based in Noida- A 15 years full-time education is required Qualification 15 years full time education

Role & responsibilities: Design, implement, monitor and analyze cybersecurity systems, to identify and respond to cyber events and potential security or data breaches in a highly regulated industry Incident Response: contain, and remediate security events, attack vector analysis, identify vulnerabilities that were exploited, root cause analysis, develop strategies to prevent similar incidents in the future. Threat intelligence gathering, synthesize threats and risks to provide read-out for stakeholders Lead and execute penetration testing and vulnerability management Perform threat hunting and vulnerability assessments as required Support day-to-day cybersecurity operations, including configurations and software installation, work closely with other Digital and Technology teams, Business leaders and the Firms Risk and Compliance team to mitigate security related issues as required Demonstrate and communicate understanding and evolution of cyber landscape: trends, threat vectors, changing threat actor tactics Lead security auditing activities and supporting response and implementation of security controls/processes, automation and integrating security tools across the Firm Demonstrate analytical and problem solving skills and excellent interpersonal skills Demonstrate ability to prioritize tasks and meet daily deadlines for programs and projects Communicate effectively with others at all levels of the organization and individuals outside of the organization Preferred candidate profile: Infinite curiosity, analytical skills and attention to detail Software development or testing experience Demonstrated experience in art least 2 sectors of cybersecurity including network security, encryption techniques, vulnerability assessment, application security Experience with cybersecurity tools: SIEM, IDS/IPS, XDR, EDR, Cloud security controls, PAM Degree in Computer Science/Information Systems/Cybersecurity, or equivalent related degree or work experience Cybersecurity certifications, preferred (Security +, CompTIA, CISM, CGET, etc.) Minimum of 5 years of demonstrated cybersecurity experience Minimum 4 years of progressive career growth and additional responsibilities Requires knowledge of O365 security tools and platform Scripting skills, data manipulation and general knowledge of Artificial Intelligence are desired Excellent organizational and communication (verbal and written) skills

Key Responsibilities: The role entails designing, deploying, and managing IAM infrastructure, including user provisioning... Job Description We seek a skilled IAM Engineer with experience implementing and managing Identity systems to join our team. You will design, implement, and maintain our organizations identity and access management (IAM) systems in this role. You will collaborate with cross-functional teams to ensure secure and efficient access control, authentication, and authorization processes across our infrastructure. The ideal candidate will have a strong background in IAM technologies, possess excellent problem-solving abilities, and be proficient in implementing and managing IAM solutions. Responsibilities Design, deploy, and manage the identity and access management (IAM) infrastructure, including user provisioning, authentication, and authorization systems. Develop and enforce access management policies, procedures, and guidelines to ensure the confidentiality, integrity, and availability of information. Implement Enterprise-wide ID creation, modification, and deletion process, providing Role Based Access Control (RBAC) to various applications, systems, and multiple vendor SaaS applications. Collaborate with internal teams, including IT, Security, and HR, to integrate IAM solutions into the organizations systems. e.g. with our HCM system Workday. Implement identity lifecycle management processes, including user onboarding, offboarding, and periodic access reviews. Configure and manage user authentication mechanisms, such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and password management. Perform troubleshooting, root cause analysis, and resolution of issues and incidents related to IAM systems and processes. Stay up to date with the latest industry trends, best practices, and advancements in IAM technologies and standards. Document system configurations, procedures, and technical specifications to ensure accurate and up-to-date documentation of the IAM systems. Minimum Experience Bachelors degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISM, Okta Certified Administrator, SailPoint Certified Identity Engineer, Saviynt Identity Governance certifications) are highly desirable. Experience managing and supporting identity systems, such as Okta, Oracle IAM, Hitachi ID Identity Manager, Saviynt, and SailPoint. Demonstrated experience with industry-standard solutions in the IAM application space like OAuth, authentication, authorization, Security Assertion Markup Language (SAML), FIDO, FIDO 2, and OpenID. Knowledge of identity integrations with human capital management (HCM) systems like Workday or SAP SuccessFactors and comprehensive understanding of user life cycle processes with experience automating them. Proven experience working as an IAM Engineer, focusing on identity and access management, with expertise in Okta and hands-on experience with either SailPoint or Saviynt in enterprise-level environments. Strong knowledge and hands-on experience with IAM technologies, protocols, and standards (e.g., SAML, OAuth, LDAP), specifically within the Okta, SailPoint, and/or Saviynt ecosystems. Proficiency in configuring and managing IAM solutions, with a deep understanding of Oktas identity and access management capabilities. Familiarity with identity lifecycle management, access provisioning, and role-based access control (RBAC) concepts. Excellent problem-solving skills with the ability to analyze complex technical issues and propose effective solutions. Strong communication and interpersonal skills to collaborate with cross-functional teams and stakeholders. Ability to work in a fast-paced environment and manage multiple tasks with competing priorities.

0px> Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5. 00 billion in fiscal 2024. For more information, visit www. amdocs. com In one sentence We are seeking an experienced Vulnerability Management Specialist to join our Security Operations team. The ideal candidate will lead, implement, identify, assess, and mitigate security vulnerabilities across our infrastructure, including cloud environments. This role requires hands-on experience with vulnerability management tools, container security, and cloud security posture management, as well as a basic understanding of Generative AI technology What will your job look like Implementing Vulnerability Management Solutions like Rapid7, Tenable, etc. Conduct regular vulnerability scans using tools such as Wiz, Rapid7, and CrowdStrike Exposure Management, Microsoft Defender etc. Analyze scan results, prioritize vulnerabilities, and collaborate with stakeholders to implement remediation plans. Manage and govern patch deployment processes to ensure timely remediation of vulnerabilities. Perform risk and vulnerability assessments, documenting findings and engaging with stakeholders to address risks. Oversee the risk acceptance and exclusion processes, ensuring appropriate documentation and approvals. Monitor container security and cloud security posture, recommending improvements and best practices. Provide threat management support and respond to identified threats effectively. Maintain comprehensive reports on vulnerability findings, trends, and remediation progress. Support security audits and compliance requirements related to vulnerability management. Has been involved into reviewing threat intelligence advisories for Zero day and critical vulnerabilities. Very good with documenting and tracking threat advisories Lead and mentor a team of vulnerability analysts All you need is. . . Required Skills and Experience: 6-9 years of experience in vulnerability management and threat management. Hands-on experience with vulnerability scanning tools (Wiz, Rapid7, Nessus , CrowdStrike , MDE, Axonius etc). Proficient in container security, On-prem and Cloud Vulnerability Management Proficient in cloud platforms (AWS, Azure, or GCP). Experience in patch governance and stakeholder engagement for vulnerability remediation. Familiarity with risk acceptance and exclusion processes. Basic understanding of Generative AI (GenAI) concepts and experience handling co-pilot tool. Strong analytical skills and attention to detail. Excellent communication and stakeholder management skills. Good understanding of Security Frameworks and Standards (NIST , CIS , PCI-DSS etc. ) Leading a team of Vulnerability Analysts. Preferred Qualifications: Experience with other security tools and frameworks. Experience with data visualization tools like Power BI, AWS Quicksight, etc. Scripting and Automation Experience (Python , Go, etc) Security Certifications ( CISSP or CISM or CEH) Why you will love this job: You will have the opportunity to work with the industry most advanced technologies and experts in a global company You will have opportunities to evolve yourself in the future of all cutting-edge technologies and business trends. You will be working with a great team

Key Responsibilities Act as a subject matter expert (SME) for BeyondTrusts product suite, including Password Safe, Privilege Management, and Remote Support. Understand client business needs and map them to appropriate BeyondTrust solutions. Design and present customized solution architectures, configurations, and integration models. Lead product demonstrations, Proof of Concepts (PoCs), and technical deep-dives. Articulate technical features and business benefits to both technical and non-technical stakeholders. Prepare responses to RFIs/RFPs and develop technical proposals. Collaborate with internal teams to ensure proposals are technically viable and costeffective. Work with delivery, support, and engineering teams to ensure seamless handovers and implementations. Personnel skill set Bachelors degree in Computer Science, Information Security, or related field. 4+ years of presales or solution engineering experience in the cybersecurity domain. Hands-on experience with BeyondTrust products is strongly preferred. Knowledge of PAM, IAM, and enterprise IT environments (AD, LDAP, SIEM, etc.). Excellent communication, presentation, and stakeholder management skills. Ability to manage multiple engagements and prioritize effectively. Preferred Certifications: BeyondTrust Certified Implementation Engineer (BT-CIE) or similar CISSP, CISM, or other cybersecurity certifications (advantageous) *Availability – in a month’s time

We are looking for Role: Consultant (Hitrust) Experience: 2-6 yrs Company Location: Bavdhan, Pune Work Mode: Remote RESPONSIBILITIES Lead the client audits/assessments and Interface with clients to review and analyze complex systems (Applications, Operating systems, Databases, and Networking devices), or Cloud technologies (AWS, Azure, GCP) to identify security gaps and missing security controls within the client environments as per the requirements defined in the security standards and regulations. Work with client to understand their business processes, analyze sensitive data flows (business and application data flows), network architecture, and define the proper audit/assessment scope. Perform reviews for client organizations information security policies and procedures against various industry standards and regulations, including HITRUST, HIPAA, and ISO 27001 Work on drafting information security policies and procedure documentation for clients as part of the consulting engagement Perform detailed risk assessment for the client environment, including their business processes and infrastructure, using risk management frameworks (ISO, NIST) Wherever possible, provide the audit/assessment scope reduction guidance to the client. Work independently with the client to perform audit interviews, collect, consolidate, and analyze evidence for the compliance assessment, and meet the internal quality assurance requirements throughout the assessment. Provide consulting guidance and recommendations to clients to help them meet the compliance requirements and improve their security posture in accordance with applicable security controls. Establish and maintain positive collaborative relationships with clients and stakeholders. Produce final reports on compliance to detail the controls observed during security assessments in accordance with various security standards and regulations. Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue. Collaborates with project managers, internal quality assurance group, sales, and other delivery team members to drive customer satisfaction and meet project deliverables. Work on continuous professional development in maintaining industry-specific certifications and strong depth of knowledge in the practice area. Travel to client sites as needed. DESIRED SKILLS Bachelors degree. A specialization in information assurance is preferred. At least 2-6 years of information security assessment experience, including for HITRUST, HIPAA, and ISO 27001 Ability to analyse network architectures and review the network device (Firewalls/ Switches/ Routers/ IDS/IPS/ Load Balancers etc.) and Servers/ Virtualization Devices configurations. Good understanding and audit experience for cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform) In-depth knowledge in IT Security Policies and Procedures that govern clients Information Security and Privacy programs. In-depth knowledge and experience in IT Security, including access controls, network security, logging/monitoring, vulnerability assessments, system hardening, secure software development, application security, encryption, and key management best practices etc. In-depth knowledge and experience with the HITRUST framework, HIPAA law, and Risk Management Standards (NIST/ISO) At least one certification from each group is preferred: Group 1- CISSP, CISA, CISM Group 2- ISO27001 Lead Implementer, ISO27001 Lead Auditor Good knowledge of common office tools Strong written and verbal communication skills Demonstrated ability to structure and lead projects successfully. Good project management and time management skills Strong technical research skills -- Muugddha Vanjarii 7822804824 mugdha.vanjari@sunbrilotechnologies.com

Seeking an experienced Enterprise Security Architect with 8+ years in cybersecurity and cloud security (AWS/Azure/GCP). Must have expertise in EDR, SIEM, IAM, firewalls, compliance (NIST, GDPR, PCI), and security architecture design. Required Candidate profile Strong in DevSecOps, CI/CD, and SDLC integration. Certifications like CISSP, CISM, ISO 27001 preferred.

Job Title: Project Manager Job Location: India Mandatory skills: Have over 15+ years of rich experience in data protection, information security domain and Project Management. Experience of managing enterprise Data Protection projects and of direct and in-direct relationship with senior and executive management. Familiarity with advanced Data Privacy and Protection technologies, risk, threat and vulnerability assessments, and security measures. Strong experience and knowledge across the Data Protection and Information Security domains including technical measures, policy procedures, compliance management, risk management and Incident Response etc. Extensive knowledge of data protection solutions and technologies for Data Loss and leakage Prevention (DLP). Experience implementing and managing (DLP) solutions. Strong experience in Banking environment with strong understanding on key data protection regulations and standards such as ISO 27001, NIST CSF, GDPR etc. Skills and Application: Leads the development and implementation of comprehensive Data Protection strategies that address identified risks and compliance requirements, incorporating advanced technologies and methodologies to enhance security posture. Manages cross-functional teams to execute Data Protection initiatives, ensuring that projects are completed on time, within budget, and achieve desired outcomes. Strategic Insight: Integrates Data Protection and Information Security considerations into broader banks strategies, recognizing the importance of Data Protection in achieving business objectives and competitive advantage. Communicates the strategic value of Data Protection and Information Security investments to executive leadership and key stakeholders, advocating for resources and support to strengthen the organizations capabilities. Cultivates an organizational culture that prioritizes Data Protection, encouraging proactive security practices and continuous improvement across all departments. Strong interpersonal, analytical, and technical skills with strong decision making and prioritization skills. Other: Sound knowledge of evolving advanced tech stacks and related control and risk universe from a data protection perspective. Sound knowledge and expertise in conducting risk assessment and management. The ideal candidate will have a degree in Information Security, Computer Science, or a related field. Professional certifications : CISSP, PMP, CCSP, CompTIA Security+, CIPT , CISM etc Relevant years of experience : 10-15 yrs Industry & Education background: Bachelors degree in computer science, Engineering, or a related field, or equivalent work experience.

Job Summary: We are seeking a knowledgeable and detail-oriented PCI DSS Auditor to join our compliance and information security team. The auditor will be responsible for planning, executing, and managing audits to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS) . The ideal candidate will have deep knowledge of PCI DSS requirements and a strong background in IT security, risk management, and regulatory compliance. Key Responsibilities: Plan, coordinate, and perform internal and external PCI DSS assessments. Conduct risk assessments and gap analyses against PCI DSS requirements. Work with stakeholders across departments to gather evidence and validate compliance. Identify areas of non-compliance and develop recommendations for remediation. Prepare formal audit reports and present findings to management. Liaise with Qualified Security Assessors (QSAs) and support formal PCI DSS validation efforts. Maintain documentation of security policies, procedures, and controls as they relate to PCI DSS. Monitor changes to PCI DSS and related regulations to ensure ongoing compliance. Provide training and guidance to internal teams on PCI DSS requirements and best practices. Assist in the remediation of audit findings and track progress until closure. Required Qualifications: Bachelor s degree in Information Security, Computer Science, Information Systems, or related field. Minimum of 3-5 years of experience in IT auditing, security assessment, or compliance. In-depth knowledge of PCI DSS v4.0 and prior experience conducting PCI audits. Familiarity with information security frameworks (e.g., NIST, ISO 27001). Strong understanding of network security, encryption, access control, and vulnerability management. Preferred Qualifications: Certification such as PCI ISA , PCI QSA , CISA , CISSP , or CISM . Experience working in regulated industries (e.g., finance, healthcare, e-commerce). Experience with audit tools, GRC platforms, or compliance tracking systems. Excellent verbal and written communication skills.

Position Location Qualification Age Limit SOC Manager Mumbai Graduate / Post-Graduate Below 50 Experience / Role : - 14-18 yrs. experience IT Security or Infosec Required Skills : - Leadership: Proven ability to manage, mentor, and lead a team in a high-stakes, high-pressure environment. - Communication: Excellent communication and interpersonal skills, able to effectively report to senior leadership and collaborate with various teams. - Analytical Thinking: Strong analytical skills to assess complex security incidents and develop actionable solutions. - Attention to Detail: Ability to thoroughly investigate security incidents and ensure all aspects of an incident are documented and addressed. - Time Management: Excellent time-management skills and ability to prioritize tasks effectively, ensuring that critical incidents are addressed promptly. - Certification: Should be CISSP/CISM certification Job Description : - Leadership & Team Management: Lead and manage the SOC team, ensuring effective security monitoring, incident response, and operational management of security systems. - SOC Operations: Oversee 24/7 security monitoring and detection of security threats and incidents within the organizations network and infrastructure. - Incident Management: Manage the identification, containment, remediation, and escalation of security incidents. Coordinate response efforts across departments to mitigate potential risks. - Security Tool Management: Oversee the configuration, tuning, and management of security monitoring tools (e.g., SIEM, Proxies, PAM, firewalls, endpoint protection etc). Ensure proper functioning of all security tools, and optimize their performance for better detection and response. - Threat Intelligence & Analysis: Utilize advanced threat intelligence tools to monitor and evaluate emerging threats. Collaborate with internal and external teams to implement countermeasures. - Process Improvement & Automation: Continuously improve and automate SOC processes to enhance the efficiency and effectiveness of security operations, leveraging SOAR tools and technologies. - Collaboration with Other Teams: Work closely with IT, Application, and Network teams to ensure a unified approach to cybersecurity and incident management. - Reporting & Metrics: Develop, track, and report SOC performance metrics, including response times, incident resolution, and overall SOC health. - Compliance & Risk Management: Ensure that the SOC operations comply with industry standards, regulatory requirements, and internal policies, including NIST, ISO 27001, and SEBI. - Security Posture Enhancement: Contribute to strengthening the organization s overall security posture by recommending new technologies, processes, and methodologies to enhance SOC capabilities. - Training & Development: Lead ongoing training initiatives for SOC analysts and staff to enhance their skills and awareness of the latest cybersecurity threats and techniques. Please email your resume, mentioning the position applied for in the subject column at : careers@cdslindia.com

Head of Security TReDS Full-time | Senior Leadership Role Experience - 8-14 years Location: Noida (Hybrid) About C2Treds C2Treds is an RBI-approved TReDS platform, of C2FO the world s leading on-demand working capital platform. Our mission is clear: to empower every MSME in India with the working capital they need to thrive, driving long-term sustainability and economic growth. At C2Treds, a strategic initiative by C2FO, we are transforming the landscape for MSMEs in India by unlocking easier access to working capital. As India s only fintech platform offering both Early Pay and TReDS functionalities, we enable businesses to bypass receivables delays, enhance financial agility, and unleash their full growth potential. We understand that MSMEs are the backbone of India s economy, contributing to 30% of the country s jobs. Yet, these businesses often face significant barriers like restrictive debt cycles, high interest rates, and delayed payments that stifle their growth potential. That s where C2Treds comes in with over 50,000 MSMEs in C2FO s India network, we are dedicated to breaking down these financial barriers and providing a direct path to success. By joining C2Treds, you ll be part of an innovative, growth-driven company at the forefront of transforming MSME financial empowerment and shaping India s economic future. As the Head of Security, you will be the strategic architect and operational guardian of TReDS information security landscape. You ll lead the design, execution, and management of robust security initiatives to safeguard the platform s data, systems, and networks ensuring resilience in a regulated and rapidly evolving fintech ecosystem. Key Responsibilities Design and execute a holistic information security strategy that aligns with TReDS business goals and complies with relevant regulatory mandates. Lead comprehensive risk assessments and vulnerability scans to proactively identify and address security threats. Develop and enforce information security policies, standards, and protocols to minimize risk and protect sensitive data. Oversee daily security operations and ensure rigorous adherence to security policies and procedures across the TReDS platform. Spearhead incident response efforts, coordinating with stakeholders to swiftly contain, investigate, and mitigate security breaches. Direct real-time monitoring and threat detection through security systems and tools, enabling rapid response to potential intrusions. Ensure organizational compliance with all applicable industry standards, legal requirements, and regulatory frameworks. Conduct regular audits and security assessments to uncover and resolve compliance gaps. Collaborate with cross-functional teams to embed security best practices into business processes. Lead identification, evaluation, and mitigation of security risks tied to operations, technology infrastructure, and third-party relationships. Develop and operationalize a dynamic risk management framework that prioritizes and addresses key threats. Assess and manage security risks associated with external vendors and partners, ensuring adherence to TReDS security benchmarks. Champion a security-first mindset across the organization, mentoring team members and promoting a culture of accountability, awareness, and excellence. Required Qualifications Bachelor s degree in Computer Science, Information Security, or a related discipline. Recognized certifications such as CISSP, CISM, or CISA. Minimum 6 years of experience in leading information security teams. In-depth knowledge of security frameworks and standards, especially those relevant to the Indian financial sector. Demonstrated success in building and executing enterprise-grade security programs. Strong leadership, interpersonal, and communication skills. Ability to thrive in fast-paced, high-stakes environments. Familiarity with cloud security principles and data privacy regulations. Preferred Qualifications Prior experience in the fintech domain. Knowledge of Indian data privacy regulations, including the Personal Data Protection Bill. Commitment To Diversity And Inclusion As an Equal Opportunity Employer, we not only value diversity and equality, but we also empower our team members to bring their authentic selves to work every day. Our goal is to create a workplace that reflects the communities we serve and our global, multicultural clients. We recognize the power of inclusion, emphasizing that each team member was chosen for their unique ability to contribute to the overall success of our mission. #LI-NS

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon. This is a hybrid role that has a requirement of working at least three days a week in the office. Associate Director - Cyber Security Risk Vulnerability Scoring What can you expect To oversee and manage the Cybersecurity Risk Adjusted Vulnerability Scoring (RAVS) Program. This enterprise-level initiative is critical to transforming the measurement, prioritization, and response to cybersecurity vulnerabilities by leveraging integrated systems, threat intelligence, and contextual organizational data We will count on you to: Program Oversight 1. Lead the development, implementation, and ongoing management of the enterprise RAVS program.2. Integrate data form vulnerability scanners, CMDB, threat intel feeds, cybersecurity systems, and internal business systems to generate dynamic risk adjusted vulnerability scores.3. Collaborate with internal teams across cybersecurity, IT, risk, business units, data analytics to continuously refine RAVS logic and scoring models.4. Develop operational playbook and prioritization framework that aligns vulnerabilities response to true business risk. RAVS Day-to- Day Operations and Risk Management 1. Monitor, triage, and escalate enterprise vulnerabilities based on RAVS output and threat indicators. 2. Provide real-time situational awareness and technical direction during vulnerability-related incidents and assessments. 3. Ensure integration and alignment between RAVS and enterprise vulnerability management platforms, SIEM, SOAR, threat intel, and cloud security tools. 4. Track remediation efforts, metrics, SLAs & SLOs adherence, and risk decisions.5. Generate executive-level dashboards and reports to communicate vulnerability risk posture and trends. Platform Management 1. Oversee functionality and data quality for critical systems. 2. Managing the operational health and data flows between vulnerability detection system, threat intelligence sources, asset inventories, and risk engines. 3. Ensuring business context and asset criticality are mapped into RAVS platform to support accurate risk prioritization. 4. Cross coloration with detection engineering and VMED to maintain score calculation logic, rule sets, and automation flows. 5. Maintaining process documentation, operational runbooks, and continuous improvement workflows for all integrated components. Leadership and Collaboration 1. Cross Functional CollaborationSupport and collaborate with development, business CISOs, operations, and cloud teams across the enterprise to ensure effective vulnerability management practices. 2. Support VMED with various project-based initiatives (creation of KPIs, onboarding of new tools, etc.).3. Drive ongoing assessments of RAVS programs effectiveness, identify areas for tuning, optimization, or automation. 4. Collaborate with governance, risk, and compliance teams to align scoring outcomes with organizational risk thresholds and reporting needs.5. Lead training and onboarding of cross-functional stakeholders who interact with RAVS platform and outputs.6. Partner with Security Operations and other Detection & Response Teams (DART) to embed RAVS data into incident response and remediation workflows.7. Support audit and regulatory readiness activities by ensuring RAVS processes and records meet enterprise and compliance standards. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What makes you stand out 10+ Years Experience in Vulnerability Management, incident response, cloud security, or cybersecurity related fields, with at least 3 years experience in a senior technical role. Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Attachments Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

Company: MMC Corporate Description: We are seeking a talented individual to join our GIS Team at MMC Corporate This role will be based in Gurgaon/Noida. This is a hybrid role that has a requirement of working at least three days a week in the office. Senior Manager - Cyber Security Risk Vulnerability Scoring What can you expect Work on Cybersecurity Risk Adjusted Vulnerability Scoring (RAVS) Program. This enterprise-level initiative is critical to transforming the measurement, prioritization, and response to cybersecurity vulnerabilities by leveraging integrated systems, threat intelligence, and contextual organizational data We will count on you to: Program Oversight 1. Lead the development, implementation, and ongoing management of the enterprise RAVS program.2. Integrate data form vulnerability scanners, CMDB, threat intel feeds, cybersecurity systems, and internal business systems to generate dynamic risk adjusted vulnerability scores.3. Collaborate with internal teams across cybersecurity, IT, risk, business units, data analytics to continuously refine RAVS logic and scoring models.4. Develop operational playbook and prioritization framework that aligns vulnerabilities response to true business risk. RAVS Day-to- Day Operations and Risk Management 1. Monitor, triage, and escalate enterprise vulnerabilities based on RAVS output and threat indicators. 2. Provide real-time situational awareness and technical direction during vulnerability-related incidents and assessments. 3. Ensure integration and alignment between RAVS and enterprise vulnerability management platforms, SIEM, SOAR, threat intel, and cloud security tools. 4. Track remediation efforts, metrics, SLAs & SLOs adherence, and risk decisions.5. Generate executive-level dashboards and reports to communicate vulnerability risk posture and trends. Platform Management 1. Oversee functionality and data quality for critical systems. 2. Managing the operational health and data flows between vulnerability detection system, threat intelligence sources, asset inventories, and risk engines. 3. Ensuring business context and asset criticality are mapped into RAVS platform to support accurate risk prioritization. 4. Cross coloration with detection engineering and VMED to maintain score calculation logic, rule sets, and automation flows. 5. Maintaining process documentation, operational runbooks, and continuous improvement workflows for all integrated components. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What you need to have: Security Cloud ToolsAssist with the evaluation and selection of vulnerability management tools that integrate seamlessly with various cloud environments and provide fine granular access controls and CMDB attributers such as asset ownership. IntegrationIntegrate the security cloud tools with other security tools and systems, including the SIEM solutions, change ticketing systems, etc Launch awareness campaigns to promote secure practices and vulnerability management, emphasizing the unique challenges of cloud environments. CISSP, CISM, AWS Certified Security Specialist, or similar advanced cloud security certifications preferred. What makes you stand out 7+ Years Experience in Vulnerability Management, incident response, cloud security, or cybersecurity related fields Why join our team: We help you be your best through professional development opportunities, interesting work and supportive leaders. We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities. Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being. Marsh McLennan(NYSEMMC) is the worlds leading professional services firm in the areas ofrisk, strategy and people. The Companys more than 85,000 colleagues advise clients in over 130 countries.With annual revenue of $23 billion, Marsh McLennan helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses.Marshprovides data-driven risk advisory services and insurance solutions to commercial and consumer clients.Guy Carpenter develops advanced risk, reinsurance and capital strategies that help clients grow profitably and pursue emerging opportunities. Mercer delivers advice and technology-driven solutions that help organizations redefine the world of work, reshape retirement and investment outcomes, and unlock health and well being for a changing workforce. Oliver Wymanserves as a critical strategic, economic and brand advisor to private sector and governmental clients. For more information, visit marshmclennan.com, or follow us onLinkedInandX. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person Marsh McLennan (NYSEMMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businessesMarsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X. Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, caste, disability, ethnic origin, family duties, gender orientation or expression, gender reassignment, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law. Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one anchor day per week on which their full team will be together in person.

Senior Cloud Security Engineer Location : Hyderabad / Ahmedabad, India Summary: We seek a highly skilled and experienced Senior Cloud Security Engineer to join our team. The ideal candidate will have a strong background in AWS Cloud Security, OCI Cloud Security, IAM, Compliance Management, firewalls, VPNs, Cloud Security frameworks, and Vulnerability Management. This role involves designing, implementing, and maintaining security controls and best practices to protect cloud environments and ensure compliance with industry standards and regulations. Responsibilities: Design and implement robust security architectures for AWS and OCI cloud environments. Experience in multi-cloud security strategies. Configure and manage firewalls, VPNs, and intrusion prevention systems to ensure secure connectivity. Manage and enhance Identity and Access Management (IAM) solutions, ensuring least privilege access control. Develop and enforce cloud security policies, standards, and procedures to maintain compliance with industry regulations (ISO 27001, NIST, CIS, GDPR, etc.). Oversee firewall configurations and network security controls to prevent unauthorized access and cyber threats. Conduct vulnerability assessments, penetration testing, and remediation of security risks. Collaborate with DevOps and cloud engineering teams to integrate security best practices into CI/CD pipelines. Monitor and respond to security incidents and threats, providing timely resolution and reporting. Stay updated with emerging threats, security trends, and technologies to continuously improve the organization s security posture. Provide guidance and training to internal teams on cloud security best practices. Required Skills: Bachelor s/Master s in Computer Science, IT, or a related field. 5-7 years of experience in cloud security engineering, preferably in mid to large-scale enterprise environments. Strong expertise in AWS security services (IAM, Security Hub, GuardDuty, WAF, KMS, etc.). Experience with Oracle Cloud Infrastructure (OCI) security tools and frameworks. Hands-on experience with SIEM solutions (Splunk, Azure Sentinel, etc.). Proficiency in vulnerability management tools (Qualys, Nessus, etc.) and penetration testing techniques. Strong understanding of firewall configurations, VPNs, and network access controls. Knowledge of compliance frameworks such as ISO 27001, NIST, CIS, PCI-DSS, and GDPR. Familiarity with automation and scripting (Python, Terraform, PowerShell) for security operations. Strong analytical and problem-solving skills, with the ability to handle security incidents effectively. Relevant certifications (AWS Certified Security Specialty, CISSP, CISM, CEH, or equivalent) are preferred. AWS Certified Solutions Architect, Azure Solutions Architect, and Oracle Cloud Architect Associate certifications are preferred.

Security Response Coordinator Role Overview As a Security Response Coordinator you will play a critical role in ensuring the effective management and response to security incidents within our organization You will collaborate with cross functional teams and stakeholders to develop and implement incident response plans coordinate incident investigations and drive the resolution of security incidents in a timely manner The ideal candidate will possess excellent communication skills strong problemsolving abilities and a deep understanding of security incident management Responsibilities Collaborate with key stakeholders to identify potential security threats and vulnerabilities Regularly review and refine incident response procedures based on industry best practices and lessons learned Perform initial triage and analysis of security incidents Escalate incidents to Level 2 or Level 3 as necessary Document and track incidents in the incident management system Coordinate incident response efforts Serve as the primary point of contact for all security incidents ensuring timely response and resolution Establish and maintain communication channels with internal teams and external partners to facilitate incident response activities Coordinate and lead cross functional incident response teams providing clear guidance and direction Investigate security incidents Conduct thorough investigations into security incidents including data breaches system intrusions and policy violations Collect and analyze evidence identify the root cause of incidents and provide recommendations to prevent future occurrences Document incident details actions taken and lessons learned for post incident analysis and reporting Incident escalation and reporting Assess the severity and impact of security incidents and escalate as necessary to senior management or executive leadership Prepare comprehensive incident reports and communicate findings to relevant stakeholders Provide regular updates on incident response activities metrics and key performance indicators KPIs to management Continuous improvement Stay abreast of the latest security trends emerging threats and industry best practices Contribute to the enhancement of security policies procedures and guidelines Participate in tabletop exercises drills and simulations to test and improve incident response capabilities Participate in regular training and awareness programs Requirements Bachelors degree in computer science Information Security or a related field Relevant certifications eg CISSP CISM GIAC are a plus Proven experience in security incident management preferably in a fast paced and complex environment Strong understanding of security frameworks standards and regulations eg GDPR Familiarity with incident response tools technologies and forensic techniques Excellent communication skills both written and verbal with the ability to convey complex technical concepts to nontechnical stakeholders Strong analytical and problemsolving abilities with a keen attention to detail Ethical mindset and commitment to maintaining the confidentiality integrity and availability of sensitive information if interetsed send your resume on payal.banchare@ltimindtree.com

Hi all , we are looking for a role Information Security Risk Specialist experience : 7 -9 years notice period : Immediate - 15 days location : Bengaluru Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Job Summary: We are seeking an experienced Information Security Risk Manager to join our team at Daimler Truck Innovation Center India, Bengaluru. The ideal candidate will lead the risk management and coordination efforts related to the overall security of enterprise systems, ensuring the development, implementation, and oversight of strategies that safeguard the information assets from cybersecurity threats, vulnerabilities, and attacks. This role requires strong collaboration across internal teams, including engineering, IT, legal, and regulatory bodies, as well as with external partners, such as suppliers and industry organizations. The ideal candidate will have a deep understanding of cybersecurity risk management methodologies, and the ability to oversee multiple initiatives aimed at strengthening the risk management practices at Daimler Truck Key Responsibilities: Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.

You'll lead and shape the cybersecurity landscape within our projects. Day-to-day, youll work closely with teams across the business (IT, Engineering, Operations), validate security aspects of IT projects, and much more. Youll specifically take care of developing use cases, creating business cases with a thorough TCO analysis, and producing or validating architectural documentation. Additionally, you will engage in stakeholder presentations, conduct security studies, and lead design and build phases with subcontractors. Well look to you for: Identifying project needs and gathering functional and technical requirements Defining use cases and creating an enablement roadmap Developing a business case with TCO analysis Validating or producing Architecture Design Documents (ADD) Presenting solutions and enhancing the service catalog Conducting security studies and implementing infrastructure hardening Providing troubleshooting expertise and operational support All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: A Bachelor's/Master's degree in Engineering/Technology CISSP or CISM certification Experience in the Transport Industry is a plus At least 7 years of work experience in cybersecurity, with a focus on architecture and design A strong grasp of security architecture and infrastructure Proficiency in risk analysis and network security patterns Strong knowledge of cloud solutions and security mechanisms Fluency in English

Network Security Manager - Palo Alto firewalls/Zscaler/Terraform - 5+ Years - Bengaluru(Immediate Joiners) Are you an experienced Network Security professional with a passion for leading high-performing teams? Do you have a strong background in Cyber Security and a track record of implementing and managing network security solutions? Our client, a leading organization in Bengaluru, is seeking a dynamic Manager/Lead Engineer to drive their network security initiatives and ensure the company's infrastructure is protected from cyber threats. If you are ready to take on a new challenge and make a significant impact, we would love to hear from you. Location : Bengaluru Your Future Employer:Our client is a reputable organization in the heart of Bengaluru, known for its innovative solutions and commitment to excellence. As a part of their team, you will have the opportunity to work in a collaborative environment and contribute to cutting-edge network security projects. Responsibilities : Develop and implement network security policies and procedures Lead a team of network security engineers and provide technical guidance Conduct regular security assessments and recommend improvements Collaborate with cross-functional teams to address security concerns and ensure compliance with industry standards Stay updated on the latest security trends and technologies Requirements : Bachelor's degree in Computer Science, Engineering, or a related field Minimum of 8 years of experience in network security with a focus on Cyber Security Proven leadership skills and experience in managing a technical team Strong knowledge of security protocols, firewall technologies, and intrusion detection/prevention systems Relevant certifications such as CISSP, CISM, or CISA will be an added advantage Should have hands of experience about Palo alto firewalls and Zscaler (ZIP) What's in it for you: Opportunity to work with a leading organization and drive impactful network security initiatives Competitive compensation package with performance-based bonuses Professional development opportunities and access to cutting-edge technologies Collaborative and inclusive work environment that values diversity and innovation Reach us: If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at parul.arorar@crescendogroup.in Disclaimer: Crescendo Global specializes in Senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note: We receive a lot of applications on a daily basis so it becomes a bit difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted in case you don't hear back from us in 1 week. Your patience is highly appreciated. Scammers can misuse Crescendo Globals name for fake job offers. We never ask for money, purchases, or system upgrades. Verify all opportunities at www.crescendo-global.com and report fraud immediately. Stay alert! Profile keywords :Cyber Security, Network Security, CISSP, CISM, CISA, Leadership, Bengaluru, Engineering