This is a senior technical IC role which requires candidate to be hands on and ability to manage the application platform independently Technology : Imperva DAM Location : Mumbai at customer site Position : 01 (One) Total experience : 6 to 10 years (max) Effective exp. : Last 1.5 2 years as DAM SME or technical support expert Working Window Should be flexible to work in shifts and on demand for any weekend maintenance activities Job Description/KRAs Ensuring uptime of the DAM platform as per defined service levels Ensuring coverage of the solution to ensure adequate security posture Implement and fine tune policies in accordance with security policies and continually evolving threat landscape. Define reports and dashboards Integration of databases with DAM platform as per organisational requirements DAM application administration, management and advanced troubleshooting. Attend to P1 incidents and documentation of RCA Define SOPs to facilitate effective collaboration of work with cross functional stakeholders in customer organisation Keeping platform current with defined security baselines and OEM defined best practices Participation in audit exercises and closing out observations within defined timeframes Participation in BCP and DR drills. Ensuring platform is resilient from uptime perspective Track licensing, OEM support validity and coordination for scheduled audits of the platform Coordination with OEM support for bug fixes or product issues Guide and support Tier 2 Engineers on administration and platform Update required documentation on need basis Education and Professional Qualifications B.E/ B. Tech/MCA from recognized university. CISSP/CISA/CISM certification is mandatory DAM Technical certification is preferred Should have handled DAM operations of large environment with multiple DB flavours Intermediate scripting skills in Python or any CGI is preferred

Fynd is India s largest omnichannel platform and multi-platform tech company with expertise in retail tech and products in AI, ML, big data ops, gaming+crypto, image editing and learning space. Founded in 2012 by 3 IIT Bombay alumni: Farooq Adam, Harsh Shah and Sreeraman MG. We are headquartered in Mumbai and have 1000+ brands under management, more than 10k stores and servicing 23k + pin codes. We are seeking a highly skilled Data Protection Officer (DPO) / GRC Officer responsible for ensuring compliance with global security and data protection regulations. The ideal candidate will oversee governance, risk, and compliance (GRC) programs, implement security frameworks, and safeguard sensitive data across the organization. What will you do at Fynd 1. Governance, Risk, and Compliance (GRC): Develop, implement, and maintain GRC frameworks to align with regulatory and industry standards. Establish risk assessment methodologies and ensure mitigation strategies are in place. Conduct IT General Controls (ITGC) assessments to ensure effective security controls and processes. Oversee third-party risk assessments, ensuring vendors comply with security policies. 2. Data Protection Privacy Compliance: Implement and oversee compliance with DPDP (Digital Personal Data Protection Act, India) and GDPR regulations. Act as the point of contact for data protection authorities and internal privacy matters. Conduct Data Protection Impact Assessments (DPIAs) and privacy risk assessments. Develop and enforce privacy policies, data retention, and protection measures. 3. Information Security Compliance Certifications: Lead and maintain compliance with ISO 27001, ensuring policies and controls meet certification requirements. Manage SOC 2 compliance efforts, including security, availability, processing integrity, confidentiality, and privacy principles. Oversee PCI-DSS compliance for handling cardholder data securely. Ensure alignment with NIST security frameworks for risk management and cybersecurity resilience. 4. Business Continuity Incident Management: Develop and maintain a Business Continuity Management (BCM) program, including disaster recovery plans. Lead security incident response and investigations to mitigate data breaches and cybersecurity threats. Conduct regular tabletop exercises and audits to test resilience and readiness. Some Specific Requirements Bachelor s/Master s degree in Information Security, Cybersecurity, Compliance, or a related field. Professional certifications such as CIPP/E, CIPM, CISSP, CISM, CISA, ISO 27001 Lead Auditor, or CRISC are highly preferred. 5+ years of experience in Data Protection, Compliance, GRC, or Cybersecurity roles. Strong knowledge of regulatory frameworks (SOC2, ISO27001, GDPR, DPDP, PCI-DSS, NIST, ITGC, Third-Party Risk Management). Experience in implementing GRC tools and automating compliance processes. Excellent stakeholder management skills with the ability to work cross-functionally. Strong analytical, problem-solving, and decision-making skills. What do we offer Growth Growth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially. Flex University We help you upskill by organising in-house courses on important subjects Learning Wallet: You can also do an external course to upskill and grow, we reimburse it for you. Culture Community and Team building activities Host weekly, quarterly and annual events/parties. Wellness Mediclaim policy for you + parents + spouse + kids Experienced therapist for better mental health, improve productivity work-life balance We work from the office 5 days a week to promote collaboration and teamwork. Join us to make an impact in an engaging, in-person environment!

Overview The Information and Cyber Security Governance Manager for is responsible for overseeing the governance, risk, and compliance activities across the Security Operations Center (SOC), Incident Management and Vulnerability Management. This role ensures that these critical areas operate in alignment with industry standards, regulatory requirements, and internal policies. The Governance Manager will establish and enforce policies, procedures, and controls to safeguard the organizations information assets and mitigate risks. Key Responsibilities Security Operations Center Governance Governance Framework: Develop, implement, and maintain the governance framework for the SOC, ensuring alignment with industry best practices and regulatory requirements. Policy Development: Create, review, and update security policies, standards, and procedures to ensure they are effective and up-to-date. Risk Management: Identify, assess, and mitigate security risks related to SOC operations. Develop risk management strategies and monitor the effectiveness of risk mitigation measures. Incident Response Oversight: Oversee the incident response process, ensuring that incidents are managed and resolved in accordance with established protocols. Training and Awareness: Develop and deliver training programs to enhance the security awareness and skills of SOC staff. Ensure that all team members are knowledgeable about governance and compliance requirements. Key Responsibilities Data Security Governance and Vulnerability Management Strategy: Develop, implement, and maintain the data security strategy and framework, ensuring alignment with industry best practices and regulatory requirements. Policy Development: Create, review, and update data protection policies, standards, and procedures to ensure they are effective and current. Risk Assessment: Conduct regular risk assessments to identify and mitigate potential data leakage risks. Develop risk management strategies and monitor their effectiveness. Incident Response: Oversee the data breach and incident response process, ensuring that incidents are managed and resolved according to established protocols. Monitoring and Analysis: Implement and manage DLP tools and technologies to monitor data flows and detect potential data leakage. Analyze DLP alerts and incidents to identify trends and areas for improvement. Training and Awareness: Develop and deliver training programs to enhance the data protection awareness and skills of employees. Ensure that all team members are knowledgeable about DLP policies and procedures. General Responsibilities Compliance Management: Ensure compliance with relevant security standards and regulations across SOC, DLP, and VAPT. Conduct regular audits and assessments to verify compliance. Risk Management: Identify, assess, and mitigate security risks related to SOC, DLP, and VAPT operations. Reporting and Metrics: Develop and maintain key performance indicators (KPIs) and metrics to monitor the effectiveness of the governance programs. Prepare and present reports to senior management. Collaboration: Work closely with other departments, such as IT, Legal, and Compliance, to ensure a cohesive approach to security governance. Continuous Improvement: Promote a culture of continuous improvement within SOC, DLP, and VAPT programs. Identify areas for enhancement and implement best practices. Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. A Masters degree is preferred. Certifications: CEH / OSCP, and Any one of CISA, CISSP, CISM, CRISC, or other relevant certifications. Experience: Minimum of 5 years of experience in Security Operation Center Governance, risk, and compliance with specific experience in a SOC, Developing Key risk indicators, Threat Hunting, SOAR implementation, Defining MTTD MTTR, SIEM use cases.

We are seeking a highly skilled and detail-oriented IT Compliance and Security Manager to oversee and enhance our organization s security and compliance programs. This individual will play a pivotal role in managing our Microsoft security ecosystem, ensuring compliance with SOX and IT General Controls (ITGC) requirements, and leading our efforts to achieve ISO 27001 certification. The role also involves managing and optimizing Microsoft Defender tools and implementing Sentinel to strengthen our cybersecurity posture. You must have proven experience and working knowledge with Microsoft Defender suite of security products. Key Responsibilities: Microsoft Security Administration: Manage and optimize the Microsoft Defender suite, including Defender for Endpoint, Identity, Office, and Cloud Apps. Implement, configure, and manage Microsoft Sentinel for advanced threat detection and incident response. Monitor and respond to security alerts and incidents, ensuring timely resolution and documentation. SOX and ITGC Compliance: Conduct IT General Controls (ITGC) testing and ensure SOX audit requirements are met. Collaborate with internal and external auditors during audits to provide necessary evidence and address findings. Develop and maintain documentation for IT controls, processes, and compliance activities. ISO 27001 Certification: Lead the planning and execution of activities required for achieving ISO 27001 certification. Develop and implement information security policies and procedures to align with ISO 27001 standards. Coordinate with cross-functional teams to address gaps and ensure compliance with certification requirements. Risk and Compliance Management: Identify, assess, and mitigate IT security risks across the organization. Ensure ongoing compliance with regulatory requirements and internal policies. Monitor and report on the effectiveness of security controls and compliance programs. Collaboration and Training: Partner with IT, Legal, Finance, and other teams to align compliance and security efforts. Conduct training sessions to raise awareness of IT security and compliance policies among employees. Serve as the primary point of contact for compliance and security-related inquiries. Qualifications: Bachelor s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience). 5+ years of experience in IT security, compliance, or related roles. Hands-on experience with Microsoft Defender tools and Microsoft Sentinel. In-depth knowledge of SOX, ITGC, and ISO 27001 frameworks. Strong understanding of cybersecurity principles and risk management. Excellent communication skills and the ability to work collaboratively across teams. Relevant certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or Microsoft Security certifications are a plus.

Cybersecurity Architect 10+ Years Educational Background: A Bachelors or Master’s degree in Information technology, cybersecurity, computer science, or a related field is essential. [10+] years of experience in cybersecurity, previous experience in a security engineering role highly desired Holding professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or certifications recognized by the NCSC is highly regarded. Familiarity with relevant cybersecurity frameworks and standards, including the CIISec Skills Framework and guidelines provided by the NCSC, is essential Must have extensive experience of architecture design, security regulations and security implementation in Infra and Cloud Security, Product Security, etc

We are seeking a highly skilled Defender Endpoint Security Specialist with 5-10 years of solid implementation and operational experience. The ideal candidate will be responsible for ensuring the security of our endpoints and will be ready to work during shift hours and weekends. Key Responsibilities: Implement and manage Microsoft Defender for Endpoint solutions. Monitor and respond to security incidents and alerts. Conduct regular security assessments and vulnerability scans. Develop and maintain security policies and procedures. Collaborate with IT and other departments to ensure comprehensive endpoint security. Provide training and support to staff on security best practices. Stay updated with the latest security trends and threats. Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field. 5-10 years of experience in endpoint security, specifically with Microsoft Defender. Microsoft Defender certification (SC200). Strong knowledge of security frameworks and best practices. Experience with security incident response and management. Excellent problem-solving and analytical skills. Ability to work independently and as part of a team. Willingness to work offpeak hours and weekends. Preferred Skills: Certifications such as SC500, CISSP, CISM, or similar. Experience with other security tools and technologies. Ms Defender, Cyber Security

At Broadridge, weve built a culture where the highest goal is to empower others to accomplish more. If you re passionate about developing your career, while helping others along the way, come join the Broadridge team. Role and responsibilities include: Conduct regular security assessments (SAST/SCA/DAST) utilizing both automated and manual methods to identify security vulnerabilities Responsible for assessing the risk of the found vulnerabilities as per Broadridge Security Standards and documenting them with proper proof of concepts, as necessary Perform security design and architectural reviews for new and existing applications to ensure they meet security standards and best practices. Collaborate with technical teams and business stakeholders to provide expert advice on vulnerability remediation strategies and best practices. Assess risks reported in the vulnerability assessment results and other security related data, and prioritize remediation actions Integrate security practices into the CI/CD pipeline to identify and address vulnerabilities early in the development cycle and maintain the tooling in the CICD pipeline Conduct regular security group reviews. Identify and implement automation opportunities within security testing and review processes to enhance efficiency and effectiveness. Awareness of working and adapting to Agile environment Skill Requirements: A bachelor s or higher degree in Computer Science, Computer Engineering, or similar discipline. Minimum 6 years of hands-on experience in application security and 2 years in DevSecOps, and extensive knowledge in any one of the object-oriented programming languages. Strong Information Security technical skills and knowledge to identify, research and understand security control gaps and program compliance issues Strong web application security experience with thorough understanding of web application vulnerabilities and secure coding practices Demonstrated experience in performing threat modeling, security architecture review, and vulnerability assessment on applications and infrastructure Deep understanding of OWASP methodologies for web, API, mobile, CI/CD, and LLM. Knowledge in Cloud(AWS, Azure) Architecture Familiarity with CI/CD tools (e. g. , Jenkins, GitLab CI) and their integration with security tools. Understanding of Security Policies, Procedures, Audit, and Compliance requirements Skills in Terraform/Chef/Python/Perl/Ruby is desired Superior ability to effectively communicate security concepts, threats, controls, and mitigation/remediation to application teams and audiences not familiar with such topics Soft Skills: Excellent communication and presentation skills Ability to work collaboratively and build consensus is essential Ability to manage multiple priorities effectively. Strong analytical and problem-solving skills with attention to detail. Willingness and capability to self-learn Good to Have: Experience in conducting infrastructure vulnerability scans, analysis of scan results, and vulnerability triage. Experience in assessing and enhancing security of cloud-based environments and services. Experience in AWS security involving tools and process Experience in container/Kubernetes security Active participation in the security communities and groups Demonstrated commitment to staying up to date with emerging security threats and technologies. Hold at least one applicable industry certification; CEH, CISSP, OSCP, CISM, Cloud Security etc. .

What You'll Do As the Manager of Product Security with a focus on Data Privacy, you will help ensure that our products are designed with strong security and privacy controls. You will lead a team of security professionals, collaborate with teams, and lead the implementation of privacy-by-design principles across all stages of the product lifecycle. Your responsibilities will include safeguarding customer data, ensuring compliance with privacy regulations, and mitigating security risks in product development. You will report to VP Security What Your Responsibilities Will Be Lead the product security team focused on embedding data privacy and security controls into product development processes. Develop a comprehensive product security strategy with a focus on data privacy. Partner with engineering, legal, compliance, and product teams to ensure privacy and security are integrated into all stages of the product lifecycle. Drive privacy-by-design principles and advocate for secure development practices across the organization. Data Privacy Governance : Ensure products comply with relevant data privacy regulations such as GDPR, CCPA, HIPAA, and other global standards. Develop product security policies and procedures that align with legal, regulatory, and industry requirements. Perform privacy impact assessments (PIAs) and security risk assessments (SRAs) on products and services. Risk Management : Identify privacy and security risks related to product development and deployment. Implement controls and measures to reduce data breaches, unauthorized access, and other security incidents. Lead incident response efforts related to privacy violations or data security breaches in collaboration with legal and IT teams. Collaboration & Communication : Collaborate with engineering teams to integrate security tools, practices, and automated testing into CI/CD pipelines. Work closely with the legal and compliance teams to interpret and respond to data privacy regulations and standards. Communicate privacy and security risks, issues, and solutions to senior leadership and other stakeholders. Training & Awareness : Develop and conduct training programs to educate product development teams on privacy and security best practices. Stay up-to-date with emerging data privacy trends, threats, and technologies and ensure the team is aligned with industry best practices. Monitoring & Reporting : Oversee continuous monitoring of product security and privacy controls to ensure ongoing compliance and risk mitigation. Provide regular updates to leadership on the status of product security initiatives, privacy compliance, and risk management activities. What You'll Need To Be Successful Qualifications: Education & Experience : Bachelor's or Master's degree in Information Security, Computer Science, or related field. 10+ years of experience in product security, cybersecurity, or data privacy, with a focus on software product development. Proven experience managing teams in a security or privacy role. Skills & Knowledge : Deep understanding of data privacy laws and regulations (e.g., GDPR, CCPA, HIPAA). Strong knowledge of product security principles, including secure software development practices, encryption, and threat modeling. Familiarity with privacy-enhancing technologies, data anonymization, and data retention practices. Experience with security tools, automation, and CI/CD practices. Certifications (preferred): Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications.

IT Security Analyst We are seeking a highly skilled and detail-oriented IT Security Analyst to safeguard our organization's IT infrastructure, networks, and data from cyber threats. The ideal candidate will be responsible for security monitoring, risk assessment, incident response, and ensuring compliance with industry best practices and regulatory requirements. Key Responsibilities: 1. Security Monitoring & Threat Detection: Continuously monitor networks, systems, and applications for security breaches and suspicious activity. Utilize SIEM (Security Information and Event Management) tools to analyze logs and alerts. Respond promptly to and investigate security incidents. 2. Incident Response & Mitigation: Conduct forensic analysis and root cause investigation of security incidents. Develop and implement incident response plans to mitigate threats effectively. Collaborate with IT teams to remediate vulnerabilities and enhance security resilience. 3. Vulnerability Management & Risk Assessment: Perform regular security audits and vulnerability scans to identify potential threats. Assess risks and recommend security controls for enhanced protection. Ensure compliance with established security frameworks (e.g., NIST, ISO 27001, CIS). 4. Access Control & Identity Management: Manage user access, authentication, and authorization controls. Implement security best practices for Identity and Access Management (IAM). Enforce Multi-Factor Authentication (MFA) and least privilege access policies. 5. Security Policy & Compliance: Develop, update, and enforce security policies, procedures, and guidelines. Ensure compliance with industry regulations such as GDPR, HIPAA, PCI-DSS, SOC 2. Conduct security awareness training for employees. 6. Security Tools & Technologies: Configure and manage firewalls, IDS/IPS, endpoint protection, and encryption tools. Evaluate, recommend, and implement security solutions to improve the security posture. 7. Collaboration & Reporting: Work closely with IT, DevOps, and compliance teams to reinforce security strategies. Prepare detailed security reports for management and stakeholders. Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, or an IT-related field. Minimum 3 years of experience in IT security, cybersecurity, or a related field. Strong understanding of network security, cloud security, and encryption technologies. Hands-on experience with firewalls, SIEM, IDS/IPS, EDR, and vulnerability scanners. Familiarity with security frameworks such as NIST, ISO 27001, CIS, MITRE ATT&CK. Preferred Certifications: CEH, CompTIA Security+, CISSP, CISM, CISA. Key Skills: Cybersecurity best practices Threat analysis & incident response Risk assessment & compliance SIEM, IDS/IPS, firewalls, EDR Identity & access management (IAM) Cloud security (AWS, Azure, GCP) Security policy development

Visa is seeking a Controls Monitoring & Testing Analyst within its Technology Risk Management program to review and assess Cybersecurity and Technology risks. The candidate will perform Risk Assessments, Design Effectiveness Assessments, and Operational Effectiveness Testing for key technology threat vectors such as security configuration management, firewall configuration, application, user access management, and availability & reliability. Responsibilities include managing stakeholder engagement plans, participating in process walkthroughs, tracking/reporting deliverables, and producing high-quality work papers for all lines of defense and risk stakeholders. Additionally, the candidate will interpret data from source systems to perform statistical sampling and aggregate assessment across various risk management levers, collaborate with technology partners, and distill information into management and executive-level reporting. Key Responsibilities: Technology & Cybersecurity Controls Testing: Perform independent technology and cybersecurity controls testing. Document testing results in detailed workpapers. Prepare management reports based on testing outcomes. Communicate findings with stakeholders. Automation for Continuous Monitoring: Develop automation for continuous controls monitoring/auditing for technology and cybersecurity. Monitor the results of automated controls, perform investigation and follow-ups as needed. Risk & Control Self-Assessment (RCSA): Execute RCSA Risk Business Partner (RBP) controls quality review and sample-based testing. Conduct Key Risk Indicator (KRI) testing. Training, Metrics Alignment & Reporting: Develop and track risk management training. Align metrics with reporting dashboards. Develop reporting and stakeholder communication. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager. Basic Qualification 3 years of relevant work experience and a Bachelors degree Preferred Qualification Bachelor s degree with 5 years of work experience in cyber, risk controls, or equivalent. Experience with technology and cyber processes and functions (e.g., Vulnerability, Availability & Reliability Risk, Cyber Defense, Third Party Technology Risk, Identity Access Management, Security Architecture, etc.). Experience auditing technology and cybersecurity processes, risks, and controls. Experience developing automation for continuous controls monitoring/auditing for both technology and cybersecurity. Ability to prioritize deliverables and projects efficiently and adapt to changing priorities quickly. Strong analytical and problem-solving skills. Effective communication skills, both formal and informal. Ability to facilitate group discussions and debates across geographic and functional lines. Experience in regulated industries and payment platforms preferred. CISA, CISM, CISSP certification preferred.

Conduct independent risk assessments on technology operations and infrastructure to identify vulnerabilities and potential threats, including those associated with machine learning systems. Develop and implement risk oversight strategies to ensure the effectiveness of risk mitigation measures implemented by the first line of defense. Monitor and evaluate the effectiveness of existing risk management controls and challenge the adequacy and effectiveness of risk mitigation strategies. Collaborate with IT and operations teams to provide independent oversight and guidance on security measures integrated into the design and implementation of technology projects. Assess the security and risk implications of machine learning models and AI-driven solutions, ensuring they adhere to best practices and regulatory requirements. Stay current on industry best practices, regulatory requirements, and emerging threats in technology risk management, particularly in the context of machine learning and AI. Prepare detailed reports and presentations for senior management and risk committees, outlining risk findings, oversight activities, and progress updates. Assist in the development and maintenance of disaster recovery and business continuity plans. Conduct regular audits and assessments to ensure compliance with internal policies and external regulations. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager. Bachelor s degree in Information Technology, Computer Science, Risk Management, or a related field. Minimum of 3-5 years of experience in technology risk management, with a focus on operations and infrastructure. Strong understanding of Modern application architecture , IT infrastructure, including networks, servers, databases, cloud computing and machine learning technologies. Knowledge of risk management frameworks and standards such as ISO 27001, NIST, and COBIT. Experience with security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams. Relevant certifications (e.g., CRISC, CISM, CISSP) are a plus

Job Title: Lead Information Security Analyst Job Code: 7903 Country: IN City: Mumbai Skill Category: IT\Technology Description: Key objectives critical to success We are looking for a talented and experienced professional to join our team as Security Engineer with specific focus on network security and boundary controls. In this role, you will part of a team leading the engineering, development, and implementation of a robust and scalable information security solutions to protect Nomura s critical assets. This role is technical and hands-on as the security architecture and engineering strategy and roadmap are being developed and requires deep understanding of network security and best practices in cybersecurity. It requires the development and implementation of processes, policies, standards, and solutions in collaboration with the Global Head of information security engineering and key stakeholders You will play a key role in ensuring the resilience and effectiveness of network security solutions. Key Responsibilities Develop and maintain a deep understanding of the organizations network security needs. Evaluate and deploy network security technologies and tools including network detect and respond, web application firewalls to enhance security posture that aligns with the business objectives and the Security Risks and Controls Framework. Develop and enforce security policies, standards, and guidelines in alignment with regulatory requirements and network security best practices. Deploy and operate network security controls on premise and cloud to protect our network infrastructure from unauthorized access, data loss, and other security threats Collaborate with cross-functional teams to evaluate and select network security technologies and tools that meet Nomura s requirements. Provide guidance and technical leadership to project teams to ensure network security requirements are properly understood Conduct the relevant network security assessments to identify gaps, vulnerabilities, and areas for resilience improvement. Stay current on emerging technologies, trends, and threats in the field of network security and protection Collaborate with internal and external stakeholders to ensure alignment with industry standards, regulatory requirements, and compliance frameworks. Skills, experience, qualifications and knowledge required Bachelors degree in Computer Science, Information Technology, or related field; Masters degree preferred. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is required. 5-8 of years of experience in information security, with a focus on network security Proven experience in designing and implementing network security solutions in an enterprise environment (IDS /IPS, NDR) Strong knowledge of security technologies on security network protocols, and frameworks, such as ISO 27001, NIST, and OWASP. Familiar with network segmentation strategies to limit the spread of security incidents and improve the overall security posture of our network. Familiar with implementing network security controls for cloud Excellent analytical, problem-solving, and project management skills. Strong communication and interpersonal skills to collaborate with diverse teams and stakeholders.

We are seeking a dedicated and experienced Security Engineer to bolster our Security Operations and Incident Response capabilities. In this role, you will play a pivotal part in fortifying our global Information Systems security infrastructure and responding effectively to potential security threats. Your responsibilities will encompass the daily operations of our security technologies, alongside proactive analysis, and response to security incidents. Collaboration with our Information Services team will be integral to maintaining and enhancing our organizations security posture and safeguarding our data assets. About the Team: As a valued member of our Cyber Intelligence Centre/Security Operations team, you will advocate a pragmatic approach to proposing and implementing security solutions. You will actively contribute to the continual analysis of our security logs and posture to uphold our organizations security and situational awareness regarding potential threats. What youll do Automation of Security Processes: Develop, implement, and manage automated workflows for incident detection, investigation, and remediation. Automate routine security tasks such as log analysis, vulnerability scanning, and patch management. Integrate security tools (SIEM, SOAR, endpoint protection, threat intelligence platforms) to create seamless, automated workflows. Incident Response Automation: Work with the Incident Response team to identify opportunities for automation in response procedures. Develop automated playbooks for various incident types (e.g., phishing, malware, DDoS attacks) to reduce response time and human error. Implement automated alert triage systems to prioritize and categorize security incidents based on severity. Threat Intelligence Integration: Automate the ingestion and processing of threat intelligence feeds (e.g., IOCs, TTPs) into security monitoring systems. Enhance threat detection capabilities by integrating real-time threat intelligence into automated workflows. Continuous Improvement: Continuously evaluate and improve automated security processes for efficiency, effectiveness, and scalability. Identify gaps in automation and develop new solutions to improve response times and security coverage. Monitor automation processes and tools to ensure they operate effectively and without interruption. Collaboration Communication: Work closely with the SOC team to ensure automation initiatives align with the organization s security policies and standards. Collaborate with IT, DevOps, and Engineering teams to ensure automated security solutions are integrated across the infrastructure. Provide documentation and training to security teams on new automated processes and tools. Security Monitoring and Reporting: Develop dashboards and reports to track the performance of automated security processes and identify areas for improvement. Ensure that key security metrics (e.g., mean time to detect, mean time to respond) are optimized via automation. Security Tool Management: Manage and maintain automation tools, ensuring they are up to date and optimized for maximum performance. Evaluate and implement new security automation tools and technologies as appropriate. What youll bring: Bachelor s degree in Computer Science, Information Security, or a related field (or equivalent work experience). Minimum of 5-10 years of experience in a Security Operations role (SOC, Incident Response, or Threat Intelligence). Proven experience with security automation tools, SIEM platforms (e.g., MS Sentinel). Experience with scripting languages (Python, PowerShell, Bash) and automation frameworks (e.g., Ansible, Terraform, or similar). Hands-on experience with security technologies such as IDS/IPS, endpoint protection, firewalls, and vulnerability management tools. Technical Skills: Expertise in implementing and managing security automation processes and systems. Familiarity with cloud environments (AWS, Azure, GCP) and cloud-native security tools. Experience in building and maintaining automated incident response playbooks. Proficiency in security monitoring tools such as SIEM, EDR, NDR, and IDS/IPS. Soft Skills: Strong problem-solving and analytical skills. Excellent communication skills and ability to collaborate with cross-functional teams. Ability to prioritize tasks, manage time effectively, and work under pressure. Strong attention to detail and commitment to continuous learning. Desirable: Certifications such as CISSP, CEH, CISM, or similar are highly desirable. Familiarity with DevSecOps practices and CI/CD pipeline security. Experience with threat hunting and proactive security measures.

We are looking for a highly experienced Cyber Security GRC professional who is passionate about implementing and operating enterprise-level information security and risk management frameworks within the organization. You will join a dynamic and fast-paced environment and work with cross-functional teams to design, build and roll out products that deliver the company s vision and strategy. Experience 8+ Years Pune Alright, so youre sold. But who are we Diversity and humility are not just big words hung up on the walls. At CredAble, we put people at the heart of everything we do and our core values are the driving force behind our success. CredAble is an NBFC technology-powered supply chain funding solutions company Leveraging our trade finance expertise, technology platform, and access to 3rd party capital, we arrange funding programs for enterprise supply chains and do direct lending to SMEs. Led by a team of industry experts, CredAble is at the forefront of powering tech-enabled working capital financing. Programs are anchored around enterprise clients, where we provide funding linked to transactions with suppliers (payables) and distributors (receivables). We are series B funded startup with Axis Bank limited as a strategic investor. You will be responsible for: Partner with CISO to run a global, enterprise-wide cybersecurity risk and compliance strategy aligned with organizational priorities, business objectives, regulatory requirements, and evolving risks. Lead and grow a team of cybersecurity professionals, managing risk, compliance, assessments, reporting, metrics, policy, awareness, and third-party risk management. Oversee risk and threat-based information security programs ensuring confidentiality, integrity, availability, and privacy. Manage enterprise-wide compliance, risk assessment, reporting, cybersecurity policies, third-party risk management, and security training programs. Conduct information security audits, respond to external questionnaires, RFPs and collaborate with control entities (Audit Partners, Enterprise Risk Management, Legal Compliance, regulators, and financial institutions). Work with the Cloud Security Operations team on incident management, security architecture, vulnerability management, threat intelligence, advisory, and identity and access management. Assess security controls, identify improvement opportunities, and communicate recommendations. Perform risk assessments against third parties to ensure proper compliance against regulatory requirements. Manage annual ISO 27001 internal audits, remediation tracking, evidence collection, and risk identification. Lead the creation of Information Security Policies, technical standards and procedures for secure technology configuration and implementation. Manage the company-wide information security awareness program to foster a security mindset across leadership, employees, contractors, and third parties. Stay updated on security changes impacting regulatory, privacy, and industry best practices. You will be reporting to: Chief Information and Security Officer. What will you bring to the table 8 or more years of knowledge and understanding of information security management frameworks and various regulatory requirements such as DPDPA, GDPR, and information security and compliance standards including ISO 27001, SOC 2 etc. Strong knowledge of security frameworks including NIST CSF, controls, and audit techniques. Strong ability to identify needs, take initiative, and prioritize work efforts, balancing operational tasks with longer-term strategic security efforts. Strong technical background with a consistent record of delivering results, validated leadership, communication as well as critical thinking skills, creative and flexible problem solver. Strong interpersonal skills and the ability to interact strategically and confidently with internal partners to develop ideas, find opportunities, and influence outcomes. Certifications: CISSP, CISA, CISM. The educational qualification you ll need: Bachelor s or Master s degree in Computer Science , Engineering, or a related field. Besides making the best move of your career, what s in it for you Working in a highly entrepreneurial setup with a visionary team passionate to help scale new heights of business success. Exposure to exploring limitless possibilities and ideas no matter how impossible they may seem today. CredAble thrives on transparency and a culture to nurture growth. Being part of CredAble enables you to push beyond the ordinary.

Design and implement end-to-end security solutions using Microsoft security suite, including Microsoft Defender, Sentinel, and Defender for Endpoint. Integrate Microsoft security tools with other industry-leading SIEM, SOAR, UBA, EDR, and ticketing systems for a comprehensive security posture. Utilize Microsoft Copilot for AI-driven security insights, automation, and incident analysis to improve security response efficiency. SOC L3 Expertise Incident Response Lead SOC Level 3 investigations, incident response, threat hunting, and forensic analysis using Microsoft Sentinel Defender. Provide expert guidance on incident escalation, root cause analysis, and response strategies. Optimize SOC workflows using Microsoft Copilot, leveraging AI to automate investigations, generate reports, and enhance analyst efficiency. Develop and implement SOC processes, playbooks, and best practices to ensure an effective security operations framework. Threat Intelligence, SOAR, UBA AI Integration Implement User Behavior Analytics (UBA) to detect anomalies, insider threats, and behavioral deviations. Design and automate security workflows using SOAR solutions to reduce response time. Correlate threat intelligence feeds across Microsoft Defender, Sentinel, and third-party SIEM tools to proactively identify emerging threats. Use Microsoft Copilots AI-driven capabilities to assist in security event correlation, data analysis, and automated threat response. SOC Security Process Management Oversee SOC operations, ensuring 24/7 security monitoring, alert triage, and proactive threat mitigation. Define, document, and enforce SOC playbooks, security policies, and compliance guidelines aligned with industry best practices. Conduct security audits and assessments using Microsoft security tools, ensuring adherence to standards like MITRE ATTCK, NIST, and ISO 27001. Required Skills Experience: 8+ years of experience in cybersecurity, SOC management, and security architecture. Hands-on expertise in Microsoft security solutions (Microsoft Defender, Sentinel, Defender for Identity, Defender for Endpoint). Proven experience in SOC Level 3 operations, incident response, threat hunting, and forensic investigations. Strong understanding of SIEM, SOAR, UBA, and AI-driven security automation. Experience in integrating Microsoft security tools with third-party security solutions like EDR, SIEM, and ticketing systems. Familiarity with Microsoft Copilot and its application in SOC operations, security automation, and AI-driven threat detection. Ability to draft SOC processes, security playbooks, and incident response frameworks. Strong analytical skills with the ability to connect insights across different security modules.

Oversee the issuance, revocation, and renewal of digital certificates using Nexus Smart ID and Microsoft PKI. Implement and manage password-less authentication and multi-factor authentication (MFA) solutions. Maintain and monitor Identity Provider (IdP) integrations to ensure seamless authentication. Enforce access control policies to prevent unauthorized access. System Administration Security: Monitor system performance and conduct regular updates and patches for Nexus Smart ID. Perform troubleshooting and incident resolution for identity and certificate-related issues. Ensure compliance with industry regulations and best practices for digital identity security. Operational Support Optimization: Conduct health checks and security audits of IAM solutions. Provide technical support and guidance to end-users and IT teams. Develop documentation, SOPs, and training materials for identity and certificate management. Collaborate with security teams to strengthen identity governance and access policies . Required Skills Qualifications: 7 years of experience in Identity Access Management (IAM) , Public Key Infrastructure (PKI) , or related security roles. Hands-on experience with Nexus Smart ID for password-less authentication and MFA solutions. Strong understanding of Microsoft PKI Certificate Management , including CA (Certificate Authority) administration. Experience with Identity Providers (IdP) and Single Sign-On (SSO) solutions. Knowledge of access control models (RBAC, ABAC) and identity governance. Familiarity with security frameworks such as NIST, ISO 27001, and Zero Trust architecture . Strong troubleshooting skills for identity authentication and certificate issues . Experience with scripting (PowerShell, Python) for automation is a plus. Preferred Certifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Microsoft Certified: Security, Compliance, and Identity Fundamentals Certified Identity and Access Manager (CIAM)

The Lead Vulnerability Management Engineer is responsible for managing the identification, assessment, reporting, and mitigation of infrastructure and cloud vulnerabilities. This role requires strong collaboration with internal stakeholders to ensure identified risks are appropriately addressed promptly. Should have a mindset of a defender and be able to operate in a fast-paced environment working closely with our infrastructure team that includes Network, Firewall, Hypervisors, Servers, and business application teams. Key Serve as a Lead role that requires frequent interaction with IT and Information Security Managers, Engineers and developers. Provide vulnerability remediation governance and operational support. Perform Vulnerability Metrics Reporting for Ad-hoc and scheduled metrics report for various KPIs (Key Performance Indicators) around vulnerability management activities. Mature and automate repeatable processes to inventory, asses, prioritize, and manage critical vulnerabilities and risks within the enterprise. Develop quantitative risk and threat models to drive vulnerability reporting and remediation prioritization. Drive and track remediation initiatives across multiple support teams. Mentor less-experienced team members. EXPERIENCE AND EDUCATIONAL REQUIREMENTS: Bachelor s degree in Computer Science, Cybersecurity or other related field, or equivalent work experience. Proficient in various vulnerability assessment tools such as Qualys, Armis, Microsoft Defender for Endpoint/Cloud. Ability to analyze vulnerability metrics using Microsoft Excel advanced techniques. Typically requires 7-9 years of combined IT and security work experience with a broad range of exposure to cybersecurity, systems analysis, application development and/or systems administration and 3+ years of vulnerability management experience. Requires Security Certification(s) (i.e., Certified Information Systems Security Professional (CISSP), or Certified Information Security Manage (CISM), Certificate of Cloud Security Knowledge (CCSK), Offensive Security Certified Professional (OSCP) or other equivalent recognized security certifications. Good understanding of industry standard regulations and risk management frameworks and standards (e.g., ISO, PCI, NIST, COBIT, GAPP, HIPAA, GDPR). Familiarity with SANS Top 25 controls, OWASP Top 10 and/or MITRE ATT&CK framework Experience with cloud computing environments such as AWS, Azure or Google Cloud. Excellent communication skills: able to explain complex concepts clearly to both technical and non-technical stakeholders. Skills Desired: Knowledge of cloud architectures, services, and vulnerabilities. Understanding of risk assessment methodologies. Proficiency in using vulnerability scanning tools such as Qualys, Armis, MS Defender, etc. Ability to interpret vulnerability data from multiple sources. Reporting and metrics expertise with platforms such as ServiceNow (SecOps), PowerBI, etc.

Welcome to the era of Velsera! Seven Bridges, Pierian UgenTec have combined to become Velsera. Velsera is the precision engine company. We empower researchers, scientists, and clinicians to drive precision RD, expand access to, and more effectively leverage analytics at the point of care. We unify technology-enabled solutions and scientific expertise to enable a continuous flow of knowledge across the global healthcare ecosystem. This interweaves diverse biomedical communities, allowing them to build upon each other s success and accelerate medical breakthroughs that positively impact human health. With our headquarters in Boston, MA, we are growing and expanding our team which located in 14 different countries! What will you do Governance and Policy Development - Develop, implement, and maintain governance policies, SOPs, and related documentation. - Ensure all policies align with industry standards (e.g., FedRAMP, NIST SP 800-53, ISO 27001 family, and HIPAA). - Monitor policy effectiveness and recommend updates based on organizational changes or regulatory updates. Risk Management - Conduct risk assessments to identify vulnerabilities, threats, and compliance gaps. - Collaborate with cross-functional teams to design and implement remediation strategies. - Maintain risk registers and monitor mitigation efforts. Compliance Oversight - Support the organization in achieving and maintaining FedRAMP certification. - Manage periodic audits, security assessments, and readiness activities for compliance frameworks. - Track and report on compliance metrics, audit findings, and resolution status. Training and Awareness - Develop and deliver training programs to enhance employee understanding of compliance policies and procedures. - Act as a point of contact for compliance-related queries within the organization. Incident Response and Reporting - Support incident response processes to ensure effective investigation and reporting of compliance-related incidents. - Collaborate with stakeholders to implement corrective actions and prevent recurrence. Vendor and Third-Party Risk Management - Assess third-party vendors for compliance with organizational policies and standards. - Ensure contracts include appropriate compliance requirements. What do you bring to the table Education Experience - Bachelors degree in Information Technology, Cybersecurity, Risk Management, or related field (Master s preferred). - 3+ years of experience in governance, risk, and compliance roles, with specific experience in FedRAMP compliance. Knowledge Skills - Strong understanding of FedRAMP, NIST SP 800-53, ISO 27001, and other relevant frameworks. - Experience in drafting policies, procedures, and SOPs. - Familiarity with GRC tools and platforms (e.g., Archer, ServiceNow GRC). - Excellent communication and documentation skills. - Analytical mindset with attention to detail. Certifications (Preferred) - Certified Information Systems Security Professional (CISSP) - Certified Information Systems Auditor (CISA) - Certified Information Security Manager (CISM) - ISO 27001 Lead or Internal auditor Our Core Values People first. We create collaborative and supportive environments by operating with respect and flexibility to promote mental, emotional and physical health. We practice empathy by treating others the way they want to be treated and assuming positive intent. We are proud of our inclusive diverse team and humble ourselves to learn about and build our connection with each other. Patient focused. We act with swift determination without sacrificing our expectations of quality . We are driven by providing exceptional solutions for our customers to positively impact patient lives. Considering what is at stake, we challenge ourselves to develop the best solution, not just the easy one. Integrity. We hold ourselves accountable and strive for transparent communication to build trust amongst ourselves and our customers. We take ownership of our results as we know what we do matters and collectively we will change the healthcare industry. We are thoughtful and intentional with every customer interaction understanding the overall impact on human health. Curious. We ask questions and actively listen in order to learn and continuously improve . We embrace change and the opportunities it presents to make each other better. We strive to be on the cutting edge of science and technology innovation by encouraging creativity. Impactful. We take our social responsibility with the seriousness it deserves and hold ourselves to a high standard. We improve our sustainability by encouraging discussion and taking action as it relates to our natural, social and economic resource footprint. We are devoted to our humanitarian mission and look for new ways to make the world a better place. Velsera is an Equal Opportunity Employer: Velsera is proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, colour, gender, religion, marital status, domestic partner status, age, national origin or ancestry.

Test Analyst (PAM Solutions) The Test Analyst role involves defining, developing, applying, and assessing tests to analyze systems and software, with a specific focus on Privileged Access Management (PAM) solutions such as Delinea. The role requires strong analytical skills, creativity in problem-solving, and the ability to balance both independent and collaborative work. The successful candidate will be responsible for ensuring the functionality, security, and compliance of PAM solutions through rigorous testing processes. Must Have Qualifications/Skills: Proven experience in software testing, preferably within Privileged Access Management (PAM) or Identity Access Management (IAM). Experience with PAM solutions such as CyberArk, BeyondTrust, Delinea (Thycotic), or Microsoft PAM. Strong understanding of IAM principles, privileged account security, and least privilege access. Hands-on experience with API testing tools (e.g., Postman, SoapUI). Proficiency in test management tools such as JIRA. Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Good-to-Have Qualifications/Skills: Experience working within an Agile (Scrum/Kanban) environment. Knowledge of CI/CD pipelines and DevSecOps practices. Experience with Cloud security testing (AWS, Azure, or Google Cloud). Certifications such as ISTQB, CISSP, CISM, or CyberArk Defender are a plus. Knowledge of security compliance standards (e.g., ISO 27001, GDPR, NIST, PCI-DSS). Skills : PAM (Privileged Access Management) API Testing IAM (Identity Access Management) Software Testing

About the Role: We are looking for an ICS/OT Cybersecurity Engineer with 6 years of experience in auditing ICS/OT environments and conducting risk and vulnerability assessments. The role involves assisting in the review and development of Industrial Cybersecurity programs, security policies, and plans while providing guidance to enhance clients existing OT security programs. Requirements: Strong understanding of cybersecurity frameworks for ICS/OT environments such as ISA-99/IEC 62443, NIST SP 800-82, CIS etc. Solid understanding of OT network communication protocols for example Ethernet/IP, CIP, Modbus, OPC and industrial networking topologies for example ring, star etc. Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architectures and communication technologies. Understanding of MITRE ATTCKS for ICS or NERC CIP frameworks. Interpretation of general cybersecurity frameworks such as ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53. Working knowledge of industrial control systems for example DCS, PLCs, SCADA etc. Industry experience in Food and Beverage, Chemical, Pharma, Semiconductor, Water and Wastewater, Refining, Pulp and Paper, Oil/Gas Pipeline, Power Generation, Electrical Transmission and Distribution, Material Handling or Packaging. Must have Networking certifications for example CCNA, CCNP, JNCIP-ENT, etc. Relevant Cybersecurity certification for example CEH, CISA, CISM, CCSP, etc. Certified professional engineer. #LI-BG1 #LI-NH1

Establish an enterprise key management service strategy, initially focused on lifecycle management and protection of Transparent Database Encryption (TDE) keys, TLS keys, and broad adoption of Hardware Security Modules (HSMs), but capable of expanding to enable additional use cases. include Define and update the Firm s enterprise key management strategy Develop and lead the enterprise key management team and operational support function Provide coaching and mentorship to the enterprise key management team and provide daily tasks needed to realize the long-term strategy Establish the teams functional goals and set priorities and objectives that align with the overall strategy Lead the design and management of enterprise key management service enhancements across the internal infrastructure and cloud environments Work with InfoSec Policy, Certification and Compliance (PCC) team to define and execute a key management compliance program Review and update key management related policies and standards Collaborate with enterprise technology teams in the adoption of the new enterprise key management services Research, evaluate and document technical solutions Ensure adherence to global security policies and standards Present subject matter to project teams, governance forums and other audiences as needed Skills and attributes for success A successful candidate for this role impacts EY by enabling the realization of strategic intent and the design of solutions that directly translate to the security and business enablement of the firm. As such, candidates must possess Experience with Key Management Life Cycle - Key Generation, Storage, Distribution, Backup, Rotation, Revocation, Destruction, etc. Experience with major enterprise key management systems as well as cloud based key management services Hands on experience and knowledge of TLS, PKI, HSMs, KMIP, Digital Certificate Management, Azure Key Vault, and transparent database encryption Hands on experience with and knowledge of Thales CipherTrust Manager and hardware security modules Experience with FIPS 140-2 compliance requirements and implementation Experience in security key management, security standards, cryptography, certificate management lifecycle and PKI Understanding of cloud computing architecture, technical design, and implementation The ability to research and come up to speed quickly on new technology areas To qualify for the role, you must have Degree in Computer Science, Computer Engineering or equivalent 10+ years experience in systems engineering, systems architecture, and solutions integration 5+ years experience in enterprise key management, application layer encryption, and/or transparent data encryption Ideally, you ll also have Experience leading diverse, globally distributed teams Ability to work well in a highly matrixed environment yet builds credibility to drive execution outside of direct chain of command while working across all organizational levels. Strong written and verbal communication skills and thrive in virtual, cross-geo and cross-functional groups. Strong analytical and problem-solving skills. A security industry certification such as CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, or Security+ Ability to work independently or with a team, under minimum supervision.

Firewall Support Manager Location : Vadodara Office (Work from Office) Shift : US shift time (5 days a week) About VikingCloud VikingCloud is the leading Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions faster. Powered by the Asgard Platform, the industry’s largest repository of anonymized cybersecurity and compliance event data, we continuously monitor and analyze over 6+ billion online events every day. Viking Cloud is the one-stop partner trusted by 4+ million customers to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruptions to their business. Our 1,000 dedicated cybersecurity and compliance expert advisors understand that it’s not just about technology. It’s about transacting business and delivering an exceptional customer experience every day, without fail. That’s the measurable value we deliver. And that’s what we call, Business Uninterrupted. This Position We are seeking a highly skilled and experienced Firewall Support Manager to join our team. This position will be responsible for overseeing the implementation, configuration, and maintenance of the organization's firewall systems to ensure the security and integrity of the network. This role involves managing a team of Lead and support engineers, coordinating with other IT departments, and ensuring compliance with security policies and procedures. This role requires strong technical expertise, strategic thinking, excellent communication skills and strong team management skills. Key Responsibilities: Oversee the configuration, administration, and maintenance of firewall systems. Ensure firewalls are updated with the latest security patches and firmware. Monitor firewall performance and security logs to identify and mitigate potential threats. Develop and implement Firewall systems strategies, policies and procedures to safeguard the company's systems, networks and data Conduct regular assessments and audits to identify vulnerabilities and recommend corrective actions Manage the deployment and maintenance of security tools, such as firewalls, intrusion detection/prevention systems and antivirus software Monitor security logs and alerts for suspicious activities and respond to security incidents in a timely manner Collaborate with cross-functional teams to integrate security best practices into software development lifecycle and infrastructure deployment processes Stay up to date on emerging threats, vulnerabilities and security technologies to proactively mitigate risks Provide guidance and support to internal teams on security-related matters, including incident response, data protection and access control Conduct security awareness training and workshops for employees to promote a culture of security awareness and compliance Liaise with external auditors, regulatory agencies and third-party vendors to ensure compliance with relevant standards and regulations Prepare and present reports on cybersecurity metrics, incidents and compliance status to senior management and stakeholders Lead the response to security incidents and breaches. Coordinate with other IT teams to investigate and resolve security issues. Develop and implement incident response plans Project Management Manage firewall-related projects, including upgrades, migrations, and new implementations. Coordinate with vendors and service providers for firewall-related products and services. Ensure projects are completed on time, within scope, and budget. Reporting and Documentation Generate regular reports on firewall performance, security incidents, and compliance status. Maintain detailed documentation of firewall configurations, policies, and procedures. Communicate security updates and status reports to senior management. Team Leadership Manage and mentor a team of firewall support engineers. Assign tasks, provide technical guidance, and conduct performance reviews. Develop training programs (in collaboration with offshore team)to enhance the team's skills and knowledge. Improve customer satisfaction metric, through stable transparent service Deliver better than agreed customer SLAs. Continuous Improvement Monitor and assist their team to meet individual metrics for Level 1 Support Engineer Identify and suggest process improvements as they arise. Participate in departmental training activities including training programs in support of new technologies, procedures, and customer service enhancements. Assist the Manager on creating training needs Work closely with the Quality Team: Plan the required Trainings based on the feedback Work closely with the Leads to develop improvement plan for the Team-members based on the feedback Technical Skills Knowledge and experience with network protocols and concepts including SSH, FTP, ICMP, TCPIP (IPv4 & IPv6), Network Address Translation (NAT), SNMP, IPSec, GRE, QoS, and VLANs. Ability to interpret output from network traffic analysis tools such as Ethereal (Wireshark) Hands-on experience with Meraki and Fortinet firewalls. Ability to effectively collaborate in a dynamic team environment. Monitor performance, capacity, and availability of the firewalls on an ongoing basis. Recommend improvements in technologies and practices to increase these metrics. Maintain awareness of and familiarity with trends and new developments in technologies used in, or appropriate for use in, firewall support and operating infrastructure. Work with the direct manager, other senior member of the team to develop firewall architectures, technologies, and quality assurance policies and procedures. Education Bachelor’s degree in computer science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable. Experience: Minimum of 10+ years of experience in firewall management and network security. Proven experience in leading and managing a technical support team. Skills: In-depth knowledge of firewall technologies (e.g., Cisco, Palo Alto, Fortinet). Strong understanding of network protocols, security architectures, and best practices. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to manage multiple tasks and projects simultaneously

Role Summary & Key Responsibilities: • Lead the design and architecture of GRC solutions that integrate risk assessments, DR planning, privacy controls, and regulatory compliance measures. • Oversee technical teams to develop standardized processes and deliver high-quality compliance outputs. • Ensure that technical solutions align with Boeings regulatory and operational requirements. Key Skills & Qualifications: • Over 10- 16 years experience in cybersecurity architecture and governance. • Strong technical expertise in compliance frameworks (e.g., NIST, SOX, DFARS) and familiarity with ITSM and risk management tools. • Demonstrated leadership and project management skills; relevant certifications such as CISSP, CISM, or CRISC are highly preferred

Role & responsibilities Role Summary & Key Responsibilities: • Lead the design and architecture of GRC solutions that integrate risk assessments, DR planning, privacy controls, and regulatory compliance measures. • Oversee technical teams to develop standardized processes and deliver high-quality compliance outputs. • Ensure that technical solutions align with Boeings regulatory and operational requirements. Key Skills & Qualifications: • Over 10- 16 years experience in cybersecurity architecture and governance. • Strong technical expertise in compliance frameworks (e.g., NIST, SOX, DFARS) and familiarity with ITSM and risk management tools. • Demonstrated leadership and project management skills; relevant certifications such as CISSP, CISM, or CRISC are highly preferred.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Governance Good to have skills : NA Minimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). You will be responsible for ensuring the successful execution of projects and maintaining the highest level of security governance. Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have influencing and Advisory skills. Engage with multiple teams and responsible for team decisions. Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems. Lead the implementation and delivery of Security Services projects. Leverage our global delivery capability (method, tools, training, assets) to ensure successful project execution. Maintain the highest level of security governance. Collaborate with multiple teams to make informed decisions. Provide advisory services to stakeholders on security matters. Identify and address security risks and vulnerabilities. Develop and implement security policies and procedures. Ensure compliance with regulatory requirements and industry best practices. Lead incident response and investigation activities. Conduct security audits and assessments. Stay up-to-date with the latest security trends and technologies. Train and educate employees on security awareness and best practices. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Governance. Strong understanding of security frameworks and standards. Experience in developing and implementing security policies and procedures. Knowledge of regulatory requirements and industry best practices. Experience in incident response and investigation. Good To Have Skills:Experience with security risk assessment and management. Familiarity with security technologies and tools. Knowledge of cloud security principles and practices. Additional Information: The candidate should have a minimum of 18 years of experience in Security Governance. This position is based at our Pune office. A 15 years full time education is required. Qualifications 15 years full time education