752 Cism Jobs - Page 18

Not Applicable Specialism Microsoft Management Level Senior Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. & Summary We are looking for experienced members with strong analytical and problemsolving abilities willingness and to learn new technologies and adapt to changing project requirements ability to prioritize tasks and manage time effectively to meet deadlines good verbal and written communication skills ability to work collaboratively in a team setting Responsibilities 1. Review application source code based on the industry standard security frameworks and organizations internal security policy. 2. Running the source code scan and analyzing the results derived from the SAST platform. 3. Coordinate with application development teams to ensure identified gaps are fixed in proper time. 4. Work with the application development team to eliminate false positives, to clarify compensating security controls. 5. Closely work with issue management team to ensure proper remediation plans are in places with well documented records. 6. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed. 7. Work closely with other team members, including project leads, regional leads and territory security leadership team. 8. Provide regular updates on progress and issues to project managers and stakeholders Mandatory skill sets 1. Strong knowledge of secure coding practices and common security vulnerabilities (e.g., OWASP Top 10). 2. Strong knowledge of Industry standard SAST tools (e.g. Veracode, Fortify on Demand). 3. Strong knowledge of Industry standard SCA tools (e.g. Blackduck). 4. Strong knowledge in manual and toolbased code review process, focusing on OWASP methodology. 5. Strong Knowledge of security vulnerability identification and remediation methodologies. 6. Familiarity with industry standard security frameworks and policies. 7. Strong knowledge of DevSecOps practices and integration of security within CI/CD pipelines. Preferred skill sets Desirable Skills 1. CEH, CISM, CCSK Years of experience required 57 yrs Education qualification BTech/BE/MTech from reputed institution/university as per the hiring norms Education Degrees/Field of Study required Bachelor of Technology, Master of Engineering Degrees/Field of Study preferred Required Skills Static Application Security Testing (SAST) Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more} Travel Requirements Government Clearance Required?

About the Role: We are looking for a dynamic driven information security professional to lead the information security at Voltmoney. This role is responsible for setting and executing the vision, strategy and program to protect all information assets and technologies within the organization. The ideal candidate will bring extensive expertise in cybersecurity, risk management and regulatory compliance, with a strong focus on the financial services sector. Having detailed knowledge of the certification process and RBI compliance guidelines would be a great fit for the role. Key Responsibilities: - Develop and implement comprehensive information security strategies, policies, standards, and procedures aligned with industry best practices and regulatory standards while working directly with CISO. - Lead the creation and maintenance of robust security controls to protect all information assets, including networks, systems, applications, and data. - Conduct regular risk and vulnerability assessments to identify and mitigate potential security threats. - Establish incident response and business continuity plans for effective recovery from security incidents or breaches. - Collaborate with IT, risk management, compliance, and legal teams to integrate security into all business processes. - Stay updated on emerging security threats, industry trends, and technologies, advising on best practices and innovations. - Oversee security awareness and training programs to ensure a culture of security throughout the organization. - Act as the primary liaison for internal and external stakeholders, including regulatory agencies, auditors, and vendors, on all security matters. - Regularly report to executive leadership and the board on the organizations information security posture and improvements. Qualifications: - Bachelors or Masters degree in Computer Science, Information Technology, Cybersecurity or a related discipline. - 2 to 4 years of experience in information security, preferably within the financial services sector. - In-depth understanding of security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, GDPR, and PCI DSS. - Strong knowledge of networking, systems architecture and cloud computing. - Demonstrated experience in risk assessment, penetration testing, and security audits. - Excellent communication skills to translate technical concepts for non-technical stakeholders. - Relevant certifications (e.g., CISSP, CISM, CRISC) are highly preferred. - Proven ability to lead security initiatives and deliver results in a dynamic environment. Benefits: - Competitive salary based on experience and qualifications. - Health insurance coverage for employees and dependents. - Professional development support, including certification and education opportunities. - This role is ideal for a cybersecurity leader passionate about developing and overseeing high-impact security programs in a fast-paced financial environment. ","

Desired Candidate The ideal candidate is a proactive and detail-oriented professional with strong leadership skills and a passion for cybersecurity. They should have excellent communication abilities to convey technical concepts to diverse audiences and a proven track record of managing teams and fostering a culture of security awareness. Adaptable and ethical, the candidate thrives in dynamic environments and collaborates effectively to address evolving cyber threats while maintaining the highest standards of confidentiality and integrity. Responsibilities: Strategic Planning: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with organizational goals. Risk Management: Identify, assess, and mitigate potential cybersecurity risks and vulnerabilities across systems, applications, and networks. Incident Response: Lead and coordinate incident response activities, ensuring quick containment, recovery, and root-cause analysis of security breaches. Compliance and Standards: Ensure adherence to relevant regulatory standards (e.g., GDPR, ISO 27001) and internal security policies. Team Collaboration: Lead and mentor the cybersecurity team, fostering skill development and ensuring alignment with security objectives. Stakeholder Communication: Act as a liaison between technical teams and senior management, translating technical risks into business terms. Continuous Improvement: Monitor and evaluate the effectiveness of security measures, and recommend enhancements to maintain a robust security posture. Tool and Technology Management: Oversee the deployment and management of security tools (e.g., SIEM, firewalls, endpoint protection, etc.) to ensure system integrity and confidentiality. Training and Awareness: Develop and conduct security training programs to promote awareness and compliance across the organization. Requirements: Education: Bachelors or Masters degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 6-10 years of experience in cybersecurity roles with progressive leadership responsibilities. Certifications: CISSP (Certified Information Systems Security Professional)[Ongoing is acceptable]. Additional certifications (e.g., CISM, CEH) are a plus. Technical Expertise: Strong understanding of security architecture, protocols, and best practices. Experience with tools like SIEM, IDS/IPS, endpoint security, firewalls, and vulnerability management systems. Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments. Soft Skills: Excellent verbal and written communication skills for technical and non-technical audiences. Strong leadership, project management, and team collaboration abilities. Analytical and problem-solving mindset with attention to detail.

Job Title: Information Security Officer (ISO) Corporate Title: AS Role Description The role of an Information Security Officer (ISO) is of a role holder aligned to a portfolio of applications (Application ISO). The ISO has the responsibility for the operational aspects of ensuring compliance with the Information Security Principles. The ISO is the primary contact for information security relevant matters within their area of responsibility. The ISO has a disciplinary reporting line into their Line Manager and a functional reporting line into the Divisional CISO. Your key responsibilities To assume the ownership and responsibility for the assigned IT assets, in line with the DB Group Information Security management processes and the Divisional ISMS. To support the development and maintenance of Information Security policies and procedures pertaining to the Unit in accordance with the Information Security policies and procedures of DB Group. To support the management of IS Risks within the Risk Appetite defined by the ISR. To execute the IS Risk assessments and compliance evaluations for assigned IT assets To ensure the execution of information security risk management requirements in their area of responsibility as additionally defined by the Divisional ISO (e.g., conducting risk assessments on an organizational basis, preparing and implementing management action plans to mitigate identified risks) To ensure the implementation of Identity and Access Management Processes and the execution of a periodic recertification of User Access Rights in their area of responsibility To provide timely updates to the Divisional ISO regarding the aforementioned information security management tasks To ensure that application entries regarding information security (e.g., Data Protection and Data Privacy fields) in the Groups inventory of applications are accurate and up to date To implement Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach Keep oneself informed of the Information Security Principles and its subordinate documents and liaise with any other necessary parties to accomplish their tasks. These resources may be e.g., the TISO, ITAO or any other subject matter experts To ensure appropriate documentation of information security risk management in area of responsibility. This includes major decisions including identified and assessed risks as well as risk mitigation measures To deliver all items requested during regulatory and internal Information Security related audits Your skills and experience Essential Candidate should have a minimum of 8 years of business experience in an operation management / risk management capacity, working knowledge in various banking products with strong communications skills Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within Banking Operations Good understanding of Regulatory, Compliance, Risk & Control Knowledge Have sound knowledge of Identity and Access Management Process Ability to multitask and manage multiple deliverables / projects that are highly visible and of strategic importance to our clients Ability to effectively communicate with clients internally and externally Must be a team player and facilitator Desirable Solid technical understanding of the business (CB Operations) including strong knowledge of application security related processes. Knowledge of electronic banking products and flow of instructions Computer proficiency in MS Office and ability to utilize IT initiatives to achieve a high degree of operational efficiency, optimize costs and add value to the service provided Innovative approach to work and continuously identify and implement process improvements Seek opportunities to improve service processes, minimize operational risk and reduce costs Strong analytical skills, detail orientation, service commitment and solid people management skills Strong awareness of risk control Education / Certification Graduation degree CRISC Desired: CISA/CISM/CISSP

Our story At Alight, we believe a company s success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to Be Alight. Our Values: Champion People - be empathetic and help create a place where everyone belongs. Grow with purpose - Be inspired by our higher calling of improving lives. Be Alight - act with integrity, be real and empower others. It s why we re so driven to connect passion with purpose. Alight helps clients gain a benefits advantage while building a healthy and financially secure workforce by unifying the benefits ecosystem across health, wealth, wellbeing, absence management and navigation. With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Alight is the perfect place to put your passion to work. Join our team if you Champion People, want to Grow with Purpose through acting with integrity and if you embody the meaning of Be Alight. Learn more at careers.alight.com . As a Senior Cloud Security Analyst , you will play a critical role in ensuring the security and compliance of our cloud infrastructure. You ll collaborate with cross-functional teams to design, implement, and maintain robust security measures across our cloud platforms. Your expertise will be instrumental in safeguarding our systems, data, and applications. You will assist in the wider operational activities including but not limited to validating and addressing identified security risks, Data Security, SOC1/SOC2 Audits, Client Audits, security certifications, vulnerability testing and support management teams during security incident events. You should be confident and capable of explaining the risk and remediation positions for threats as part of the global security incident management process related to cloud security. Duties & Responsibilities Cloud Security Posture Management (CSPM): Drive remediation of open security risks. Collaborate with the Information Security and compliance team to develop global cloud security architecture and maturity standards. Evaluate and respond to alerts and events from security tools, fine-tuning configurations to minimize false positives. Develop event response documentation and processes for the Security Operations Center. Work closely with Cloud Operations teams to define and implement security standards and best practices. Maintain documentation and diagrams for security tools, system environments, and cloud operations. Host Configuration Management: Conduct regular scans of host configurations to identify configuration violations and ensure compliance with security policies and CIS Benchmarks. Develop and implement remediation plans for identified violations. Collaborate with IT and DevOps teams to ensure secure configurations are maintained. Cloud Workload Protection: Perform vulnerability assessment on container images and containerized environments using industry standard tools. Identify, assess, assign, and report vulnerabilities throughout the container lifecycle. Work with development teams to ensure vulnerabilities are addressed in a timely manner. Implement security controls and best practices for container orchestration platforms. Combine security assessment tools with automation to proactively identify and remediate vulnerabilities. Collaborate with functional-area architects and security specialists to ensure adequate controls are in place. Incident Response Monitoring: Monitor and analyze security logs and events. Respond promptly to security incidents, investigating and containing threats. Work within a DevOps security model to automate incident response. Serve as a subject matter expert (SME) for security tools and processes. Position Requirements: Bachelor s or Master s degree in Computer Science, Engineering, Information Security, or similar boot camp certifications. Relevant certifications (e.g., AWS, CISSP, CCSP, CISM, GSEC) are highly desirable. Proven experience in cloud security, vulnerability management, and/or incident response. Strong knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud-optional). Familiarity with security assessment tools (e.g. Host Configuration Management, Cloud Security Posture Management (CSPM), cloud native tools, Vulnerability scanners, etc). Experience with developing and managing software application(s), APIs, or cloud infrastructure Familiarity with one to many programing languages and infrastructure as Code (IAC) Ability to collaborate effectively with cross-functional global teams. Alight requires all virtual interviews to be conducted on video. Flexible Working So that you can be your best at work and home, we consider flexible working arrangements wherever possible. Alight has been a leader in the flexible workspace and Top 100 Company for Remote Jobs 5 years in a row. Benefits We offer programs and plans for a healthy mind, body, wallet and life because it s important our benefits care for the whole person. Options include a variety of health coverage options, wellbeing and support programs, retirement, vacation and sick leave, maternity, paternity & adoption leave, continuing education and training as well as several voluntary benefit options. By applying for a position with Alight, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Alight s employment policies. Background checks may include some or all the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, credit check, and/or drug test. You will be notified during the hiring process which checks are required by the position. Our commitment to Inclusion We celebrate differences and believe in fostering an environment where everyone feels valued, respected, and supported. We know that diverse teams are stronger, more innovative, and more successful. At Alight, we welcome and embrace all individuals, regardless of their background, and are dedicated to creating a culture that enables every employee to thrive. Join us in building a brighter, more inclusive future. As part of this commitment, Alight will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If reasonable accommodation is needed, please contact alightcareers@alight.com . Equal Opportunity Policy Statement Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state, or local law. In addition, we take affirmative action to employ, disabled persons, disabled veterans and other covered veterans. Alight provides reasonable accommodations to the known limitations of otherwise qualified employees and applicants for employment with disabilities and sincerely held religious beliefs, practices and observances, unless doing so would result in undue hardship. Applicants for employment may request a reasonable accommodation/modification by contacting their recruiter. Authorization to work in the Employing Country Applicants for employment in the country in which they are applying (Employing Country) must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the Employing Country and with Alight. Note, this job description does not restrict managements right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units. We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization. ."

OPL, is a revolutionary digital credit infrastructure company that develops and integrates cutting-edge technology to automate and digitize lending for both borrowers and lenders. The company addresses the challenges of credit distribution to MSMEs and retail borrowers. To expand its digital footprint and utilize its infrastructure, the company is diversifying into several industry segments. Job Description: As the VP Security / Deputy CISO, you will be responsible for developing and implementing the companys information security strategy to ensure the confidentiality, integrity, and availability of our systems and data. You will lead a team of cybersecurity professionals and work closely with other departments to identify risks, implement security measures, and respond to security incidents. Key Responsibilities: Develop and implement the companys information security strategy, policies, and procedures. Lead a team of cybersecurity professionals, providing guidance, mentorship, and support. Conduct regular risk assessments and vulnerability assessments to identify and prioritize security risks. Implement security controls and measures to mitigate risks and ensure compliance with relevant regulations and standards. Monitor and analyze security events and incidents and respond promptly to security breaches or incidents. Oversee security awareness and training programs for employees to promote a culture of security awareness. Collaborate with other departments, including IT, legal, and compliance, to integrate security into all aspects of the business. Stay current with emerging cybersecurity threats, technologies, and best practices, and recommend appropriate security solutions and enhancements. Prepare and present reports on the companys security posture, incidents, and initiatives to senior management and stakeholders. Qualifications: Bachelors degree in computer science, information technology, cybersecurity, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) preferred. Proven experience (15+ years) in a senior cybersecurity leadership role, with a track record of developing and implementing effective security strategies. Strong technical knowledge of cybersecurity technologies, tools, and best practices. Excellent leadership, communication, and interpersonal skills, with the ability to collaborate and influence stakeholders at all levels of the organization. Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple projects and tasks effectively. Experience working in a regulated industry (e.g., finance, healthcare, government) preferred. Knowledge of relevant regulations and standards (e.g., GDPR, HIPAA, ISO 27001:2022) and experience with compliance assessments and audits. If you believe that the future lies in innovation and have the ability to come up with ideas that are unconventional in the fintech space, you can apply to be a part of the OPL team.

Function: Technology Risk - 1 st Line of Defence Industry: Banking & Financial Services (Institutional / Non-Retail) Job Summary: Our Global banking client is seeking a dynamic and technically sound AVP Technology Risk Professional to join, 1st Line of Defence (1LOD) risk function within the Institutional Banking Technology domain. This role requires hands-on experience in IT Risk and Controls, Cybersecurity, and Information Security, with a strong foundation in control testing and monitoring. The ideal candidate will have worked in the banking sector, preferably in a foreign bank, supporting non-retail (institutional) business units and engaging directly with banking and tech regulators across multiple geographies. Please contact Krati Arora or email your cv directly in word format with job reference number: JOB 14995 to Please note that due to the high number of applications only shortlisted candidates will be contacted. If you do not hear from us in the next 5 business days, we regret to inform you that your application for this position was unsuccessful. Apply for this Job Key responsibilities Act as the 1st line owner of technology risk and controls within institutional banking. Conduct control testing and monitoring, ensuring alignment with internal policies and regulatory expectations. Identify, manage, and report non-financial risks; escalate and track risk issues and findings to closure. Collaborate with 2nd line risk and assurance functions to ensure holistic risk coverage. Participating in or lead governance forums and meetings, driving risk discussions with stakeholders. Ensure timely documentation and remediation of audit findings and issues. Maintain compliance with risk governance frameworks, providing evidence of effective control operation. Support teams across 19 geographies, adapting to diverse regulatory and risk environments. Role requirements 8-12 years of experience in IT risk, technology controls, or technology assurance in the BFSI sector. Solid understanding of technology risk frameworks, information security, and cybersecurity principles. Hands-on experience with control design and testing, issue management, and risk assessments. Exposure to working with or managing tech or banking regulatory requirements. Strong stakeholder management and communication skills to engage across levels and functions. Demonstrated ability to think end-to-end in risk processes. Experience working in or with foreign banks and familiarity with global banking regulations Certifications (Preferred but not mandatory): CISA / CISM / CRISC / CISSP / ISO 27001 / or any other relevant industry certifications. Mandatory Requirements: Prior experience in the banking sector (non-negotiable). Understanding of risk and control management in the 1st Line of Defence. Proven capability to manage technology risks in a complex, global banking environment.

Act as the 1st line owner of technology risk and controls within institutional banking. Conduct control testing and monitoring, ensuring alignment with internal policies and regulatory expectations. Identify, manage, and report non-financial risks; escalate and track risk issues and findings to closure. Collaborate with 2nd line risk and assurance functions to ensure holistic risk coverage. Participating in or lead governance forums and meetings, driving risk discussions with stakeholders. Ensure timely documentation and remediation of audit findings and issues. Maintain compliance with risk governance frameworks, providing evidence of effective control operation. Support teams across 19 geographies, adapting to diverse regulatory and risk environments. Role requirements 8-12 years of experience in IT risk, technology controls, or technology assurance in the BFSI sector. Solid understanding of technology risk frameworks, information security, and cybersecurity principles. Hands-on experience with control design and testing, issue management, and risk assessments. Exposure to working with or managing tech or banking regulatory requirements. Strong stakeholder management and communication skills to engage across levels and functions. Demonstrated ability to think end-to-end in risk processes. Experience working in or with foreign banks and familiarity with global banking regulations Certifications (Preferred but not mandatory): CISA / CISM / CRISC / CISSP / ISO 27001 / or any other relevant industry certifications. Mandatory Requirements: Prior experience in the banking sector (non-negotiable). Understanding of risk and control management in the 1st Line of Defence. Proven capability to manage technology risks in a complex, global banking environment.

Role & responsibilities Strong understanding of cybersecurity standards, practices, and policies Hands on experience with Security Technologies such as SIEM, Secure web gateway, mail protection, endpoint protection / EDR, WAF, Identity & Threat protection, etc. Hands on experience of security tools implementation including initial setup, configuration and managing daily operations Experience with Windows, Linux, and MacOS architectures Knowledge of security best practices for on-premises virtualization (VMware) and multiple cloud platforms (e.g.: Azure, GCP, AWS) Understanding of network concepts and protocols, including monitoring logs for anomalous activity Proven experience in leading projects and managing vendor relationships Excellent communication skills, with the ability to assertively address Information Security challenges Familiarity with risk analysis and mitigation methodology, security policy and procedure development, incident response and handling, security training and awareness Hands on knowledge of incident response (investigating BEC, phishing, etc.) Hands on experience on reviewing and analyzing IIS and/or Kubernetes logs for threat investigation Technical/Domain Skills: Security related certifications (e.g., CISSP, CISM, or equivalent) Scripting and automation capabilities via tools like: Python, Bash, PowerShell, API Active engagement in Information Security communities, keeping apprised of the latest tools, technologies, and threats Education (Required): Education: BE / B. Tech Work Experience (Required): •10 to 12 years of experience

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 36 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

Date 31 May 2025 Location: Bangalore, IN Company Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Could you be the full-time Security into Project Specialist in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. Youll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, youll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. Youll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. Well look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with cutting-edge security standards for rail signalling Collaborate with transverse teams and supportive colleagues Contribute to innovative projects that shape the future of transportation Utilise our dynamic working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards leadership roles within the cybersecurity domain Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Dear Candidate, Greetings. We are hiring for the role of Biso Helius Technologies Hyderabad. Work mode – Work from office Project – Singlife Exp – 10 to 15 years Please find the below JD for your reference. Role: BISO Work Location: Hyderabad (ODC) Key Responsibilities Focuses on Core BISO activities: Conduct Information Security Business Impact Assessments (ISBIA) for Projects, Applications, and Third-Party Outsourcing arrangements, aligning with Singlife Standards. Collaborate with Technology and Business units to evaluate the impact of control deficiencies. Lead the implementation of IS standards at the business level, ensuring alignment of procedures and practices with established standards. Collaborate in creating Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) using appropriate tools. Engage with Security Incident Response Teams to guide the resolution and closure of incidents, offering proactive recommendations. Generate periodic IS risk management reports, highlighting critical issues and proposing corrective action plans. Ensure adherence to IS standards and best practices across diverse disciplines. Support the business during audit reviews and regulatory inspections related to IS matters. Maintain vigilant oversight of IS programs, encompassing programs, policies, and associated reporting within the business landscape. Collaborate with business units to rectify non-compliance in processes, applications, and outsourcing activities. 1. 2. Act as a Business Partner Regularly communicate and interact with Management and Employees, enhancing understanding of IS-related programs, policies, and standards. Leverage the ISO network to share resources, extract best practices, and enhance operational efficiency. Validate compliance with security controls within business contracts. Evaluate the alignment of IS processes with business needs, particularly concerning software and internet usage. Conduct Information and Cyber Security Awareness training to fortify organizational preparedness. Partner with application managers or the Technology Information Security Officer (TISO) to address specific technical requirements. Stay relevant to evolving cybersecurity regulations (MAS, CSA, GIA, LIA) to provide subject matter expert feedback. Assess the impact of new and updated regulations promptly by partnering with the ISO, Technology & Operations community. 3. Other Requirements Demonstrate skill in delivering compelling presentations and managing complex programs. Display exceptional aptitude in consulting, problem-solving, and analytical capabilities. Exhibit a proactive, assertive, service-oriented demeanour while effectively functioning as a cohesive team player. Demonstrate the ability to manage concurrent tasks and prioritize effectively, even in conflicting timelines. Key Decisions within the Role Be the gatekeeper of the IS business impact assessments (ISBIA) processes and ensure applications within Singlife adhere to IS standards. Team Direct and indirect accountability for Information Security Officers Requirements Experience Minimum 10 years of experience in Information security. In areas such as security governance, risk management, application security design, security project management or security operation. • Professional Certifications CISSP, CISM, CISA, SANS, Cloud would be preferred. Education Bachelor’s degree in IT, Engineering or equivalent Skill Matirx- Skill Candidate's self- assessment (Score 1-5) Primary: InfoSec experience Secondary: Risk/Governance/Assurance framework Experience in conducting Infosec Training Excellent Communication/Presentation skills Infosec Certifications Primary: Cybersecurity regulations Secondary: Creation of Risk Acceptance/Risk Exceptions/CAPs Monetary Authority of Singapore (MAS) regulations Awareness of Security Control . Compliance Security Audits . Please revert with update profile if you find it interesting. Feel free to reach out for any queries. Role & responsibilities Preferred candidate profile

Location: Thane What does a successful Internal Audit- IT professional do at FISERV? Efficiently conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals

Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Introduction Welcome to Gallagher - a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where youll play a pivotal role in shaping Gallaghers future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. Overview The Business Information Security Officer (BISO) - India is responsible for managing the Gallagher Cyber Information Security (GCIS) program of works for the Indian region. This includes identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India, in a manner that meets compliance and regulatory requirements, as well as aligning with the companys risk appetite. In addition to reporting on a regular basis to the UK - based EMEA BISO, this role will work closely with: IT Directors of India and Local CTO for Gallagher India and Gallagher Centre of Excellence The India Senior Business Leaders for IT and QA Transition GCIS Colleagues globally who have global remits (application security, identity management etc) The India division s ISMS manager in maintaining their ISO27001 certification GCIS Project Managers delivering both new and enhanced capabilities. This is a hybrid role, in office 2-3 days per week, and can be based out of either our Pune or Bangalore offices, with some travel between the two expected. How youll make an impact Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant About you Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Introduction Welcome to Gallagher a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where youll play a pivotal role in shaping Gallaghers future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. Overview The Business Information Security Officer (BISO) India is responsible for managing the Gallagher Cyber Information Security (GCIS) program of works for the Indian region. This includes identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India, in a manner that meets compliance and regulatory requirements, as well as aligning with the companys risk appetite. In addition to reporting on a regular basis to the UK - based EMEA BISO, this role will work closely with: IT Directors of India and Local CTO for Gallagher India and Gallagher Centre of Excellence The India Senior Business Leaders for IT and QA Transition GCIS Colleagues globally who have global remits (application security, identity management etc) The India division s ISMS manager in maintaining their ISO27001 certification GCIS Project Managers delivering both new and enhanced capabilities. This is a hybrid role, in office 2-3 days per week, and can be based out of either our Pune or Bangalore offices, with some travel between the two expected. How youll make an impact Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant About you Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the commu nities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out Th e Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color , religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business. ","

Job Title Services Owner - Security Job Description About Signify Through bold discovery and cutting-edge innovation, we lead an industry that is vital for the future of our planet: lighting. Through our leadership in connected lighting and the Internet of Things, were breaking new ground in data analytics, AI, and smart solutions for homes, offices, cities, and beyond. At Signify, you can shape tomorrow by building on our incredible 125+ year legacy while working toward even bolder sustainability goals. Our culture of continuous learning, creativity, and commitment to diversity and inclusion empowers you to grow your skills and career. Join us, and together, we ll transform our industry, making a lasting difference for brighter lives and a better world. You light the way. More about the role This is an exciting job opportunity for you to light the way as a Services Owner - Cyber Security in Bangalore with Signify. This role will be responsible to collaborate closely with Corporate Security Function, implement policies and tools to improve Security Footprint for Signify. Responsibilities includes Maintain and optimize security configurations across endpoints, networks, servers, cloud platforms, and OT systems where applicable. Lead the implementation of cybersecurity projects, including tooling deployment, infrastructure security upgrades, and technical remediation efforts, in alignment with risk priorities. Work with Corporate Security team to define / understand security policies, protocols, and procedures to protect organizational assets, data, and personnel. Work with Corporate Security and Audit teams to define reassessment calendar, coordinate for regular assessments and audits to identify vulnerabilities and ensure compliance with security standards. Ensure security changes are executed safely and in line with ITIL or equivalent change processes. Work with Application Services, Backbone Services and Architecture teams to clearly define Operational procedure to implement and monitor security controls across infrastructure and application landscape. Drive Security maturity scores for Cloud infrastructure like M365, Azure, AWS and Private Cloud. Enable security awareness, policies, and procedures sessions for employees Budget Management: Manage the security budget, including equipment, personnel, and expenses. Coordinate with relevant stakeholders to develop and maintain emergency response plans. Conducting regular security audits of physical and IT infrastructure. Developing and implementing robust operational procedures around security to protect the company s assets, employees and facilities. Assessing potential risks and vulnerabilities, investigating security breaches and reinforcing appropriate measures to mitigate them. Leading and managing a team of security operational personnel, including hiring, training and performance management. Collaborating with cross-functional teams to ensure integration of security requirements into business processes and projects. More about you While we value and appreciate all applicants, we believe that the following experience and skills will be needed to shine brightly in this job opening: Qualifications: Education: Bachelors degree in Computer Science, Information Systems, Cybersecurity, or related field. Certifications: Relevant certifications such as CISSP, CISM, GSEC, or vendor-specific certifications (e.g., Microsoft/AWS Security, Palo Alto, etc.). Experience: 8-12 years in cybersecurity operations or infrastructure security, including 2-3 years in a managerial or team lead role. Technical Skills: Experience managing enterprise security tools (SIEM, EDR, firewalls, etc.) Strong understanding of Windows, Linux, and cloud platform security (Azure/AWS) Familiarity with patching, system hardening, secure configuration baselines (e.g., CIS Benchmarks) Soft Skills: Strong execution focus, project delivery skills, and ability to manage competing priorities Excellent communication and collaboration skills with both technical and business stakeholders Preferred Qualifications: Experience in the electronics or manufacturing industry, including OT/ICS security exposure Familiarity with regulatory frameworks and controls (e.g., NIST, ISO 27001, SOX) Hands-on experience with automation tools (e.g., Ansible, SOAR platforms) Everything we ll do for you You can grow a lasting career here. We ll encourage you, support you, and challenge you. We ll help you learn and progress in a way that s right for you, with coaching and mentoring along the way. We ll listen to you too, because we see and value every one of our 30,000+ people. We believe that a diverse and inclusive workplace fosters creativity, innovation, and a full spectrum of bright ideas. With a global workforce representing 99 nationalities, we are dedicated to creating an inclusive environment where every voice is heard and valued, helping us all achieve more together. List the benefits here Come join us, and together we can light the way. Play a crucial role in the secure execution of digital operations across a global, technology-driven enterprise Collaborate with leading experts in cybersecurity, infrastructure, and risk management Be part of a high-impact team where operational excellence meets innovation and global scale

FS XSector Specialism Risk Management Level Senior Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In identity and access management at PwC, you will focus on confirming secure and efficient access to systems and data for employees and/or clients. Your work will involve the design and implementation of strategies to protect sensitive information and manage user identities. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . & Summary As a Senior Associate in Identity & Access Management, you will play a critical role in the design, implementation, and management of IAM solutions for our clients. This is a handson technical role, requiring deep expertise in IAM technologies and the ability to work closely with clients to address their security challenges. Responsibilities Key Responsibilities Assist in the design and implementation of IAM solutions tailored to client needs, focusing on identity governance, authentication, authorization, and access control. Configure and deploy IAM technologies, such as Saviynt, Okta, Microsoft Entra, 1Kosmos or similar platforms, ensuring seamless integration with existing systems. Conduct technical assessments and audits of clients IAM environments to identify vulnerabilities and areas for improvement. Collaborate with client teams to troubleshoot and resolve IAMrelated issues, providing technical support and guidance. Develop and maintain documentation for IAM processes, configurations, and best practices. Implement rolebased access controls and identity lifecycle management processes to enhance security and compliance. Support the development and execution of IAM strategies and roadmaps in alignment with business and regulatory requirements. Stay uptodate with the latest IAM trends, tools, and technologies to provide clients with innovative solutions. Contribute to the creation of technical reports and presentations for clients, articulating IAM concepts and solutions clearly. Work closely with crossfunctional teams within the firm to deliver comprehensive cybersecurity solutions. Bachelor s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Relevant certifications (e.g., CISSP, CISM, or similar) are a plus. 57 years of experience in IAM, with handson experience in implementing and managing IAM technologies. Strong technical expertise in IAM platforms such as Saviynt, Okta, Microsoft Entra, 1Kosmos or other similar technologies. Proficient in identity lifecycle management, authentication protocols (e.g., SAML, OAuth, OpenID), and directory services. Strong analytical and problemsolving skills, with attention to detail and a commitment to delivering highquality work. Excellent communication skills, with the ability to work collaboratively with clients and team members. Selfmotivated and capable of working independently in a fastpaced consulting environment. Willingness to travel as required to meet client needs. Mandatory skill sets Strong technical expertise in IAM platforms such as Saviynt, Okta, Microsoft Entra, 1Kosmos or other similar technologies. Preferred skill sets Identity Access Management Years of experience required 5+ Education qualification BE Btech MBA MCA Education Degrees/Field of Study required Master of Business Administration, Bachelor of Engineering, Bachelor of Technology Degrees/Field of Study preferred Required Skills IAM Tools Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Analytical Thinking, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, Creativity, CyberArk Management, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), IdentityBased Encryption, Identity Federation, Identity Governance Framework (IGF) {+ 23 more} No

Job Title: Information Security Project Manager Location : Guwahati (Assam) Department : Information Security Team : Security Business Services Reports To : Security Business Services CISO Job Summary: The Information Security Project Manager will oversee and manage security-related projects to ensure that they are completed on time, within scope, and within budget. This role requires a strong understanding of information security principles and practices, combined with exceptional project management skills. You will coordinate with cross-functional teams, manage project risks, and ensure that security initiatives align with organizational goals and compliance requirements. Key Responsibilities: Project Planning and Management: Develop and execute comprehensive project plans to ensure timely and successful completion of information security initiatives. Stakeholder Coordination: Collaborate with key stakeholders to align project goals with organizational objectives and ensure smooth communication throughout the project lifecycle. Risk Management: Identify, assess, and mitigate potential risks to the project, ensuring compliance with security protocols and minimizing vulnerabilities. Budget Management: Oversee project budgets, ensuring resources are allocated effectively and financial constraints are adhered to while maintaining project scope and quality. Team Leadership: Lead cross-functional teams, fostering collaboration, accountability, and performance to meet project objectives and deadlines. Compliance and Quality Assurance: Ensure adherence to industry standards, regulatory requirements, and best practices to maintain high levels of security and quality assurance. Reporting and Documentation: Prepare regular status reports and maintain detailed documentation on project progress, risks, and outcomes for stakeholder review. Change Management: Manage and facilitate changes within the project scope, ensuring minimal disruption and alignment with evolving security needs. Continuous Improvement: Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of project execution. Vendor Management: Manage relationships with external vendors, ensuring they meet contractual obligations and deliver secure, high-quality solutions. Prepare executive-level presentations for leadership, highlighting key updates and progress. Share weekly status reports with stakeholders, summarizing project activities and timelines. Create and manage a comprehensive project delivery plan to address cybersecurity requirements, ensuring alignment with national security priorities. Partner with the Internal Centre of Excellence (COE) Security Leaders and Technical Leads to plan, monitor, and control project execution. Provide regular updates to client stakeholders on project status, key security metrics, and SLA performance, fostering transparency and collaboration. Collaborate with client stakeholders to ensure cybersecurity initiatives align with government and organizational objectives. Qualifications: Education: Bachelors degree in Information Security, Computer Science, Business Administration, or a related field. Relevant certifications such as PMP (Project Management Professional), CISM (Certified Information Security Manager), or CISSP (Certified Information Systems Security Professional) are preferred. Experience: 5+ years of experience in project management, with a focus on information security or IT projects. Demonstrated experience managing complex projects with cross-functional teams. Technical Knowledge: Strong understanding of information security principles, practices, and technologies. Familiarity with security frameworks, standards, and compliance requirements (e.g., HIPAA, PCI-DSS). Project Management Skills: Proven ability to manage projects effectively, including planning, execution, risk management, and reporting. Experience with project management tools and methodologies. Leadership Skills: Excellent leadership and team management abilities, with experience leading diverse teams and managing stakeholder relationships. Communication Skills: Strong written and verbal communication skills, with the ability to present complex information clearly and effectively to both technical and non-technical audiences. Problem-Solving: Excellent analytical and problem-solving skills, with the ability to address issues proactively and make informed decisions. If you are interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID: Ashwini.chakor@ril.com

Role & responsibilities Key Responsibilities: Plan, execute, and document internal audits for ISO/IEC 27001:2022 and SOC 2 controls across the organization. Conduct risk assessments to identify control weaknesses and areas for improvement. Evaluate effectiveness of existing information security policies, procedures, and controls. Collaborate with process owners to ensure timely implementation of corrective actions. Maintain audit schedules and manage audit evidence for internal and external assessments. Liaise with external auditors for ISO and SOC 2 certification processes. Assist in development, review, and continuous improvement of ISMS and security policies. Maintain up-to-date knowledge of compliance requirements, regulatory changes, and industry trends. Train internal teams on ISO/SOC2 awareness and audit preparedness. Report audit findings and compliance status to senior management with actionable recommendations. Required Qualifications: Bachelors degree in Information Security, Computer Science, Auditing, or related field. At least 2–5 years of experience in auditing information security management systems. Proven experience in conducting internal audits for ISO/IEC 27001:2022 and SOC 2 frameworks. Certifications such as ISO 27001 Lead Auditor is mandatory. PIMS/CISA/BCMS or other relevant Certifications will be a plus Solid understanding of information security principles, risk management, and data privacy. Preferred Skills: Excellent analytical, problem-solving, and documentation skills. Strong interpersonal and communication skills, with the ability to interact with technical and non-technical stakeholders. Self-driven with the ability to manage multiple priorities under minimal supervision Work Environment: May require occasional travel for site audits or assessments. Flexible hours during audit cycles may be required.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 -year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Role & responsibilities DLP Operations: Manage day-to-day operations of the DLP solution, including monitoring, incident response, and resolution. Policy and Procedure Development: Develop and configure DLP policies to safeguard sensitive information, in line with regulatory requirements and internal policies. Monitoring Compliance: Ensure compliance with data protection laws and organizational policies, and monitor data movement to prevent unauthorized data access or sharing. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify privacy risks and ensure the organizations data handling complies with regulations. Data Protection Training & Awareness: Assist in the development and delivery of data protection awareness training programs to educate staff on DLP policies and best practices. Vendor & Third-Party Risk Management: Evaluate risks associated with third-party service providers and ensure they comply with DLP policies and practices. Data Governance & Data Stewardship: Support the organizations data governance framework by ensuring effective use, management, and protection of sensitive data. Incident Investigation & Resolution: Conduct investigations into DLP incidents and resolve issues related to data breaches or violations, ensuring proper reporting and remediation. Data Subject Requests (DSR) Management: Assist in managing data subject requests (DSR), ensuring that data handling and deletion requests comply with privacy laws. Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide guidance to delivery and support functions on processing of personal data. Maintain data flow maps for the process where personal data is processed. Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Preferred candidate profile Bachelor's or master's degree in computer science, information systems or relevant field. Around 2-3 years' experience in managing privacy and data protection program for a company or providing privacy and data protection consulting services. Around 6-8 years of overall experience in the area of privacy and Information Security. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate privacy, security and risk-related concepts to technical and nontechnical audiences. Knowledge and understanding of relevant legal and regulatory requirements, such as IT Act 2000, GDPR, BS10012, Data Protection Act of India and other Data Protection standards Knowledge of DADP act and country wise data protection act across Middle East Countries Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives Project management skills: scheduling and resource management Professional privacy engagement certification, such as a Certified Information Privacy Professional (CIPP) or other similar credentials in Data Privacy, is desired Strong understanding of data protection laws, regulatory compliance, and risk management. Ability to handle sensitive information with discretion and professionalism

We are looking for a highly experienced Senior Vulnerability Management Consultant (9+ years) to lead and mature our vulnerability management program. This role requires a deep understanding of cybersecurity risks, vulnerability assessment methodologies, and enterprise-scale risk prioritization. You will work cross-functionally with IT, cloud, application, and third-party teams to drive measurable improvements in our security posture. Key Responsibilities. Lead the enterprise-wide vulnerability management function, including strategy, tooling, and execution. Perform advanced vulnerability assessments across infrastructure, cloud, endpoints, and applications. Correlate vulnerability data with asset criticality, threat intelligence, and exploitability to drive risk-based prioritization. Work with stakeholders to define remediation SLAs and ensure timely issue resolution. Oversee the integration of scanning tools (e.g., Tenable, Qualys, Rapid7) into CI/CD pipelines, cloud platforms, and enterprise systems. Regularly produce executive-level dashboards and technical reports with trends, KPIs, and risk heatmaps. Advise on security architecture and control enhancements to prevent recurring vulnerabilities. Partner with GRC teams to ensure compliance with standards (ISO 27001, NIST, PCI-DSS, etc.). Evaluate and implement emerging technologies and AI-driven solutions to optimize the program. Mentor junior consultants and lead cross-team security improvement initiatives. Required Skills Experience. 9+ years of experience in cybersecurity, with at least 5+ years focused on vulnerability management. In-depth knowledge of CVSS scoring, threat intelligence integration, and vulnerability lifecycle management. Expertise with tools like Qualys, Tenable, Nessus, Nexpose, Burp Suite, or similar. Strong experience with cloud platforms (AWS, Azure, GCP) and container security (Docker, Kubernetes). Proficient in scripting (Python, PowerShell, or Bash) for automation of scanning and reporting tasks. Familiarity with enterprise IT environments: servers, endpoints, networks, firewalls, web apps. Solid understanding of patch management, asset inventory, secure configuration, and remediation governance. Effective communication and stakeholder management skills, from technical teams to executive leadership. Hands-on experience with security frameworks (e.g., NIST CSF, MITRE ATTCK, OWASP). Experience managing third-party assessments and coordinating with external vendors. Soft Skill. Good experience working with numerous external teams to track and deliver solutions. Strong detail-oriented individual able to efficiently analyze and resolve problems. Strong verbal, communication, and diplomacy skills with all levels of the business. Must be self-motivated, able to work independently, and multi-task effectively. Preferred Certifications. CISSP, OSCP, CISM, GIAC (GCIH, GSEC), CEH, or equivalent. Your benefits. We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroa. We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location. From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostere. Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teachAbout Allianz Technology. Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum from one of the industrylargest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. DI statement . Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life. Join us. Let\u00B4s care for tomorrow. You. IT.

Job Description:- Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Key Responsibilities: Develop, implement, and maintain an enterprise-wide information security risk management program. Identify, assess, and document information security risks, ensuring alignment with business objectives. Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. Monitor, track, and report on risk metrics and key performance indicators (KPIs). Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. Drive security awareness programs and train employees on risk management practices. Prepare and present detailed risk assessment reports to senior management. Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: Bachelor s degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Master s) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. Proven analytical expertise in evaluating and prioritizing risks effectively. Advanced proficiency in utilizing security tools for risk assessment and mitigation. Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. Skilled in leading security initiatives and managing projects across global teams. A strategic mindset paired with keen attention to detail. Resourceful and decisive under high-pressure situations. An effective team player with exceptional interpersonal and collaboration skills.