543 Cism Jobs - Page 21

Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.

Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable.

Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls.Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments.Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation.Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments.Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders.Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies.Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.

We are looking for an experienced Cybersecurity Specialist with expertise in various IAM technologies, platforms, and tools to join our team. The Cybersecurity Lead is responsible for leading and establishing cybersecurity capability. Key Responsibilities: Serve as subject matter expert across the lifecycle of identity and access management, including identity governance, access management, privileged access management, identity federation, and single sign-on. Engage with customers to ensure the effective and efficient provisioning, de-provisioning, authentication, authorization, and auditing of identities and access rights for all users, roles, and applications. Develop and execute the IAM strategy and roadmap aligning with the customer objectives and security requirements. Establish and maintain effective relationships with key stakeholders, such as business leaders and IT teams. Create and drive the IAM strategy, roadmap, and value proposition, and solicit feedback and input from the stakeholders. Ensure the alignment and coordination of the IAM activities and initiatives with client priorities and plans. Monitor and report on the IAM metrics, KPIs, and SLAs, ensuring the quality and efficiency of the services. Identify and manage the IAM risks, issues, and incidents, ensuring timely resolution and mitigation. Manage escalation, issues, and incidents and coordinate the response and recovery efforts. Manage IAM contracts, SLAs, and deliverables. Train the IAM team, providing guidance, coaching, and performance evaluation. You will motivate and develop the IAM team. Propose and drive the continuous learning and improvement of the IAM team. You will foster a culture of collaboration, innovation, and excellence. Stay updated on the latest trends and developments in the IAM domain and provide recommendations for continuous improvement. Requirements: Minimum 8 years of experience in IT and cybersecurity, or consulting in the cybersecurity domain, and experience as a subject matter expert. Strong knowledge and hands-on experience with various IAM technologies, platforms, and tools, such as Okta, SailPoint, Saviynt, CyberArk, Ping Identity, etc. Proven track record of successfully delivering complex IAM projects in a large and dynamic environment. Excellent communication, presentation, and interpersonal skills, with the ability to communicate effectively with both technical and non-technical audiences. Proven track record leading teams of professionals and driving engagement and positive culture. Strong analytical, problem-solving, and decision-making skills, with the ability to balance business needs and security risks. Certifications in IAM, such as CISSP, CISM, CISA, CRISC, etc., are preferred. SmarTek21 stands at the forefront of innovation, leveraging Generative AI to power advanced data ecosystems and industry-leading conversational interfaces that transform customer interactions. Established in 2006, we seamlessly blend human acumen with cutting-edge artificial intelligence to tackle the most complex challenges in digital integration and data governance.

Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organizations computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities , supporting the response to incidents , and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What will you do in this role: Lead the development of enhanced cloud and application security control integrations and architectural best practices . Lead the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Lead the maintenance and monitoring security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Lead adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities . Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns , and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What should you have: Bachelors degree in Information Technology , Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 7+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset.

Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 8+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. . Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.

Minimum 1+ years experience in cyber risk assessments with industry certifications like CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Familiarity with cybersecurity policies and standards such as NIST and IEC. Experience in network security, infrastructure assessment, and network architecture design review. Knowledge of GDPR, PCI-DSS, NIST, and privacy regulations. Hands-on experience with cloud computing technologies. Experience in conducting end-to-end risk assessments, including impact assessments, regulatory assessments, and control assessments. Proficient in information security risk assessments for cloud services and vendor-managed applications. Hands-on experience in cloud security measures and best practices, ensuring data integrity and confidentiality in cloud environments. Role Conduct thorough cyber risk assessments for clients, analyzing digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information for comprehensive risk assessments. Evaluate and interpret assessment results to identify vulnerabilities and provide mitigation recommendations. Stay updated on cyber threats and industry best practices to enhance risk assessment effectiveness. Prepare clear reports summarizing assessment findings for clients and internal stakeholders. Manage client expectations and satisfaction, acting as an advisor. Excellent communication and presentation abilities for technical and non-technical audiences. Proactive, self-motivated, and committed to continuous learning.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SAP Governance Risk and Compliance (SAP GRC) Good to have skills : Application Security Architecture and Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years of full time education Summary :As a Security Engineer, you will be responsible for designing, building, and protecting enterprise systems, applications, data, assets, and people. Your typical day will involve applying security skills to safeguard information, infrastructures, applications, and business processes against cyber threats using SAP Governance Risk and Compliance (SAP GRC) and Application Security Architecture and Design. Roles & Responsibilities: Design and implement SAP GRC solutions to manage risks and compliance requirements for enterprise systems and applications. Develop and maintain security policies, standards, and procedures to ensure the confidentiality, integrity, and availability of information assets. Conduct security assessments and audits to identify vulnerabilities and recommend remediation actions. Collaborate with cross-functional teams to integrate security controls into the software development lifecycle and ensure compliance with regulatory requirements. Provide technical guidance and support to project teams on security-related issues and best practices. Professional & Technical Skills: Must To Have Skills:Experience in SAP Governance Risk and Compliance (SAP GRC). Good To Have Skills:Experience in Application Security Architecture and Design. Strong understanding of security frameworks, standards, and best practices, such as ISO 27001, NIST, and OWASP. Experience in conducting security assessments and audits using tools such as Nessus, Qualys, or OpenVAS. Knowledge of network and system security, including firewalls, intrusion detection and prevention systems, and endpoint protection solutions. Additional Information: The candidate should have a minimum of 5 years of experience in SAP Governance Risk and Compliance (SAP GRC). The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with relevant security certifications such as CISSP, CISM, or CISA. This position is based at our Kolkata office. Qualification 15 years of full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Service Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring the integrity and confidentiality of data in the cloud environment. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Design and implement security solutions to protect cloud environments. Collaborate with cross-functional teams to ensure the integrity and confidentiality of data. Develop and maintain cloud security policies, standards, and procedures. Conduct risk assessments and vulnerability scans to identify potential security threats. Stay up-to-date with the latest security trends and technologies to recommend improvements and enhancements. Professional & Technical Skills: Must To Have Skills:Proficiency in Infrastructure Service Management. Experience with cloud security frameworks and architectures. Strong understanding of network security principles and best practices. Knowledge of cloud platforms such as AWS, Azure, or Google Cloud. Experience with security tools and technologies, such as firewalls, intrusion detection systems, and SIEM solutions. Good To Have Skills:CISSP or CISM certification. Experience with security incident response and management. Familiarity with regulatory compliance requirements, such as GDPR or HIPAA. Additional Information: The candidate should have a minimum of 5 years of experience in Infrastructure Service Management. This position is based at our Kolkata office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Integrated Security Risk Management Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : Bachelors degree in computer science, IT, information systems management or equivalent area Summary :As a Security Architect, you will be responsible for defining the security architecture, ensuring that it meets the business requirements and performance goals. Your typical day will involve working with Integrated Security Risk Management and collaborating with cross-functional teams to ensure the security of the organization's assets. Roles & Responsibilities: Lead the development and implementation of security architecture for the organization, ensuring that it meets the business requirements and performance goals. Collaborate with cross-functional teams to ensure the security of the organization's assets, including data, applications, and infrastructure. Conduct risk assessments and develop risk management strategies to mitigate security threats. Develop and maintain security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices. Provide technical guidance and support to the organization's security team, including mentoring and training on security best practices. Professional & Technical Skills: Must To Have Skills:Experience with Integrated Security Risk Management. Good To Have Skills:Experience with security technologies such as firewalls, intrusion detection and prevention systems, and security information and event management (SIEM) systems. Strong understanding of security architecture principles and best practices. Experience with risk assessment and management methodologies. Experience with security policy development and implementation. Excellent communication and collaboration skills. Additional Information: The candidate should have a minimum of 3 years of experience in Integrated Security Risk Management. The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with relevant security certifications such as CISSP, CISM, or CISA. This position is based at our Coimbatore office. Qualifications Bachelors degree in computer science, IT, information systems management or equivalent area

What youll be doing... The Verizon Product Security Team ensures security by design product engineering and architecture for both consumer and business products. As a Principal Security Architect, you will work to conduct security assessments on both Consumer and Business products and solutions. You will help to create, define, and implement security controls and tooling in conjunction with product development teams and product owners. You will manage multiple projects with a degree of impact and complexity that must be carefully controlled to support the internal business unit security requirements. You will also work in conjunction with security stakeholders in other areas of the business and make decisions and help lead initiatives to ensure timely delivery of security solutions that support business objectives. You will also manage work that involves coordination with multiple organizations and is the focal point within the group. Help implement Secure Software Development Lifecycle (SSDLC) practices and use automation where possible Work with the product development teams to perform security design/code reviews and vulnerability assessment. Provide security guidance to Engineering and Product teams. Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology Contribute to security policy, standards, and guidelines related to Information Security Evaluate and operationalize new technologies for securing the organization Create security user stories and security test cases for products that are tailored to the product attributes and technology Support and advise product owner and product development teams by ensuring technical and architectural feasibility, readiness and compliance. What were looking for You'll need to have: Bachelors degree or one or more years of work experience. Experience in cybersecurity. Experience with security requirements analyses, building threat models, performing security design reviews, applying zero trust principles. Knowledge of application security vulnerabilities, secure coding, attack surfaces and countermeasures. Knowledge of S-SDLC, best practices for secure coding, understanding of OWASP Top 10, CIS Top 20 Even better if you have one or more of the following: Understanding of Docker, Kubernetes, container security best practices. Experience with Threat Management and Monitoring tools (like CrowdSrike, GuardDuty, Tenable, CloudTrail, Cloudwatch) and container security tools. Experience with building security and hardening Cloud Containers, Cloud OS, on-premise/cloud storage, like Cassandra, MongoDB, Data Warehouse and Object-Based storage. Hands on experience on security testing like SAST, DAST, SCA and Pen testing Understanding of authentication protocols like OID, OAuth2.0, SAML Hands-on experience in securing software development projects using iOS/Android platforms Familiar with Content Streaming Services Security like DRM, CA (Widevine, Playready, FairPlay) Experience with application programming (C/C++/Java/Kotlin/Swift/JavaScript or any other languages) and the overall software development life cycle. Written and verbal skills for communicating security concepts and solutions. Ability to prioritize between and execute on multiple work streams. Excellent organizational and interpersonal skills. One of more of the following certifications: CISSP, CISM, SANS, CCSK.

Jeebr Cloud is seeking a highly skilled and motivated Cloud and Security Pre-Sales Consultant to join our team. The ideal candidate will have deep expertise in cloud technologies, cybersecurity solutions, and pre-sales engagements. This role involves collaborating with sales teams, clients, and technical teams to design and deliver tailored cloud and security solutions that meet customer needs while aligning with business objectives. Key Responsibilities: Pre-Sales Engagements: Partner with the sales team to understand customer requirements and propose appropriate cloud and security solutions. Lead technical discussions, presentations, and workshops with clients. Conduct product demonstrations and proof-of-concept (PoC) deployments. Develop customized cloud and security architectures leveraging technologies such as AWS, Azure, Google Cloud, and other providers. Recommend cybersecurity solutions, including firewalls, endpoint protection, identity and access management (IAM), and data loss prevention (DLP). Prepare detailed proposals, including technical specifications, project scope, and pricing models. Address customer queries and concerns during the pre-sales phase. Technical Expertise: Strong knowledge of cloud platforms (AWS, Azure, Google Cloud, etc.) and their services. Experience with security technologies such as SIEM, IDS/IPS, firewalls, and zero-trust architectures. Pre-Sales Acumen: Proven experience in pre-sales, including solution designing and presenting to clients. Ability to prepare and deliver effective presentations and demonstrations tailored to diverse audiences. Excellent communication, negotiation, and interpersonal skills. Strong organizational skills and ability to manage multiple pre-sales engagements simultaneously. Educational and Professional Qualifications: Bachelor s degree in Computer Science, Information Technology, or related fields (preferred). Certifications in cloud and security technologies, such as AWS Solutions Architect, Azure Security Engineer, CISSP, CISM, or similar, are highly desirable. Why Join Jeebr Cloud? Be part of a dynamic and innovative team at the forefront of cloud and cybersecurity. Opportunity to work with leading global clients across diverse industries. Continuous learning and professional growth through training and certifications.

Project Role : Operations Engineer Project Role Description : Support the operations and/or manage delivery for production systems and services based on operational requirements and service agreement. Must have skills : Microsoft Azure Security, Infrastructure Security Vulnerability Management Operations Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Operations Engineer, you will support the operations and/or manage delivery for production systems and services based on operational requirements and service agreement. Your typical day will involve ensuring the smooth functioning of production systems and services, meeting operational requirements, and adhering to service agreements. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Ensure compliance with security policies and procedures Implement and maintain security controls for infrastructure Conduct vulnerability assessments and manage remediation efforts Professional & Technical Skills: Must To Have Skills:Proficiency in Microsoft Azure Security, Infrastructure Security Vulnerability Management Operations Strong understanding of cloud security principles Experience with security tools and technologies Knowledge of security best practices for infrastructure Ability to analyze and interpret security data Excellent problem-solving skills Additional Information: The candidate should have a minimum of 5 years of experience in Microsoft Azure Security This position is based at our Bengaluru office A 15 years full time education is required Qualifications 15 years full time education

Security Engineer Reports to: IT Director Accountabilities / Job Description Location: India - Bangalore Responsibilities: Provide IT security consultancy services in a serviced office environment with mostly multi-national clients Pro-actively deliver and maintain high quality IT security services and standards for our clients and In- house Closely work with HQ IT teams on Network, Application and Infrastructure projects. Manage L3 & L4 Tickets with HQ/local IT using service now Ticketing systems. Key Performance Indicators/Job Requirements Primary Technical Skills In-depth knowledge in IPV4 and IPV6 is added advantage Expertise across a variety of security products including Layer 7 firewalls, IPS/IDS, Threat Management, authentication systems, log management, content filtering Engineer, implement and monitor security measures for the protection of computer systems, networks and information Design computer security architecture and develop detailed cyber security designs Configure and troubleshoot security infrastructure devices Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks Thorough understanding of the latest security principles, techniques, and protocols An understanding of best practices and how to implement them at a business-wide level Qualifications Bachelor Degree in Computer Science or above At least 6-8 years experience in IT security in a multi-national company An enthusiasm for staying up to date with the very latest updates about security threats and solutions Experience in team management and project management Certificates in CCNA, CCNP/CCIE Security, PCCET or other leading security certifications Security Certificates in CISM, CISA, CISSP, ISO27000 /27001 added advantage Good English verbal and written communication skills Pro-active, able to anticipate and tackle potential issues Strong in leadership, analytical, interpersonal and problem-solving skill Customer-oriented, good business sense and willing to take up challenges Analytical & Conceptual thinker Excellent and up to date technical skills Ability to work independently with good time management Initiate & Identify IT Services opportunities, reporting to immediate supervisor Keen eye for details Ability to maintain good business relationship with clients.

primary Skills: Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organisation Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWS Job Description: The candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manual work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL- 200742

Principal Duties and ResponsibilitiesWe are focused on helping our valued clients to design and implement large scale transformational programs to manage cyber threats. We enable our clients to define their overall cyber strategy by designing global and pan-enterprise programs that focus on reducing threats, evaluate their priorities, strengths and weaknesses and roll out large scale changes to achieve goals. If dynamic and fast-paced environments, cross-capability exposure, freedom to work and the ability to have a real impact on a rapidly growing team appeals to you, then that is what we are looking for. Youll join an ambitious team of highly motivated security specialists who interface with CIOs, CTOs, CISOs and CFOs in addressing their complex requirements on a day-to-day basis.We are looking for a Data Security expert, with a great eye for risk reduction and continual improvement opportunities. Following are some of the responsibilities that you will handle: Advise clients in understanding the problems and challenges in data security and work collaboratively with them to enhance capabilities Gather requirements, develop use cases, evaluate vendor solutions, develop architecture & design, and test data protection and data security solutions Design people, process and technology solutions to reduce the potential of data compromise Qualifications Bachelors Degree in Engineering MBA Degree from Tier 1 College 6+ years of experience in multiple domains with expertise in Data Security Excellent analytical skills; able to breakdown complex problems, multi-faceted problems with actionable steps Exposure to Cloud and On-prem security requirements ExperienceExposure and knowledge in at least 3 of the following Data Security domains: Data Security Assessment: Develop the Data Security framework, perform the assessment and generate roadmap Data Discovery, Classification, Handling and Inventory: Design Data classification and inventory programs including the use of data discovery tools Define and maintain data classification and labeling policies based on business and regulatory requirements Collaborate with business units to understand data protection needs and ensure the appropriate protection and handling of sensitive data Develop data retention and disposition policies to ensure compliance with retention requirements and relevant regulations. Design Data Classification Schema Information Rights Management (IRM) Design the information rights management use cases Develop the information rights management schema Evaluate the tools available in the market for IRM Design the strategy to implement IRM Develop the user supporting documents to implement IRM Data Obfuscation Design and develop encryption strategy and use cases for the databases, applications, servers, etc. Design PKI, Certificate Management and Key management strategy Map industry best practices around encryption tools like Keyfactor/Hashi Data Loss Prevention Design and develop use cases for DLP across endpoints, network, cloud, etc. Design the DLP rulesets based on the identified use cases Provide a comparative analysis of the DLP solutions and fitment report Identify the ways of circumventing existing DLP controls Develop high-level and low-level design documents Database Activity Monitoring Design the Database Activity Monitoring use cases Evaluate the landscape to ensure coverage for type of databases like Oracle, MySQL, applications, etc. Evaluate the CSPs native solutions and opportunities of integrating with SIEM/PAM etc. Cloud Access Security Broker (CASB) Develop use cases for CASB Evaluate the native CSPs control and develop a comparative analysis Design the several implementation modes of CASB based on the use cases Evaluate integration of CASB with other upstream and downstream solutions Qualifications Key Competencies and Skills Good understanding of Microsoft Purview or similar data governance and protection tools like Varonis, Symantec, ForcePoint, Trellix, IBM Guardium, Boldon James, Titus, etc. Relevant certifications such as Microsoft Certified:Information Protection Administrator or similar credentials would be beneficial CISSP, CISM or related certifications preferred Strong oral and written communication skills Good understanding of information security frameworks like NIST, ISO27K, PCI DSS, CCPA, GDPR, HIPAA, etc. Strong interpersonal and leadership skills Demonstrated ability to analyze and resolve problems Demonstrated ability to lead programs / projects Strong documentation and planning skills. Established project management skills Ability to analyze and interpret data protection metrics and reports to identify trends and potential issues Additional Information Experience in geographies like North America, EU, UK, Japan and Middle East will be good to have.

Roles and Responsibilities : Conduct security assessments of web applications to identify vulnerabilities and provide recommendations for remediation. Develop and implement secure coding practices, ensuring compliance with industry standards such as OWASP. Collaborate with development teams to design and develop secure software architectures, leveraging technologies like CISM, OSCP, CISSP. Provide training on application security best practices to clients' IT staff. Job Requirements : 4-10 years of experience in application security testing and consulting. Strong understanding of web application security principles and OWASP guidelines. Proficiency in tools such as Nessus, Acunetix, Tenable for vulnerability scanning and penetration testing.

Could you be the full-time Cybersecurity Architect in our dynamic team located in Bangalore we're looking for Your future role Take on a new challenge and apply your comprehensive cybersecurity expertise in a new cutting-edge field. You'll work alongside innovative, dedicated, and forward-thinking teammates. You'll lead and shape the cybersecurity landscape within our projects. Day-to-day, you'll work closely with teams across the business (IT, Engineering, Operations), validate security aspects of IT projects, and much more. You'll specifically take care of developing use cases, creating business cases with a thorough TCO analysis, and producing or validating architectural documentation. Additionally, you will engage in stakeholder presentations, conduct security studies, and lead design and build phases with subcontractors. We'll look to you for: Identifying project needs and gathering functional and technical requirements Defining use cases and creating an enablement roadmap Developing a business case with TCO analysis Validating or producing Architecture Design Documents (ADD) Presenting solutions and enhancing the service catalog Conducting security studies and implementing infrastructure hardening Providing troubleshooting expertise and operational support All about you We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role: A Bachelor's/Master's degree in Engineering/Technology CISSP or CISM certification Experience in the Transport Industry is a plus At least 7 years of work experience in cybersecurity, with a focus on architecture and design A strong grasp of security architecture and infrastructure Proficiency in risk analysis and network security patterns Strong knowledge of cloud solutions and security mechanisms Fluency in English Things you'll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. You'll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with new security standards for rail signalling Collaborate with transverse teams and helpful colleagues Contribute to innovative projects Utilise our flexible working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards senior cybersecurity roles Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You don't need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you'll be proud. If you're up for the challenge, we'd love to hear from you!

Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. You'll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, you'll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. You'll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. We'll look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology 5+years Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English

Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. You'll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, you'll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. You'll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. We'll look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology 5+years Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English

Location : Bangalore, BDC7C Experience : 2 or 3 + years Job Title : Security Analyst or Sr Analyst Level : 11 or 10 Skills Required: Role :Supplier information Security Contract Negotiator Must have Skills :Legal or law professional having good knowledge of information security frameworks controls and also related terms. Prior work experience in contract negotiation will be consider a value add. Good to Have Skills :ISO27001 LA, Security+, CISA, CISSP or CISM certifications (optional) Key Responsibilities: Resource will be responsible for conducting the review and share response on the supplier query or redlines on the information security controls/schedule during supplier contract negotiation. . The role will require the contract negotiator to: Work directly with supplier contacts and supplier management team to review and negotiate information security clauses/controls. Perform the gap analysis of the supplier IS controls against Accenture specified controls. Assessors will be part of a globally distributed team, and negotiate with Accenture suppliers. Good technical writing skills. Good communication skills- Experience of managing Interaction with team management or management would be plus. Ability to think out of the box. Qualifications Professional Experience: The person should be well versed with the information security concepts and frameworks such as ISO27001, NIST, PCIDSS, HIPAA etc . He or she should have legal contract negotiation experience along with knowledge of information security standard such as ISO27001 .

Project Role : Security Advisor Project Role Description : Lead the effort and teams to enable development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Must have skills : One Identity Manager Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary:As a Security Consulting Lead, you will lead the effort and teams to enable development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Show creativity in problem-solving and decision-making to drive security initiatives forward. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and audits- Develop security policies and procedures- Implement security controls and measures Professional & Technical Skills:- Must To Have Skills:Proficiency in One Identity Manager- Strong understanding of security frameworks and standards- Experience in security risk management- Knowledge of identity and access management- Hands-on experience in security solution implementation Additional Information:- The candidate should have a minimum of 5 years of experience in One Identity Manager- This position is based at our Gurugram office- A 15 years full time education is required Qualifications 15 years full time education

Required Skills Technology | Scripting languages for Automation of IAM Process | Level 2 Support Technology | MS AADFS Identity Protection, AAA | Level 3 Support Technology | Security compliance standards and regulatory Audits | Level 3 Support Technology | Sailpoint IDAM Platform | Level 2 Support Technology | Privilege Access Management | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | CISSP/CISM/CIAM/Certified Authorization Professional/CISA/CEH/CIPP/Cisco Certified Network Professional - Security/Certified Information Privacy Technologist/SailPoint Certified IdentityIQ Engineer/SailPoint Certified IdentityIQ Architect Delivery Skills required are: - Advanced Technical Proficiency: - *Mastery of advanced IAM and AAA technologies, including Identity lifecycle management systems *Management of privileged access and entitlements across enterprise systems. *Advanced knowledge of identity governance processes, including identity provisioning, de-provisioning, access recertification, and compliance auditing. Strategic Oversight and Management: - *Development and implementation of IAM strategies, roadmaps, and architectural designs to meet business objectives and security requirements. *Integration of IAM solutions with business processes and enterprise applications. *Conducting comprehensive risk assessments and threat modeling related to IAM and AAA systems. Communication and Stakeholder Management: - *Clear articulation of complex IAM and AAA concepts, risks, and strategies to technical and non-technical stakeholders, including executive leadership. *Comprehensive documentation of IAM architecture, policies, procedures, and incident response plans. *Preparation of detailed reports, metrics, and presentations for executive management, auditors, and regulatory authorities. Continuous Improvement and Innovation: - *Commitment to staying at the forefront of IAM technologies, emerging trends, and industry best practices through continuous education, certifications, and participation in professional communities. *Implementation of innovative solutions and continuous improvement initiatives to enhance IAM and AAA capabilities and efficiency. Mentorship and Team Development: - *Mentorship of IAM and AAA team members to foster their professional growth and technical expertise. *Knowledge sharing across the organization to build IAM and AAA competency and awareness.

B.Tech / M.Tech/ MCA professional with 10-15 years of experience in the relevant role Should have strong hands on MS Power Point and MS Project Hands on experience and certification in any one SIEM (IBM QRadar, ArcSight, Azure Sentinel, Splunk) Security Certifications like CISSP, CISM, GIAC, Security+ etc . Role Description : The candidate should have an in-depth knowledge in design, operate and maintain the Security Operations. Design, build, operate, maintain and enhance the Security Operations Centre to provide managed detection and response services to customer. The requirements is in multiple areas covering management of day-to-day operations, establish strong governance and enhance capabilities, solution design, identification of opportunities and Lead generation. Professionals will also be responsible for responding to RFPs, create POVs and actively participate in business development in domestic and international market. Client facing - front end with the client- focused on engagements + Sales, BD + Capability Development. Key Responsibilities: Should have strong experience in design, deployment, configuration and maintenance of minimum one SIEM solution Lead any module within Security Operations Center like Threat Hunting, Threat Intelligence, Content Management etc. to improve overall detection response capabilities Well versed with logging standard development and device onboarding/log source integration of diversified devices including the ones not supported by SIEM OEM Able to perform detailed investigation of critical alerts and ensure timely response to mitigate risk emanating from the same Design, develop, monitor, adhere to various SLAs/KPIs/KRIs applicable to Security Operations Centre Should have clear understanding of MITRE framework and how to operationalize the same across multiple functions of SOC Should be able to perform analysis of logs from various devices and develop use cases considering evolving threat landscape for anomaly detection Should be able to work on large size RFP s on cyber managed services stitching multiple components related to SOC Creation of customized reports and dashboards for presentation to various stakeholders Handle 24*7 operations and support various SOC activities Good Communication Skill and stakeholder management is imperative

Key Responsibilities: Must have skills 8+ years of experience in project management with a focus on risk, compliance, and security. Strong understanding of regulatory standards, requirement, and frameworks e. g. DORA, ISO27001, GDPR, SOC2, COBIT Well versed with Core security domains, e. g. IAM, SSDLC, Cryptography, TPRM, Data privacy, Vulnerability Management. Proven record and prior experience in managing security audits, risk assessments, and compliance documentation. Ability to lead and manage projects from initiation to completion, ensuring timely delivery. Proficiency in GRC and Project management platforms, e. g. Archer, OneTrust, JIRA, ServiceNow. Nice to have ISO 27001 Lead Auditor, CISA, CISM, or CISSP, or working towards these certifications. Experience with regulatory compliance in cloud environments, including AWS, Azure. Proven ability to effectively convey complex information and regulatory requirements to both technical and non-technical stakeholders. Critical thinking and analytical skills in evaluating risk factors, interpreting regulatory requirements, and making data-driven decisions to enhance compliance programs and mitigate potential issues. Experience in finance sector. Experience working with cross-functional teams, including Assurance, Operations, and IT. PART 3 Qualification, Experience and Skills Requirements 10+ years overall experience in IT industry Good to have some experience in Insurance industry Project Management experience (MBA from elite institutes preferred) Good to have PMP certification We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation. Join us. Lets care for tomorrow.