543 Cism Jobs - Page 3

Key Responsibilities: Compliance Strategy Development: Develop and lead the organization’s overall security compliance strategy, ensuring alignment with internal security standards and applicable regulations and industry standards (e.g., ISO 27001, NIST, GDPR). Identify compliance requirements for network infrastructure, OpenShift environments, and IBM Z systems and translate them into actionable policies and procedures using approved IBM technology choices. Policy Creation and Management: Establish, maintain, and enforce security policies, standards, and controls applicable to network operations, cloud environments, and mainframe systems. Partner with IBM CISO organization to regularly review and update security policies to address emerging threats, regulatory changes, and organizational needs. Risk Management: Conduct risk assessments to identify potential compliance gaps and vulnerabilities within the organization’s IT environment. Collaborate with IT and security teams to develop risk mitigation strategies and implement necessary compliance controls. Audit and Assessment: Plan and oversee regular compliance audits for network, OpenShift platform, and IBM Z systems. Coordinate with external auditors and regulatory bodies during compliance audits and assessments. Ensure prompt rectification of any compliance findings and develop action plans for continuous improvement. Training and Awareness: Design and implement comprehensive training programs to raise awareness of security compliance requirements and best practices among employees. Foster a culture of security compliance by regularly communicating the importance of adherence to security standards. Monitoring and Reporting: Establish metrics and reporting frameworks to continuously monitor compliance status and effectiveness of security controls. Prepare regular reports for executive management on compliance initiatives, audit findings, and the overall status of security compliance across the organization. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Qualifications & Skills: 12+ years of professional experience with at least 8 years of relevant experience in the information technology security & compliance domain. Bachelor’s degree in Cybersecurity, Information Technology, or a related field; advanced degree or security certifications (e.g., CISSP, CISM, CISA) are a plus. Extensive experience in security compliance management, particularly in network security, cloud security, and mainframe environments. Strong understanding of regulatory requirements and compliance frameworks relevant to the industry. Should be open and willingness to learn new technologies and be open for continuous upskilling experience. Excellent analytical and problem-solving skills to assess compliance issues and risks. Strong Proficiency in working with Secured communications across varied Hybrid platforms ( On-Prem, On-Cloud etc). Strong leadership and communication skills to influence and guide cross-functional teams. Ability to work collaboratively with various stakeholders, including technical teams, executive management, and external auditors. Proficiency in compliance management tools and security frameworks. Preferred technical and professional experience Hiring manager and Recruiter should collaborate to create the relevant verbiage.

5 years in sec ops with focus on SOC operations & incident response Indepth knowledge of sec technologies, tools, & methodologies SIEM, IDS/IPS, EDR Understanding of cyber threats, attack vectors Exp with security compliance frameworks NIST ISO 27001 Required Candidate profile Technical Leadership Soc Process Optimization Tool Evaluation Incident Response & Threat Intelligence Strong Scripting skills- mandatory Exp-Tomcat/JBoss/Apache/Ruby/ NGINX Ability to work with Devops Perks and benefits Mediclaim + Additional 10% variable

AX2012 R3, F&O product knowledge. Understanding of OO (Object Oriented) programming. Experience designing and customizing F&O application. Good knowledge of Microsoft technologies. Experience in X++, Data Management(DIXF), SSRS, Security framework. Responsibilities : Development and support of existing AX 2012 ERP Key Scanners : SSRS, Visual Studio, Dynamics AX.

Primary Skills : Dynamics AX AX2012 R3, F&O product knowledge. Understanding of OO (Object Oriented) programming. Experience designing and customizing F&O application. Good knowledge of Microsoft technologies. Experience in X++, Data Management(DIXF), SSRS, Security framework. Responsibilities Development and support of existing AX 2012 ERP

Role Overview We are seeking a highly capable and visionary Technical Manager Cybersecurity Solutions to lead the planning, execution, and delivery of advanced security programs across our enterprise. This role demands deep technical expertise, strategic thinking, and the ability to lead cross-functional teams to secure complex IT environments. Key Responsibilities Drive the design, implementation, and lifecycle management of advanced cybersecurity tools and platforms. Lead end-to-end delivery for key technologies including: Data Discovery & Classification File Upload Security Attack Surface Management (ASM) Breach and Attack Simulation (BAS) and Red Teaming Decoy/Honeypot Solutions Secure Data Backup & Ransomware Protection Oversee the deployment and optimization of Phishing Simulation, MDM, AD Security, and NAC. Provide technical leadership and mentorship to security engineering and L3 teams. Collaborate with GRC, IT Ops, and Risk teams to align security initiatives with compliance standards. Evaluate vendor solutions and manage third-party security integrations. Represent the security function in internal and external audits, assessments, and executive briefings. Required Skills & Experience 8+ years of experience in cybersecurity, including leadership of technical teams. Proven expertise in deploying and managing enterprise-grade security solutions (as listed above). Strong understanding of regulatory frameworks (ISO 27001, NIST, GDPR, etc.). Experience in red teaming, threat simulation, or adversary emulation is a strong plus. Exceptional communication, project management, and stakeholder engagement skills. Bachelors or Master's degree in Computer Science, Information Security, or related field. Relevant certifications (e.g., CISSP, CISM, OSCP) preferred.

Hi, We are having an opening for Network Security Operations Manager at our Mumbai location. Job Summary : We are looking for a highly capable Network Security Operations Manager to lead, manage, and enhance the organizations network security infrastructure and operations. This role will be responsible for managing key security technologies such as firewalls, proxies, VPNs, NAC, DNS security, WAF , EDR & Data Security and ensuring operational governance and compliance. The ideal candidate should have hands-on experience managing large-scale network security operations and coordinating with cross-functional and incident response teams. Areas Of Responsibility : Security Operations Management Lead day-to-day operations of all network security tools and platforms , including: Firewalls (NGFW Palo Alto, Fortinet, Cisco)- Policy governance, segmentation, and high-availability Web Proxy & Cloud Proxy (e.g., Zscaler, Netskope)- URL filtering, threat prevention, and data leak protection VPN (IPSec, SSL VPN, Remote Access Solutions)- Strong encryption and access control for workforce and partner Network Access Control (NAC)- Role-based access, posture checks, and OT/IoT security DNS Security & Filtering- DNS-layer protection, malicious domain filtering, and response management Web Application Firewall (WAF) On-prem & Cloud-based- Protection of patient data, portals, financial apps, and APIs Ensure continuous monitoring, tuning, and updating of policies and signatures across platforms. Manage security device configurations, rule optimization, and lifecycle management. Compliance, Audit & Governance Ensure adherence to security compliance requirements such as ISO 27001, NIST, GDPR, and internal IT security policies . Ensure full compliance with sector-specific regulations ( Pharma: GxP, 21 CFR Part 11, HIPAA) Prepare and present periodic audit reports, incident reports, and configuration review summaries . Drive risk assessments and remediation plans for security operations. Maintain security documentation, SOPs, and audit trails Team & Vendor Management Lead and mentor a team of network security engineers and analysts. Oversee vendor engagements, support contracts, SLAs, and AMC renewals for security technologies. Engage with audit, QA, compliance, and legal teams for incident reporting and regulatory inspections Coordinate with for integrated security coverage (EDR/DS, if escalation/overlap arises). Incident Response & Troubleshooting Collaborate with SOC for effective investigation and response to network security incidents . Coordinate the response to security incidents, including detection, analysis, containment, eradication, and recovery. Lead root cause analysis and containment for network-based threats (e.g., suspicious VPN activity, firewall rule violations). Manage escalations and coordinate with external vendors or OEMs for critical issues. Projects & Improvements Drive security hardening and optimization projects related to network security tools. Lead or support security hardening, firewall rule optimization, and proxy architecture redesign projects Lead or contribute to technology upgrades, migration projects, mergers, acquisitions, data center shifts. Maintain security documentation, playbooks, and standard operating procedures. Prepare and validate BOM, BOQ, and risk registers for new deployments Educational Qualification : Bachelor's or Masters in Computer Science, Information Security, or related field Specific Certification : CISSP, CISM, CCNP Security, CP, Palo Alto PCNSE, Fortinet NSE, ISO 27001 LA Experience : 10-12 years of experience in network operations, with 3-5 years in leadership or managerial role Skill (Functional & Behavioural): Firewalls: Checkpoint, Fortinet, Palo Alto, Cisco Firepower Proxies: Netskope, Forcepoint, Zscaler VPN: Cloudflare, Cisco AnyConnect, FortiClient, GlobalProtect NAC: Forescout, Cisco ISE, Aruba ClearPass DNS Security: Cisco Umbrella, Infoblox, Cloudflare DNS WAF: AWS/Azure WAF, F5, Imperva, Akamai, Cloudflare EDR & DS: Crowdstrike, Falcon, Trellix, MS Defender, Sentinel, etc.

Required Skills Technology | Scripting languages for Automation of IAM Process | Level 2 Support Technology | MS AADFS Identity Protection, AAA | Level 3 Support Technology | Security compliance standards and regulatory Audits | Level 3 Support Technology | Microsoft MIM, MDI, MS PIM | Level 2 Support Technology | Privilege Access Management | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Certified Information Systems Security Professional/CISM/Certified Identity and Access Manager/Certified Authorization Professional/Certified Information Systems Auditor/CEH/Certified Information Privacy Professional Delivery Skills required are: - Advanced Technical Proficiency: - *Mastery of advanced IAM and AAA technologies, including Identity lifecycle management systems *Management of privileged access and entitlements across enterprise systems. *Advanced knowledge of identity governance processes, including identity provisioning, de-provisioning, access recertification, and compliance auditing. Strategic Oversight and Management: - *Development and implementation of IAM strategies, roadmaps, and architectural designs to meet business objectives and security requirements. *Integration of IAM solutions with business processes and enterprise applications. *Conducting comprehensive risk assessments and threat modeling related to IAM and AAA systems. Communication and Stakeholder Management: - *Clear articulation of complex IAM and AAA concepts, risks, and strategies to technical and non-technical stakeholders, including executive leadership. *Comprehensive documentation of IAM architecture, policies, procedures, and incident response plans. *Preparation of detailed reports, metrics, and presentations for executive management, auditors, and regulatory authorities. Continuous Improvement and Innovation: - *Commitment to staying at the forefront of IAM technologies, emerging trends, and industry best practices through continuous education, certifications, and participation in professional communities. *Implementation of innovative solutions and continuous improvement initiatives to enhance IAM and AAA capabilities and efficiency.

The Staff Information Security Analyst will be responsible for identifying and defining requirements and engineering solutions to solve the existing threats and security issues of a global organization. This role will initial focus heavily on data protection , leading advancements in data loss prevention, and changing how AMD protects data going forward. The Person: The ideal candidate will possess strong multi-tasking skills and enthusiasm for details and should think one step ahead of cyber-criminals. They should be well prepared to thrive in a fast-paced environment, possessing strong interpersonal and communication skills. You will use your critical thinking and sense of ownership to focus on long term quality IT security solutions. Are you self-motivated and a team player with proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry? If so, this is a great career opportunity! Key Responsibilities: The Staff Information Security Analyst responsibilities include, but are not limited to: Building and growing AMD s data security capabilities to keep AMD data secure regardless of location. Identifying, monitoring, and defining the requirements to reduce the overall risk to AMD data, systems, and infrastructure. Implementing hardware and software solutions to help mitigate a wide variety of information security risks. Collaborating with other IT teams to align initiatives across the company. Preferred Experience: Minimum of 5 years of IT security related experience. Professional experience as a Security Engineer with demonstrated successful leadership and delivery of data protection solutions. Experience as a customer-facing technical lead , including working with both management-level and development teams. Senior/advanced related IT or security experience working in one or more Security Domains. Experience with CASB, DLP, CSPM, Web Proxy. Hands on experience with Data Classification policies and technologies to address data leakage. Working knowledge of network topology, protocols, components, and OSI model, and IAM technologies (e.g., PKI, Oauth, OIDC, SAML) Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization. Experience with cloud services (AWS, Google, Microsoft) and associated networking, as well as collaboration and integration with O365 products. Hands on experience with Enterprise Linux platforms. Experience with EDR solutions is a plus. DLP, CASB Nice to have: Client proxy, SIEM, File and Removable Media Protection [FRP] It would be nice if you also had: Experience with scripting language (python, PowerShell, etc.). Strong documentation skills. Academic Credentials: BS CS preferred but not required. CISSP, CISA, CISM, CCSK

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist In this role, you will: Be responsible for maintaining, and uplifting IAM PAM control. Identify, investigate, and report potential Cybersecurity related exposures and recommend corrective action, maintaining SME support and/or ownership through to resolution. Work alongside the IDAM Control Owners to record, analyse, monitor, and publish MI / KCI reporting; dashboards; for the Cybersecurity management and other appropriate stakeholders. Stakeholder Engagement: Collaborate with business units and IT teams, to gather requirements and ensure smooth project execution. Provide regular updates to senior management and other stakeholders. Governance and Compliance: Experience of working in a regulated environment with exposure to global regulatory requirements, including GDPR, SOX, PCI DSS, and ISO 27001. Implement robust governance practices to manage risks and ensure compliance. Team Coordination and Leadership: Lead cross-functional teams, work alongside project managers, control owners, business analysts, and technical specialists. Foster collaboration and resolve conflicts to maintain project momentum. Proven track record of working with technical, cybersecurity and/or operations teams. Lead geographically disbursed team and pull them together to achieve common objectives. Excellent written and verbal communications Excellent data analytics skills. Process Improvement: Continuously evaluate processes and propose enhancements to improve efficiency, scalability, and security. Develop and implement best practices for project delivery. Risk and Issue Management Identify, assess, and mitigate risks throughout the project lifecycle. Proactively manage issues and dependencies to avoid project delays. Documentation Project initiation, planning, execution, monitoring, and closure documentation including but not limit project charter, project plan, various status report, performance report and project closeout report. Requirements To be successful in this role, you should meet the following requirements: Knowledge Experience of Identity Access Management (IAM) Controls Technical background within security spaces- Privileged Access Management Extensive knowledge on managing compliance IAM Security Standards Able to understand Operating Effectiveness of IAM Secrets Controls, Identify Gaps and Remediate Manage Govern KPIs / KCIs / KRIs Stakeholder Management Across all Lines of Defence Communication Skills for stakeholder collaboration on Standard Procedures and Best Practices Role relevant qualifications, i. e. CISSP/CISM is desirable but not essential Excellent written and verbal communications Excellent technical data analytics skills. Strong presentation and reporting skills.

Drafting, Reviewing, Updating, and Enforcing Information Security Policies: Responsible for the formulation, periodic review, update, and organization-wide enforcement of information security policies and procedures in line with regulatory and industry standards. Implementing IS Related Controls as per Regulatory Requirements and Industry Best Practices: Ensures timely implementation and tracking of security controls as mandated by regulators and aligned with globally accepted standards such as ISO 27001, NIST, and PCI DSS. Coordinating Security Audits as per Regulatory Requirements: Acts as the central coordinator for internal, external, and regulatory audits, ensuring availability of evidence, responses, and closure of observations. Conducting Training and Awareness (Phishing and Quiz): Plans and executes regular security awareness programs, phishing simulations, and quizzes to build a security-conscious culture among employees. Performing IS Risk Assessment / GAP Assessment: Conducts periodic risk and gap assessments to identify, evaluate, and mitigate security weaknesses across systems, processes, and third parties. M aintenance of ISO 27001:2022 and PCI-DSS Certification: Manages and coordinates activities necessary to maintain ISO 27001:2022 and PCI DSS certification status, including audits, documentation, and corrective actions. Monitoring Ongoing IS Compliances through Compliance Calendar : Acts as a checker by maintaining a compliance calendar and tracking entity-wise and function-wise adherence to security compliance requirements. Policy, Process, and Other IS-Related Audits : Conducts independent assessments of IS policies, procedures, and control effectiveness to ensure compliance and identify opportunities for improvement. Participating in Regulatory Inspections: Supports regulatory inspections related to information security by providing necessary documentation, system access, and clarifications. Incident Management: Reviews information security incidents to find trends, causes, impact, and check how well responses worked; ensures incidents are reported to regulators on time as per rules; and regularly updates senior management or the board on security status, key risks, incidents, and compliance

Overview Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Conduct cybersecurity and privacy risk assessments in alignment with internal frameworks and regulatory requirements. Engage with risk owners and business stakeholders to manage and mitigate identified risks. Develop and present risk reports to senior leaders and governance forums. Advise on cybersecurity architecture and leading practices to strengthen the enterprise risk posture. Assist global agency teams and networks with compliance to cybersecurity regulations and requirements. Monitor the global threat landscape and identify emerging risks; implement proactive control measures. Contribute to the maintenance and effectiveness of the Information Security Management System (ISMS). Participate in risk governance, compliance programs, and strategic risk reduction initiatives. Qualifications 3–5 years of experience in information risk management, cybersecurity, or GRC domains. Proficiency in risk assessment methodologies, threat modelling, and risk mitigation practices. Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST, CIS, GDPR). Experience preparing risk reports and dashboards for leadership audiences. Excellent collaboration and stakeholder engagement skills across global teams. Analytical mindset with the ability to evaluate and prioritize risks effectively. Preferred Qualifications Industry certifications such as CRISC, CISM, CISSP, ISO 27001 Lead Implementer, or similar. Exposure to cloud security risk and compliance monitoring tools. Experience working within enterprise ISMS or regulatory compliance programs .

Job Title: Security Operation Manager Location: Noida Job Tyoe : Full-Time Experience: 7+ Years Department: Operation/ Security Reports To: Operation Director Job Summary: The Security Operational Manager is responsible for overseeing the day-to-day operations of the organization's security infrastructure. This role involves managing the security operations center (SOC), leading incident response efforts, and ensuring the effectiveness of security policies, procedures, and protocols. The Security Operational Manager will collaborate with various departments to safeguard the company's information assets and maintain a robust security posture. Key Responsibilities: Manage Security Operations: Oversee the daily activities and operations of the security operations center (SOC), ensuring continuous monitoring, detection, and response to security incidents. Incident Response: Lead the incident response team in identifying, managing, and resolving security breaches and vulnerabilities. Conduct post-incident analysis and reporting to prevent future occurrences. Security Monitoring: Implement and maintain security monitoring tools and technologies to detect and respond to threats in real-time. Penetration Testing and Vulnerability Scanning: Conduct regular penetration testing and vulnerability scanning to identify and mitigate security weaknesses within the organization's systems and applications. Policy and Compliance: Develop, enforce, and update security policies, procedures, and protocols in alignment with industry standards and regulatory requirements. Ensure compliance with relevant laws and regulations. Team Leadership: Tain, and mentor the security operations team, fostering a culture of continuous improvement and professional development. Risk Management: Conduct regular security risk assessments and implement mitigation strategies to reduce identified risks. Collaboration: Work closely with IT, legal, and other departments to ensure comprehensive security measures are integrated into all business processes. Reporting: Prepare and present regular reports on security operations, incidents, and compliance status to the Customers. Emergency Response: Develop and maintain emergency response plans for security incidents, ensuring the organization is prepared for potential crises. Qualifications: Education: Bachelors degree in Computer Science, Information Security, or a related field.. Experience: Minimum of 7 years of experience in information security, with at least 3 years in a managerial role overseeing security operations. Certifications: Relevant certifications such as CISSP, CISM, CEH, or similar are highly desirable. Technical Skills: Proficient in security technologies such as SIEM, IDS/IPS, firewalls, antivirus software, and endpoint protection. Expertise in conducting penetration testing and vulnerability scanning. AWS Expertise: In-depth knowledge and experience with Amazon Web Services (AWS) security practices and tools. Knowledge: In-depth understanding of security frameworks (e.g., NIST, ISO 27001), compliance requirements (e.g., GDPR, HIPAA), and incident response best practices. Leadership: Strong leadership and team management skills with the ability to motivate and guide a diverse team. Communication: Strong verbal and written communication skills, with the ability to convey complex security issues to non-technical stakeholders. Working Conditions: The role may require occasional on-call work to address security incidents. Must be able to work in a high-pressure environment and handle multiple tasks simultaneously.

Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. You'll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, you'll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. You'll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. We'll look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology 5+years Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English

Job ID: 199874 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking a highly skilled and experienced Senior Governance, Risk, and Compliance (GRC) Specialist to join our dynamic team. The ideal candidate will have a strong background in GRC, with a proven track record of managing and implementing comprehensive risk management and compliance programs, particularly within the EMEA (Europe, Middle East, and Africa) and IMEA (India, Middle East, and Africa) regions. What will your job look like Develop and maintain governance frameworks, policies, and procedures. Ensure compliance with industry standards, regulations, and contractual obligations. Identify, assess, and prioritize security risks, implementing mitigation strategies. Conduct regular risk assessments, audits, and maintain risk registers. Ensure adherence to GDPR, CRA, and other relevant security regulations. Monitor and enforce security compliance across EMEA and IMEA regions. Develop and deliver compliance training programs for employees. Prepare and present security reports to senior management and stakeholders. Collaborate with internal teams and liaise with external auditors and regulators. Communicate security risks and mitigation strategies effectively to stakeholders. All you need is... Bachelor's degree in Business Administration, or a related field. Professional certification (e.g., CISA, CRISC, CISSP) is preferred. Minimum of 6 years of experience in governance, risk management, and compliance. Strong knowledge of relevant laws, regulations, and industry standards, particularly in the EMEA and IMEA regions. Strong understanding of NIST CSF, CIS, ISO 27001, PCI DSS, and Data Protection frameworks. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with experience in defending and explaining security risks and mitigations to customers and stakeholders. Ability to work independently and as part of a team. Proficiency in GRC software and tools. Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

The Auditor, Global IT is responsible for assessing the adequacy of Global Information Technology security and controls for applications and infrastructure throughout Abbott s international and domestic organizations. The IT auditor will execute audit projects using a risk-based approach to help ensure effective testing coverage. They will identify control gaps and other areas of risk exposure related to controls within IT processes and deliver achievable, meaningful recommendations for management to mitigate the identified risks. The individual should have the demonstrated ability to communicate effectively, present professionally, and work we'll with the highest level of Corporate and Division management as we'll as his/her peer group. WHAT you'll DO Execute Information Systems audits throughout Abbotts international and domestic organizations. Assess the design and development of security solutions and their adherence to applicable policies and comply with information security requirements. Prepare and present audit findings to senior management. Maintain comprehensive historical audit work paper documentation that fully supports reported audit results, leveraging established department tools and standards. Proactively communicate with key stakeholders regarding audit status, findings and other relevant issues. Stay abreast of current and emerging security risks. Research new technologies, understand existing processes, and reference recognized standards and frameworks. Work collaboratively with others on the Corporate Audit team to proactively assess organizational IT risks and ensure effective audit coverage. Identify control gaps and other areas of heightened risk exposure related to governance, risk management and internal controls within IT processes. Design and deliver achievable meaningful recommendations for management to mitigate the identified risks. EDUCATION AND EXPERIENCE you'll BRING Required BA/BS degree in Business, Computer Science, Management Information Systems or related field, or equivalent practical experience. 1.5-3+ years of related experience with a top-tier consulting or public accounting firm in one of the following two areas required: Execution of Information Systems audits, including Application, Platform or General IT Controls; or conducting information security assessments or implementing information security controls. Strong interpersonal and communication skills are required. 0-10% travel to Abbotts International and Domestic locations required. Preferred Experience with auditing major ERP systems (ie SAP) Experience with auditing IaaS, PaaS, SaaS services and solutions Experience with SOX audits and compliance requirements Deep insight of best practice standards and frameworks, such as ISO 27001/2 and NIST. Understanding of network and system security technology and practices across major-computing areas. Experience with Technology Risk Management / IT Audit function in Enterprise organizations. Certifications such as HCISPP, CHPS, CISA, CISSP, CISM, CRISC, CIPP. Manufacturing and/or international business experience. Foreign language skills.

The Auditor, Global IT is responsible for assessing the adequacy of Global Information Technology security and controls for applications and infrastructure throughout Abbott s international and domestic organizations. The IT auditor will execute audit projects using a risk-based approach to help ensure effective testing coverage. They will identify control gaps and other areas of risk exposure related to controls within IT processes and deliver achievable, meaningful recommendations for management to mitigate the identified risks. The individual should have the demonstrated ability to communicate effectively, present professionally, and work we'll with the highest level of Corporate and Division management as we'll as his/her peer group. WHAT you'll DO Execute Information Systems audits throughout Abbotts international and domestic organizations. Assess the design and development of security solutions and their adherence to applicable policies and comply with information security requirements. Prepare and present audit findings to senior management. Maintain comprehensive historical audit work paper documentation that fully supports reported audit results, leveraging established department tools and standards. Proactively communicate with key stakeholders regarding audit status, findings and other relevant issues. Stay abreast of current and emerging security risks. Research new technologies, understand existing processes, and reference recognized standards and frameworks. Work collaboratively with others on the Corporate Audit team to proactively assess organizational IT risks and ensure effective audit coverage. Identify control gaps and other areas of heightened risk exposure related to governance, risk management and internal controls within IT processes. Design and deliver achievable meaningful recommendations for management to mitigate the identified risks. EDUCATION AND EXPERIENCE you'll BRING Required BA/BS degree in Business, Computer Science, Management Information Systems or related field, or equivalent practical experience. 1.5-3+ years of related experience with a top-tier consulting or public accounting firm in one of the following two areas required: Execution of Information Systems audits, including Application, Platform or General IT Controls; or conducting information security assessments or implementing information security controls. Strong interpersonal and communication skills are required. 0-10% travel to Abbotts International and Domestic locations required. Preferred Experience with auditing major ERP systems (ie SAP) Experience with auditing IaaS, PaaS, SaaS services and solutions Experience with SOX audits and compliance requirements Deep insight of best practice standards and frameworks, such as ISO 27001/2 and NIST. Understanding of network and system security technology and practices across major-computing areas. Experience with Technology Risk Management / IT Audit function in Enterprise organizations. Certifications such as HCISPP, CHPS, CISA, CISSP, CISM, CRISC, CIPP. Manufacturing and/or international business experience. Foreign language skills.

Job Information Job Opening ID ZR_2405_JOB Date Opened 09/11/2024 Industry IT Services Job Type Work Experience 7-9 years Job Title Senior Cyber Security Consultant City Hyderabad Province Telangana Country India Postal Code 500001 Number of Positions 1 We are seeking a Senior Cyber Security Consultant with extensive experience in enterprise IT security, risk management, and cloud-based security solutions. The ideal candidate will have a deep understanding of managing cyber security risks during digital transformations and will be responsible for leading hands-on engagements and delivering results that address critical security concerns. This role involves working closely with both technical and business teams to identify and mitigate risks in complex environments. Key Responsibilities Leadership in Execution & DeliveryLead hands-on engagements, managing the development of deliverables from start to finish. Work with teams to analyze requirements and produce prioritized results aligned with client needs and risk profiles. Expert Cyber Security AdvisoryProvide expert advice on best practices for managing cyber security risks during digital transformation, including adoption of cloud, DevOps, containerization, microservices, and zero trust frameworks. Security Reviews & AssessmentsConduct security reviews and maturity assessments across technology and business teams to identify and address cyber risks. Provide clear, organized findings and actionable recommendations for risk mitigation. Trusted Engineer for ClientsAct as a trusted advisor and security engineer for customers' engineering teams, ensuring that security is integrated into every phase of digital transformation. Risk and Vulnerability AnalysisAssess and implement security measures to safeguard IT environments. Identify vulnerabilities, focusing on security protocols, cryptography, authentication, authorization, and performance. Security ImplementationLead the implementation of security solutions, including multi-factor authentication (MFA), single sign-on (SSO), identity management, and related technologies. Client Interaction & CommunicationEffectively communicate security measures and solutions to a broad audience, including both technical and executive teams. Manage client expectations with clear, concise verbal and written communication. Continuous Learning & InnovationStay updated with the latest security protocols, vulnerabilities, and best practices to ensure the adoption of the most effective security controls and technologies. Security MaturityWork with clients to evaluate and improve their security maturity, providing insights into the current cyber threat landscape. Minimum Qualifications8+ years of total IT experience. 5+ years of consulting experience in enterprise security environments. Expertise in information security, IT risk management, and performance reliability. Solid understanding of security protocols, cryptography, and authentication technologies. Experience in implementing multi-factor authentication, SSO, and identity management. Ability to explain and enforce security measures to a broad range of stakeholders. Excellent verbal and written communication skills. Degree in Information Technology, Computer Science, or related fields. Preferred QualificationsGoogle Cloud Security Engineer certification. Strong knowledge of infrastructure, OS, application vulnerabilities, security architecture, and controls. 5+ years of experience with cloud computing security concepts and solutions. Security-related certifications such as CISSP, CISM, or GCIH. This position is ideal for individuals with a strong technical background in security, a strategic mindset, and a passion for helping organizations secure their IT environments. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Job Information Job Opening ID ZR_1748_JOB Date Opened 16/03/2023 Industry Technology Job Type Work Experience 6-10 years Job Title Dynamics AX-senior City Mumbai Province Maharashtra Country India Postal Code 400086 Number of Positions 1 AX2012 R3, F&O product knowledge. Understanding of OO (Object Oriented) programming. Experience designing and customizing F&O application. Good knowledge of Microsoft technologies. Experience in X++, Data Management(DIXF), SSRS, Security framework. Responsibilities : Development and support of existing AX 2012 ERP Key Scanners : SSRS, Visual Studio, Dynamics AX. Location : Any Yash Technology location check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Job Information Job Opening ID ZR_1747_JOB Date Opened 16/03/2023 Industry Technology Job Type Work Experience 4-6 years Job Title Dynamics AX-Junior City Pune Province Maharashtra Country India Postal Code 411013 Number of Positions 1 Primary Skills : Dynamics AX AX2012 R3, F&O product knowledge. Understanding of OO (Object Oriented) programming. Experience designing and customizing F&O application. Good knowledge of Microsoft technologies. Experience in X++, Data Management(DIXF), SSRS, Security framework. Responsibilities Development and support of existing AX 2012 ERP Location : Any Yash Technology Location check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : NA Minimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have influencing and Advisory skills. Engage with multiple teams and responsible for team decisions. Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems. Lead the planning, execution, and monitoring of Security Services projects. Collaborate with cross-functional teams to ensure project success. Provide guidance and mentorship to junior team members. Develop and implement strategies to enhance Security Delivery Governance. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Delivery Governance. Strong understanding of security frameworks and compliance standards. Experience in risk management and mitigation strategies. Knowledge of security technologies and tools. Good To Have Skills: Security certifications such as CISSP or CISM. Additional Information: The candidate should have a minimum of 18 years of experience in Security Delivery Governance. This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works on Vendor IT Security risk assessment/ Third Party Risk management Monitor Security posture and appraise Senior Leadership on the posture. Conduct phishing campaigns that includes analysis of phishing emails and develop reports. Experience in performing Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems. Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc. Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization. Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques JOB FUNCTIONS AND RESPONSIBILITIES Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed. Perform and oversee Information Security Policy Framework Recommend appropriate corrective actions and remediation plans for risks identified. Assist in developing the implementation of risk mitigation measures. Work with the Business functions to ensure security standards are in-line with Onity s risk management and information security policies. Plan and execute vendor IT and Security audit programs in-line with Onity s risk management policies. EDUCATION / EXPERIENCE 1-3 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles Bachelor s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage. Preferred Certifications CGEIT or CISM CISSP ISO 27001 Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders. Experience in Information Security or demonstrated knowledge on Information Security Operations. Demonstrated experience in a multi-vendor environment. Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc. WORK SCHEDULE OR TRAVEL REQUIREMENTS 2 PM to 11 PM

At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisations Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. The position is within the Information Security team. Main activities will include but are not limited to: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so. Qualifications and Experience Bachelor s degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred. Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme 2 paid volunteering days and a range of community-based initiatives to get involved in Parental (including secondary) leave policy Free meals and transport We make hiring decisions based on your experience, skills and passion so even if you don t match every listed skill or tick all the boxes, we d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits.

Required Skills Technology | Scripting and Automation | Level 2 Support Technology | Network Security Fundamentals | Level 3 Support Technology | Secured Configuration Management | Level 3 Support Technology | Incident and Breach Response | Level 2 Support Technology | Endpoint Encryption | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Certified Endpoint Detection and Response Professional/Certified Endpoint Security Administrator/Microsoft Certified: MD-100/CompTIA CySA+/CISSP/CISM/Cisco Certified CyberOps Associate/VMware Certified Professional - Desktop and Mobility Delivery Skills required are: - Advanced Technical Proficiency: - *Mastery of endpoint security solutions such as antivirus, endpoint detection and response (EDR), endpoint protection platforms (EPP), and mobile device management (MDM) systems. *Ability to configure, manage, and troubleshoot advanced endpoint security technologies effectively. *Advanced skills in conducting vulnerability assessments, prioritizing vulnerabilities, and overseeing remediation efforts across endpoint devices. Strategic Oversight and Management: - *Strategic oversight of endpoint security operations, including policy development, deployment strategies, and performance monitoring. *Collaboration with IT teams, network security specialists, compliance officers, and senior management to integrate endpoint security initiatives with broader organizational security strategies. *Facilitation of collaborative efforts to improve endpoint security posture and incident response capabilities. Communication and Stakeholder Management: - *Clear and concise communication of complex technical concepts, security risks, and recommendations to stakeholders at all levels. *Ability to articulate endpoint security issues, incident findings, and remediation strategies effectively. *Comprehensive documentation of endpoint security incidents, investigations, and remediation activities. Continuous Improvement and Adaptability: - *Commitment to staying updated with the latest cybersecurity trends, emerging threats, and technologies through ongoing training, certifications, and industry participation. *Implementation of continuous improvement initiatives to enhance endpoint security operations and resilience against evolving threats.

Required Skills Technology | Scripting languages for Automation of IAM Process | Level 2 Support Technology | MS AADFS Identity Protection, AAA | Level 3 Support Technology | Security compliance standards and regulatory Audits | Level 3 Support Technology | Sailpoint IDAM Platform | Level 2 Support Technology | Privilege Access Management | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | CISSP/CISM/CIAM/Certified Authorization Professional/CISA/CEH/Certified Information Privacy Professional/Cisco Certified Network Professional - Security/SailPoint Certified IdentityIQ Engineer/SailPoint Certified IdentityIQ Architect Delivery Skills required are: - Advanced Technical Proficiency: - *Mastery of advanced IAM and AAA technologies, including Identity lifecycle management systems *Management of privileged access and entitlements across enterprise systems. *Advanced knowledge of identity governance processes, including identity provisioning, de-provisioning, access recertification, and compliance auditing. Strategic Oversight and Management: - *Development and implementation of IAM strategies, roadmaps, and architectural designs to meet business objectives and security requirements. *Integration of IAM solutions with business processes and enterprise applications. *Conducting comprehensive risk assessments and threat modeling related to IAM and AAA systems. Communication and Stakeholder Management: - *Clear articulation of complex IAM and AAA concepts, risks, and strategies to technical and non-technical stakeholders, including executive leadership. *Comprehensive documentation of IAM architecture, policies, procedures, and incident response plans. *Preparation of detailed reports, metrics, and presentations for executive management, auditors, and regulatory authorities. Continuous Improvement and Innovation: - *Commitment to staying at the forefront of IAM technologies, emerging trends, and industry best practices through continuous education, certifications, and participation in professional communities. *Implementation of innovative solutions and continuous improvement initiatives to enhance IAM and AAA capabilities and efficiency.