543 Cism Jobs - Page 4

Required Skills Technology | Scripting and Automation | Level 2 Support Technology | Network Security Fundamentals | Level 4 Support Technology | Project Management | Level 4 Support Technology | Incident and Breach Response | Level 4 Support Technology | Technology Integration | Level 4 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Certified EDR Professional/Certified Endpoint Security Administrator/Microsoft Certified: MD-100/CompTIA Cybersecurity Analyst/CISSP/CISM/Cisco Certified CyberOps Associate/VMware Certified Professional - Desktop and Mobility Delivery Skills required are: - Technical Expertise: - *Proficiency in managing and configuring endpoint security technologies such as antivirus, endpoint detection and response (EDR), endpoint protection platforms (EPP), and mobile device management (MDM) systems. *Ability to implement and manage advanced endpoint security controls and policies to protect against emerging threats. *Experience in conducting and overseeing vulnerability assessments across endpoint devices. Strategic Oversight and Management: - *Strategic oversight of endpoint security operations, including policy development, deployment strategies, and performance monitoring. *Development and optimization of endpoint security policies, standards, and procedures to align with organizational objectives and industry best practices. *Facilitation of collaborative efforts to enhance endpoint security posture and incident response capabilities. Communication and Stakeholder Management: - *Clear and concise communication of technical security issues, incident findings, and remediation strategies to stakeholders at all levels. *Regular reporting on endpoint security metrics, trends, and operational performance to senior management and other stakeholders. *Comprehensive documentation of endpoint security incidents, investigations, and remediation activities. Continuous Improvement and Adaptability: - *Commitment to staying updated with the latest cybersecurity trends, threats, and technologies through ongoing training, certifications, and professional development. *Implementation of continuous improvement initiatives to enhance endpoint security operations and resilience against evolving threats. Value Proposition: - Understand the existing environment and propose any opportunity of improvement. Look at nagging issues in the environment and come out with Get Around solutions by working with vendors and industry experts

Role & responsibilities Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the data protection & confidentiality policy such as the principles of data processing, data subjects rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches. Policy and Procedure Development: Design, implement, and maintain data protection policies and procedures in line with relevant laws and best practices. Monitoring Compliance: Ensure the organization's adherence to privacy and data protection regulations, and regularly review the effectiveness of data protection controls. Legal Support & Data Protection Impact Assessments (DPIA): Oversee DPIAs to evaluate potential risks associated with the processing of personal data and provide legal guidance to mitigate those risks. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify and minimize privacy risks, and implement measures for risk management and mitigation. Data Protection Training & Awareness: Develop and deliver data protection training to all staff members, raising awareness of data security and privacy best practices. Vendor & Third-Party Risk Management: Evaluate and manage risks associated with third-party service providers and vendors to ensure their compliance with data protection requirements. Data Governance & Data Stewardship: Establish and oversee the organizations data governance framework, ensuring proper management, usage, and protection of data assets. Data Subject Requests (DSR) Management: Manage requests from data subjects regarding access to personal data, data deletion, or other data-related queries, ensuring full compliance with data protection regulations. Overall responsibility for monitoring compliance with Data Protection Policy; Liaison with IT to collect Data Leakage Prevention reports and analyse them. Identify and monitor the data processors whilst at work, ensuring that they deal with data in a manner consistent with the key data protection principles. To build understanding and awareness of data privacy issues throughout the organization, the DPO must have excellent communication and presentation skills Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide organizational compliance and conformance reports on privacy and data protection to the top management. Provide guidance to delivery and support functions on processing of personal data. Conduct Assessments, Review processes, identify gaps, and suggest mitigation and follow-up on the closure of identified gaps. Maintain data flow maps for the process where personal data is processed. Undertake data protection and privacy compliance audits in accordance with applicable requirements Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Take into account the risk associated with processing activities being undertaken and be able to advise the business accordingly having regard to the nature, scope, context and purposes of the processing. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Development and update a comprehensive privacy awareness training program and promote awareness across the company Preferred candidate profile Education: Bachelor's degree in Law, IT, Computer Science, or a related field. A Masters degree in Data Privacy, Information Security, or Cyber Law is highly desirable. • Certifications (Required): Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM) Certified Information Security Manager (CISM) • Certifications (Good to have): Certified Data Privacy Solutions Engineer (CDPSE) ,Certified Information Systems Security Professional (CISSP) Experience: Minimum of 12-14 years of experience in Data Security, Privacy Management, or Information Security. Extensive experience with privacy laws and regulations, including GDPR, CCPA, DPDP Act, etc. Proven track record of implementing and managing data protection and privacy programs in large organizations

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works on Vendor IT Security risk assessment/ Third Party Risk management Monitor Security posture and appraise Senior Leadership on the posture. Conduct phishing campaigns that includes analysis of phishing emails and develop reports. Experience in performing Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems. Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc. Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization. Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques JOB FUNCTIONS AND RESPONSIBILITIES Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed. Perform and oversee Information Security Policy Framework Recommend appropriate corrective actions and remediation plans for risks identified. Assist in developing the implementation of risk mitigation measures. Work with the Business functions to ensure security standards are in-line with Onity s risk management and information security policies. Plan and execute vendor IT and Security audit programs in-line with Onity s risk management policies. EDUCATION / EXPERIENCE 1-3 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles Bachelor s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage. Preferred Certifications CGEIT or CISM CISSP ISO 27001 Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders. Experience in Information Security or demonstrated knowledge on Information Security Operations. Demonstrated experience in a multi-vendor environment. Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc. WORK SCHEDULE OR TRAVEL REQUIREMENTS 2 PM to 11 PM

End Date Thursday 27 November 2025 We Support Flexible Working - Click here for more information on flexible working options Flexible Working Options Hybrid Working Job Description Summary Provide insightful, high quality analysis, advice and guidance in a specific area of risk, executing control and tailored to senior stakeholder needs. May lead a team of risk specialists and deputise for more senior colleagues Job Description Job Title: India IT Compliance - Central Role Grade: E Country: India Location: Hyderabad Lloyds Technology Centre, Hyderabad, India Work for Lloyds Technology Centre who are part of Lloyds Banking Group, the UKs largest digital bank, where you ll make a genuine difference, be able to develop yourself and be part of a culture where everyones contribution is recognized. Opportunity to be a part of a mission; shaping finance as a force for good - Lloyds Banking Group s mission is to create a sustainable and inclusive future for people and businesses, shaping finance as a force for good. We, at Lloyds Technology Centre, play a key part in delivering this*. We are also guided by our values in shaping the way we work and how we make decisions. This creates an environment where colleagues love to work and can make a positive impact. Range of exclusive benefits and rewards - We value your contributions and will ensure that your total reward experience reflects the expertise you bring and impact you create. We also strive to provide a holistic proposition that meets your wellbeing needs. Our total reward practices help us create an ecosystem where you can thrive, ensuring your essential needs are met so you can focus on your personal growth and future success. What you ll do: As the Risk Partner, you will be acting as a source of trusted professional expertise to evaluate, review, investigate, challenge & mitigate the potential for risk in assigned areas of Lloyds Technology Centre, India (LTC). You will be supporting the Senior Compliance Manager in the development of, and support and challenge the implementation of short, medium, and long-term plans in the context of the strategic direction, taking into account the risk appetite, governance and regulatory requirements with a focus on developing a compliance program for LTC India. Your key responsibilities will be. Develop, implement, and update cybersecurity policies and procedures to ensure compliance with applicable laws, regulations, and industry standards, such as GDPR, DPDPA, Cert-In, ISO 27001, NIST, etc. Conduct regular compliance audits and assessments to identify areas of risk or non-compliance and recommend corrective actions. Provide guidance and training to employees on IT compliance-related matters, including regulatory requirements and ethical standards. Collaborate with IT and cybersecurity teams to implement technical controls and measures to protect against cyber threats and data breaches. Monitor and respond to cybersecurity incidents and breaches, including conducting investigations and coordinating remediation efforts. Prepare and submit compliance reports to regulatory agencies and stakeholders, ensuring accuracy and timeliness. Maintain documentation and records related to cybersecurity compliance activities, including audit findings, risk assessments, and incident response efforts. What you ll need: 11 to 17 years of experience in cybersecurity and IT compliance roles, with a deep understanding of relevant laws, regulations, and industry standards. Strong technical knowledge of cybersecurity principles, technologies, and best practices, including network security, encryption, access controls, and incident response. Excellent analytical and problem-solving skills, with the ability to identify compliance risks and develop effective solutions. Outstanding communication and interpersonal skills, with the ability to effectively collaborate with colleagues at all levels of the organization. Detail-oriented and organized, with the ability to manage multiple tasks and priorities in a fast-paced environment. High level of integrity and ethical conduct, with a commitment to upholding the companys values and compliance standards. Nice to have skills: CRISC, CISA, CISM or equivalent Certification would be an advantage. Experience of using collaboration platforms like Confluence / JIRA and ServiceNow. Strong commitment to data security principles and maintaining confidentiality. Qualifications: Bachelors degree in computer science, information technology, cybersecurity, or a related field Excellent written and verbal communication skills. Cybersecurity, data and risk management knowledge and experience.

Job Title Senior Manager - Cybersecurity and Cyber Defense Center Direct Supervisor VP - Cybersecurity and Cyber Defense Center Job Purpose To develop, manage, and execute cyber security project across Mashreq to Lead and oversee the strategic operations of the Cyber Defense Center (CDC) to ensure effective monitoring, detection, analysis, and response to advanced cybersecurity threats. Develop and implement security strategies, policies, and procedures to manage and mitigate risks across the organization. Guide and mentor the team in using SIEM platforms (Azure Sentinel & ArcSight preferred) and other security solutions to address complex and critical security events. Coordinate with senior leadership and external stakeholders to enhance the organization's security posture and ensure compliance with regulatory requirements. Dimensions Key Result Areas Strategic Security Management: Develop and implement strategies for monitoring and responding to security events from SIEM systems (Azure Sentinel & ArcSight preferred). Analyze and respond to security events from diverse data sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications. Advanced Threat and Incident Management: Create and refine alert rules and logic in SIEM to detect significant events and threats. Perform precise, real-time analysis and correlation of logs/alerts from multiple sources. Utilize established policies, standards, and procedures to classify security alerts as incidents and guide incident response efforts. Leadership and Improvement: Improve incident response times and reduce false positives by refining detection capabilities and processes. Assist in the design, implementation, and execution of security awareness programs and risk-based security controls analysis. Update and enhance processes and policies (SOPs, playbooks, runbooks) with a deep understanding of cybersecurity best practices. Cross-Functional Collaboration: Collaborate with compliance, audit, and regulatory teams to provide necessary information, data, and evidence. Keep up-to-date with industry knowledge and trends to maintain a high level of security proficiency. Key Principles Strategic Leadership: Provide strategic direction and leadership to the Cyber Defense Center, ensuring alignment with organizational goals and cybersecurity best practices. Enhanced Threat Detection and Response: Drive improvements in threat detection and response capabilities, ensuring accurate identification and swift remediation of security incidents. Continuous Process Improvement: Continuously evaluate and enhance security processes and policies to adapt to evolving threats and improve operational efficiency. Effective Communication and Collaboration: Maintain strong communication with internal teams, senior management, and external stakeholders to ensure effective security management and compliance. Ethical and Professional Standards: Uphold high ethical standards in all security practices, ensuring compliance with regulations and protecting sensitive information. Operating Environment, Framework and Boundaries, Working Relationships Information Security / Cyber Security Regulations and Industry best practices. HO (Head Office) and International Regulators and Supervisors across the bank is operating. All business units including LOD 1-3 including LOD1 – Business, Tech GRC, Technology, LOD-2 Group Compliance, Fraud Prevention, Risk Management and LOD-3 Internal Audit. Problem Solving Proactive and Strategic Problem Solving: Lead proactive monitoring and root cause analysis of security incidents to address underlying issues effectively. Provide strategic guidance during incident response activities for complex security incidents. Log Source Management and Optimization: Oversee the onboarding and integration of new log sources, optimizing data accuracy and enhancing threat detection capabilities. Decision Making Authority & Responsibility Evaluation and Innovation: Lead evaluations and Proof of Concept (PoC) for new security solutions and technologies, driving innovation in security practices. Security Metrics and Architecture: Monitor and analyze key security metrics to ensure alignment with security standards and contribute to the development of Security Reference Architecture. Policy and Strategy Development: Guide the creation and refinement of security policies, including scope and control decisions, ensuring alignment with organizational and regulatory requirements. High-Level Collaboration: Collaborate with senior management, vendor personnel, and other teams to achieve security objectives with minimal supervision. Knowledge, Skills, and Experience Educational Background: Graduate/Postgraduate degree in Science, Engineering, or IT. Certifications: Minimum of 2 professional certifications from CISSP, CISM, CRISC, CISA, or equivalent. Experience: Extensive experience in SIEM design and implementation, with a strong background in Cyber Defense Center or Security Operations Center roles. Over 12 years of experience in SOC & CDC, with proven leadership skills and expertise in managing complex security operations. Skills: Proficiency in managing SIEM policies and enhancing security operations. Strong analytical skills for evaluating security requirements and implementing appropriate controls. Excellent documentation and report writing skills. Knowledge of the banking environment is advantageous.

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

Job Title: Cyber Organization alignment Compliance Location: Remote Experience: 10 -15 Years Job Description: The Information Security Cyber Organization Alignment role is focused on the strategic alignment of information security practices with the bank s overall risk management strategy, compliance requirements, and governance frameworks. The role focuses on driving Information Security Governance, Risk, and Compliance (GRC) initiatives to strengthen the bank s security posture while ensuring alignment with regulatory and business objectives. through effective processes i.e., risk tracking, compliance monitoring, RCSA, evaluating exceptions, and ensuring accurate reporting. The role ensures the right level of governance is in place and drives continuous improvement in risk management processes. The role leverages automation to streamline processes and enhance risk visibility across Information Security Group through managing GRC solutions Key Responsibilites: Essential knowledge Have around 10+ years of experience in a Banking environment and over 3 years of experience in information security. Familiarity with information security technologies, risk, threat and vulnerability assessments, and security measures. Experience with governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, GDPR, PDPL). Hold professional certifications (e.g., CISA, CISM, CISSP, CRISC) Skills and Application Strong communication and interpersonal skills. Ability to manage multiple projects and priorities. Proficiency in security tools and technologies. Strategic Insight Foster a culture of security awareness and compliance within the organization. Continuously improve the information security posture of the organization. Ensure that information security risks are effectively managed and mitigated

Job Title: Cyber Awareness Specialist Location: Remote Experience: 10 -15 Years Job Description: The Cyber Security Awareness Specialist plays a critical role in maturing cyber security awareness program. The specialist is responsible for fostering a culture where Cybersecurity is embedded in their roles in protecting the Bank s assets and information and integrating cybersecurity awareness into the banks broader security strategy, ensuring a proactive and informed workforce that upholds the bank s commitment to data protection and risk management . Key Responsibilities : Develop and deliver a Cybersecurity Training program. Plan and execute Cybersecurity Awareness Campaigns to promote cybersecurity. Advocate for cybersecurity policies and best practices. Monitor training effectiveness and report on progress Essential knowledge: Have a minimum of 10 years of experience in cybersecurity awareness, training, or related roles preferably within the banking or financial services industry. Strong knowledge of cybersecurity principles, threats, and best practices. Excellent communication, presentation, and interpersonal skills. Proficiency in using tools for creating digital training materials (e.g., e-learning platforms, video editing software). Familiarity with phishing simulation tools, wargaming tools (e.g., Defender, Conductrr etc.) and methodologies. Experience managing relationships with senior and executives. Familiarity with information security technologies, risk, threat and vulnerability assessments, and security measures. Knowledge of information security regulatory and compliance requirements. Skills and Application: Support in the development and implementation of comprehensive information security awareness program in alignment with the Information Security Group strategy. Oversees awareness program and ensuring key metrics are managed within risk appetite level. Strategic Insight: Cultivates an organizational culture inside that prioritizes and encourages proactive information security practices and continuous improvement across all departments. Integrate information security considerations into ISG strategies, recognizing the importance of information security in achieving ISG objectives and competitive advantage. Communicates the strategic value of Information Security and Data to executive leadership and key stakeholders, advocating for resources and support to strengthen the banks capabilities. Key Competencies: Creativity and ability to craft engaging, informative materials for diverse audiences. Analytical skills to assess training effectiveness and identify risks. Strong organizational and project management skills. A proactive mindset and enthusiasm for fostering a culture of cybersecurity awareness. Professional certifications: CISA, CISM, CISSP, CRISC, ISO27001 LA/LI etc.

Job Title: Information Security Risk Management (IRM) Location: Remote Experience: 15 -20 Years Job Description: This role is responsible for developing, managing, and executing the Information Security Risk Management program . The incumbent will play a critical role in ensuring the banks resilience by effectively identifying, assessing, and mitigating information security risks, both internally and from external parties. Main responsibilities are to: Contribute to the cybersecurity strategy of the bank to expand with secure and reliable service offerings. Improve the bank s ability to identify, assess, and mitigate risks within our environment, and risk posed by external suppliers who access the bank environment and data. Drive operational resilience through visibility on third party resiliency measures. Ensure an in-built approach to build a resilient security posture. Establish a well-structured third-party risk management program that adheres to best practices. Key Responsibilites: A mid senior level officer with sound knowledge and expertise in information security risk management with experience of managing enterprise projects and of direct and in-direct relationship with senior and executive management. Strong experience and knowledge across the Information Security and Cyber Security domains including governance, policy procedures, compliance management, risk management and security incident response etc. Strong interpersonal, analytical, and technical skills with strong decision making and prioritization skills. Sound knowledge and expertise in conducting risk assessment. Minimum 12+ years of experience in Information Security domain with expertise in TPRM, Supplier risk assessment, Risk management, ISMS etc. Minimum 4+ years of experience in Project management of complex engagements with multiple stakeholder interaction and advisory support to the clients. Experience of working in the banking domain or with banking/payment industry clients.

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZS’s India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What You’ll Do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk. Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Our Purpose Title and Summary Senior Security Monitoring and Response Analyst The Crisis Management Team, a specialized group within Corporate Security, is trained to identify, manage, and resolve incidents involving computer, data, and physical security. The team leads Mastercards response efforts to such incidents, ensuring a strategic and coordinated approach. This role is responsible for managing global incident response and emergency management efforts, addressing challenges arising from security-related incidents. The position involves researching, analyzing, reporting, tracking, and facilitating the resolution of incidents as a key member of the Crisis Management Team. If you have experience managing major incidents or crises, thrive under pressure, and possess strong analytical skills alongside exceptional written and oral communication abilities, this opportunity could be an excellent fit for you. Key Responsibilities Support and lead the management of high-risk or large-scale global incidents, following documented processes, while overseeing the day-to-day operational aspects of crisis management. Identify and implement opportunities to improve and streamline processes. Gather incident details, manage assigned tasks, and ensure timely communication to relevant internal stakeholder teams. Collaborate with regional teams to coordinate responses to global incidents, ensuring alignment and effective resolution. Oversee the program management, training, development, and operational support of crisis management initiatives. Maintain strict confidentiality of all records, communications, and information related to incidents. All About You Exceptional communication skills, including the ability to craft effective communication strategies and draft messages during crisis situations. Experience in security, with advanced technical expertise in incident response, crisis management, and emergency management. Strong executive presence, with a proven ability to manage without direct authority and influence peers, stakeholders, and senior leadership. Highly motivated self-starter who excels in a fast-paced environment, with the ability to remain calm and focused under pressure. Superior time management, planning, and organizational skills, with the ability to adapt to shifting priorities and solve problems analytically. Outstanding interpersonal skills and proven ability to build and maintain strong relationships with stakeholders and partners. Excellent project management experience, including leading cross-functional teams. Preferred certifications include CISSP, CBCP, GCIH, CISM, or CIPP. Familiarity with international data breach notification laws.

Come, be a part of a growing team where you can make an impact! If tackling problems and designing disruptive solutions is your passion, we have the platform for you. Encouraging leadership and supportive mentors will give wings to your ideas. Join us and grow with us! Jobs SOC & ISO 27001 Compliance Specialist Role Remote 29th May 2025 Somnetics is looking for a SOC & ISO 27001 Compliance Specialist for Information Security / Compliance Department. The individual will report to Information Security Manager / Compliance Manager. Key Responsibilities : Compliance Management: Implement and maintain SOC 2 & ISO 27001 controls. Manage internal/external audits and remediation. Policy & Procedure Oversight: Develop and update security policies. Promote compliance awareness across teams. Risk Management: Conduct risk assessments and treatment planning. Monitor and report security risks and gaps. Collaboration & Training: Coordinate with IT, legal, HR for compliance efforts. Train staff on security and compliance practices. Continuous Improvement: Enhance security processes and controls. Stay updated on industry trends and regulations. Requirements: : Education & Experience: Bachelor s in InfoSec, CS, or related field. 3 5 years in compliance/information security. Hands-on with SOC 2 & ISO 27001 audits. Preferred Certifications: ISO 27001 Lead Implementer/Auditor CISA / CISM / CISSP Skills: Strong in SOC 2, ISO 27001, and risk management. Excellent documentation & communication skills. Familiarity with GRC and audit tools. Key Competencies: : Analytical Thinking Attention to Detail Problem Solving Project Management

Senior Security Monitoring and Response Analyst The Crisis Management Team, a specialized group within Corporate Security, is trained to identify, manage, and resolve incidents involving computer, data, and physical security. The team leads Mastercards response efforts to such incidents, ensuring a strategic and coordinated approach. This role is responsible for managing global incident response and emergency management efforts, addressing challenges arising from security-related incidents. The position involves researching, analyzing, reporting, tracking, and facilitating the resolution of incidents as a key member of the Crisis Management Team. If you have experience managing major incidents or crises, thrive under pressure, and possess strong analytical skills alongside exceptional written and oral communication abilities, this opportunity could be an excellent fit for you. Key Responsibilities Support and lead the management of high-risk or large-scale global incidents, following documented processes, while overseeing the day-to-day operational aspects of crisis management. Identify and implement opportunities to improve and streamline processes. Gather incident details, manage assigned tasks, and ensure timely communication to relevant internal stakeholder teams. Collaborate with regional teams to coordinate responses to global incidents, ensuring alignment and effective resolution. Oversee the program management, training, development, and operational support of crisis management initiatives. Maintain strict confidentiality of all records, communications, and information related to incidents. All About You Exceptional communication skills, including the ability to craft effective communication strategies and draft messages during crisis situations. Experience in security, with advanced technical expertise in incident response, crisis management, and emergency management. Strong executive presence, with a proven ability to manage without direct authority and influence peers, stakeholders, and senior leadership. Highly motivated self-starter who excels in a fast-paced environment, with the ability to remain calm and focused under pressure. Superior time management, planning, and organizational skills, with the ability to adapt to shifting priorities and solve problems analytically. Outstanding interpersonal skills and proven ability to build and maintain strong relationships with stakeholders and partners. Excellent project management experience, including leading cross-functional teams. Preferred certifications include CISSP, CBCP, GCIH, CISM, or CIPP. Familiarity with international data breach notification laws.

Sr. Cyber Security Analyst POSITION PURPOSE: This role is responsible for assessing, managing, and enhancing the security measures of Bayer s systems, networks, and data. Especially using data analytics for monitoring of Bayers security systems and applications. YOUR TASKS AND RESPONSIBILITIES: Oversee security alerts and incidents, executing timely responses to mitigate potential risks and minimize operational impact. Collaborate with IT and security personnel to implement and verify the effectiveness of comprehensive security protocols. Remain updated on current cybersecurity developments, threats, and industry best practices to enhance the organizations security framework. Monitor and evaluate operational logs, event console activities, intelligence feeds, and pertinent data to detect security-related occurrences and trends, ensuring compliance with established industry standards and regulations such as ISO 27001, NIST, and GDPR. Develop and refine cybersecurity processes and protocols, ensuring adherence to relevant industry standards and regulatory requirements. Perform analysis and testing to identify vulnerabilities, misconfigurations, or other security exposures Conduct root cause analyses and investigations to recommend prevention strategies and configuration modifications. Execute penetration testing to identify vulnerabilities within infrastructure, web applications, and other systems, differentiating between vulnerability assessments and penetration testing methodologies. Investigate incidents and respond to events in real time. WHO YOU ARE: BS or MA in computer science, information security, cybersecurity, or a related field, though relevant working experience may be considered an equivalent with 8+years of experience Experience in IT audit, network operations, enterprise risk management, penetration testing, red team/incident response, or as a junior security operations analyst Experience with regulatory compliance and information security management frameworks, such as ISO 27000, COBIT, and NIST 800. Professional certifications such as CCP-SIRA (Senior), CISSP, and ISACA certifications, along with familiarity with standards like BSI ISO 27001 and PCI DSS Further certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA, EC-Council (CSA) SOC Experience monitoring SIEM systems and tools Experience with network and security technologies, such as firewalls, IDS/IPS Experience configuring and utilizing vulnerability assessment technologies Experience with monitoring networks, detecting threats, and responding to incidents Proficiency in report writing, investigational techniques, and communicating to large audiences Ever feel burnt out by bureaucracy? Us too. Thats why were changing the way we work- for higher productivity, faster innovation, and better results. We call it Dynamic Shared Ownership (DSO). Learn more about what DSO will mean for you in your new role here https: / / www.bayer.com / enfstrategyfstrategy Bayer does not charge any fees whatsoever for recruitment process. Please do not entertain such demand for payment by any individuals / entities in connection with recruitment with any Bayer Group entity(ies) worldwide under any pretext. Please don t rely upon any unsolicited email from email addresses not ending with domain name bayer.com or job advertisements referring you to an email address that does not end with bayer.com . For checking the authenticity of such emails or advertisement you may approach us at HROP_INDIA@BAYER.COM. Division: Enabling Functions Reference Code: 847153

FS XSector Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC Learn more about us . & Summary We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall , web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets Bachelor s degree ( minimum requirement). 2- 8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite , Mimikatz , Cobalt Strike, PowerSploit , Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NYDFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required 2 12 + years Education qualification B.Tech Education Degrees/Field of Study required Bachelor of Technology Degrees/Field of Study preferred Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} No

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets IT Risk , ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets Stakeholder Management , Team Management Years of Experience Required 3 + Years Education Qualification BE, B.Tech , M.Tech , MCA, MBA graduates . Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration, Master of Engineering Degrees/Field of Study preferred Required Skills Information Technology (IT) Risk Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations , partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Strong communication , presentation skills with stakeholder management Good Information Security background both technical and functional. Technical background managing network security, endpoint security, threat intelligence, and risk and incident management. Experience with compliance frameworks and standards, such as PCI DSS, NIST, ISO27001, etc. Prior IT risk management experience a must Have experience with ISO 27001 implementation engagements. Experience with NIST CSF assessments. Exposure to data privacy assessments Plan, evaluate, and direct complex security programs covering multiple and inparallel projects. Understand key Cyber Security considerations including key Cyber Security Risks and projects and innovations Track projects/remediation activities Work independently and prioritize multiple tasks and adapt to needed changes Handle and track remediation of open findings/action items with relevant teams Good to have requirements Prior Big4 experience a plus Certifications such as CISSP, CISM,CISA , ISO 27001 , a plu s Mandatory Skill Sets Experience on network security, endpoint security, threat intelligence, and risk and incident management. Compliance frameworks and standards, such as PCI DSS, NIST, ISO27001, etc. Prior IT risk management ISO 27001 implementation NIST CSF assessment D ata privacy assessments Preferred Skill Sets Prior Big4 experience a plus Certifications such as CISSP, CISM,CISA , ISO 27001 , a plu s Years of Experience Required 3 + Years Education Qualification Bachelor s degree in C omputer S cience , Information Technology, Cybersecurity, or a related field Advanced degrees and relevant professional certifications are highly desirable. Education Degrees/Field of Study required Bachelor of Technology Degrees/Field of Study preferred Required Skills Information Technology General Controls (ITGC) Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

Experience in a combination of risk management, information security & and IT jobs. At least 8 years in a senior management role in an information security function. – (Added information security certification if any) (CISSP, CISM, etc.). Required Candidate profile Extensive knowledge and experience in information security and IT risk management. Strong leadership skills and the ability to work effectively with Department Head, IT engineering

Exp: 5+ yrs Industry: only Fintech or Financial Institute Job Description: Cybersecurity Officer BB Bharat Pvt. Ltd. is an aspiring global financial services firm with presence in the Gift City in Gujarat, India. The entity is able to leverage the expertise of Policies, Brand, Expertise and clientele from other related on-going financial services entities head-quartered in Singapore. We facilitate the opening of bank accounts, enable their ongoing management, and ensure their reliable, secure, and efficient cross-border fund flows. We achieve this through an extensive network of global partner banks, a robust in-house open banking platform, and our competent team that delivers knowledgeable private banking experience of proactive, high quality customer service across time zones. We are looking for an experienced and enterprising Cybersecurity Officer to join an international team of experts in banking, compliance, and corporate account management to drive our growing operations. Job description and responsibilities: Key Responsibilities: * Develop, maintain, and enforce cybersecurity policies, procedures, and protocols. * Monitor systems, investigate threats, and manage incident response and recovery. * Conduct audits, vulnerability assessments, and penetration testing. * Implement and maintain firewalls, antivirus, encryption, and other security tools. * Collaborate with cross-functional teams to ensure organization-wide security. * Lead employee training and awareness on cybersecurity best practices. * Stay updated on emerging threats and evolving technologies. * Ensure compliance with frameworks (ISO 27001, NIST, GDPR, etc.). * Support risk assessments and business continuity planning. Required Skills & Qualifications: * Strong knowledge of NIST, GDPR, AWS Well-Architected Framework, CIS Benchmarks, ISO 27001, PCI-DSS, BCP/DR, MAS TRM, MAS Cyber Hygiene, and BNM-RMIT. * Certifications: CISSP, CISO, CEH, CISA, or CISM. * Experience in developing and reviewing IS policies, procedures, guidelines, and SOPs. * Over 5 years of experience in cybersecurity or IT security roles, including 2+ years focused on Information Security or Enterprise Risk (preferably within the financial services sector). * Background in IT Security, Cybersecurity, Governance, Risk, or Audit is a plus. * Familiarity with secure-by-design implementations. * Proficient in network/system security, firewalls, IDS, and encryption. * Strong analytical, communication, and project management skills. * Able to manage multiple priorities in high-pressure environments. * Experience with ISO 20022 (optional).

locationsBangalore, Indiaposted onPosted 11 Days Ago job requisition id30648 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". Cyber Security - Director What Youll Contribute A pplicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What Were Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflectingourcore valuesAct Like an Owner, DelightOurCustomers and Earn the Respect of Others. The opportunitytomake an impact and develop professionally by leveraging yourunique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourageyoutobring yourbest every day and be recognized for doing so. An engaging, people-first work environmentoffering work/life balance, employee resource groups, and social eventstopromote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

Key Responsibilities: Lead the identification and development of innovative cybersecurity solutions, products, and services to improve operational efficiency and client experience. Develop and execute automation strategies across security operations processes, from threat detection to incident response, leveraging technologies such as SOAR (Security Orchestration, Automation, and Response), AI, and machine learning. Act as the primary SPOC for all innovation and automation initiatives, collaborating with internal teams (e. g. , SOC, Engineering, Product, and Customer Success) to ensure alignment with business goals. Evaluate and implement emerging cybersecurity technologies, tools, and platforms to enhance the efficiency and effectiveness of our MSSP services. Identify and drive improvements in workflows, playbooks, and standard operating procedures (SOPs) within security operations to enhance productivity, reduce manual interventions, and minimize response times. Support pre-sales and post-sales teams by providing technical expertise in automation and innovation to clients, ensuring solutions are tailored to client-specific needs and delivering measurable outcomes. Define, track, and report on the success of automation and innovation initiatives using KPIs and performance metrics. Stay up-to-date with industry trends, new technologies, and best practices to ensure our services remain competitive and innovative. Provide training, guidance, and mentoring to team members on new automation practices, tools, and technologies. Required Qualifications: 5-10 years of experience in cybersecurity, with a focus on security operations, automation, and innovation. Strong understanding of MSSP operations, including incident detection, response, and service delivery. Experience with automation tools and platforms such as SOAR (e. g. , Palo Alto Cortex XSOAR, Splunk Phantom), orchestration frameworks, and AI/ML integration in security workflows. Knowledge of cybersecurity technologies, including SIEM, EDR, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions. Hands-on experience with process improvement methodologies (e. g. , Lean, Six Sigma, ITIL) applied to security operations. Strong communication and leadership skills, with the ability to influence across different teams and business units. Excellent problem-solving and critical-thinking abilities with a focus on practical solutions to complex security challenges. Industry certifications such as CISSP, CISM, or any automation/security-related certifications are highly desirable. Preferred: Experience with CyberSecurity automation and integration in public cloud environments (AWS, Azure, GCP). Knowledge of SOC Operations principles and integration of security automation with control stack Understanding of regulatory frameworks (e. g. , GDPR, HIPAA, PCI-DSS) and the ability to implement automated compliance solutions. Familiarity with scripting languages (Python, PowerShell, Bash) to support automation development.

If you re looking for a career where you can make a real impression, join HSBC and discover how valued you ll be. We are currently seeking an experienced professional to join our team in the role of Head of Identity Management Governance and Administration. Role Purpose: As Head of Identity Management Governance and Administration you will provide strategic direction and leadership for our Identity and access management business user access program with an in-depth knowledge of Identity and Access Management technologies, processes and best practices. Responsible for the strategic roadmap related to Joiner, Mover, Leaver, Recertification and Segregation of duties related controls. This is predominantly a global leadership role and the role holder will have responsibility for a diverse team of Control specialists and Engineering specialists along with SME resources to support interaction with partners and driving execution of the strategy. Key Accountabilities: Develop and implement policies, procedures and best practices for the Joiner, Mover, Leaver, Recertification and Segregation of duties controls. Evaluate, select and implement Identity and Access Management technologies to meet business requirements and security standards covering the key business user access controls listed above. Lead the design, implementation and execution of associated Identity and Access Management projects, including access control, identity proofing, and business user access. Lead the management of the day-to-day operations of the systems, ensuring they are running efficiently, effectively and securely. Focus on service availability as a key priority reducing potential downtime/incidents of key Identity and Access Management services owned. Extensively work with business functions to review and consolidate any federated IAM solutions and onboard them to the global Identity and Access Management solutions in a risk prioritized approach. Proactive engagement with business functions to review and agree on remediation plans and facilitate locking in of any funding requirements as part of the annual budget cycle that can then be tracked and reported on. Ensure compliance with regulations such as GDPR, FISMA, PCI, HIPAA, SOX etc. Develop and maintain strong relationships with business stakeholders, technology teams and vendors. Provide regular reporting and performance metrics to senior management on end to end effectiveness of all controls related to business user access. Develop and lead a high-performance team of security professionals, providing coaching and mentoring to enhance their skills. Lead the collaboration with other IT and Business functions including Technology Architecture and Global Cloud Services on behalf of Identity and Access Management. Impact on Business: Ensure business user access is aligned to current risk appetite and emerging business needs are represented and maintained Own the communication and visibility of business user access and its value to business stakeholders at a Global Business / Global Function and regional/entity level. Customers / Stakeholders: Ensure the Identity and Access Management strategy aligns with industry trends, regulatory requirements and market expectations to ensure it allows our colleagues to serve their customers in an effective, reliable and safe way. Report directly to the Global Head of Identity Access Management and act as the senior representative in discussions with 1st, 2nd and 3rd lines of defense (internal) and regulator/3rd parties (external) on all matters relating to Business user access strategy, risk reduction, control improvements and efficiency gains as outcomes from the strategy Requirements Bachelors degree (Masters preferred) in Computer Science, Information Systems, or related field. CISSP or CISM certification preferred. 18+ years of relevant experience in technology management, with a focus on IAM and business user access At least five years experience in senior leadership role with a track record of success in leading IT teams in Cyber and Identity Access Management In-depth knowledge of IAM technologies, including access control, identity proofing, and business user access controls such as Joiners, Movers, Leavers, Recertification of access and Segregation of duties. Experience in driving IAM strategy and Sailpoint implementation Should have managed large scale global IAM projects, including design, implementation and execution. Sound understanding of regulatory requirements and standards such as GDPR, FISMA, PCI, HIPAA, SOX etc. Strong leadership skills, with the ability to inspire and motivate a team to achieve goals. Excellent communication skills, both verbal and written, with the ability to articulate complex technical concepts to non-technical stakeholders. Strong problem-solving skills, with the ability to identify root causes and develop solutions. Experience managing budgets and personnel

Division : ITIS Department : ITEA Job Location : MSIL Gurgaon Job Title : Security Architect Job Role : Leading the Security domain in Enterprise Architecture Practice at Maruti Suzuki Reporting To : Enterprise Architect Level in the organization : DM/MGR Educational Qualification Graduation (With Specialization) : B. Tech. Computer Science/ Information Technology/ Electronics Any Other (Certification / Diploma etc.) : CEH/ CISSP/ CISM/CCSP/Microsoft Cybersecurity Architect Work Experience : 5 to 10 years Job Responsibilities a)Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data b)Document and address organizations information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. c)Employ secure configuration management processes d)Ensure that acquired or developed system(s) and architecture(s) are consistent with organizations cybersecurity architecture guidelines. e)Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. f)Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. g)Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents. h)Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately. i) Responsible for end to end security pertaining to application, data, technology, network and infrastructure j) In-depth understanding of recognized security frameworks such as NIST, ISO 27001/27002, ITIL, and COBIT Competencies / Skills >5+ years of experience in Security Architecture, Design Implementation >Good understanding of Network and Information Security Technologies. >Excellent vendor management skills. >Networking and influencing skills. >Excellent Communication and presentation skills >Excellent personal and time management skills >Knowledge about Information Security Audits and processes >Team Player >ITIL, TOGAF process knowledge/certification is preferred

Title Security Platform Engineering Manager /Associate Director Main Attributes Proven experience in leading and managing technical teams with a focus on cybersecurity platforms. Strong structured thinking and ability to manage multiple technologies efficiently while ensuring scalability and robustness. Ability to collaborate across diverse teams and disciplines while fostering innovation. Excellent communication and presentation skills, with the ability to convey complex security concepts to various stakeholders. Proactive problem solver with a first time right mindset, driving efficiency and accuracy in implementation. Demonstrated ability to lead cross-functional security platform teams with diverse skill sets and backgrounds. Lead to define structure in unstructured environment What Youll Be Doing As the Security Platform Engineering Manager, you will lead a team of security platform engineers, driving best-in-class engineering practices and ensuring operational excellence. Your role involves fostering a first-time-right and automation-first mindset, defining optimal engineering methodologies, and promoting Agile adoption within the team. You will establish robust testing and design frameworks, ensuring the resilience and efficiency of security solutions. Key Responsibilities Lead, mentor, and empower a team of security engineers, serving as the key escalation point for technical challenges. Provide strategic direction for the security platform team, supporting security technologies, tools, and solutions. Establish, implement, and refine engineering best practices to enhance productivity and security effectiveness. Participate in security platform meetings, ensuring alignment with cybersecurity objectives. Perform PM (performance management) checkin for sec platform engineers as per company policy , gather and document feedback related to individuals performance Collaborating with service leads to define and monitor KPIs for security platform technologies, ensuring measurable improvements. Work closely with tech leads to solve critical and complex security challenges. Oversee the creation of insightful dashboards for leadership and operations, enabling data-driven decision-making. Coordinate with teams such as threat/vulnerability management, incident response, and application security for new technology implementations and escalation management. Continuously identify and drive automation initiatives to improve operational efficiency and security response effectiveness. Collaborate to optimize security and performance metrics, ensuring visibility and continuous improvement. Strategically manage the teams project backlog, prioritizing initiatives based on business impact, risk assessments, and available resources. Collaborate with security platform operations teams to identify opportunities for streamlining processes. Partner with service leads to define an operating model for verticals and horizontal pillars of security platform services. Leadership Responsibilities Serve as the senior security leader for the Bengaluru Security Platform Engineering team, driving strategic initiatives and operational excellence. Build, mentor, and lead high-performing security platform engineering teams. Champion compliance with industry security standards, regulatory requirements, and organizational policies. What You Should Bring Bachelors degree in Computer Science, Cybersecurity, Information Technology, or a related field. Minimum of 15 years of experience in information security, with expertise in platform Engineering Proven ability to build and manage teams of technical professionals, including hiring, coaching, and performance management. Demonstrated experience coaching and mentoring highly skilled technical individual contributors Strong organizational skills with the ability to manage multiple priorities. Experience in a global, multi-cultural environment, collaborating with teams across different regions and time zones. Deep hands-on expertise with cybersecurity tools, technologies, and security frameworks. Strong leadership skills with a proven ability to cultivate a collaborative and inclusive work environment. Excellent communication skills, with the ability to explain technical security concepts to non-technical stakeholders. Strong stakeholder management abilities for cross-functional collaboration. Relevant certifications such as CISSP, CISM, or GIAC are a plus. . .

Title Security Platform Operations Manager Main Attributes Experience in managing the new technical operations team Bias for Action and Customer First Approach Ability to collaborate across diverse teams and disciplines Excellent communication and presentation skills Proactive thinker , attention to details , data analysis and continuous improvement Demonstrated ability to lead operation teams with diverse backgrounds and skillsets What Youll Be Doing As the SecOps Manager, you will be responsible for leading a team of SecOps members and establishing SecOps team from Z-3 (India, Bangalore) . You will oversee the team responsible for the Service Health monitoring, and maintenance of information security platforms and tools, You will also be responsible for working on tickets related to Security platforms tools and will ensure that the team s work aligns with organizational security objectives. Key Responsibilities Lead and mentor a team of Information Security Platform Operation team members and serve as the supervisor escalation point for Secops team members . Provide technical leadership and direction for the security platform operation team supporting our security platforms, tools, and solutions. Perform the PM (Performance management ) for Secops team members as per company policy , gather and document the feedback related to performance Serve as a member of the Cybersecurity Security platform; attending Security platform Meetings and other meetings where Sec platform lead Team participation is required. Collaborate with Service leads to define KPIs for various Security platform technologies. Work closely with tech leads to solve the critical and complex issues Collaborate closely with other security teams like threat/vuln management, incident response, app security in case of escalation on operations . Identify opportunities to enhance automation and operational efficiency. Assist Service Owners and engineers in tracking security and performance metrics and KPIs, providing regular reporting to security leadership. Manage and prioritize the teams project/work backlog based on business priorities, risk assessments, and resource capacity. Collaborate to define global Security operation team operating from different geographies Establish processes for Security platform Operations Leadership Responsibilities Act as the mid to senior security leader for the Bangaluru, reporting to Cyber Security Site lead Build, mentor and lead a high-performing, security Platform operation teams Ensure compliance with information security policies, standards and regulatory requirements. What You Should Bring Bachelors degree in Computer Science, Cybersecurity, Information Technology, or a related field. Minimum of 8 years of experience in information security, with a focus on platform management and operations support. Proven experience building and managing teams of technical professionals, including hiring, coaching, and performance management. Proven Experience in coaching and mentoring new talent (0-4 years) Strong organization skills with the ability to manage multiple priorities simultaneously. Experience working in a global, multi-cultural environment, with the ability to effectively collaborate with teams across different regions and time zones. Hands on experience in working on Cyber security tools and technologies Leadership skills with the ability to create a collaborative, inclusive environment. Excellent communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. Strong stakeholder management skills for building partnerships across departments. Relevant certifications such as CISSP, CISM, or GIAC are a plus 1. . .