752 Cism Jobs - Page 4

We are seeking a technically strong IT person to oversee IT operations, infrastructure, software development, and cybersecurity practices in alignment with ISO/IEC 27001:2022.

1 Role title: Cyber Security Architect Grade Required Qualifications Advanced degree in Computer Science 5+ years of cyber security engineering experience Any of the following: CISSP, CISM, CEH along with Azure, GCP or AWS certifications Experience with security tools and technologies (e.g., firewalls, IPS, Email Security, SOAR, Threat Intel, SIEM, DLP, EDR, encryption, etc.). Experience in global manufacturing, pharma, and/or a life sciences company Summary of Role Duration Key responsibilities Required skills The Security Architect role is a pivotal position within the Cyber Security Office, reporting directly to the Security Architecture Lead. This role offers an exciting opportunity to collaborate with cross-functional teams from IT, Cyber Security, and Business Units to architect and design robust security solutions that effectively protect organisation's enterprise networks from evolving cyber threats. As an individual contributor, you will focus on strategic design and innovation, ensuring that our security strategies align with industry standards and best practices such as TOGAF, SABSA, Purdue, and NIST frameworks. This role is designed for individuals who are passionate about cybersecurity, possess strong expertise in security, and are eager to make a significant impact on organisation's security posture Drive the strategic design and implementation of innovative security solutions and controls Stay at the forefront of industry standards, regulations, and best practices related to IT and OT security, ensuring continuous improvement Generate comprehensive documentation, certification, and testing protocols for the deployment of new security solutions Continuously monitor and analyze current cybersecurity threats, trends, and emerging technologies to inform strategic security initiatives Work closely with engineering and architecture teams to ensure security requirements are integrated into all phases of the system development lifecycle Define and implement advanced security configurations, policies, and procedures for IT and OT assets and systems Effectively communicate with stakeholders at all levels, translating complex technical concepts into actionable security strategies Support the development and implementation of security architectures across various domains, including data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, and platform security Conduct security assessments and gap analyses to identify and mitigate security risks Provide technical guidance and mentorship to security engineers and other team members Perform assessments of capabilities and tools to ensure alignment with GSK business and security needs Assist with product Proof of Concept (POC) evaluations to validate security solutions Create and execute test plans to rigorously evaluate security controls and document results to provide unbiased outcomes that demonstrate alignment with GSK business and security needs in a seamless manner Proven experience in developing security strategies and reference architectures Familiarity with TOGAF, SABSA, or Purdue Enterprise Reference Architecture Experience in designing and deploying network security controls and solutions Extensive knowledge of security technologies, including encryption, authentication, authorization, security protocols, data and privacy, AI/ML, and application development Strong communication and interpersonal skills, ability to effectively manage stakeholders Proficiency in writing, developing, and maintaining technical documentation, including security standards, strategies, and implementation plans Ability to prioritize and filter actions to focus on those with significant impact on the program Capability to work with multiple stakeholders to promote practical solutions to complex security problems Excellent problem-solving and analytical skills, with the ability to work under pressure Hands-on experience in at least three of the following security domains: data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, or platform security Experience with threat modeling and risk assessment methodologies Experience in security automation and orchestration Knowledge of AI and machine learning security considerations Understanding of regulatory requirements/industry standards (e.g., GDPR, HIPAA, PCI)

We are seeking a highly skilled Cybersecurity Officer with a strong background in information security, cyber risk management, and technical infrastructure protection.As a global provider of financial and data clearing applications for mobile network operators, we understand the critical importance of robust cybersecurity measures.This role is specifically focused on the digital security of enterprise systems, cloud infrastructure, application environments, and customer data. Nextgen Clearing is the market leading provider of global roaming services. We operate internationally across 20 global locations, employing over 300 talented people. We offer Award-winning Data and Financial Clearing services, along with unique value-added features on a single flexible online platform. Nextgen Clearing serves more than 160 operators worldwide, giving them a 24/7 holistic overview of their full roaming business Key Responsibilities: Define and implement security policies and controls to protect the company's digital assets and ensure regulatory compliance. Continuously monitor the company's security posture and quickly respond to security incidents. Develop security strategies and plans for preventing and responding to security breaches. Provide expert guidance and support to software teams on implementing secure development practices, security requirements, and conducting security testing. Foster secure application deployment and configuration, ensuring the protection of data integrity and confidentiality. Conduct regular training and awareness sessions for the company's staff to promote security best practices. Assist in the response to security incidents, including the management of communications and recovery efforts. Work collaboratively with customer service teams to safeguard customer data, enhance data privacy, and ensure secure customer interactions. Contribute to the company's efforts to prevent fraud and manage security incident communications to maintain trust with customers. Stay up-to-date on the latest cybersecurity trends, threats, and security technologies to continuously improve the organization's security stance. Collaborate with IT and other departments to establish a security-focused culture across the company. Develop and maintain documentation related to security policies, procedures, and incident response plans. Stay up to date on emerging cybersecurity threats and vulnerabilities and proactively recommend and implement countermeasures to mitigate risks. Foster security awareness and monitor security policy implementation Requirements Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or cybersecurity certifications (e.g., CISSP, CISM, CEH, TOGAF) are a plus. A minimum of 5 years of experience in information security or cybersecurity. Strong understanding of information security principles, best practices, and industry standards. Experience with implementing and managing security protocols, cybersecurity tools, and technologies. Familiarity with compliance requirements and standards such as ISO 27001, GDPR, and PCI DSS. Ability to identify security vulnerabilities and risks, as well as implement preventive and corrective measures. Knowledge of secure software development life cycle (SDLC) practices. Excellent problem-solving skills and the ability to work in a fast-paced, high-pressure environment. Strong communication and interpersonal skills to collaborate with diverse teams and educate non-technical stakeholders on security-related matters. Incident response and crisis management experience. Working Conditions: The role may require availability outside of standard business hours to respond to security incidents and maintain critical security measures. Benefits A supportive, dynamic, and collaborative work environment. Exceptional opportunities for professional and career advancement. Engagement with the leading provider of roaming services, catering to global Mobile Network Operators as clients. For more information, please visit www.nextgenclearing.com. Private Health Insurance Training & Development

Were looking for a Security Professional to join our growing team in Experian You will work with product teams to enhance the capabilities of our existing cloud platform, which powers our consumer products. Youll understand main parts of the platform architecture and propose, design, and promote improvements. A pragmatic approach and strong collaboration skills are important to achieving great outcomes.You will be reporting to a Senior Manager. Youll work for Hybrid (2 days WFO) from Hyderabad. What Were Looking For 5+ years of experience in Cloud Architecture and Security best practices , within AWS Hands-on experience with Microservices Architecture and Kubernetes Proficiency with Infrastructure as Code and DevOps tools such as Terraform, Git, Jenkins, Sonar, etc. Write high-quality code in Python or Java Solid experience in Public Key Infrastructure (PKI) design, cryptographic key management, and certificate management systems Experience with Privileged Access Management design, implementation, and support A hands-on, collaborative approach to embedding Security-First thinking into requirements and design Good to have: Experience participating in security audits such as SOC 2 or ISO 27001 Professional security certifications like CISSP , CISM , or AWS Cloud certifications Understanding of threats in the Financial Services sector and how to reduce them Experience developing internal security standards and policies for engineering teams Background working in large organizations across multiple teams or regions About Experian Experience and Skills AWS Cloud Architecture Terraform Python Programming Kubernetes Shift-left techniques Cryptographic Key Management Benefits Experian care for employees work life balance, health, safety and wellbeing. In support of this endeavor, we offer best-in-class family well-being benefits, enhanced medical benefits and paid time off. #LI-Onsite Find out what its like to work for Experian by clicking here

Compliance Lead Job | GRC & Audit Expert Grazitti By continuing to use our website, you consent to the use of cookies. Please refer our Join Our Clan Description Job Description We re hiring a skilled Compliance Lead to join our Information Security Group (ISG) at Grazitti Interactive. In this high-impact role, you ll spearhead Governance, Risk, and Compliance (GRC) initiatives, drive external audit processes, develop compliance frameworks, and ensure organizational alignment with key regulatory standards. If you have a solid background in risk management, policy development, and IT audit readiness with a deep understanding of frameworks like ISO27001, COBIT, and NIST this is your opportunity to lead and create tangible impact. Skills Key Skills 8+ years in GRC, compliance, or IT risk management. Bachelor s degree in a relevant field; CISA, CISSP, or CISM preferred. Hands-on experience with ISO27001/2, ISO31000, NIST, COBIT, COSO, ITIL. Knowledge of GDPR, HIPAA, CCPA, ITGC, and SOX compliance. Strong understanding of internal controls and security policies. Experience in external/internal audits and incident response planning. Excellent communication and stakeholder management skills. Process-oriented with strong documentation and analytical capabilities. Responsibilities Roles and Responsibilities Design and execute enterprise-wide GRC strategies. Ensure compliance with GDPR, HIPAA, ISO, and other global standards. Lead documentation efforts for SOX controls and ITGCs. Collaborate with legal teams to interpret regulations. Act as the primary contact for external auditors. Lead planning, documentation, and closure of compliance audits. Conduct in-depth risk assessments and advise mitigation strategies. Maintain up-to-date risk registers and track remediation actions. Draft and implement information security policies. Establish and enforce internal controls for IT and SaaS environments. Apply COSO, COBIT, and ITIL best practices for governance. Review control effectiveness through regular audits. Design incident response plans and lead resolution efforts. Build awareness programs and train teams on compliance best practices. Drive a culture of compliance and operational integrity. Communicate risk and compliance posture to executive leadership. Document and maintain audit trails for transparency. Position: Compliance Lead Thank you for submitting your application. We will contact you shortly! Stay updated with us Life at Grazitti Share Your Profile We are always looking for the best talent to join our team * Skills Upload Your CV Thank you for sharing your profile with us. If it aligns with our requirements, we will reach out to you for the next steps in the process. Marketo Forms 2 Cross Domain request proxy frame This page is used by Marketo Forms 2 to proxy cross domain AJAX requests.

Visa is seeking a Controls Monitoring & Testing Analyst within its Technology Risk Management program to review and assess Cybersecurity and Technology risks. The candidate will perform Risk Assessments, Design Effectiveness Assessments, and Operational Effectiveness Testing for key technology threat vectors such as security configuration management, firewall configuration, application, user access management, and availability & reliability. Responsibilities include managing stakeholder engagement plans, participating in process walkthroughs, tracking/reporting deliverables, and producing high-quality work papers for all lines of defense and risk stakeholders. Additionally, the candidate will interpret data from source systems to perform statistical sampling and aggregate assessment across various risk management levers, collaborate with technology partners, and distill information into management and executive-level reporting. Key Responsibilities: Technology & Cybersecurity Controls Testing: Perform independent technology and cybersecurity controls testing. Document testing results in detailed workpapers. Prepare management reports based on testing outcomes. Communicate findings with stakeholders. Automation for Continuous Monitoring: Develop automation for continuous controls monitoring/auditing for technology and cybersecurity. Monitor the results of automated controls, perform investigation and follow-ups as needed. Risk & Control Self-Assessment (RCSA): Execute RCSA Risk Business Partner (RBP) controls quality review and sample-based testing. Conduct Key Risk Indicator (KRI) testing. Training, Metrics Alignment & Reporting: Develop and track risk management training. Align metrics with reporting dashboards. Develop reporting and stakeholder communication. Basic Qualifications -3 years of relevant work experience and a Bachelors degree Preferred Qualification -Bachelor s degree with 5 years of work experience in cyber, risk controls, or equivalent. -Experience with technology

Ankura is a team of excellence founded on innovation and growth. Work on client engagements and communicate with client stakeholders Provide strategic guidance to clients on cybersecurity risk management. Enhance clients cybersecurity frameworks through expert consultation. Illustrative list of desired skill set Conduct audits to ensure compliance with cybersecurity standards and regulations. Facilitate tabletop exercises to improve incident response strategies. Perform Vulnerability Assessment and Penetration Testing (VAPT) to identify security vulnerabilities. Develop and implement cybersecurity policies and procedures. Advise clients on risk management and mitigation strategies. Conduct workshops and training sessions on cybersecurity best practices. Collaborate with teams to integrate cybersecurity measures into business processes. Analyze security infrastructure and recommend improvements. Maintain awareness of emerging threats and cybersecurity trends to advise clients effectively. Engage with stakeholders to understand their cybersecurity needs and challenges. Utilize cybersecurity tools and technologies to support consulting activities. Prepare comprehensive reports and presentations on security assessments. Ability to analyze data, prepare report and present findings coherently. Coordinating research & development on new threats, monitoring dark web and working closely with team members. Minimum 5 to 6 years of experience in cyber risk consulting and proactive cybersecurity services. Experience with cloud platforms (AWS, Azure, GCP) and understanding of cloud security frameworks. Strong understanding of network protocols, encryption technologies, and endpoint security solutions. Understanding of operating systems, e.g., Windows, Mac, Linux, iOS, and Android Ability to synthesize large volumes of information. Flexible team player, with strong interpersonal skills. Ability to multitask on various projects. Bachelors or Masters degree in Information Technology, Cyber Security, or a related field. Scripting will be a plus point to the team - Python, C, Bash, Shell, etc. Preferred Certifications: CISSP, CISM, CEH, ISO 27001 Lead Auditor. Self-starter requiring minimal direction Excellent communication skills, should be experience adapting communication style to suit different stakeholders like cross-functional teams, India and overseas Project Management, Operations or Process Improvement Experience Excellent problem-solving skills #LI-JK1 Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We need skilled Ping Identity Engineer with strong experience implementing and supporting customer identity and access management (CIAM) solutions using the Ping Identity suite, including PingOne, Ping DaVinci, and PingFederate. You will design, deploy, and maintain modern CIAM capabilities, working closely with business stakeholders, developers, and security teams to deliver secure and seamless customer authentication experiences. Roles & Responsibilities:-Develop customer authentication and authorization workflows-Integrate with third-party identity providers, directories, and social logins-Configure PingOne platform (PingOne MFA, PingOne Risk, PingOne DaVinci orchestration)-Set up policies for adaptive authentication, step-up authentication, and user journeys-Implement PingFederate for SSO and federation use cases-Support provisioning and lifecycle management via PingOne-Ping DaVinci:Design and build drag-and-drop workflows for identity verification, fraud detection, and progressive profiling-Integrate DaVinci flows with APIs, third-party tools, and identity proofing services Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Knowledge of security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and compliance requirements. Additional Information:- The candidate should have minimum 5 years of experience in Ping Identity.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

As a Security Delivery Associate Manager at Accenture, you will be part of the Technology for Operations team, serving as a trusted advisor and partner to Accenture Operations. Your role will involve providing innovative and secure technologies to assist clients in building an intelligent operating model that drives exceptional results. Collaborating closely with the sales, offering, and delivery teams, you will identify and develop innovative solutions to meet client needs. Your responsibilities will include establishing and maintaining a security governance framework, supporting management structures and processes to ensure information security strategies align with business objectives and comply with relevant laws and regulations. By adhering to policies and internal controls, assigning responsibilities, defining metrics, and reporting, you will help manage risk and compliance requirements effectively. We are seeking a candidate with a commitment to quality, experience in research and development, strong negotiation skills, effective problem-solving abilities, and proficiency in risk management. The ideal candidate will possess in-depth knowledge in application security, hands-on experience in SAST, DAST, and penetration testing, as well as familiarity with DevSecOps and Software Composition Analysis. Additionally, expertise in scripting using Python, database knowledge, networking skills, and certifications such as CISSP, CCSP, CISM, CEH, and ECSA would be advantageous. In this role, you will analyze and resolve moderately complex problems, create new solutions by adapting existing methods and procedures, and align your work with the strategic direction set by senior management. Your primary interactions will be with your direct supervisor or team leads, as well as peers and management levels within Accenture and client organizations. You should be able to work independently on new assignments with minimal guidance, making decisions that impact your team and occasionally other teams. If in a leadership role, you may manage medium-sized teams or work efforts at a client or within Accenture. Please be aware that this position may involve working in rotational shifts.,

If you're seeking a career that will empower you to distinguish yourself, consider joining HSBC to unlock your full potential. Whether you aspire to ascend to the pinnacle of success or embark on a thrilling new path, HSBC offers a platform replete with opportunities, support, and rewards that will propel you towards greater heights. HSBC stands as one of the world's largest banking and financial services organizations, operating in 64 countries and territories globally. Our mission is to position ourselves where growth thrives, empowering businesses to flourish, economies to prosper, and individuals to achieve their aspirations and dreams. Currently, we are in search of a seasoned professional to become part of our team in the capacity of DBS Senior Control Tester. In this pivotal role, your responsibilities will include: - Conducting meticulous preparation, steering, and engaging in the execution of a diverse array of Technology control testing activities - Ensuring prompt delivery of control testing with a commitment to transparency and accuracy in the fulfillment of testing objectives - Exercising sound judgment in identifying and disclosing control testing findings by pinpointing key risks and issues - Infusing quality into control testing deliverables and upholding compliance with the CCO Control Testing Methodology - Offering expertise and counsel on control testing throughout CCO, while applying critical judgment and decision-making skills in the identification and disclosure of control testing findings by highlighting key risks and issues - Nurturing relationships with key stakeholders, staying abreast of significant business, regulatory, and industry developments, as well as any modifications to procedures and practices - Assisting in the preparation of testing reports to update key stakeholders on the testing outcomes and review work - Monitoring and pursuing actions identified as a result of testing and review work, escalating when necessary - Adhering to and demonstrating compliance with all pertinent internal and external rules, regulations, and procedures that govern the business operations in which the jobholder is engaged, particularly Internal Controls and any associated policies and procedures Requirements: To excel in this role, candidates should meet the following criteria: - At least 3-5 years of pertinent experience in IT controls testing within the Financial Service industry or process assessment experience - Proficiency in ITGC, SOX, NON-SOX, Internal Control, Automated Control Testing (BACs) - Preferred qualifications include IT Risk certifications (CRISC, CISM, CISA, CISSP, or equivalent) - Demonstrated expertise in Technology control testing, risk management, internal control, or internal audit, preferably within a financial/banking services operations environment - Proven ability as a self-starter and effective collaborator Your journey to success is amplified when you become a part of HSBC. HSBC is dedicated to nurturing a culture where each employee is esteemed, respected, and their opinions hold significance. We pride ourselves on providing a workplace that fosters continuous professional growth, flexible work arrangements, and avenues for advancement within an inclusive and diverse setting. Personal data shared with the Bank regarding employment applications will be handled in accordance with our Privacy Statement, accessible on our website. Issued by HSBC Software Development India,

>> Job DesCRIPTION Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Deliver complex Infrastructure programmes with multiple business and technical risks that will impact the success of key business priorities Create and track a plan to deliver programme goals, including the technical implementation plan, ensuring colleagues and stakeholders are kept up-to-date Manage risks and Issues on the programme demonstrating tactics to resolve or mitigate Understand trade-offs in hardware and infrastructure delivery using experience and influencing skills to drive consensus with the Engineering and Product teams to obtain the best value and deliver brilliant technical solutions Able to foresee potential risks and issues, establish a process, facilitate discussion and manage escalations Able to understand a technical architecture to be able to foresee the impact on dependencies, delivery timelines and implementation plans Have good knowledge of engineering best practices and practical infrastructure implementations to appreciate delivery challenges Collaborate with the Product and Engineering teams to define annual budgetary requirements Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 5+ years of hands-on experience in Project/Program Management. Understand the key principles of ITSM and How this drive effective change into BAU Have experience of building credible relationships and influencing senior management Strong Project, Stakeholder & Programme management skills Good reporting skills for programs and financial forecasting Adept communication & influencing skills and adoptability to changes - Expert delivery experience with the following tools: - Jira - Confluence - Miro - Microsoft Project - MS Excel Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Strong communication and stakeholder & conflict management skills. Strong analytical and problem-solving skills, with the ability to think critically and strategically. >> SELECTION PROCESS Candidates should expect 2-3 rounds of personal or telephonic interviews to assess fitment and communication skills. >> CRITERIA Education 60% above throughout academics One 3 years (at least) regular course is must either Diploma or Graduation Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent Minimum 3 years of hands-on experience in conducting cyber risk assessments. Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA / PCI DSS (At least one) CCNA / CCNP or equivalent (optional) Relevant certifications in OT security (GICSP, ISA/IEC-62443 or equivalent)

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Were looking for a Security Professional to join our growing team in Experian You will work with product teams to enhance the capabilities of our existing cloud platform, which powers our consumer products. Youll understand main parts of the platform architecture and propose, design, and promote improvements. A pragmatic approach and strong collaboration skills are important to achieving great outcomes.You will be reporting to a Senior Manager. Youll work for Hybrid (2 days WFO) from Hyderabad. What Were Looking For 5+ years of experience in Cloud Architecture and Security best practices , within AWS Hands-on experience with Microservices Architecture and Kubernetes Proficiency with Infrastructure as Code and DevOps tools such as Terraform, Git, Jenkins, Sonar, etc. Write high-quality code in Python or Java Solid experience in Public Key Infrastructure (PKI) design, cryptographic key management, and certificate management systems Experience with Privileged Access Management design, implementation, and support A hands-on, collaborative approach to embedding Security-First thinking into requirements and design Good to have: Experience participating in security audits such as SOC 2 or ISO 27001 Professional security certifications like CISSP , CISM , or AWS Cloud certifications Understanding of threats in the Financial Services sector and how to reduce them Experience developing internal security standards and policies for engineering teams Background working in large organizations across multiple teams or regions About Experian Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money. We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Experience and Skills AWS Cloud Architecture Terraform Python Programming Kubernetes Shift-left techniques Cryptographic Key Management Additional Information Our uniqueness is that we truly celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what truly matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experians strong people first approach is award winning; Great Place To Work in 24 countries, FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is a critical part of Experians DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, color, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Experian Careers - Creating a better tomorrow together Benefits Experian care for employees work life balance, health, safety and wellbeing. In support of this endeavor, we offer best-in-class family well-being benefits, enhanced medical benefits and paid time off. #LI-Onsite Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Looking for an experienced Senior CyberArk Cloud Engineer to lead the design, implementation, and support of our privileged access management (PAM) program leveraging CyberArk Privilege Cloud. The ideal candidate will have a deep understanding of privileged access controls in cloud and hybrid environments, hands-on CyberArk experience, and the ability to drive security best practices across the organization. Roles & Responsibilities:-Define secure vaulting, session isolation, credential rotation, and privileged task automation-Develop architecture diagrams and documentation for hybrid and multi-cloud PAM solutions-Integrate CyberArk Privilege Cloud with cloud platforms (AWS, Azure, GCP) and on-prem systems-Lead CyberArk Privilege Cloud onboarding and migration initiatives-Configure privileged account onboarding, safe structures, access controls, and policies-Set up session recording, monitoring, and auditing-Integrate with directories (AD/Azure AD) and identity providers (SSO)-Act as senior escalation point for CyberArk issues-Support upgrades, patching, and ongoing maintenance of the CyberArk SaaS environment-Monitor vault performance, logs, and incident trends-Perform troubleshooting and root cause analysis of PAM issues Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with compliance standards such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Saviynt Identity Platform Good to have skills : Identity Access Management (IAM)Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with various teams to ensure that security measures are effectively integrated into the overall system architecture. You will engage in discussions to identify potential security risks and work towards implementing solutions that enhance the security posture of the organization. Your role will also include reviewing and refining security processes to ensure they align with best practices and compliance standards, while continuously seeking opportunities for improvement in security operations. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform.- Good To Have Skills: Experience with Identity Access Management (IAM).- Strong understanding of security frameworks and compliance standards.- Experience in designing and implementing security solutions.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 5 years of experience in Saviynt Identity Platform.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Saviynt Identity Platform Good to have skills : Identity Access Management (IAM)Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities. You will engage in strategic planning, oversee project timelines, and ensure that all deliverables meet the required standards. Your role will also include mentoring team members and fostering a collaborative environment to drive project success. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate knowledge sharing sessions to enhance team capabilities.- Monitor project progress and implement corrective actions as necessary. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform.- Good To Have Skills: Experience with Identity Access Management (IAM).- Strong understanding of security frameworks and compliance standards.- Experience in project management methodologies and tools.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 7.5 years of experience in Saviynt Identity Platform.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Identity Management Good to have skills : Test Data Management ImplementationMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in strategic discussions to align security initiatives with organizational objectives, providing guidance and expertise to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate workshops and training sessions to enhance team understanding of security protocols.- Continuously evaluate and improve security processes and frameworks to adapt to evolving threats. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Identity Management.- Good To Have Skills: Experience with Test Data Management Implementation.- Strong understanding of cloud security principles and practices.- Experience in designing and implementing security architectures.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 15 years of experience in ForgeRock Identity Management.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Evaluate and recommend new security technologies and practices to improve the cloud security framework. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance requirements related to cloud security.- Ability to assess and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 10 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary The ideal candidate will lead a team responsible for continuously monitoring, assessing, and improving the security posture of the organization's multi-cloud environments. This role will oversee the detection and remediation of misconfigurations, enforce security and compliance policies, and ensure that all cloud deployments align with organizational and regulatory standards.Roles and ResponsibilitiesContinuously monitor and assess cloud assets and resources across Azure, AWS, and Ali Cloud for misconfigurations and non-standard deployments using Divy Cloud and similar toolsManage and enforce mandatory security policies for new and existing cloud servicesMonitor and maintain cloud compliance policies in alignment with security and regulatory requirementsAnalyze, prioritize, and manage alerts and incidents related to cloud workloads identified by CSPM platformsOversee the end-to-end operations and escalation process for cloud security alerts and incidentsGenerate and deliver executive and detailed reports on vulnerabilities, compliance issues, and cloud security statusManage Role-Based Access Control (RBAC) policies; maintain cloud roles and entitlementsManage and maintain cloud network security policies, ensuring consistent enforcement across environmentsProvide remediation guidance and best practice recommendations to DevOps and software development teams to address identified issuesRegularly produce and distribute cloud security posture reports as per agreed timelines Professional & Technical SkillsStrong knowledge of cloud security frameworks, standards, and best practicesProven experience in using CSPM tools (Divy Cloud, Tripwire) for continuous monitoring and complianceExpertise in managing cloud security policies, RBAC, and network security controlsAbility to analyze security alerts, manage incidents, and guide remediation activitiesExcellent stakeholder management and communication skills to interface with technical and non-technical audiencesStrong analytical and problem-solving skills, with an ability to work in a fast-paced and evolving environment.Primary SkillCloud Security Posture Management (CSPM)Experience12+ years in cybersecurity operations, including 8+ years leading a security-related projectAbility to work across teams and manage deliverables in matrix environmentsA strategic yet practical approach to solving security and governance challengesAbility to stay current on emerging threats, technologies, and best practices Educational QualificationBachelors degree in computer science, Information Security, or related field.Industry certifications are strongly preferred:CCSP / CISM or other relevant cloud and security certifications.Vendor certifications such as, AWS/Azure Security Specialty, Tripwire vulnerability management or training such as InsightCloudSec documentation and labs etc. Professional & Technical Skills: CSPM (Cloud Security Posture Management):Continuous assessment of cloud assets for misconfigurations and non-standard deployments using Divvy Cloud; policy enforcement across Azure, AWS, and Ali Cloud.Cloud Compliance & Reporting:Monitoring and analysis of cloud compliance alerts; generation of executive and operational reports on vulnerabilities and policy violations.Cloud Identity & Network Security:RBAC policy management, cloud role entitlement governance, and enforcement of network security baselines across multi-cloud environments.Incident & Alert Management:Prioritization, triage, and escalation of cloud workload incidents; end-to-end operations support and remediation guidance for DevOps teams.Tools & Platforms:Divy Cloud, Tripwire, Azure, AWS, Ali Cloud.Must-Have Skills: Expertise in Azure, AWS, and Ali Cloud environmentsStrong experience with Tripwire and Divy Cloud (or similar CSPM tools)Deep understanding of Cloud Security Posture Management (CSPM), misconfiguration detection, and policy enforcementStrong understanding of ITIL-based Incidents, Problem, and Change management processes.Good-to-Have Skills: Experience with containers and Kubernetes securityFamiliarity with Infrastructure as Code (IaC) securityFamiliarity with ITSM tools like Service Now Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary We are seeking a highly experienced and technically proficient Cloud Security Specialist to lead and advise on the implementation, optimization, and governance of cloud security solutions across Microsoft CASB and CSPM platforms. The ideal candidate will bring deep expertise in cloud security architecture, policy management, and incident response across AWS, Azure, and GCP environments. This role is critical in ensuring the organizations cloud infrastructure remains secure, compliant, and resilient.Roles and ResponsibilitiesCloud Access Security Broker Microsoft CASB:Provide subject matter expertise in the deployment and optimization of Microsoft CASB.Lead continuous and real-time monitoring to detect and mitigate malicious activity across cloud services.Oversee the development and refinement of built-in policies and templates.Manage configuration and policy lifecycle:additions, updates, and deletions.Support and guide security incident investigations using CASB insights and telemetry.Cloud Security Posture Management (CSPM):Continuously assess and monitor cloud assets in AWS, Azure, and GCP for misconfigurations and non-standard deployments using Divy Cloud.Define and enforce mandatory security policies for newly released cloud services.Maintain and evolve cloud compliance policies in alignment with enterprise security requirements.Analyze and prioritize alerts and incidents related to cloud workloads; guide resolution strategies.Manage the full lifecycle of cloud security incidents, including escalation and root cause analysis.Generate and present executive-level and technical reports on vulnerabilities and compliance posture.Govern RBAC policies and oversee cloud role entitlements across platforms.Maintain cloud network security policies and ensure alignment with architectural standards.Provide expert remediation guidance to DevOps and development teams, promoting secure-by-design practices.Deliver regular reporting and insights on cloud security posture and trends.Primary SkillCloud Security Architecture and Operations CASBExperience8+ years of experience in cybersecurity, including substantial hands-on expertise in cloud security as a Specialist or in an advisory capacity.Demonstrated ability to lead cross-functional initiatives and influence cloud security posture across large-scale environments.Strong analytical and communication skills with the ability to translate technical risks into business impact. Educational QualificationBachelors degree in computer science, Information Security, or related field (masters preferred).Industry certifications are strongly preferred:CCSP / CISM or other relevant cloud and security certifications.Security certifications such as AWS/Azure Security Specialty or Microsoft Defender for Cloud Apps. Professional & Technical SkillsCASB (Cloud Access Security Broker):Real-time threat monitoring, policy lifecycle management, incident triage and investigation using Microsoft CASB.Cloud Security Posture Management (CSPM):Continuous assessment of multi-cloud environments (Azure, AWS, Ali Cloud) for misconfigurations and compliance gaps using DivvyCloud; enforcement of cloud security policies and RBAC governance.Cloud Security Operations:Alert triage, incident lifecycle management, and remediation support for DevOps teams; generation of executive-level vulnerability and compliance reports.Cloud Network & Identity Security:Role-based access control (RBAC) policy management, cloud network segmentation, and enforcement of security baselines across cloud platforms.Tools & Platforms:Microsoft CASB, Divy Cloud, Tripwire, Azure, AWS, Ali Cloud.Must-Have Skills: Real-time monitoring of user activity in CASB and data movement in cloud apps.Policy enforcement for data loss prevention (DLP), access control, and threat protection.Integration with Microsoft Defender and other security tools for incident response.Continuous assessment of cloud resources for misconfigurations using Divvy Cloud.Automated remediation workflows and policy enforcement.Role-based access control (RBAC) and cloud network security management.Generating compliance and vulnerability reports for audits and executive review.Networking, encryption, and logging best practices.Good-to-Have Skills: Experience with containers and Kubernetes securityFamiliarity with Infrastructure as Code (IaC) securityCloud-native security tools (e.g., AWS Config, Azure Policy, GCP Security Command Center). Qualification 15 years full time education

About Us: Our purpose is to help clients exceed their financial health goals. Across the reimbursement cycle, our scalable solutions and clinical expertise help solve programmatic needs. Enabling our teams with leading technology allows analytics to guide our solutions and keeps us accountable achieving goals. We build long-term careers by investing in YOU. We seek to create an environment that cultivates your professional development and personal growth, as we believe your success is our success. ESSENTIAL DUTIES AND RESPONSIBILITIES: Note: The essential duties and responsibilities below are intended to describe the general duties and responsibilities of this position and are not intended to be an exhaustive statement of duties. This position may perform all or most of the primary duties listed below. Specific tasks, responsibilities or competencies may be documented in the Team Member s performance objectives as outlined by the Team Member s immediate Leadership Team Member. Role Overview: The Manager will lead and manage 24x7 cybersecurity and SOC operations, ensuring round-the-clock protection of the organizations critical infrastructure. This role demands deep expertise in network security, threat detection, and incident response , while also managing a team working in rotational shifts. Key Responsibilities: Oversee end-to-end SOC operations , including real-time monitoring, incident triage, and escalation. Lead network security strategy and governance including firewalls, intrusion detection/prevention systems (IDS/IPS) , and VPN infrastructure. Manage and mentor a 24x7 cyber defense team, ensuring effective shift coverage and performance. Drive threat intelligence integration and lead response to advanced persistent threats. Conduct regular audits, vulnerability assessments, and penetration tests. Ensure compliance with relevant cybersecurity regulations and frameworks (e.g., ISO 27001, NIST, HIPAA). Collaborate with IT, Risk, and Compliance teams for coordinated risk mitigation. Requirements: 8+ years in cybersecurity, with 3+ years in a leadership role. Experience running or managing a 24x7 SOC . Strong expertise in SIEM tools , threat detection, and mitigation strategies. Relevant certifications: CISSP, CISM, CEH , or equivalent. Excellent leadership and communication skills. PHYSICAL DEMANDS: Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions as described. Regular eye-hand coordination and manual dexterity is required to operate office equipment. The ability to perform work at a computer terminal for 6-8 hours a day and function in an environment with constant interruptions is required. At times, Team Members are subject to sitting for prolonged periods. Infrequently, Team Member must be able to lift and move material weighing up to 20 lbs. Team Member may experience elevated levels of stress during periods of increased activity and with work entailing multiple deadlines. A job description is only intended as a guideline and is only part of the Team Member s function. The company has reviewed this job description to ensure that the essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate. PHYSICAL DEMANDS: Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions as described. Regular eye-hand coordination and manual dexterity is required to operate office equipment. The ability to perform work at a computer terminal for 6-8 hours a day and function in an environment with constant interruptions is required. At times, Team Members are subject to sitting for prolonged periods. Infrequently, Team Member must be able to lift and move material weighing up to 20 lbs. Team Member may experience elevated levels of stress during periods of increased activity and with work entailing multiple deadlines. A job description is only intended as a guideline and is only part of the Team Member s function. The company has reviewed this job description to ensure that the essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Develop and maintain comprehensive documentation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity and access management principles.- Experience with security incident response and risk management.- Familiarity with cloud service providers and their security offerings. Additional Information:- The candidate should have minimum 7.5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Conduct regular assessments of security frameworks to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security principles and practices.- Experience with risk assessment methodologies and tools.- Ability to design and implement security controls in cloud environments.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 7.5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education