749 Cism Jobs - Page 5

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Familiarity with security compliance frameworks such as ISO 27001 or NIST.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 2 years of experience in SailPoint IdentityNow.- This position is based at our Hyderabad office.- A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualification BE or MCA or MSc with Good Computer Science Background with good academic record.

About the Opportunity Operating within the Technology and Cybersecurity sector, our organization is a high-growth, on-site leader in cloud and security innovations in India. Focused on providing cutting-edge cloud security solutions, we drive secure digital transformation in dynamic environments, offering customized strategies to address complex security needs. This position seeks motivated professionals deeply engaged in advancing security postures for intricate cloud infrastructures and spearheading dedicated teams proactively. Role & Responsibilities Lead and manage multidisciplinary cloud security engineering teams to design, implement, and maintain robust and adaptable cloud infrastructures. Define and execute multiphase security strategies and technology roadmaps aligned with overarching business goals and dynamic regulatory standards. Collaborate across departments to embed security protocols seamlessly into cloud deployments and development lifecycles. Conduct thorough evaluations of emerging threats to select and deploy appropriate security tools, while innovating on processes to enhance protection and compliance. Develop, document, and validate comprehensive incident planning and response frameworks ensuring preparedness and minimized downtime. Advocate for governance rigor, promoting a culture of vigilance and adherence to industry standards and benchmarks. Skills & Qualifications Must-Have Proven leadership in directing cloud security engineering functions within dynamic and high-stakes environments. In-depth mastery of deploying and managing cloud security frameworks across leading platforms (AWS, Azure, GCP). Expertise in risk analysis, remediation planning, and navigating regulatory oversight, involving frameworks like NIST and ISO 27001. Demonstrated ability to synthesize complex projects with strategic leadership, delivering secure infrastructure solutions under tight deadlines. High interpersonal and communication skills for effective collaboration among technical and business leaders. Preferred Advanced certifications such as CISSP, CISM, or other recognized credentials demonstrating deep technical acumen. Hands-on experience with leveraging modern cloud-oriented security tooling for automating and optimizing security operations. Exposure to innovative approaches in adapting cloud security for evolving business and technical landscapes. Benefits & Culture Highlights Highly competitive compensation structure, including rewarding performance bonuses. Dynamic and inclusive work atmosphere prioritizing breakthrough innovation and knowledge growth. Leadership roles in impactful projects fostering significant advancements in the realm of cloud security operations. Ready to redefine boundaries in cloud securityJoin our ambitious team to protect and empower businesses through pioneering solutions tailored for the rapidly transforming digital era.

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

Be part of the solution at Technip Energies and embark on a one-of-a-kind journey. You will be helping to develop cutting-edge solutions to solve real-world energy problems. We are currently seeking Cybersecurity Risk Analyst to join our team based in Noida. The IT Risk Analyst reports directly to the IT Risk Manager and is in charge for Risk identification, assessment, mitigation and follow-up processes for both IT and OT environments. About us: Technip Energies is a global technology and engineering powerhouse. With leadership positions in LNG, hydrogen, ethylene, sustainable chemistry, and CO2 management, we are contributing to the development of critical markets such as energy, energy derivatives, decarbonization, and circularity. Our complementary business segments, Technology, Products and Services (TPS) and Project Delivery, turn innovation into scalable and industrial reality. Through collaboration and excellence in execution, our 17,000+ employees across 34 countries are fully committed to bridging prosperity with sustainability for a world designed to last. Global Business Services India At Technip Energies, we are continually looking for ways to become more efficient, and ways to improve our quality, customer focus and cost competitiveness. The Global Business Services (GBS) organization is key to executing this strategy, by standardizing our processes and centralizing our services. Our Vision : A customer-focused, cost-efficient, innovative, and high performing organization that drives functional excellence. GBS provide streamlined and consistent services to our internal customers in the domain of Finance and Accounting, Human Resources, Business Functional Support, Procurement and Legal. Our services fit our global organization and allow us to focus on business strategy and priorities. GBS also maintains continuous improvement plans to enhance our customer-oriented service culture. Responsibilities: Responsible for Digiteam and cybersecurity risk identification, assessment, mitigation and follow-up Maintains the documentation relating to risk management processes. Responsible for maintaining a Risk Register at group level Responsible for risk management Indicators (KRI) calculation and communication relating to the whole cybersecurity department. Collaborate with Security Operations Center (SOC) teams to analyze incident trends and integrate findings into risk assessments. Support the development and implementation of risk treatment plans, including technical controls and compensating measures About you At least 5 years of experience in IT Risk Management Certifications (preferred but not mandatory): ITIL, CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), ISO 27005 Risk Manager Certification or equivalent on filed experience. Hands-on experience conducting cybersecurity risk assessments in hybrid environments (on-premises and cloud). Experience working with DevSecOps teams to integrate risk management into CI/CD pipelines. Familiarity with incident response processes and post-incident risk re-evaluation. Technical Skills Strong understanding of cyber threat intelligence and its application in risk management. Familiarity with GRC platforms (e.g., SureCloud, ServiceNow GRC) for risk tracking and reporting. Experience with vulnerability management tools (e.g., Tenable, Qualys, Rapid7) and interpreting scan results. Knowledge of cloud security frameworks (e.g., CSA CCM, Azure Security Benchmark, AWS Well-Architected Framework). Understanding secure architecture principles and ability to review system designs for risk exposure. Familiarity with compliance frameworks such as GDPR, SOX, and industry-specific standards (e.g., IEC 62443 for OT). Familiarity with ISO2700x, NIST, CIS frameworks. What s next

Jun 23, 2025 Location: Bengaluru Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Risk Advisory is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Learn more about Risk Advisory Practice Location and way of working Base location: Bangalore Professional is required to work from office Your work profile As a Consultant in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - As a part of our Cyber, you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Role Description ISMS or Third-Party Risk Assessments Lead engagement team in delivering client engagements Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking Support Managers/AD/D in responding to RFP, proposals, new opportunities Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements Should be able to work as independently on short term engagements Perform quality reviews of work performed by team members Desired qualifications 1+ Relevant years of experience in Third party risk management Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

Job Overview: We are seeking a highly experienced and certified Compliance & Information Security Manager to lead and oversee our organizations compliance, quality assurance, and cybersecurity initiatives. The ideal candidate will possess a robust background in ISO standards, IT and Security Operations, and internal/external audit coordination across service industries. Key Responsibilities: Lead the implementation, maintenance, and audit of ISO standards, including ISO 27001, ISO 9001, AS9100D, GDPR, DPDP Ensure compliance with SOC 2, HIPAA , and other applicable regulatory frameworks. Collaborate with cross-functional teams to design, review, and implement information security policies and risk mitigation strategies . Manage and prepare for internal and external audits; represent the organization during surveillance and certification audits. Develop and deliver employee training programs related to information security, regulatory compliance, and quality assurance. Identify and address security risks in networks, systems, and applications , and recommend corrective controls. Update and maintain documentation related to compliance and audit standards. Required Qualifications: Bachelors degree in engineering/technology (preferably Computer Science or related discipline). CISA, CISO, CISM, CISSP Certified (any) Desirable Lead Auditor certifications for ISO 9001:2015, ISO 27001:2022 and AS9100D. Strong exposure to GDPR, HIPAA and SOC 2 frameworks. Proficiency in conducting internal, supplier, and customer audits . Experience with tools such as Microsoft Office Suite. Demonstrated ability to lead cross-functional teams, manage compliance projects, and drive process improvement.

Jul 3, 2025 Location: Mumbai Designation: Analyst Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a A nalyst in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Skills & Knowledge : Ability to validate threats given the established procedures and channels. Categorization of events based on a defined threat taxonomy. Ability to search for information to add context to logged events. Capabilities to analyze the incidents detected, being able to solve them or escalate them to the relevant personnel. Extraction of raw data to produce relevant technical reports in the form of lists, tables, graphs, etc. Communication skills to help clients. Health-checking practices in 24x7 mode. Scaled to level 2 for advanced research. Advanced threat detection. Generation of reports and investigations with different levels of depth depending on the recipients. Technical management of L1 pool. Support to customers in communication. Resolution of incidents not documented in L1 Drafting of new procedures for incident management. Operation and maintenance of equipment. Desired qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Navi Mumbai Professional is required to work from office

Jul 21, 2025 Location: Bengaluru Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile A Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: A Security Operations Center (SOC) Manager, with expertise in SOC, UEBA, networking, and infrastructure, is needed to lead a team of 40 security professionals. This role requires strong leadership, technical proficiency, and the ability to manage a large team while ensuring effective threat detection and incident response. Key Responsibilities: Team Leadership & Management: Lead, mentor, and manage a team of SOC analysts, engineers, and specialists. Foster a collaborative and high-performing team environment. Service Delivery Oversight: Oversee all aspects of SOC operations, including monitoring, detection, analysis, and incident response. Incident Response: Manage and prioritize incident response activities, acting as a senior escalation point for critical security incidents involving network infrastructure and other enterprise systems. Threat Management: Develop and implement strategies for proactive threat hunting, threat modeling, and the development of use cases for security monitoring. Technical Expertise: Possess strong knowledge of SIEM technologies, UEBA, network security, and infrastructure management. Policy & Procedure Development: Develop and implement security policies and procedures for incident response, vulnerability management, and security compliance. Client Engagement: Serve as the primary point of contact for client engagements, ensuring SOC services are aligned with client needs and objectives. Reporting & Communication: Create reports, dashboards, and metrics for SOC operations and present them to senior management. Desired qualifications Required Skills & Experience: Proven experience in managing and leading a SOC team, preferably with a team size of 40+ members. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). Proficiency in using SIEM tools and UEBA solutions. In-depth knowledge of network security principles and infrastructure management. Experience with incident response methodologies and best practices. Excellent communication, interpersonal, and leadership skills. Experience in threat hunting and threat modeling. Relevant certifications Preferred (e.g., CISSP, CISM, SANS certifications) are highly desirable. Location and way of working Base location: Bangalore Professional is required to work from client location. Your role as a Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you ll grow

Be part of the solution at Technip Energies and embark on a one-of-a-kind journey. You will be helping to develop cutting-edge solutions to solve real-world energy problems. We are currently seeking Cybersecurity Risk Analyst to join our team based in Noida. The IT Risk Analyst reports directly to the IT Risk Manager and is in charge for Risk identification, assessment, mitigation and follow-up processes for both IT and OT environments. About us: Technip Energies is a global technology and engineering powerhouse. With leadership positions in LNG, hydrogen, ethylene, sustainable chemistry, and CO2 management, we are contributing to the development of critical markets such as energy, energy derivatives, decarbonization, and circularity. Our complementary business segments, Technology, Products and Services (TPS) and Project Delivery, turn innovation into scalable and industrial reality. Through collaboration and excellence in execution, our 17,000+ employees across 34 countries are fully committed to bridging prosperity with sustainability for a world designed to last. Global Business Services India At Technip Energies, we are continually looking for ways to become more efficient, and ways to improve our quality, customer focus and cost competitiveness. The Global Business Services (GBS) organization is key to executing this strategy, by standardizing our processes and centralizing our services. Our Vision : A customer-focused, cost-efficient, innovative, and high performing organization that drives functional excellence. GBS provide streamlined and consistent services to our internal customers in the domain of Finance and Accounting, Human Resources, Business Functional Support, Procurement and Legal. Our services fit our global organization and allow us to focus on business strategy and priorities. GBS also maintains continuous improvement plans to enhance our customer-oriented service culture. Responsibilities: Responsible for Digiteam and cybersecurity risk identification, assessment, mitigation and follow-up Maintains the documentation relating to risk management processes. Responsible for maintaining a Risk Register at group level Responsible for risk management Indicators (KRI) calculation and communication relating to the whole cybersecurity department. Collaborate with Security Operations Center (SOC) teams to analyze incident trends and integrate findings into risk assessments. Support the development and implementation of risk treatment plans, including technical controls and compensating measures About you At least 5 years of experience in IT Risk Management Certifications (preferred but not mandatory): ITIL, CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), ISO 27005 Risk Manager Certification or equivalent on filed experience. Hands-on experience conducting cybersecurity risk assessments in hybrid environments (on-premises and cloud). Experience working with DevSecOps teams to integrate risk management into CI/CD pipelines. Familiarity with incident response processes and post-incident risk re-evaluation. Technical Skills Strong understanding of cyber threat intelligence and its application in risk management. Familiarity with GRC platforms (e.g., SureCloud, ServiceNow GRC) for risk tracking and reporting. Experience with vulnerability management tools (e.g., Tenable, Qualys, Rapid7) and interpreting scan results. Knowledge of cloud security frameworks (e.g., CSA CCM, Azure Security Benchmark, AWS Well-Architected Framework). Understanding secure architecture principles and ability to review system designs for risk exposure. Familiarity with compliance frameworks such as GDPR, SOX, and industry-specific standards (e.g., IEC 62443 for OT). Familiarity with ISO2700x, NIST, CIS frameworks. Your career with us: Working at Technip Energies is an inspiring journey, filled with groundbreaking projects and dynamic collaborations. Surrounded by diverse and talented individuals, you will feel welcomed, respected, and engaged. Enjoy a safe, caring environment where you can spark new ideas, reimagine the future, and lead change. As your career grows, you will benefit from learning opportunities at T.EN University, such as The Future Ready Program, and from the support of your manager through check-in moments like the Mid-Year Development Review, fostering continuous growth and development What s next Once receiving your application, our Talent Acquisition professionals will screen and match your profile against the role requirements. We ask for your patience as the team completes the volume of applications with reasonable timeframe. Check your application progress periodically via personal account from created candidate profile during your application. We invite you to get to know more about our company by visiting and follow us on LinkedIn , Instagram , Facebook , X and YouTube for company updates. #LI-AP1

Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. . Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.

BE/B.Tech/Post-Grad/ Graduate or Postgraduate in any other discipline 0-2 years of relevant experience. Candidates should be okay to work in rotational shifts. Good to have - Certifications - CSA (Certified SoC Analyst), CISM and CCSP, Certifications from Microsoft Azure Suite Candidates having SOC experience would be preferred Well versed in Microsoft productivity tools such as Word, PowerPoint and Excel An understanding of concepts of analytics and should be able to generate trends, drill downs, and various graphical representations Windows / Azure / AWS infrastructure knowledge will have added advantage Experience in Windows security tools like Defender for office, Defender for identity, Sentinel and other Microsoft security tools will have added advantage Excellent written and oral communication skills . Actively monitoring, analysing & escalating SIEM alerts based on correlation rules, Email protection alerts & malware analysis, Provide inputs for proactive content fine tuning & use case enablement, Active threat hunting on network flow, user behaviour & threat intelligence, Phishing email analysis for MFs, Raising incidents in Pastebin inte Should be familiar with Domain Knowledge (Cyber Security), Threat Hunting, SIEM- Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting, Windows Active Directory, Operating systems and servers. Ability to Triage and assignment Incident Handling. Ability to Follow Playbooks instructions- Incident Response Playbooks Ability to Comprehend Logs (HTTP, SMTP, Network) (Under guidance) Understand and imbibe current SOC process Perform quality assessment on SOC operations being performed as per existing process Record and deviations identified into tracking tool(s)/spreadsheets Perform follow-ups with respective error owners to mitigate process deviations Identify process deviations, Summarize and generate trends, patterns into process deviations / errors observed. Perform RCA into observed errors / trends and generate recommendations for process improvement Generate personnel specific recommendations for performance enhancement Contribute in overseeing quality assessment process for multiple SOC verticals In-line alignment with SOC operations for quick-detection / prevention of process deviations Support as QA touchpoint in critical cyber incidents to enhance quality of service Assessment of investigation report with assertions, evidences and recommended actions Communicate effectively and collaborate with teams in different geographie

: Experience range: 5- 12 years Cyber Security Expert Primary Mandate You will consult and support the Life Science Sector Cyber Security team operations across the entire Life Science organization / locations to protect the confidentiality, integrity, and availability of the IT assets, software-based products, applications and web sites. Your main task is ensuring that cyber security policies, standards, controls, and regulatory requirements are properly understood, planned and implemented. Scope Implement and maintain technical and non-technical cyber security controls of the IT assets, software-based products, applications and web sites Technical controls include baseline security configuration for operating systems (e. g. , OS hardening), network segmentation, DMZ systems hardening, identity and access management (IAM), etc. Non-technical controls include working with corporate teams to embed controls in technology Procurement and working with the business application owners to ensure security process are properly applied throughout the entire application management life cycle. Participate in application-, infrastructure-, and business projects to provide security-planning advice. Together with the IT Solution Architects plan, deliver and document security architecture for various security solutions and projects. Participate in a Cyber Security Incidence Response Team (CSIRT) to cover information security incidents on a sector wide level. Development of cybersecurity awareness and training curriculum. Ensure security training and awareness programs are defined and executed. Contribute to internal projects in response to external compliance requirements, such as NIS2. Qualifications Extensive industry experience, technical knowledge and proven information security competency through professional designation / certifications, such as CISSP, IISP, CRISC, CCSP, CISA or CISM. Ability to analyze security issues, manage conflicting priorities, and recommend a course of action with both technical and business perspective. Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus across organizational lines. Ability to collaborate with diverse team consisting of developers, architects, project managers, etc. Experience with security risk management frameworks based on industry standard (e. g. , ISO27005, NIS2, BSI) and regulations (e. g. , GDPR). Proven ability to manage and collaborate on large/complex projects. Strong documentation skills. Fluent in English.

>> Job DesCRIPTION Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Deliver complex Infrastructure programmes with multiple business and technical risks that will impact the success of key business priorities Create and track a plan to deliver programme goals, including the technical implementation plan, ensuring colleagues and stakeholders are kept up-to-date Manage risks and Issues on the programme demonstrating tactics to resolve or mitigate Understand trade-offs in hardware and infrastructure delivery using experience and influencing skills to drive consensus with the Engineering and Product teams to obtain the best value and deliver brilliant technical solutions Able to foresee potential risks and issues, establish a process, facilitate discussion and manage escalations Able to understand a technical architecture to be able to foresee the impact on dependencies, delivery timelines and implementation plans Have good knowledge of engineering best practices and practical infrastructure implementations to appreciate delivery challenges Collaborate with the Product and Engineering teams to define annual budgetary requirements Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 5+ years of hands-on experience in Project/Program Management. Understand the key principles of ITSM and How this drive effective change into BAU Have experience of building credible relationships and influencing senior management Strong Project, Stakeholder & Programme management skills Good reporting skills for programs and financial forecasting Adept communication & influencing skills and adoptability to changes - Expert delivery experience with the following tools: - Jira - Confluence - Miro - Microsoft Project - MS Excel Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Strong communication and stakeholder & conflict management skills. Strong analytical and problem-solving skills, with the ability to think critically and strategically. >> SELECTION PROCESS Candidates should expect 2-3 rounds of personal or telephonic interviews to assess fitment and communication skills. >> CRITERIA Education 60% above throughout academics One 3 years (at least) regular course is must either Diploma or Graduation Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent Minimum 3 years of hands-on experience in conducting cyber risk assessments. Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA / PCI DSS (At least one) CCNA / CCNP or equivalent (optional) Relevant certifications in OT security (GICSP, ISA/IEC-62443 or equivalent)

As a Cloud Ops professional at Tally, you will be part of a team dedicated to delivering top-notch connected services in public clouds for Tally's customers. Your mission will be to ensure unmatched reliability, strong security, and optimal cost efficiency. You will have the opportunity to design, implement, and operationalize solutions using cutting-edge cloud native technologies to provide a seamless experience for our customers. Your responsibilities will include overseeing Risk Management & Governance for Tally's suite of cloud-based connected services, implementing secure access at every level, and ensuring compliance with regulatory requirements. You will focus on Cloud Security Oversight, primarily in the AWS environment, while also considering multi-cloud environments. Your role will involve managing regulatory and compliance issues and providing governance and reporting on cloud operations. To excel in this role, you should bring experience in risk management, governance, or compliance roles within fintech, banking, or cloud-centric organizations, particularly in product or fully hosted service-based settings. You should have expertise in AWS security tools, architectures, and best practices, along with a deep understanding of Indian financial sector regulations such as RBI, SEBI, and the IT Act. Possessing relevant certifications like CISSP, CISM, AWS Certified Security Specialty, CRISC, or CISA would be advantageous. You will be expected to demonstrate a thorough understanding of cloud-native security principles, AWS best practices, risk frameworks (NIST, ISO, COBIT), and regulatory mandates. Your role will involve bridging business requirements with technical security implementations, requiring strong communication, stakeholder management, analytical thinking, and a proactive problem-solving approach. Join us at Tally, where we value honesty, integrity, a people-first culture, excellence, and impactful innovation. Be a part of our journey to simplify the lives of millions of small and medium businesses globally through technology and innovation.,

You will be responsible for conducting third-party/supplier security risk assessments, interpreting security assurance reports including SOC2 and pen test reports, and reviewing security requirements in contracts. Additionally, you will need to understand outsourced solutions and associated information classification, assess supplier security controls based on ISO27001/2 standards, and identify and document security risks. You will be expected to suggest recommendations to address identified security risks, potentially perform information classification such as AIC assessment, and hold security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. If you have at least 4 years of experience in Information Security, possess the necessary certifications, and can work in Mumbai (Andheri East) with a notice period of immediate to 30 days, we encourage you to share your updated resume to manasa.chilla@visionyle.com.,

The role of a Splunk Security Solution Architect is to serve as a subject matter expert for Splunk Security products and provide expertise on the broader security landscape. Your primary responsibility will be to support Splunk account teams, including sales and pre-sales resources, in developing tailored security solutions for customers. As the "eyes and ears" for the field, you will offer expert guidance and recommendations to help customers enhance the security and resiliency of their organizations. Your key responsibilities will include establishing and maintaining strong relationships with clients and partners, collaborating closely with account teams to align with sales strategies, and conducting demonstrations of Splunk's security products and services to customers. Additionally, you will be required to respond to functional and technical aspects of RFIs/RFPs, provide hands-on leadership in resolving technical issues, and demonstrate a strong ability to collaborate effectively. To excel in this role, you should possess a Splunk Certified Administrator certification or have sufficient knowledge to administer Splunk Enterprise and solutions. You must have at least 5 years of experience as a successful pre-sales engineer, systems integrator, or similar role within the cybersecurity domain. Familiarity with cyber threats, incident response practices, SIEM, automation tools, endpoint technology, threat intelligence, and enterprise hardware and software technologies is essential. Experience with operating systems, networking technology, enterprise software, cloud platforms, scripting languages, and industry certifications such as SANS GIAC, CISSP, CISM, etc., will be advantageous. Furthermore, you should demonstrate strong interpersonal skills, effective communication abilities across different audience types, and a self-motivated attitude with an insatiable curiosity for technological possibilities. A positive and fun-loving demeanor, along with a desire to work with a dynamic team, is key for success in this role. Please note that we are committed to providing guidance on technology, supporting your soft skills development, and educating you on processes. Your passion for technology, motivation, and enthusiasm for working in a collaborative team environment will be highly valued in this position.,

As the IT Auditor at Navi, you will be responsible for overseeing Navis strategic Risk-based IT Audit Plan and managing the Group IT Audit Function in alignment with Navis Internal Audit Charter and industry standards set by ISACA, ISO, COBIT, IIA, and other relevant professional bodies. Your role will involve directing IT audit operations and strategies at the group level, auditing information systems, platforms, and operating procedures of Navi to ensure the effectiveness of the organizations risk management and internal controls. Your major responsibilities will include developing and implementing risk-based annual IT audit plans, evaluating IT infrastructure, identifying areas of risk or non-compliance, and ensuring proper resourcing for plan implementation. You will also be responsible for updating audit tools, informing senior management of significant risks, providing feedback on IT & data risks, maintaining relationships with key stakeholders, overseeing Internal Audits participation in business initiatives, and serving as a thought leader in IT risk management and internal control best practices. In addition, you will continuously inspect and assess various elements of the companys information systems, identify IT risk exposure, recommend remediation strategies, review security measures, coordinate with external auditors and regulators, track issues and actions management process, and provide early warning signals in IT areas for potential fraud scenarios. You will also be responsible for issuing clear and concise IT Audit reports, delivering MIS and reports to assist the Function Head, and making presentations to the audit committee and management independently. The ideal candidate for this role should possess IT audits related qualifications such as CISSP, CISA, CISM, GIAC, PPM, PMP, DISA, or equivalent, along with 7 or more years of experience in IT audits preferably with 2-3 years in a team management role. Strong knowledge of IT security and infrastructure, experience in agile product management environments, and 3 to 5 years of Fintech or NBFC industry experience are preferred qualifications for this role.,

As a global leader in cybersecurity, you will play a crucial role in protecting the people, processes, and technologies that drive modern organizations. CrowdStrike, with its advanced AI-native platform, has been redefining modern security since 2011 with the mission to stop breaches. Our diverse range of customers across various industries rely on CrowdStrike to keep their businesses running smoothly and their communities safe. CrowdStrike is a mission-driven company that values inclusivity, flexibility, and autonomy. We empower our employees to take ownership of their careers and provide an environment where innovation, customer commitment, and community engagement are highly encouraged. If you possess limitless passion, a strong focus on innovation, and a dedication to our customers and community, we welcome you to join our team and be part of a mission that truly matters. As the Sales Engineering leader, your primary responsibility will be to manage the technical sales support for our products and services. You will lead a team in promoting CrowdStrike's security platform to potential customers, partners, and the industry at large. The ideal candidate should demonstrate exceptional energy, drive, and a keen interest in expanding business across a portfolio of accounts. Candidates with existing security contacts are particularly encouraged to apply. Your role will involve ensuring effective technical sales coverage for the regional account base, collaborating with various internal teams for strategic and tactical planning, and driving customer and partner meetings through solution selling and problem resolution. Additionally, you will be responsible for coaching and developing the Sales Engineers" skill sets, providing technical training, and managing a team of SE Managers. This position requires strong leadership skills, pre-sales technical experience, and the ability to engage with stakeholders at all levels within a territory. Your day-to-day responsibilities will involve market analysis, competitive monitoring, and supporting sales teams and partners with pre-sales technical activities. You must be willing to travel for client meetings when necessary and possess excellent communication and presentation skills to interact with external audiences, including senior executives. To excel in this role, you should have a background in IT security, experience in working with channel partners, and a strong technical knowledge of networking and security solutions. Relevant certifications such as CISSP, CISM, Security+, or CEH are a plus. Your ability to understand and articulate both the business benefits and technical advantages of our products will be crucial in this position. At CrowdStrike, we offer a remote-friendly and flexible work culture, competitive compensation and equity awards, comprehensive wellness programs, paid parental and adoption leaves, professional development opportunities, and a vibrant office culture with world-class amenities. We are committed to creating a diverse, equitable, and inclusive workplace where everyone is valued and empowered to succeed. By embracing the diversity of our employees, we foster innovation and deliver the best outcomes for our customers and communities. Join us in shaping the future of cybersecurity.,

As an Internal Auditor at Justdial Ltd in Bangalore, you will be responsible for projects in IT Advisory focusing on the assessment and evaluation of IT systems, along with the mitigation of IT-related business risks. Your role will involve IS audit, ITGC reviews, internal audit engagements, IT infrastructure review, and risk advisory, including supporting IT audit activities. Your responsibilities will include coordinating and managing statutory external audits for SOX (ITGC), providing management reports by collecting and analyzing audit information, conducting ISMS security awareness training programs within the organization, and supporting the Information Security Manager in managing and mitigating risk assessments. You will also be involved in implementing ISO 27001 controls across the organization, conducting risk assessments and gap analyses for ISO 27001/IT General Control, and performing internal audits for various business functions. Additionally, you will conduct data center audits as per ISO 27001 standards, develop and review information security policies and procedures, handle end-to-end ITGC statutory audit requirements, assist in the implementation of ISO 27001:2013 and managing the ISMS, and consult the organization on business continuity for critical functions. You will also be involved in implementing and consulting on PCI DSS SAQ A-EP certification. The ideal candidate for this role should have a bachelor's degree in engineering or BSc-IT, experience in performing IT audits of banking/financial sector applications, and knowledge of IT regulations, standards, and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ISO 27001). Technical knowledge of IT audit tools, experience in carrying out OS/DB/Network reviews, exposure to risk management and governance frameworks/systems, and proficiency in project management, communication, and presentation skills are essential. Being a team player with strong self-directed work habits, initiative, drive, creativity, maturity, self-assurance, and professionalism is crucial for success in this role. Preferred certifications include CISA, CISSP, ISO 27001 Lead Auditor/Implementer, and CISM. Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools is also required.,

Role & RESPONSIBILTY Conduct threat modeling and risk assessments to evaluate potential security risks associated with the organization. Provide guidance on risk remediation strategies and the implementation of countermeasures to address identified security risks. Ensure GDPR & PCI-DSS compliance across all areas of the organization. Work with the development team to ensure compliance with SDLC lifecycle and secure coding practices. Lead encryption efforts and disable deprecated protocols to maintain data security while in transit or at rest. Incorporate NIST framework into the organization's security practices and stay up-to-date with the latest controls. Review penetration testing reports, static and dynamic application security testing results, SaaS platforms, Azure Defender reports, and third-party application integration risks to identify vulnerabilities and evaluate overall security posture. Provide expertise in security and network architecture and design. Create comprehensive data flow diagrams to identify potential threats and identify areas for improvement. Evaluate cloud security posture and provide recommendations to enhance overall security. Continuously identify potential flaws in the entire architecture and implement security controls and practices to prevent future breaches. REQUIREMENTS: Bachelor's degree in Computer Science, Information Technology, or related fields 8+ years of experience in information security or related fields Strong understanding of GDPR & PCI-DSS requirements Experience with threat modeling, risk assessment, and remediation Familiarity with secure application development principles and secure coding practices Experience with identity and access management (IAM) solutions and authentication protocols such as SAML, OAuth, and OpenID Connect Understanding of network security protocols such as TCP/IP, DNSSEC, SSL/TLS, IPSec, and firewalls Experience in encryption technologies and protocols for data security Knowledgeable in NIST framework controls Strong analytical and problem-solving skills Expertise in security architecture and network design Proficiency with creating detailed data flow diagrams Familiarity with cloud security trends and best practices Experience with DevOps and CI/CD pipelines and creating a DevSecOps culture Excellent communication and interpersonal skills Professional Certifications: CISSP, CCSP, CCSK, CEH

ROLE & RESPONSIBILTY: Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. Risk Consulting IT Advisory Cyber Security: Cyber Risk Assessments The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. 2020 KPMG, an Indian Registered Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International. REQUIREMENTS: Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments.•Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices.•Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. >>CRITERIA oEducation 60% above throughout academicsoOne 3 years (at least) regular course is must either Diploma or GraduationoCourse: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalentoCertification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA (At least one)oCCNA (Mandatory), CCNP or equivalent(optional).

Join our Team About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Why join Ericsson What happens once you apply Primary country and city: India (IN) || Noida Req ID: 769907

About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Primary country and city: India (IN) || Noida Req ID: 769907

We are looking for a hands-on professional to manage SatSure s IT operations and drive compliance, risk, and information security initiatives. This role will ensure that our IT systems and practices effectively support the company s growth while maintaining security, compliance, and reliability. You will work closely with engineering, business, and legal teams to implement best practices and enable smooth, secure operations. About SatSure SatSure is a deep tech, Decision Intelligence company working at the intersection of agriculture, infrastructure, and climate action. We transform satellite data into actionable insights, enabling faster, smarter, and more responsible decisions especially for underserved regions of the world. Key Responsibilities: IT & Infrastructure Manage daily IT operations, including networks, endpoints, cloud resources, and collaboration tools. Ensure the reliability, security, and cost-effectiveness of cloud and internal IT infrastructure. Implement and maintain IT governance, access control, and operational procedures. Compliance & Risk Develop and enforce policies to meet regulatory, contractual, and internal compliance requirements. Support internal and external audits (e.g., ISO 27001, SOC 2) and help maintain certifications. Monitor, assess, and mitigate IT and cyber risks. Information Security Oversee day-to-day security practices, including vulnerability checks, incident response, and data privacy. Create awareness programs to promote good security practices across teams. Collaboration & Leadership Work with delivery, legal, and client teams to ensure compliance requirements are addressed in operations and contracts. Mentor junior team members, and help build a culture of accountability and continuous improvement. Qualifications 5 8 years of experience in IT operations, with some experience in compliance, risk, or information security. Bachelor s degree in Computer Science, Information Systems, or a related field. Certifications like CISM, CISSP, or ISO 27001 LA are an advantage but not required. Must Have Skills Strong working knowledge of cloud platforms (AWS, GCP, or Azure) and enterprise IT systems. Familiarity with standards like ISO 27001, GDPR, SOC 2, and ITIL. Ability to communicate risks and requirements clearly across teams. Experience supporting audits, managing vendors, and working with legal or client teams is a plus. Perks & Benefits Health insurance for you and your family, including unlimited online doctor consultations. Access to mental health support for you and your dependents. Learning & development allowance. Comprehensive leave policy (including paid, casual, marriage, and bereavement leaves). Biannual performance appraisals.