1361 Cism Jobs - Page 50

Client interface for understanding the SOX IT General Controls as applicable to Application &Infrastructure operations Conducting assessment of existing processes and align them to COBiT 2018 standard. Conducting TOE and TOD for ITGCs Documentation of as-is SOX 404 IT General Controls as they are currently being executed in client environment. Identify process exceptions and risk with respect to materiality defined by the SOX controller. Evaluating 3rd parties and their ITGC environments by assessment of SSAE18 reports Create Process Summaries, Compliance runbooks and RCMs. Define RACI for Control owners, executioners etc. Work with Senior Management of the organization and business teams in...

As part of the Enterprise Security team, the Security Technology Operations (STO) Manager will help secure Arm s digital infrastructure. This includes managing and optimizing security technologies, implementing Zero Trust and network segmentation, and enhancing threat detection and response. The role requires strong cloud and network security knowledge, hands-on experience with security tools, and the ability to lead strategic initiatives while coordinating with partners, vendors, and internal teams. Responsibilities Implement network segmentation and Zero Trust to reduce attack surfaces, enforce least-privilege access, and isolate systems across enterprise and cloud environments. Lead the d...

If you are a strategic thinker passionate about driving solutions and mitigating risk; you have found the right team. The Testing CoE (Center of Excellence) team is responsible for ensuring a strong and consistent control environment across the firm. This role is a great opportunity to be working with a large Controls Testing team and help establish a newly formed organization which provides the potential hire a good starting point within the firm. Job Summary As a Risk and Controls Testing Associate within the Testing Center of Excellence, you will be responsible for the execution of independent risk-based, point-in-time evaluations of the control design adequacy and execution effectiveness...

ASSOCIATE CONSULTANT Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure...

ASSOCIATE CONSULTANT Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure...

L1/L2/L3 Must-Have Skills: 4+years in SOC 2-3 years as L3 level Team Lead Valid-Active CISM/CISSP certification Expertise in EDR, Incident Response, Threat Hunting Proficiency in Splunk for security monitoring Good-to-Have Skills: CEH, OSCP, GIAC certifications Cloud Security expertise in AWS, Azure, or GCP Scripting with Python, PowerShell Familiarity with MITRE ATT&CK Knowledge of ISO 27001, NIST, GDPR, RBI guidelines Digital Forensics & Malware Analysis Strong stakeholder management skills Academic Qualifications: Valid-Active CISM/CISSP certification Requirements: Location: Mumbai (Kurla) Client Site Job Type: Hybrid Shift Timings: General shift (5 days/week, 2 working Saturdays) Key Per...

Job Summary :- We are seeking a detail-oriented and proactive Employee Monitoring Specialist to oversee and manage employee activity monitoring systems to ensure compliance with company policies, enhance productivity, and protect sensitive information. The ideal candidate will have experience with monitoring tools (e.g., Teramind, ActivTrak, or similar platforms), data analysis, and compliance management. Key Responsibilities :- Administer and manage employee monitoring software (e.g., Teramind, ActivTrak, etc.) to track user activity, system access, and data handling. Monitor, review, and analyze employee activity reports to identify anomalies, suspicious behaviors, or policy violations. Wo...

Job Description :- We are seeking a highly skilled Teramind Monitoring Expert with hands-on experience in compliance, monitoring, and system surveillance. The ideal candidate will be responsible for the effective implementation and management of Teramind monitoring solutions to ensure adherence to regulatory requirements and optimal system performance. Key Responsibilities :- Implementation & Configuration :- Install, configure, and manage Teramind monitoring software across the organization. Monitoring & Surveillance :- Continuously monitor system activities, user behaviors, and network traffic to detect and prevent security breaches. Compliance Management :- Ensure all monitoring activitie...

Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Develop and maintain vulnerability management processes, Analyze assessment results to identify and prioritize risks. Perform penetration testing.

We are looking for experienced TPRM (Third-Party Risk Management) Consultants with a strong background in the Life Sciences domain. The role involves conducting internal audits and third-party risk assessments focused on cybersecurity, compliance, operational, and fraud risks within pharmaceutical or healthcare settings. Candidates should be skilled in evaluating vendor risks, drafting SOPs and policies, performing gap analyses, and ensuring regulatory alignment. Relevant certifications like CISM, CISA, or CISSP are a plus. Location : - India(Remote) Preferably Hyderabad

primary Skills: Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organisation Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWS Job Description: The candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manual work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined pro...

GRC Lead will manage and strengthen our Governance, Risk, and Compliance (GRC) initiatives for Managed Security Services (MSS) within the Telecom sector. The GRC Lead will be responsible for ensuring that the services we provide to our telecom clients adhere to industry standards, regulatory requirements, and robust risk management practices. This individual will play a key role in aligning our security services with client business objectives, improving our security posture, and ensuring compliance with telecom-specific regulations and frameworks. You have: 7+ years of experience in Governance, Risk, and Compliance (GRC), with at least 3 years in telecom or Managed Security Services (MSS) w...

Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customer...

A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and reme...

As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organizations computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities , supporting the response to incidents , and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What will you do in this role: Contri...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls an...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security control...

Security Response Coordinator Role Overview As a Security Response Coordinator you will play a critical role in ensuring the effective management and response to security incidents within our organization You will collaborate with cross functional teams and stakeholders to develop and implement incident response plans coordinate incident investigations and drive the resolution of security incidents in a timely manner The ideal candidate will possess excellent communication skills strong problemsolving abilities and a deep understanding of security incident management Responsibilities Collaborate with key stakeholders to identify potential security threats and vulnerabilities Regularly review...

Key Responsibilities: Design and implement Zero Trust Architecture (ZTA) strategies, aligned with NIST 800-207 or similar frameworks. Lead the development of security reference architectures and roadmaps for Zero Trust implementation. Collaborate with cross-functional teams including IT, network, DevOps, and application teams to integrate Zero Trust principles into all environments (on-prem, cloud, hybrid). Develop policies and controls around identity verification, least privilege access, micro-segmentation, and continuous authentication. Lead risk assessments and gap analyses related to Zero Trust controls. Provide guidance on appropriate Zero Trust technologies and tools (e.g., SDP, ZTNA,...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Service Delivery Good to have skills : Security GovernanceMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams ...

We are looking for self-driven professionals interested in a career in Oracle. The position will independently program manage the ISO 27001 ISMS implementation for OFSS Ltd. In addition will also perform project review activities. Working at Oracle & in this team provides you an opportunity to make a difference to overall business, continuous learning opportunities with access to best tools & courses and a fulfilling & inclusive environment. Career Level - IC4 Responsibilities As an Individual Contributor, perform the role of an Information Security Management System Implementation Lead Work with senior management, various stakeholders from business, support function teams to implement the p...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security contr...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security contr...

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document...