752 Cism Jobs - Page 8

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Business Functions Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Banks operational processes and inspire to delight our business partners through our multiple banking delivery channels. Business Function Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Banks operational processes and inspire to delight our business partners through our multiple banking delivery channels. Job Purpose This is to manage risks for LOBTs acting as Line 1 risk manager Key Accountabilities: Assist Line of Business Technology in managing technology and operational risks Drive and ensure regulatory compliance for the LOBT Liaise and co-ordinate audit activities involving the LOBT Issue & Action management for LOBT including is impacted (across external and internal audits and reviews and excluding IT Information Security) and action planning. Engagement across Technology verticals, Operations, Business, Compliance to prioritize, plan, act, prove, close all open findings within committed timelines. Scan regulatory requirements, circulars to ensure forward planning and execution for compliance. This includes Singapore and India regulatory requirements. Prepare, maintain and conduct control testing for units Risk Control Self Assessments (RCSAs) Outsourcing Risk assessment for the LOBT Monitor risk issues and incidents for LOBT. Job Duties & Responsibilities: Liaise with stakeholders within and outside DBS, including at Group level to have a comprehensive view of all Technology Risks. Engage with Technology verticals and others as appropriate within DBS, to progress on closure of all open points. Engage with Compliance, understand the regulatory requirements at country and group level, and add these to the action points which Technology must ensure. Early identification of execution challenges in risk mitigation actions and being an effective catalyst with Technology teams and seniors to resolve bottlenecks such as cost or resource approvals, conflicting priorities. Risk assessment for LOBT covering partners, external environment and identify potential risks such as relating to scale-preparedness, DR & BCP support for the organization, code quality in terms of testing and deployment governance. Regular updates as per agreed rhythm, and fronting dialogues with stakeholders/LOBT, to highlight process on Risk Management and Risk Mitigation. Liaise with relevant departments to ensure awareness of Technology Risk within the DBS India Technology Team, and partner for this awareness across DBS India. Liase with Line of Business Risk in the region and co-ordinate efforts for the LOBT landscape used by India. Requirements Ideally, 10+ years of successful experience in Technology Risk Management, Information Security, Technology Audit. Education / Preferred Qualifications: Ideally, risk-accreditations like CISA, CRISC, CISM, CISSP experience on Information System audits and remediation, Agile Scrum accreditation and/or experience, and has worked as a Lead Auditor in Information System audits including ISO audits. Minimum Computer Science or Technology Management graduate, preferably in Info-Sec specialization. Core Competencies: Awareness of Information Systems and their complexity, potential points of failure from a risk perspective. Good communication skills and ability to manage dialogues with seniors. Readiness to raise the red flag for risks, in the interests of the bank.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Your role will also require you to stay updated on emerging security threats and technologies, enabling you to make informed decisions that enhance the overall security architecture. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular security assessments and audits to ensure compliance with established standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity and access management principles.- Experience with security risk assessment methodologies.- Familiarity with security incident response processes. Additional Information:- The candidate should have minimum 7.5 years of experience in SailPoint IdentityIQ.- This position is based in Hyderabad.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Identity Access Management (IAM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities. You will engage in strategic planning, oversee project timelines, and ensure that all security measures are effectively integrated into the delivery process, fostering a secure environment for all stakeholders involved. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge.- Monitor project progress and implement necessary adjustments to meet objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity Access Management (IAM).- Strong understanding of security frameworks and compliance standards.- Experience with identity governance and administration tools.- Knowledge of risk management and mitigation strategies.- Familiarity with cloud security principles and practices. Additional Information:- The candidate should have minimum 7.5 years of experience in Identity Access Management (IAM).- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be responsible for overseeing the implementation and delivery of Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities, including methods, tools, training, and assets. You will engage with stakeholders to align project goals and ensure that security measures are effectively integrated into the overall project framework, fostering a collaborative environment that promotes best practices in security delivery. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team skills and knowledge in security practices.- Monitor project progress and implement necessary adjustments to meet deadlines and objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of security frameworks and compliance standards.- Experience with incident response and threat management.- Familiarity with security monitoring tools and technologies.- Ability to analyze security incidents and provide actionable insights. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure they align with business objectives.- Collaborate with cross-functional teams to integrate security practices into the development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of risk management frameworks and compliance standards.- Experience in implementing security controls and monitoring solutions.- Familiarity with cloud service models and their security implications. Additional Information:- The candidate should have minimum 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for InfoSec(Cyber Resilience-BCP/BCM/DR) in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Job Description: Information Security(Cyber Resilience-BCP/BCM/DR) 1)Digital Risk Consulting_Partners with IT and business units to identify critical systems, document impacts, asses risks, and define recovery objectives to ensure minimal disruption during incidents. They monitor evolving regulatory requirements to continuously update resilience plans and drive continuous improvement. Additionally, they advance the current state o CMDB and BCM by updating policies, standards and templates as well as defining workflows and integrating business continuity management system practises into change management and IT service management processes and procedures. OR 2)BCP- Partner with IT and business units to update existing impacts, loss scenarios, risks and application recovery plans on regular cadence. They are responsible to ensure that assets and configuration items are correctly tiered and that all dependencies are documented. They are also responsible for documenting backups, alternatives and redundancy plans that drive our systems towards greater resilience OR 3) Cyber Resilience _Responsible for ensuring IT infrastructure, applications and critical technology services including multicloud workloads on AWS, Azure, Google cloud are resilient against disruptions. They lead the execution of technology resilience strategies, enterprise-grade backup and disaster recovery planning and crisis response initiatives to mitigate risks and maintain operational continuity. They will collaborate with IT, cybersecurity, business continuity and risk management teams to architect, deploy and test cloud backups and DR solutions at scale. Additionally they perform tests, exercises, drills, simulations and audits of systems, processes and procedures to ensure adherence to enterprise policies and standards and measure the effectiveness of resilience efforts. Those who have relevant experience and Skills, as mentioned above please revert back your updated resume to Sreenivasa.k@happiestminds.com, It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: DOB: Degree: Regards Sreenivas Sreenivasa.k@happiestminds.com

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program. Responsibilities Include: Work with peers to identify and assess Information Security risks Conduct risk assessments using CME Groups established GIS Third Party Risk Management assessment process Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc. Assist the GIS TPRM function with: Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions Assist in compiling and delivering business and operational metrics at regular intervals Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support Problem Solving: Objectively assess the impact, likelihood, and velocity of identified risks Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers Rapidly analyze complex technical details Synthesize detailed analysis into a big picture view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company Decision Making: Recommend risk treatment decisions Recommend remediation actions when risk mitigation is desired Recommend improvements to methods, instrumentation, training, documentation, and processes Recommend solutions for automating and streamlining GIS TPRM risk management practices Working Relationships: Interacts with peers across all elements of the Technology Division Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Interact occasionally with industry peers from other Systemically Important Financial MarketUtilities(SIFMUs),research organizations, solution providers, etc. Required Experience: Bachelors Degree or equivalent experience Minimum of 4 to 6 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.) Demonstrable knowledge of a broad range of InfoSec technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Additional preferred experience: Demonstrable knowledge of InfoSec risk management methods and practices Experience with operating GRC solutions Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.)

Hi all, We are hiring for the role Information Security Risk Specialist Experience: 7 - 9 Years Location: Bangalore Notice Period: Immediate - 15 Days Skills: Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Skills and Competencies: • Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. • Proven analytical expertise in evaluating and prioritizing risks effectively. • Advanced proficiency in utilizing security tools for risk assessment and mitigation. • Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. • Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. • Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. • Skilled in leading security initiatives and managing projects across global teams. • A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. • An effective team player with exceptional interpersonal and collaboration skills. If you are interested drop your resume at mojesh.p@acesoftlabs.com Call: 9701971793

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself and contribute to creating a better working world for all. As a Manager in Risk Consulting - Protect Tech, specifically focusing on IT Risk Emerging Tech or Cloud, you will have the opportunity to embark on your next adventure. Are you a tech-savvy professional with a risk mindset passionate about leveraging people, technology, and innovation to build a better working world Our dynamic Risk Consulting - Technology Risk team offers an incredible opportunity for you to make a real impact in our rapidly evolving world. You will work in areas such as IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, and IT and Digital Transformations, including ERP, Emerging Tech, and Cloud transformations. By enabling technology to better manage risk, you will collaborate with industry leaders to help transform businesses and address complex challenges with our clients. In this client-facing role within a rapidly growing practice, you will build relationships with key stakeholders, including management executives of globally recognized brands. This role provides a platform to deepen your understanding of complex business transactions, recommend solutions to pressing business challenges, and process inefficiencies. You will collaborate with our global professionals in multidisciplinary engagements to assist major global clients in transforming and sustaining business performance. Leveraging emerging technologies like AI and ML, you will develop and enhance new solutions, actively contributing to building multiple tools and assets for efficient and effective client delivery. By connecting with our market-leading global network, you will gain the experience necessary to excel as an IT Risk Advisor. Key responsibilities include supervising delivery, providing technical and project leadership to team members, building client relationships, delivering quality client services, and driving high-value work products within expected timeframes and budgets. You will monitor progress, manage risks, and ensure key stakeholders are informed about progress and expected outcomes. Additionally, you will understand clients" challenges and industry-related issues, participate in go-to-market activities, create proposals, respond to RFPs, and identify opportunities for cross-selling to current clients. You will travel to client locations for meetings, workshops, and knowledge-sharing sessions, jointly lead global account relationships, manage engagement deliveries, ensure quality, and drive the growth agenda on accounts. As a Manager, you will also manage a team of Seniors and Staff across geographies, foster an innovative and inclusive team-oriented work environment, and play an active role in counselling and mentoring junior consultants within the firm. To qualify for this role, you must have a bachelor's or master's degree and approximately 5-7 years of related work experience, with at least 3-4 years of experience in IT Risk Management focusing on Emerging Tech and Cloud. You should possess knowledge of strategic, IT, and business risks, control gaps, IT regulatory compliances, information security frameworks, IT general controls, IT application controls, business process controls, and risks during Digital Transformations and Cloud migrations. Your exposure to working in client-facing roles, collaborating with cross-functional teams, and strong communication, documentation, and report writing skills are essential. Relevant industry certifications such as CISA, CISM, CISSP, or CCSK are desirable. EY is dedicated to building a better working world by creating long-term value for clients, people, and society while fostering trust in the capital markets. Our diverse teams across over 150 countries leverage data and technology to provide trust through assurance, help clients grow, transform, and operate across various service lines. Join us in asking better questions to find new answers for the complex issues facing our world today.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Technology Transformation Risk Senior, you will play a pivotal role in ensuring that technology transformations within the organization are carried out with a comprehensive understanding and management of the associated risks. You will assist in identifying, assessing, and mitigating risks associated with significant technology changes, such as system upgrades, cloud migrations, and the introduction of new digital tools and platforms. Your role will ensure that technology advancements are implemented securely and in compliance with the company's risk management policies. Key responsibilities: - Assist in conducting risk assessments for technology transformation projects, identifying potential risks and vulnerabilities. - Support the development and implementation of risk mitigation strategies to address identified risks. - Collaborate with project teams to ensure risk considerations are integrated throughout the project lifecycle. - Monitor and report on the status of risk mitigation activities, providing updates to the Technology Transformation Risk Manager and other stakeholders. - Participate in the creation and maintenance of risk documentation, including risk registers, reports, and dashboards. - Contribute to the development of risk management policies, procedures, and training materials. - Engage with internal and external stakeholders to communicate risk findings and recommendations. - Stay informed about emerging technology trends, threats, and regulatory requirements that may impact the risk landscape. - Support the Technology Transformation Risk Manager in fostering a culture of risk awareness and proactive risk management within the organization. To qualify for the role, you must have a Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field, along with a minimum of 3 years of experience in technology risk management, with a focus on transformation projects. A strong understanding of IT governance frameworks, cybersecurity principles, and data privacy regulations is required. Desired experience includes internal controls within SAP ECC/S4 Applications, professional certifications such as CRISC, CISM, CISSP, or equivalent are highly desirable, and exposure working in client-facing roles with cross-functional teams. EY exists to build a better working world, helping to create long-term value for clients, people, and society, and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

OT Security Manager Bachelor s Degree in Computer Science or equivalent Additional qualifications such as CEH, CISSP, CISM, OSCP/LPT would be an advantage Min 3 years of experience in core Information Security function Min 8 years working experience in manufacturing facility on OT systems. Work Experience Relevant Experience: Deep understanding of OT systems, protocols, and architectures, including SCADA, DCS (Distributed Control Systems), PLC (Programmable Logic Controllers), and HMI (Human Machine Interface). Knowledge of OT-specific security standards and best practices, such as IEC 62443, NIST SP 800-82, and ISA/IEC 62451. Experience with OT security technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM), and endpoint protection. Strong analytical and problem-solving skills to assess and mitigate OT security risks. Certifications such as Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA), or GIAC Global Industrial Cyber Security Professional (GICSP) are preferred. Experience in industries with critical infrastructure, such as energy, utilities, manufacturing, or transportation, is highly desirable. Education Graduation in Computer Science or Information Technology Competencies Developing Talent Innovation & Creativity Result Orientation Strategic Agility Process Excellence Customer Centricity Collaboration Stakeholder Management

RDQ326R15 We are looking for experienced Incident Handlers with cross functional skills, domain expertise and communication skills. Our mission is to respond to security threats, incidents and investigations to protect our customers, employees and enterprise data in a fast, efficient and standardized manner. You will report to the Head of Incident Response in the Security Org. You will be responsible for leading incidents, investigations and security initiatives from postmortems in the EMEA or APAC timezone. You will be a security multiplier and help the team improve security incident handling at Databricks. The impact you will have: You will run Security & Privacy Investigations which will require you to engage with different stakeholders and communicate investigations to Security leadership and work towards incident resolution. Respond to new incidents as part of a distributed daytime operations and on-call schedule. Handle SEV-1s and SEV-0s independently, potentially with leadership support for SEV-0s. You can guide investigations with multiple teams across multiple organizations, to gain traction and tradeoff to resolve issues. You can handle incomplete incident context, and choose best solutions with limited or incomplete information. Partner and build relationships with Engineering and Security teams to contain and mitigate risks during incidents Lead blameless incident postmortems and identify root causes, including systemic issues. Identify, get commitment for, and follow up on projects identified in the postmortem process. What we look for: Strong oral and written communication skills, customer centric attitude and ability to work in a culturally diverse environment. 5+ years of experience in Incident Management Systems or certifications like CISM,GSEC, CISSP or PMP. Program management skills, including prioritization and dealing with ambiguous requirements. You have experience to balance short term/ tactical follow ups and track long term improvements across multiple teams. Experience with technical concepts of cloud security, data ecosystem and the Incident Response process lifecycle. Understand industry wide security terms and models : NIST,ISO/IEC 27001, OWASP, MITRE ATT&CK for Cloud Enterprise. Proven ability to build relationships and propel momentum with clients and stakeholders Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https: / / www.mybenefitsnow.com / databricks . About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide including Comcast, Cond Nast, Grammarly, and over 50% of the Fortune 500 rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark , Delta Lake and MLflow. To learn more, follow Databricks on Twitter , LinkedIn and Facebook . Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https: / / www.mybenefitsnow.com / databricks . Our Commitment to Diversity and Inclusion . Compliance If access to export-controlled technology or source code is required for performance of job duties, it is within Employers discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

No. of Positions 01 Education Bachelor s degree in Information Technology, Computer Science, or a related field. A Master s degree or MBA is preferred. Experience At least 15 years of progressive experience in IT management, with at least five years in a senior leadership role (e.g., CTO, VP of IT). Job Overview The primary focus of this role will be to manage the internal IT infrastructure, systems, and operations of the organization. The role involves managing and optimising the company s information systems to facilitate business processes and operations. It is essential to ensure that technology aligns with the organization s objectives, enhances operational efficiency, and plays a key role in minimizing potential risks, thereby ensuring the company s stability and security. Job Responsibilities The Chief Information Officer (CIO) is responsible for supervising the IT strategy and operations within the organisation. The CIO plays a crucial role in ensuring that IT initiatives align with the business objectives, facilitating efficient operations, and bolstering the organisation s competitive standing. Moreover, the CIO provides leadership to the IT department, oversees technology investments, and ensures the implementation of robust cybersecurity measures. Technology Strategy & Leadership: Develop and implement a comprehensive technology strategy aligned with the organisation s business goals. Provide leadership and direction for the IT department, ensuring that all initiatives align with the company s overall strategy. Stay updated on emerging technologies and assess their potential impact on the organisation. IT Operations Management: Oversee the day-to-day operations of the IT department, ensuring efficient and reliable systems. Manage IT infrastructure, including networks, servers, and enterprise applications. Please make sure the availability, reliability, and performance of IT systems to meet business needs. Cybersecurity & Risk Management: Develop and implement a cybersecurity strategy to protect the organisation s data and systems. Ensure compliance with relevant regulations and industry standards. Lead risk management efforts related to IT, including disaster recovery planning and business continuity. Budget & Resource Management: Develop and manage the IT budget, ensuring cost-effective investments in technology. Oversee vendor relationships, negotiate contracts, and manage service agreements. Ensure the efficient allocation and use of IT resources. Team Development & Leadership: Recruit, develop, and retain top IT talent. Foster a culture of innovation, collaboration, and continuous improvement within the IT team. Provide mentorship and leadership to IT staff, promoting professional growth. Stakeholder Engagement & Communication: Collaborate with other executives to understand and translate business needs into IT initiatives. Communicate technology strategies and initiatives to stakeholders, including the board of directors and senior management. Serve as a liaison between IT and other departments to ensure alignment and support. Desired Skills Certifications: Relevant certifications such as CISSP, CISM, or PMP are a plus. Strong understanding of IT infrastructure, systems architecture, and enterprise applications. Proven experience in developing and implementing technology strategies that align with business objectives. Deep knowledge of cybersecurity principles, risk management, and regulatory compliance. Excellent leadership, communication, and interpersonal skills. Ability to manage complex projects and drive change in a dynamic environment. Strong financial acumen and experience managing large budgets.

Your role We are looking for an experienced Cloud Security Consultant/Lead/Architect with expertise in Azure /AWS to join our team with 4+ years of experience . If you are passionate about cloud security and have hands-on experience with CNAPP tools and Microsoft Azure environments, wed love to hear from you. Manage, update, and enhance security policies across various cloud assets in Microsoft Azure. Improve and optimize security configurations within CNAPP tools in alignment with the customers ISMS (Information Security Management System). Provide expert-level knowledge of Microsoft CNAPP, cloud security frameworks, and integration with SOC tools. Support cloud analysts in alert analysis, remediation planning, and incident response. Assist team leads in preparing weekly and monthly security reports. Ensure continuous monitoring and compliance using CSPM, CWPP, and CASB tools. Collaborate with cross-functional teams to maintain a secure cloud infrastructure. Maintain documentation and audit trails for security configurations and changes. Recommend and implement security best practices for cloud-native applications. Utilize Office 365 tools (Excel, Word, PowerPoint) for reporting and documentation. Your profile Azure/AWS Cloud Security CSPM (Cloud Security Posture Management) / CWPP(Cloud Workload Protection Platform) CASB (Cloud Access Security Broker) / Microsoft CNAPP(Cloud-Native Application Protection Platform) Integration withSOC Tools Cloud Security Monitoring & Reporting What you"ll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work on cutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges. Location - Coimbatore,Gurugram,Noida,Chennai,Mumbai,Pune,Hyderabad,Bengaluru

Line of Service Advisory Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency. These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications. You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: We are looking for an experienced Cloud Security Lead with deep technical expertise in Zscaler (ZIA/ZPA) and Fortinet security solutions. The ideal candidate will play a key role in architecting, implementing, and managing secure cloud on-prem and internet access strategies, supporting enterprise-wide digital transformation and security posture enhancement. Responsibilities: Zscaler Security Operations Design, implement, and manage Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions. Configure SIPA (Secure Internet & Private Access) policies for optimized secure remote and internet access. Perform regular reviews, audits, and optimization of Zscaler configurations to align with industry best practices. Provide technical support and guidance to L1 and L2 teams for Zscaler-related issues. Stay up to date on Zscaler enhancements, threat intelligence, and security features to ensure proactive defense. Fortinet and Network Security Implement and manage Fortinet firewall and security solutions for perimeter and cloud-based infrastructure. Configure Fortinet firewalls to support SD-WAN, secure edge, and hybrid cloud environments. Work closely with networking teams to design secure network topologies integrating Fortinet technologies. Cloud Security and Compliance Design and assess cloud-native security architectures for AWS, Azure, or GCP environments. Conduct cloud security assessments, vulnerability scans, and risk remediation. Align security strategies with industry standards like ISO 27001:2022, SOC 2, HIPAA, GDPR, and CIS v3.0.0. Assist in external security audits and privacy assessments related to cloud workloads. Collaboration and Strategy Collaborate with cross-functional teams (Security, IT, DevOps, Engineering) to embed security into cloud and network initiatives. Act as a Subject Matter Expert (SME) for Zscaler and Fortinet technologies in solution design and customer engagements. Maintain documentation on security controls, configurations, SOPs, and incident response playbooks. Required Skills and Qualifications: Experience in network and cloud security domains. Proven hands-on experience with Zscaler ZIA/ZPA design, implementation, and operations. Strong working knowledge of Fortinet firewalls and FortiManager, FortiAnalyzer. Experience with SD-WAN, SDN, VPNs, and secure web gateway technologies. Strong understanding of network security principles, SIEM, threat intelligence, and incident response. Knowledge of cloud compliance standards and risk frameworks (NIST, CIS, ISO). Excellent communication skills and ability to work in cross-functional environments. Strong documentation, presentation, and stakeholder management skills. Experience in SOC environment will be a plus Mandatory skill sets: Zscaler ZIA / ZPA / SIPA Fortinet FortiGate / FortiManager / FortiAnalyzer SIEM platforms (Splunk, QRadar, etc.) Firewall platforms: Fortinet, Palo Alto, Check Point, Juniper Security Frameworks: ISO 27001, NIST, CIS Controls, HIPAA, GDPR Preferred skill sets: Zscaler Certified Professional - ZIA/ZPA Fortinet Certified Professional (FCP) CISSP / CCSP / CISM Cloud Security certifications (AWS/Azure/GCP Security Specialty) Years of experience required: 5-8 Years of experience Education qualification: Graduate Engineer or Management Graduate Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Master Degree, Bachelor Degree Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Splunk Administration Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Analytical Thinking, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Communication, Creativity, Documentation Development, Embracing Change, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Learning Agility, Optimism, Performance Assessment, Performance Management Software {+ 16 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Available for Work Visa Sponsorship Government Clearance Required Job Posting End Date

Job Description: GRC AEM(Assessment & Exception Management) Skill set -> 3.5-6 years of experience working in Global Risk and Compliance domain. Required Qualifications Degree in computer science, engineering, IT or equivalent technical degree. Certification preferred: ISO - 27001, CISA and CISM. Preferred Qualifications In-depth knowledge with at least 3-5 years of experience working Global Risk and Compliance domain. Strong communication skills working with users across globe on Information Security best practices exception, assessments and audit modules. ISO-27001, CISA, CISM certifications a plus. o Working shift -> 4:45pm to 1:15am At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We re committed to fostering an inclusive environment where everyone can thrive. Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

Work Flexibility: Hybrid What You will do: Administer user access and authorization within SAP or JDE systems. Implement and uphold security policies and guidelines for SAP environments. Conduct regular security audits and assess vulnerabilities in the systems. Investigate and respond to security incidents, collaborating with IT and security teams. Stay informed on SAP or JDE security trends and recommend necessary enhancements. Maintain documentation of security configurations and provide training on best practices. What You will Need: Bachelors degree in Computer Science, Information Security, or a related field. 4 to 6 years of experience in SAP/JDE security administration, ideally within a complex enterprise setting Excellent problem-solving skills to analyze complex security issues. Proficiency in SAP or JDE security best practices. Experience with security audits and vulnerability assessments. Knowledge of compliance standards such as GDPR and SOX . Professional certifications in JDE security administration (e.g., Oracle Certified Professional) and/or cybersecurity (e.g., CISSP, CISM) are a plus. Travel Percentage: 10%

Lead security architecture and GRC initiatives across IT, OT, cloud, and hybrid environments. Perform risk assessments, enforce security standards, and integrate controls across platforms (Cisco, Palo Alto, AWS, Azure). Required Candidate profile 8–15+ yrs experience with NIST, ISO, CIS; scripting; cloud security. Relevant certs: CISSP, CCSP, SABSA, CCIE, PCNSE, AWS/Azure Security.

Are you passionate about integrating complex software systems and troubleshooting technical issuesDo you want to contribute to the development and evolution of strategic platformsAre you motivated to work in a complex, global environment where ideas are valued, and effort is appreciated We are looking for an Integration Engineer to join our team and help us to: integrate Attribute Based Access Control software with various Credit Suisse (CS) and UBS systems (Active Directory, Entitlement System, Data Catalogue, etc) (35%) troubleshoot software issues at Level 3, collaborating with internal teams, vendors, and other CS/UBS teams (network, cloud, security, IT on business side) (25%) conduct research and hands-on learning with different technologies (DBs, Cloud services, Application Solutions) across on-prem, Azure, and SaaS (25%) prepare and automate upgrades of vendor software on platforms like Azure Kubernetes Services and OpenShift (5%) prepare and automate building software and necessary elements (rpm, msi, ARM/Terraform) for test environments (Azure cloud, Linux/Windows/Citrix servers) (5%) improve and maintain CI/CD pipelines (GitLab, Azure DevOps pipelines, Jenkins) (5%) You will join a dynamic team responsible for integrating and maintaining complex software systems. Our team collaborates with various departments and technical teams worldwide, ensuring seamless integration and high-quality solutions. We work during standard European hours and focus on delivering secure, available, and high-performance solutions. ideally 8+ years of experience in IT, preferably in an enterprise or corporate environment experience with Continuous Integration (CI) and Continuous Deployment CD understanding of information security concepts (Data Protection, DLP, IRM, Identity and Access Management, Cryptography) both on-prem and in the cloud familiarity with Data Protection, Data Scanning, and Data Catalogue products and technologies experience in designing and engineering new IT services at scale experience in global rollout of new enterprise-wide services and integration of vendor products experience working with regulatory requirements (eg, GDPR, FINMA, MAS) security certifications such as CISSP, CISA, CSSLP, CISM, CCSP

Required Skills Technology | Sentinel SIEM Tool Administrator | Level 2 Support Technology | Securonix SIEM Tools Administrator | Level 2 Support Technology | ArcSight SIEM Tools Administrator | Level 2 Support Technology | Network Security Administrator | Level 2 Support Education Qualification : B.Sc Certification Mandatory / Desirable : Technology | Microsoft Certified: Security, Compliance, and Identity Fundamentals / CISSP/CISM/CEH/GIAC Certified Incident Handler/Certified SOC Analyst (CSA)/CompTIA Cybersecurity Analyst (CySA+)/Cisco Certified CyberOps Associate Delivery Skills required are: - Technical Skills: - *Identifying and analyzing potential threats and vulnerabilities using various tools and techniques. *Leading and managing the response to security incidents, including containment, eradication, and recovery. *Implementing and maintaining security monitoring systems, such as SIEM (Security Information and Event Management) tools. *Prioritizing and remediating vulnerabilities based on risk assessments. Operational Skills: - *Developing, implementing, and enforcing security policies, standards, and procedures. *Managing and maintaining secure configurations for systems, networks, and applications. *Overseeing the timely application of security patches and updates to systems and software. Analytical Skills: - *Analyzing logs and event data from various sources to identify patterns and anomalies. *Utilizing advanced analytics to detect and investigate security incidents. *Conducting digital forensics investigations to uncover evidence of security breaches. Collaboration and Teamwork: - *Collaborating with other IT and security teams to enhance the organization s security posture. *Coordinating response efforts during security incidents with internal and external stakeholders. *Leading incident response teams and ensuring effective communication and collaboration.

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program. Responsibilities Include: Work with peers to identify and assess Information Security risks Conduct risk assessments using CME Groups established GIS Third Party Risk Management assessment process Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc. Assist the GIS TPRM function with: Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions Assist in compiling and delivering business and operational metrics at regular intervals Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support Problem Solving: Objectively assess the impact, likelihood, and velocity of identified risks Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers Rapidly analyze complex technical details Synthesize detailed analysis into a big picture view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company Decision Making: Recommend risk treatment decisions Recommend remediation actions when risk mitigation is desired Recommend improvements to methods, instrumentation, training, documentation, and processes Recommend solutions for automating and streamlining GIS TPRM risk management practices Working Relationships: Interacts with peers across all elements of the Technology Division Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Interact occasionally with industry peers from other Systemically Important Financial MarketUtilities(SIFMUs),research organizations, solution providers, etc. Required Experience: Bachelors Degree or equivalent experience Minimum of 1 to 3 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.) Demonstrable knowledge of a broad range of InfoSec technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Additional preferred experience: Demonstrable knowledge of InfoSec risk management methods and practices Experience with operating GRC solutions Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.)

Job Title: Senior Manager Information/Cyber Security Job Location: Pune / Bangalore / Mumbai Job Summary: We are looking for a seasoned professional in Information/Cyber Security to be part of the Digital Trust and Security team at Capgemini Invent This role requires a resource who is experienced in managing client-facing cybersecurity programs, providing strategic advisory, and enhancing security capabilities within the organization. Key Responsibilities: Client Advisory & Leadership: Lead cybersecurity engagements for clients, and providing strategic direction and ensuring alignment with their business and security goals. Program Oversight: Manage the delivery of multiple cybersecurity projects, ensuring high-quality service, timely execution, and compliance with client expectations. Risk Management & Compliance: Oversee risk assessments for clients and ensure the implementation of security controls that meet industry standards (ISO 27001, NIST, GDPR, etc.). Team Development: Mentor and develop the internal cybersecurity team, fostering a culture of continuous improvement and ensuring the team is equipped to handle evolving client needs. Stakeholder Engagement: Collaborate with senior client stakeholders, including C-level executives, to communicate security risks, program progress, and recommend improvements. Innovation & Thought Leadership: Drive the adoption of new security technologies and best practices, positioning the organization as a thought leader in cybersecurity services. Business Development & Solutioning: Lead the development of cybersecurity solutions tailored to client needs, aligning with emerging threats and industry trends. Collaborate with sales and account teams to identify new business opportunities and expand client relationships through cybersecurity offerings. Develop and present compelling proposals, including RFP/RFI responses, for cybersecurity services. Engage in pre-sales activities, providing expertise and thought leadership to support business development efforts. Drive solution architecture and proposal strategies for large-scale cybersecurity projects to win new business. Required Skills and Qualifications: Master’s degree in Information security, Cybersecurity, Information Technology , or a related field. 10-15 years of experience in Information/Cybersecurity , with at least 7 years in a client-facing leadership role within a consulting environment. Deep understanding of cybersecurity frameworks (e.g., ISO 27001, NIST etc.) and regulatory standards (GDPR, HIPAA, PCI-DSS etc.). Proven track record in managing complex security programs for large clients, including risk management, cloud security, incident response , and compliance management . Certifications such as CISSP, CISM, CRISC, CISA, or PMP are highly preferred. Personal Attributes: Strong leadership and team-building skills, with a focus on mentoring and developing the next generation of cybersecurity leaders. Excellent communication and presentation skills, with the ability to influence senior stakeholders at client organizations.

Cybersecurity Engineer + Analyst (Hybrid Chandigarh / Mohali) Infinity Healthcare Solutions, LLC is expanding its cybersecurity operations and is actively seeking a highly skilled and motivated Cybersecurity Engineer + Analyst to join our team. This role is designed for professionals who bring both deep technical engineering expertise and analytical skills to secure enterprise infrastructure, identify vulnerabilities, and respond to evolving cyber threats. This position will work at the intersection of IT security architecture, incident response, risk management, and compliance operations to ensure the security and integrity of our organizations data and systems. Key Responsibilities: Security Operations & Monitoring: Monitor infrastructure, networks, and cloud environments using SIEM tools (e.g., Splunk, Microsoft Sentinel) Identify, investigate, and respond to real-time alerts and security incidents Analyze logs and network traffic to detect anomalies and unauthorized activities Perform deep-dive forensic analysis and root cause investigations on security events Incident Response & Threat Management Lead and execute end-to-end incident response processes including containment, eradication, and recovery Maintain incident response playbooks, runbooks, and documentation for various threat scenarios Collaborate with cross-functional teams to remediate vulnerabilities and improve incident readiness Stay up to date with the latest threats, vulnerabilities, zero-day exploits, and malware campaigns Security Engineering & Hardening Manage and configure endpoint protection, firewalls, IDS/IPS, and other security controls Assist in the secure deployment and configuration of cloud environments (AWS, Azure, GCP) Evaluate and implement security tools and automation for risk mitigation Apply industry best practices to harden systems and reduce attack surfaces Governance, Risk & Compliance Perform routine risk assessments, internal security audits, and gap analysis Ensure adherence to regulatory and compliance standards: ISO 27001, NIST, SOC 2, GDPR Support internal and external audits by preparing documentation and evidence Develop and maintain security policies, procedures, and technical documentation IAM & Access Controls Manage Identity and Access Management (IAM), including user provisioning, role-based access, MFA Enforce least privilege and zero-trust principles across all systems and environments Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field Minimum 3 years of hands-on experience in cybersecurity operations, security engineering, or threat analysis Proficient with SIEM, IDS/IPS, EDR, antivirus, and endpoint security platforms Solid understanding of network protocols, firewalls, routing, and segmentation Practical knowledge of security for cloud platforms (AWS, Azure, or GCP) Experience working with IAM, RBAC, MFA, VPNs, and secure access controls Strong documentation and reporting skills; ability to communicate technical issues clearly Preferred Skills & Tools: Familiarity with MITRE ATT&CK, CIS Controls, OWASP Top 10 Experience using tools such as Wireshark, Nmap, Nessus, CrowdStrike, Qualys Scripting or automation experience (e.g., PowerShell, Python, Bash) is a plus Familiarity with DevSecOps practices is desirable Preferred Certifications (Any): CEH Certified Ethical Hacker CompTIA Security+ CISSP Certified Information Systems Security Professional CISA, CISM, or other GIAC certifications Why Join Us: Opportunity to work in a security-first environment with global impact Collaborative, forward-thinking team culture Exposure to enterprise-grade cloud security architecture and compliance frameworks Career development.

Implement security strategy, policies & controls.Oversee risk, vendor security, BCDR, vulnerability remediation & AppSec.Drive compliance, training,audits,and continuous improvement.GRC tool expertise,ISO27001 Implementer/Auditor,CGRC/BCMS preferred.