827 Cissp Jobs

RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelors degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelors degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelors degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelors degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

RESPONSIBILITIES: Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors. Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts. Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise. Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned Collaborate using information and knowledge sharing networks and professional relationships. Education and Experience: Bachelors degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelors degree Relevant certifications (CISSP, SANS GIAC, CEH, etc.) REQUIREMENTS: Threat analysis and/or incident response experience Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc. Experience working with EDR tools Experience with a SIEM-type platform Experience performing analysis and correlation of log data and forensic artifacts from multiple sources. Must be proficient, verbally and in writing with the English language.

About Deutsche Brse Group: Deutsche Brse Group, headquartered in Frankfurt, Germany, is a prominent international exchange organization and market infrastructure provider. The organization empowers investors, financial institutions, and companies by facilitating access to global capital markets. The India center, located in Hyderabad, serves as a pivotal strategic hub and houses India's top-tier tech talent. The focus lies on developing advanced IT solutions that enhance market infrastructure and services. The team at Deutsche Brse Group in India, comprising capital market engineers, forms the backbone of financial markets worldwide. Senior Lead IAM Engineer Your career at Deutsche Brse Group: Ensuring security is of utmost importance to support DBG's business operations. The Group Security department adheres to the ISO 27000 framework and meets the relevant requirements for financial service providers. This approach safeguards information assets in terms of confidentiality, integrity, authenticity, and availability. Identity and Access Management (IAM) play a crucial role in ensuring that only intended and authorized users have access to requisite IT resources, thereby upholding the least privileged principle. Standard industry solutions are utilized for implementation across On-Premises and cloud applications. Automated processes are in place to maintain these standards even during organizational adjustments. Area of work: The Identity Access Management Specialist is tasked with developing, maintaining, and enhancing the Identity and Access Management landscape within Deutsche Brse Group. The candidate is responsible for ensuring compliance with external regulations, internal policies, and relevant IAM processes. Your responsibilities: - Deliver sprint tasks aligned with the strategic plan for Cloud IAM domains. - Integrate CIEM capabilities with the central IAM tool. - Design lifecycle processes for service accounts/principals and establish corresponding governance. - Ensure compliance with regulatory requirements and internal security standards through effective access policies. - Collaborate with cross-functional teams to integrate IAM/PAM solutions into the existing infrastructure. - Conduct regular access reviews and enforce the Least Privilege (LoP) principles. - Create and maintain comprehensive documentation for IAM/PAM. - Offer guidance to teams on IAM/PAM-related matters and support in Audit activities. Your profile: - Bachelor's/master's degree in information technology or equivalent. - Minimum of 5 years of experience in Identity and Access Management (IAM) projects, preferably in Cloud IAM. - Proficiency in at least one commonly used (on-premises/SaaS) IAM and/or PAM solution such as SailPoint IIQ, CyberArk, MS Entra ID, etc. - Hands-on experience with GCP and/or MS Azure IAM services is essential. - Knowledge in Secrets Management, Cloud Infrastructure Entitlement Management (CIEM), Zero Trust would be advantageous. - Experience in handling IAM/PAM related Audits is desirable. - Experience in CI/CD pipeline, Project management is desired. - Ability to structure options and present proposals for next steps to senior management. - Proactive thinking and self-paced work on solutions is valued. - Fluency in English; German proficiency would be an added advantage. - Good to have: CISSP, CISM, GCP/Azure certifications or IAM/PAM tool-specific certifications. - Strong analytical and problem-solving skills. - Proficient in presentation and documentation.,

The Senior Administrator for Vulnerability Management plays a critical role in ensuring the organization's security posture by providing advanced technical support and troubleshooting. This role is pivotal in managing complex incidents, conducting root cause analysis, and implementing effective solutions to enhance customer satisfaction and operational efficiency. Key Responsibilities: - Adhere To Quality Standards, Regulatory Requirements, And Company Policies In All Vulnerability Management Processes And Activities. - Provide Advanced Technical Support For Complex Incidents Related To Vulnerability Management, Performing Root Cause Analysis And Implementing Solutions For Technical And Security Issues. - Conduct Knowledge Base Updates And Management, Train And Coach Analysts And Fresher Team Members To Foster A Culture Of Continuous Improvement. - Resolve Complex Vulnerability Management Tickets Within Agreed SLAs, Collaborating With Cross-Functional Support Teams To Ensure Seamless Operations And Robust Security Posture. - Enhance Customer Experience And CSAT Metrics Through Effective First Call Resolution Strategies, Minimizing Rejected Resolutions And Re-Open Cases While Proactively Mitigating Security Threats. Skill Requirements: - In-Depth Knowledge And Experience In Vulnerability Management Tools And Techniques. - Strong Understanding Of Security Protocols, Incident Management, And Root Cause Analysis Methodologies. - Proficiency In Troubleshooting Complex Technical Issues And Providing Effective Solutions. - Excellent Communication And Training Skills For Mentoring And Knowledge Sharing. Certification: - Optional But Valuable Certifications: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Or Similar Relevant Certifications In Security And Vulnerability Management. Skill (Primary): Cyber Security-SecOT-OT/ICS /IIOT SECURITY Auto req ID: 1594767BR Skill Level 3 (Secondary Skill 1): Cyber Security-Tools & Others-VULNERABILITY MANAGEMENT SERVICE No. of Positions: 1,

As a Cybersecurity professional specializing in Third Party Risk Management (TPRM), you will utilize your expertise and skills to ensure the security of third-party relationships. With over 4 years of experience in TPRM and a strong background in IT Audits and Cloud security, you will play a crucial role in managing risks associated with external vendors and suppliers. Your responsibilities will include implementing and conducting audits based on ISO22301 standards, as well as assessing and mitigating risks related to third-party relationships. Preferred certifications such as CBCI, CBCP, ISO22301 LI or LA, Offensive Security Certified Professional, and CISA will be valuable assets in this role. Your understanding of vendor risk management considerations and knowledge of Data Protection & Privacy risks will be essential in developing and implementing relevant control frameworks. Excellent written and verbal communication skills, along with the ability to create comprehensive documentation and engaging presentations, will be key in effectively communicating risk-related information. Your motivation to work in both local and global environments, as well as your experience in Infrastructure/Application Security, IT Audit, and Information Risk Management, will contribute to the success of our cybersecurity initiatives. Moreover, possessing security certifications like CISSP, CISA, CISM, CEH, and ISO27001 will further enhance your qualifications for this role. Your ability to thrive in a cross-functional, cross-cultural matrix environment, coupled with your proactive approach to cybersecurity, will make you a valuable asset in our team dedicated to safeguarding our organization against cyber threats.,

Build the future of the AI Data Cloud. Join the Snowflake team. As the Security Risk and Compliance Analyst (Customer Trust), you will: Complete security questionnaires (e.g. SIG, CAIQ) for prospects and customers based on company security and infrastructure controls. Respond to RFPs/RFIs related to security and compliance, ensuring accurate and timely completion. Respond to customer inquiries about the company's security and compliance obligations and documentation. Assist with internal/external audit evidence collection. Become an expert on Snowflake's security features and best practices for customer deployment. Collaborate with Snowflake Sales, Product, Legal, and Privacy teams to address security, privacy, data protection risks, and compliance requirements for customer inquiries. Participate in sales calls to discuss Snowflake's security and compliance capabilities. Collaborate with the Global Security Team to improve policy and procedure documentation. Our ideal Security Risk and Compliance Analyst will have: Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance-related concepts to a broad range of technical and non-technical staff. Relevant experience that demonstrates his or her ability to handle the assigned responsibilities. Ability to identify processes needing improvement and to recommend improvements. Ability to collaborate cross-functionally and across different time zones (PST, EST, etc.). Experience with NIST 800-53. 5+ years of hands-on technical audit experience in the areas of PCI, HIPAA, SOC2, or ISO. Achievements that demonstrate the candidate is extremely detail-oriented. Previous role that requires exceptional organizational skills. Bonus points for experience with the following: AWS, Azure, Google Cloud, or other major Cloud Service Provider experience. Project or program management experience. Experience with a Software as a Service / Cloud solution. Database experience, including SQL. CISSP or other Information Security certifications. Snowflake is growing fast, and we're scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake. How do you want to make your impact For jobs located in the United States, please visit the job posting on the Snowflake Careers Site for salary and benefits information: careers.snowflake.com.,

Designation: Head - IT & Cybersecurity Location: Mumbai About the client: PSS has been mandated to hire a Head of IT & Cybersecurity for a leading player in the flexible packaging industry. Qualification: Computer Science/Information Technology Graduate. Masters degree preferred. Relevant certifications such as CISSP, CISM, or CISA is highly desirable. Experience: 15-25 years of progressive experience CTC budget: 40-50 LPA Fixed Reporting to: Managing Director Responsibilities Strategic Leadership: Develop and communicate a comprehensive information and operational technology security strategy tailored to address the specific vulnerabilities and threats identified within the organization. Establish clear security objectives and key performance indicators (KPIs) to measure progress and effectiveness in improving the security posture, including both IT and OT environments. Immediate Risk Assessment and Mitigation: Conduct a thorough risk assessment to identify and evaluate the current security threats and vulnerabilities across both IT and OT systems. Prioritize and implement immediate actions to mitigate critical risks and vulnerabilities, leveraging both in-house resources and external expertise as needed, with a strong emphasis on securing OT environments. Policy and Compliance Overhaul: Review and revamp existing security policies and procedures to align with industry best practices and regulatory requirements, ensuring they encompass both IT and OT security considerations. Develop a robust compliance framework to ensure ongoing adherence to security standards and legal obligations, including regular audits and reviews of OT systems. Incident Response and Recovery Enhancement: Establish and maintain an enhanced incident response plan with clear roles, responsibilities, and communication protocols for handling security breaches in both IT and OT domains. Lead efforts to investigate past breaches, understand root causes, and implement measures to prevent recurrence, particularly focusing on vulnerabilities specific to OT systems. Security Awareness and Training: Implement a comprehensive security awareness and training program for all employees, including those involved with OT systems, to foster a culture of security consciousness. Conduct regular training sessions and simulations to prepare staff for potential security incidents and ensure they understand their role in safeguarding both IT and OT environments. Infrastructure and Technology Upgrades: Evaluate and upgrade existing IT and OT infrastructure and security technologies to address identified weaknesses and enhance overall security defenses. Implement advanced security measures such as multi-factor authentication, intrusion detection systems, and data encryption, ensuring they are adapted for OT systems where applicable. Collaborative Security Culture: Foster collaboration across departments to integrate security considerations into all business processes and decision-making, with a focus on bridging IT and OT security practices. Engage with stakeholders at all levels to ensure buy-in and support for security initiatives and changes, emphasizing the importance of OT security. Continuous Monitoring and Improvement: Establish a continuous monitoring program to detect and respond to security threats in real-time, covering both IT and OT systems. Regularly review and update security strategies and measures based on evolving threats and technological advancements, ensuring OT systems are included. Vendor and Third-Party Security Management: Assess and manage the security posture of third-party vendors and partners to ensure they meet the organization&aposs security standards, including those related to OT. Establish contracts and SLAs that enforce security requirements and facilitate regular security assessments of third-party interactions, particularly those involving OT systems. Show more Show less

2-3 years IT audit experience in Domain like ITGC, Cyber Security, SOC 2, Application and IT security Infrastructure and IT Regulatory compliance Proficient in assessing IT-related risk and controls review Familiarity with IT regulatory requirements related to information security of regulators such as RBI, IRDA, SEBI and other IT Standards Educational Professional Credentials Working IT audit experience in role of lead or IT audit team member. Bachelor's/Master's degree in Engineering such as IT, Computer Science etc. Having one IT Security certification such as CISA, ISO 27001, CISSP, CISM, CCSK etc. Required Knowledge Skills Excellent written and verbal communication skills.

2 - 5 years of experience in Information Security and Compliance in medium to large-sized companies. Good Understanding of Technology Risk Assessment Frameworks and Application risk Assessment. Good Understanding and hands on experience on PCI DSS Standard and various PCI compliance is must. Experience of working in the Banking or Payment sector is preferred. Hands-on experience with various Audits and Standards Such as ISMS, SSAE 18, ISO 27001, ISO 31000, ISO 22301, CSA Star, NIST Risk framework, PCI DSS, PCI 3DS, PCI PA-DSS/SSF, PCI S3 etc. Experience of Vendor Risk Assessment and responding to client Request for Proposal (RFP). Excellent written and oral communication and penchant for technical documentation Educational & Professional Credentials Bachelor of Technology (BE/ B. Tech) or ME in Computer Science, MCA or equivalent. Good to have Information Security Certifications like CISA, CISM, CISSP etc. Required Knowledge & Skills Work with internal and external stakeholders to assess the IT architecture or proposed IT architecture solutions to identify the risk areas with regards to PCI controls. Assess the network architecture and or reviews the Firewall rulesets, Network devices/appliances to see if they are aligned with the PCI control requirements and recommends compensatory controls where necessary. Execute operational activities to support audit and compliance activities including technical validation processes. Conduct PCI DSS scoping engagements, gap analysis and assessments related to securing the Cardholder Data Environment. Effectively multi-tasks on multiple assignments and deliverables. Actively accepts individual and team responsibilities to meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals. Discuss the SOP document with all relevant stakeholders - right from process owner to the BU functional heads Detailed understanding of SOC reports (SOC2, Type 1, 2), ISMS reports and ability to relate the IT General Controls, IT Application Controls, Cyber Controls to the SOC framework. Develop and Maintain Vendor Risk Management /Third Party Risk Management Program including Vendor Onboarding Audit, Periodic Vendor Assessment, Maintain TPRM Database. Review and implement controls and policies as per RBI and other regulatory requirements. Maintain ISMS framework, evaluate effectiveness of implemented controls and provides recommendations for improvement. Facilitate Client Due - Diligence in collaboration with Business. Develop and Maintain Enterprise Risk Assessment framework. Perform Internal Assessment against various Standards to ensure the established policies are being followed and prepare internal reports. Contract review and providing responses to client Request for Proposal (RFP)

Job Title: Manager Cyber Security. Location: Bengaluru, India. Department: Information Security / IT. Reports to: Chief Information Security Officer (CISO) / IT Director. Job Summary: We are seeking a highly skilled and experienced Cyber Security Manager to lead our cybersecurity initiatives and ensure the security and integrity of the organization's information systems. The Cyber Security Manager will be responsible for overseeing the design, implementation, and management of comprehensive security programs, including threat detection, incident response, and vulnerability management. The ideal candidate will have a deep understanding of cybersecurity best practices, emerging threats, and compliance requirements, and will lead a team of security professionals to safeguard the organization from cyber risks. Key Responsibilities:. Security Strategy & Leadership:. Develop and implement the organizations cybersecurity strategy in alignment with business objectives and regulatory requirements. Lead and manage the cybersecurity team, providing guidance, mentoring, and performance management. Collaborate with senior leadership and key stakeholders to define security policies, standards, and procedures. Monitor emerging security threats and vulnerabilities and adjust strategies accordingly to mitigate risks. Risk Management & Compliance:. Identify and assess security risks to the organizations IT infrastructure, applications, and data. Ensure compliance with relevant security regulations, standards, and frameworks (e g, ISO 27001, GDPR, PCI-DSS, NIST). Conduct risk assessments, penetration testing, and vulnerability assessments to identify and mitigate potential threats. Manage security audits and compliance checks, providing evidence and responses to internal and external audits. Incident Response & Threat Management: Develop and maintain incident response plans and lead the response to security incidents and breaches. Coordinate the investigation, containment, and remediation of cybersecurity incidents, ensuring timely and effective resolution. Monitor security alerts and events using SIEM tools, ensuring timely detection and response to threats. Collaborate with IT and business teams to strengthen defenses and reduce the likelihood of future incidents. Security Operations & Technology Management: Oversee the deployment, configuration, and management of security tools and technologies (e g, firewalls, intrusion detection/prevention systems, EDR, DLP, etc.). Implement and manage identity and access management (IAM) controls, encryption standards, and endpoint protection solutions. Manage security patching, updates, and vulnerability remediation across all systems and devices. Ensure that cybersecurity measures are integrated into all stages of system development and IT operations. Training & Awareness: Develop and lead security awareness training programs for employees to foster a security-conscious culture. Conduct phishing simulations, social engineering tests, and other awareness campaigns to assess and improve employee security practices. Vendor & Third-Party Risk Management: Evaluate and manage security risks related to third-party vendors and partners. Ensure that security requirements are included in contracts and service level agreements (SLAs) with third parties. Conduct regular reviews and assessments of vendor security practices to ensure ongoing compliance with security standards. Reporting & Communication: Provide regular reports on the organization's security posture to senior management, highlighting key risks, incidents, and mitigation efforts. Develop and maintain key security metrics (KPIs) and dashboards to track performance and drive continuous improvement. Serve as the primary point of contact for security-related issues and liaise with external partners, including law enforcement and regulatory agencies, as needed. Key Skills & Qualifications: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Masters degree preferred). A minimum of 5-7 years of experience in cybersecurity roles, with at least 3 years in a leadership or management position. Strong knowledge of cybersecurity frameworks and standards such as ISO 27001, NIST, CIS, PCI-DSS, and GDPR. Proficient in the use of security technologies such as firewalls, SIEM, EDR, IDS/IPS, DLP, encryption, and IAM solutions. In-depth understanding of current and emerging cyber threats, vulnerabilities, and attack vectors. Experience in incident response, vulnerability management, and risk assessment. Familiarity with cloud security best practices and security management for cloud platforms (AWS, Azure, GCP). Relevant certifications such as CISSP, CISM, CEH, or similar. Excellent communication and leadership skills, with the ability to influence and collaborate with cross-functional teams.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We are counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself and a better working world for all. As a CMS-TDR Senior at EY, you will work as a Senior Analyst within our cyber security team. Your role will involve assisting clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. Your key responsibilities will include: - Operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR (CrowdStrike, Defender, Carbon Black), and NSM (Fidelis, ExtraHop) for multiple customers. - Specializing in second-level incident validation and detailed investigations. - Performing incident coordination and communication with clients to ensure effective containment, eradication, and recovery. - Providing SIEM support activities, including ad hoc reporting and basic troubleshooting. - Advising customers on best practices and use cases to achieve customer end-state requirements. - Providing near real-time analysis, investigating, reporting, remediating, coordinating, and tracking security-related activities for customers. Skills and attributes for success include: - Customer service orientation, meeting commitments, and seeking feedback for improvement. - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a security analyst's perspective. - Troubleshooting issues associated with SIEM solutions. - Ability to work with minimal supervision. - Exposure to IoT/OT monitoring (Claroty, Nozomi Networks) is a plus. - Experience in security monitoring and cyber incident response. - Knowledge in ELK Stack, network monitoring technology platforms (Fidelis XPS, ExtraHop), and endpoint protection tools (Carbon Black, Tanium, CrowdStrike, Defender). To qualify for this role, you must have: - A B.Tech./B.E. degree with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Minimum 3 years of hands-on experience in SIEM/EDR/NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certifications such as CCSA, CEH, CISSP, GCIH, GIAC. Working at EY offers: - Inspiring and meaningful projects. - Education, coaching, and personal development opportunities. - Support, coaching, and feedback from engaging colleagues. - Opportunities for skills development and career progression. - Freedom and flexibility to shape your role according to your needs. EY is dedicated to building a better working world by creating long-term value for clients, people, and society and building trust in the capital markets. Our diverse teams across 150 countries provide trust through assurance and help clients grow, transform, and operate in various sectors. We ask better questions to find new answers for the complex issues facing our world today.,

Work with MCX to enhance your career growth and excel in the field of Information Security. MCX values its employees" domain expertise and commitment, which have been pivotal in the company's success. If you are an ambitious and result-oriented professional, MCX offers exciting career opportunities for you to realize your potential in the cybersecurity domain. As a Manager - Information Security at MCX based in Mumbai, you will play a crucial role in ensuring the optimal performance of security technologies through operational oversight. With a Bachelor's degree in Cybersecurity, Information Technology, or related fields, along with 8-10 years of experience in cybersecurity (including 3+ years in managerial roles), you will be responsible for managing L2 activities and listed technologies hands-on. Your key responsibilities will include overseeing L2 activities, incident response, audits, and reviews of security operations. You will also be involved in developing and maintaining comprehensive documentation and SOPs for security technologies and processes, ensuring compliance and standardization. Additionally, you will configure, optimize, and maintain various security tools while evaluating their effectiveness and ensuring integration with the organization's IT infrastructure. In this role, you will lead threat hunting efforts, collaborate with stakeholders for risk mitigation, and manage security incidents promptly. You will generate security reports, communicate with stakeholders, and mentor junior team members to enhance their skills in security tools and best practices. If you are ready to climb the career ladder with MCX and have the necessary qualifications and experience in cybersecurity, this role offers you a platform to grow and excel in the dynamic field of Information Security. For further assistance or inquiries about this opportunity, please contact us at 022-67318888 / 66494000 or careers@mcxindia.com.,

About the Role We are seeking a highly skilled and experienced Security Consultant to join our team. The ideal candidate will have expertise in designing, implementing, and managing advanced security solutions, with hands-on experience in Cisco ISE, FTD, Palo Alto Firewall, Cisco Secure Workload (Tetration), and Secure Network Analytics (StealthWatch). The role requires a deep understanding of network security, threat mitigation, and compliance frameworks. Key Responsibilities Design, implement, and manage Cisco ISE for network access control and identity-based security policies. Deploy, configure, and optimize Cisco Firepower Threat Defense (FTD) solutions to enhance perimeter security. Manage and maintain Palo Alto Firewalls, including policy creation, threat prevention, and logging. Cisco SD-Access Catalyst Center (DNAC) Experience - Supports DNAC automation, SD-Access fabric deployment, and troubleshooting, including greenfield/brownfield deployments, fabric builds, and endpoint onboarding. Implement and optimize Cisco Secure Workload (Tetration) for workload protection, micro-segmentation, and policy enforcement. Utilize Cisco Secure Network Analytics (StealthWatch) for network traffic analysis, anomaly detection, and threat response. Conduct security assessments and provide recommendations to improve network security posture. Collaborate with IT teams to design security architectures that align with business needs and regulatory requirements. Perform incident detection, response, and forensic analysis to mitigate security threats. Document security policies, procedures, and configurations for compliance and operational efficiency. Basic Qualifications Education : B. Tech / B.E. in computers or master s degree in computer science. Hands-on expertise with Cisco ISE, Cisco SD-Access Catalyst Center (DNAC). Proven experience in network security consulting, design, and implementation. Hands-on expertise with Cisco ISE/DNAC, FTD, Palo Alto Firewall, Tetration, and StealthWatch. Strong knowledge of firewall policies, VPNs, IDS/IPS, and threat intelligence. Understanding of zero-trust architecture, micro-segmentation, and endpoint security. Preferred Qualifications Excellent troubleshooting, analytical, and problem-solving skills. Strong communication and client-facing skills. Certifications such as CISSP, CCNP Security, PCNSE, or equivalent are preferred. Familiarity with industry standards and frameworks such as ISO 27001, NIST, CIS Controls, and GDPR will be added advantage . Excellent communication and leadership skills. Strong analytical and problem-solving abilities.

As a member of our team, your main responsibility will be to evaluate new and existing security vulnerabilities sourced both internally and externally. You will need to determine their relevance, document the impact, and devise a remediation strategy in a format that is understandable to our customers. Your focus will encompass a wide range of technologies, including major cloud hosting environments, Linux servers, specialized hardware, various coding languages, and virtualization technologies. The ideal candidate will possess the ability to comprehend the technicalities of security, evaluate risks, and communicate these complex concepts in a clear and simple manner. Your tasks will include: - Reviewing vulnerability scan reports - Monitoring external sources for new vulnerabilities - Assessing the applicability of vulnerabilities within context - Determining the real impact of vulnerabilities - Documenting findings and disclosures for each vulnerability and sharing them with customers - Negotiating disclosure timing with external researchers - Monitoring remediation progress and updating documentation - Participating in Security Incidents related to urgent vulnerabilities - Providing metrics and statistics Minimum Qualifications: - At least five (5) years of relevant experience (including indirectly related experience) - Strong team player - Ability to interpret and communicate CVEs to both technical and non-technical audiences - Familiarity with hacking techniques and programming languages - Knowledge of risk evaluation - Proficiency in the MS Office suite - Excellent written and verbal communication skills - Ability to adapt quickly to changing priorities - High school diploma, GED, or equivalent professional experience - Flexibility in terms of work location Preferred Qualifications: - Experience in evaluating security risks within a production environment - Familiarity with Jira - Direct customer communication experience - Proficiency in at least one of the following languages: Python, Go, Java, or C - Experience with scan reports from various tools like Snyk, Qualys, Crowdstrike, Inspector, Vdoo, or Binwalk - Remote work experience across different time zones and cultures - Security certifications such as CISSP, CRISC, AWS SCS, etc. - Ability to work flexible hours Join our team today and be part of a dynamic environment where your expertise in cybersecurity will be valued and utilized to make a real impact.,

As the Lead, Technology Risk Analyst at Mastercard, you will play a crucial role in ensuring the company's safety and security from cyber and physical threats. Your primary responsibility will be to drive readiness and compliance on security aspects related to evolving regulatory and statutory needs across global markets. Your passion for information security and cybersecurity, along with your analytical skills and exposure to the regulatory environment, will be instrumental in this role. Your key responsibilities will include monitoring and assessing security obligations stemming from new and changing regulations worldwide. You will collaborate with various teams across Corporate Security to advise and ensure compliance with region-specific regulatory requirements within Information Security and Cyber Security domains. Engaging with partner teams on supporting Regulatory audits and obligations, you will lead and monitor remediation efforts in the realm of Security. Moreover, you will be tasked with developing and implementing governance processes to manage regulatory risks effectively, ensuring the sustainability of controls and measures implemented for compliance. Managing documentation, tracking, and reporting of security requirements and ongoing compliance efforts will also fall under your purview. Additionally, you will represent the company on Risk & Governance Committees and internal forums, providing regular reports to senior leadership. To excel in this role, you should possess a strong understanding of information and cyber security domains, governance, and risk management practices. Your experience in handling security audits, conducting assessments, and managing senior stakeholders will be invaluable. Demonstrated leadership abilities in leading cross-functional teams and managing complex projects are essential. A solid grasp of security frameworks such as NIST, ISO 27001, and PCI-DSS, as well as familiarity with regulatory standards, will be advantageous. Holding a preferred security certification like CISSP, CISM, or CISA is a plus. Excellent written and verbal communication skills are a must, enabling you to effectively interact with stakeholders. You should be viewed as a trusted advisor who comprehends business processes and can offer security consultation and advisory services. Your confidence, analytical mindset, and ability to drive security discussions with stakeholders will set you up for success in this role. In line with Mastercard's commitment to information security, it is expected that you adhere to the company's security policies and practices diligently. Safeguarding the confidentiality and integrity of accessed information, promptly reporting any suspected security violations or breaches, and completing all mandatory security trainings are integral parts of your responsibilities as a member of the Corporate Security team.,

You have 8 to 12 years of experience in the field of Identity and Access Management. As an IAM Architect, your responsibilities include having hands-on experience with various IAM tools such as Azure, Okta, ForgeRock, PingFederate, SailPoint, Saviynt, CyberArk, Delinea, Beyond Trust, and One Identity. You should have a good understanding of concepts like CIAM, Identity Governance, Privileged Access Management, and Enterprise SSO. Your role involves integrating IAM solutions with in-house and third-party applications for Single Sign-On (SSO), Federation, provisioning, deprovisioning, and custom workflows. You will work on enabling legacy and modern identity providers like AD, ADFS, Azure AD, certificates, and PKI for management by IAM tools. Furthermore, you will oversee the development and lifecycle management of services related to Identity Governance Administration services. It is essential to support the business in ensuring IDAM control outcomes are met for IT Assets/Services and provide expertise on group control operation to manage residual risk effectively. Your responsibilities also include executing the IDAM Control Exceptions (ICE) process and tooling, monitoring and managing the operating effectiveness and residual risk of IT Assets/Services, and implementing enhancements to control processes by collaborating with key stakeholders. Additionally, you will support the business in using control tools, troubleshoot issues, and provide training. Seeking opportunities to enhance, streamline, and automate processes is crucial. Communication with stakeholders throughout the process is necessary. The ideal candidate should have experience in Cyber Security and IAM controls, technical and architectural skills, and the ability to make timely decisions based on relevant information. Role-relevant qualifications such as CISSP, CISM, or CISA are desirable. You should have a proven track record of delivering within schedule, working with auditors and regulators, strong data analytical skills, process mapping skills, and be accountable for deliverables. If you meet these requirements and are interested in this position, please share your CV at Puja.Singh@ltimindtree.com.,

The role involves Security Monitoring & Threat Detection where you will be responsible for monitoring security systems and logs to detect and respond to potential threats. You will also utilize security tools such as SIEM (Security Information and Event Management) for real-time threat analysis. In addition, conducting penetration testing and vulnerability assessments to identify potential risks is a key aspect of this role. Incident Response & Investigation is another critical area where you will be required to respond to security incidents, perform root cause analysis, and mitigate identified threats. You will document security incidents and create detailed reports on resolution steps. Collaboration with IT teams to ensure the implementation of security best practices will also be part of your responsibilities. Risk Assessment & Compliance is a significant component of the role where you will conduct regular risk assessments to identify vulnerabilities and security weaknesses. Ensuring compliance with security frameworks such as ISO 27001, NIST, GDPR, HIPAA, etc., is essential. Developing and maintaining comprehensive security policies, procedures, and guidelines will be crucial in this domain. Network & System Security forms a core part of the responsibilities where you will implement and manage firewalls, antivirus solutions, and endpoint security measures. Securing cloud environments (AWS, Azure, Google Cloud) and on-premises infrastructure is also part of the role. Regular security audits and enforcement of strict access controls will be necessary to maintain a secure environment. Training & Awareness is a key aspect where you will educate employees on cybersecurity best practices and phishing awareness. You will develop training materials and conduct security awareness workshops to enhance the overall security posture of the organization. Qualifications & Skills Required for this role include a Bachelor's degree in Cybersecurity, Computer Science, or a related field. A minimum of 5 years of experience in cybersecurity or IT security is required. Hands-on experience with security tools such as SIEM, IDS/IPS, firewalls, etc., is essential. Proficiency in networking, operating systems, and cloud security, along with strong analytical and problem-solving abilities, are key skills needed for this role. Preferred Certifications include CompTIA Security+, CEH, CISSP, CISA. In summary, the role requires expertise in Security Monitoring & Threat Detection, Incident Response & Investigation, Risk Assessment & Compliance, Network & System Security, and Training & Awareness. Strong qualifications, skills, and certifications are essential for effectively carrying out the responsibilities associated with this position.,

As a Cybersecurity Analyst II - GRC at AGCO, you will play a crucial role in addressing some of the world's most pressing challenges related to cybersecurity. Your primary responsibilities will involve developing and maintaining relationships with various teams within the enterprise to influence and achieve cybersecurity objectives related to governance, risk, and compliance. By leveraging best practices, you will lead risk activities across product, enterprise, and manufacturing teams, ensuring compliance with policies and standards while staying informed about the latest regulatory trends. Your expertise will be pivotal in serving as a subject-matter expert in governance, risk, and compliance, guiding teams through threat modeling exercises and risk analysis using industry-leading practices. Key Responsibilities: - Maintain an active crosswalk mapping between all policies and standards and cybersecurity frameworks like NIST CSF and ISO 21434. - Define threat modeling strategies and lead teams in executing them across different sectors within the enterprise. - Act as an independent voice for the GRC team, contributing to innovative risk analysis efforts across projects. - Conduct regular risk register reviews, follow up on identified risks, and escalate high-risk areas appropriately. - Assist in defining the annual program calendar for all GRC activities, including compliance audits and risk reviews. - Develop standards and control checks to ensure compliance with policies and standards across teams and projects. Qualifications: - Bachelor's degree with at least 7 years of industry experience in information technology or GRC roles, with a minimum of 5 years of relevant experience. - Experience in developing or maintaining cybersecurity policies, risk management frameworks, and working in enterprise, cloud computing, product security, or manufacturing security. - Familiarity with cybersecurity frameworks such as NIST, ISO standards, and various risk methodologies. - Ability to evaluate cybersecurity risk and business value across different scenarios, with a willingness to learn new technologies quickly. - Comfortable working in a fast-paced, global organization with dispersed teams. Preferred Qualifications: - Experience in Agile, Scrum, or SAFe environments. - Relevant cybersecurity or risk management certifications like CRISC, CISSP, GTSRT. - Proficiency in working with GRC tools, managing policy documentation, and assessing cybersecurity risk. - Familiarity with the agriculture or manufacturing industry. At AGCO, we value diversity, inclusion, and innovation, and we are committed to providing a positive workplace culture where every individual can thrive. Join us in shaping the future of agriculture and contribute to making a positive impact on the world. Apply now and be part of our dynamic team! Please note that this job description may not encompass all duties, responsibilities, or benefits associated with the role and is subject to change as needed. AGCO is an Equal Opportunity Employer.,

As a Cybersecurity Trainer, you will play a crucial role in equipping professionals with the knowledge and skills necessary to navigate the dynamic landscape of cyber threats. Your primary responsibility will involve designing and delivering virtual training sessions that cover various cybersecurity domains like network security, ethical hacking, incident response, and risk management. You will be expected to develop and update training content, facilitate engaging live sessions, workshops, and webinars, and assess learners" performance through evaluations, labs, and hands-on exercises. Additionally, you will customize training programs to suit the specific requirements of clients or organizations and stay abreast of the latest industry trends, tools, certifications, and threats. To excel in this role, you should have prior experience as a Cybersecurity Trainer, IT Instructor, or Security Professional, with a deep understanding of cybersecurity frameworks, principles, and practices. Strong communication and presentation skills are essential, and experience in instructional design or curriculum development would be advantageous. Possessing relevant certifications such as CompTIA Security+, CEH, CISSP, or CISM is a requirement, along with the ability to simplify complex technical concepts for easy comprehension. Ideally, you should hold a Bachelor's degree in Cybersecurity, Computer Science, or a related field and be familiar with eLearning platforms like Moodle or Canvas. Experience with hands-on labs such as Cyber Range, TryHackMe, or Hack The Box would be beneficial. Joining our team offers you competitive compensation, flexible working hours, and the chance to make a meaningful impact on the future generation of cybersecurity professionals. You will thrive in a supportive, mission-driven work environment that prioritizes continuous learning and professional development.,

As an experienced Information Security professional with 8+ years of experience, you will be responsible for planning, implementing, managing, and maintaining security systems such as antimalware solutions, vulnerability management solutions, and SIEM solutions. Your role will involve monitoring and investigating security alerts from various sources, providing incident response, and identifying potential weaknesses within the organization's network and systems to recommend effective solutions. Additionally, you will take up security initiatives to enhance the overall security posture of the organization. You will be required to document Standard Operating Procedures (SOPs), metrics, and reports as necessary, provide Root Cause Analyses (RCAs) for security incidents, and collaborate with different teams and departments to address vulnerabilities, security incidents, and drive security initiatives. Moreover, researching and monitoring emerging threats and vulnerabilities, understanding current industry and technology trends, and assessing their impact on applications will be crucial aspects of your role. Your qualifications should include industry-recognized professional certifications such as CISSP, GCSA, CND, or similar certifications. Demonstrated experience in computer security with a focus on risk analysis, audit, and compliance objectives is essential. Proficiency in Network and Web Security tools like Palo Alto, ForeScout, and Zscaler, as well as experience in AWS Cloud Environment and Privileged Access Management solutions, will be advantageous. Familiarity with SIEM/SOAR, NDR, EDR, VM, and Data Security solutions and concepts is desired. The ideal candidate will possess strong decision-making and complex problem-solving skills under pressure, along with a high degree of creativity and "out-of-the-box" thinking. The ability to manage multiple projects simultaneously in fast-paced environments, a service-oriented approach, and excellent communication, presentation, and writing skills are key requirements for this role. You should also be adept at sharing knowledge, collaborating with team members and customers, and adapting to a fast-paced, ever-changing global environment. Strong organization, time management, and priority-setting skills are essential, along with a proactive approach to achieving results. In summary, this role offers an exciting opportunity for an experienced Information Security professional to contribute to the enhancement of the organization's security posture, collaborate with diverse teams, and stay abreast of emerging threats and industry trends.,

We are looking for an experienced Information Security professional with certifications like CISSP or CISA, and a strong background in leading compliance initiatives for SOC 2 Type II, ISO 27001, PCI DSS, and IOCFR. Direct experience working with RBI regulations and auditors is mandatory . The ideal candidate should have hands-on knowledge of AWS cloud security, and familiarity with tools such as GuardDuty, Wiz/Orca, Splunk, Crowdstrike, and Vanta. Experience in fast-paced sectors like FinTech, E-commerce, or Payment Solutions is a strong plus. What You&aposll Do: Governance & Compliance: Develop and maintain information security policies and drive compliance with ISO 27001, SOC 2, and RBI guidelines. Act as the primary contact for audits and inspections. Risk Management: Conduct risk assessments, manage risk registers, and oversee third-party/vendor security reviews. Security Operations: Oversee tools and processes for SIEM, DLP, EDR, patch management, and incident response. Lead security incident simulations and resolution. Cloud & App Security: Manage AWS security architecture, implement CSPM programs, and embed secure coding and DevSecOps practices across CI/CD pipelines. Business Continuity & DR: Maintain and test disaster recovery and continuity plans (RTO: 60 mins; near-zero RPO). Awareness & Culture: Run regular security training, phishing drills, and promote a security-aware culture across the organization. Reporting & Strategy: Present security metrics, dashboards, and risk reports to leadership and participate in strategic IT governance forums. What Were Looking For: 8+ years in cybersecurity or information security roles; at least 3 years in a leadership capacity. Background in fintech, NBFC, or regulated financial services preferred. Proven track record in managing audits (ISO 27001, SOC 2), incident response, and cloud security (AWS). Strong knowledge of cybersecurity tools and frameworks: AWS, SIEM, CSPM, IAM, patch management, DLP, EDR. Familiar with secure SDLC, DevSecOps, threat modeling, and regulatory compliance. Effective communicator with experience working across cross-functional teams. Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, AWS Security Specialty. Bonus: DCPP, CIPP/E, or other data privacy/RBI-focused certifications. About Kissht: Kissht, a Great Place to Work certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology. Show more Show less

Primary Responsibilities: Provide operations support in the day-to-day tasks of managing certificates using Venafi Data Center Protect Engineer and develop tactical and strategic solutions to improve and automate certificate management Engineer and drive forward new initiatives that supports and enhance Certificate Lifecycle Management Provide innovative solutions to automate repetitive operational tasks Analyze, design, develop and deploy integrations to help adopt Venafi products in customer environments Participate as an independent contributor within an agile based team Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: 4+ years of PKI, certificate management, or related experience Experience with certificate lifecycle management platforms, with emphasis on Venafi Scripting and automation experience leveraging Powershell, Python, or other scripting languages Understanding of X.509 certificates and general certificate management processes Serve as a subject matter expert regarding certificate management operation for internal teams Ability to participate in on call rotation Preferred Qualifications: Undergraduate degree in applicable area of expertise or equivalent experience CISSP or other security related certification Cloud Infrastructure experience in any of the major CSPs including MS Azure, AWS, or GCP Identity and Access Management experience At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission. #Nic #NJP

Key Responsibilities • Lead and deliver cybersecurity risk assessments, security architecture reviews, and threat modeling for client engagements across multiple industries. • Develop and implement cybersecurity governance frameworks, including policies, controls, and compliance programs (ISO 27001, NIST, CIS, etc.). • Advise clients on cloud and application security strategies with a focus on secure design and regulatory compliance. • Oversee and mentor junior consultants in cyber risk assessment methodologies and best practices. • Interface with senior client stakeholders, providing consulting-level insights and recommendations to manage risks effectively. • Support business growth through solution development, proposal support, and client relationship management. • Stay abreast of emerging threats, security technologies, and regulatory requirements to provide forward-looking advisory services. Required Skills & Experience • 810 years of experience in cybersecurity consulting, risk management, and security architecture. • Strong track record in security architecture reviews, threat modeling, and risk assessments. • Solid knowledge of cloud security (AWS, Azure, GCP) and enterprise environments. • Hands-on experience in building or assessing governance, risk, and compliance (GRC) programs. • Strong understanding of industry frameworks and standards (NIST CSF, ISO 27001, PCI DSS, etc.). • Ability to engage with senior leadership and C-level executives with strong communication and presentation skills. Certifications • Mandatory: CISSP and/or CCSP (both preferred). • Additional preferred certifications: CISM, SABSA, AWS/Azure Security Specialty, or equivalent. Preferred Attributes • Prior experience with a Big 4 or top-tier consulting firm or equivalent consulting background. • Strong problem-solving, stakeholder management, and project delivery skills. • Ability to work across diverse clients, geographies, and industri

IT Compliance & Audit Lead ZS Governance, Risk & Compliance (GRC) Team Location: Pune, India Function: ZS (IT) Governance, Risk & Compliance (GRC) Level: Lead / Specialist / Consultant Experience Required: 4+ years in technical Information Security and Compliance roles About ZS ZS is a global professional services firm that works shoulder-to-shoulder with companies to help them deliver products and solutions that drive customer value and business impact. With expertise spanning healthcare, life sciences, high-tech, and beyond, we apply cutting-edge analytics, strategy, operations, and digital technologies to real-world challenges. Our Governance, Risk & Compliance (GRC) team is instrumental in preserving ZSs reputation, enabling innovation, and ensuring we remain compliant with global regulatory, privacy, and security standards. The GRC team leads our operational risk management, manages certifications (ISO 27001, SOC 2, ESG, etc.), and champions continuous improvement in internal controls, privacy, and quality frameworks. Role Overview We are seeking a dynamic IT Compliance & Audit Lead to join our Governance, Risk & Compliance (GRC) team in Pune. This role will be pivotal in driving the implementation and evolution of ZSs Continuous Compliance Monitoring (CCM) program. The ideal candidate will bring hands-on technical security expertise, a strong audit and risk management mindset, and the ability to collaborate across technical and business stakeholders. Responsibilities Lead the development and execution of ZSs Continuous Compliance Monitoring (CCM) program across infrastructure, applications, and third-party vendors Collaborate cross-functionally with internal security, privacy, engineering, and operations teams to drive remediation and maturity of compliance gaps Serve as SME for security audits, helping interpret and implement compliance controls (e.g., ISO 27001, SOC 2 Type 2, NIST CSF, HIPAA, ESG reporting frameworks) Design and implement automated compliance checks and control testing routines aligned with risk appetite and audit requirements Conduct and support internal and external audits, including pre-audit readiness assessments, evidence collection, and issue remediation oversight Contribute to enterprise risk assessments, security profiling, and threat modeling to improve ZSs security posture Drive security incident post-mortems and track audit findings to closure with technical leads and business owners Assist in the maintenance and enhancement of security policies, procedures, and standards to reflect evolving risk and regulatory requirements Create training and awareness content related to policy adoption, audit preparedness, and security control responsibilities Provide metrics and executive-level reporting on compliance posture, audit outcomes, and CCM maturity Serve as a technical consultant in areas such as SIEM tuning, bounty hunting initiatives, and threat intelligence integration Qualifications Bachelor's degree in Computer Science, Information Systems, or a related field 4+ years of hands-on experience in Information Security, Audit, Compliance, or GRC roles with technical depth Proven experience implementing or maturing compliance frameworks like ISO 27001, SOC 2 Type 2, HIPAA, NIST CSF, etc. Strong understanding of security tooling and architecture, including: SIEM platforms (e.g., Splunk, Sentinel, QRadar) Threat modeling and profiling tools Vulnerability management platforms Cloud security configurations (AWS, Azure, GCP) Experience with bug bounty programs or threat hunting initiatives is a plus Excellent communication skills; ability to articulate risk and compliance requirements to technical and non-technical stakeholders Certifications preferred: CISA, CISSP, CRISC, CISM, ISO Lead Auditor/Implementer, CEH ZS is a global consulting firm; fluency in English is required. Candidates must possess work authorization for their intended country of employment. An on-line application, including a cover letter expressing interest and a full set of transcripts (official or unofficial), is required to be considered. ZS offers a competitive compensation package with salary and bonus incentives, plus an attractive benefits package. NO AGENCY CALLS, PLEASE. Connect with ZS in India on social media: Like ZS in India on Facebook Follow ZS in India on Twitter and Instagram Follow ZS on LinkedIn for more job opportunities Subscribe to the ZS in India YouTube channel Explore the Life at ZS blog ZS has been recognized globally for its expertise in consulting and its flexible work environment. View ZSs accolades .