833 Cissp Jobs - Page 12

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Program Project Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on cloud security practices.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Program Project Management.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management in cloud environments.- Ability to develop and implement security policies and procedures.- Familiarity with compliance standards relevant to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Program Project Management.- This position is based in Mumbai.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education" Summary :As a Security Lead, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- The candidate will be responsible for implementation of Saviynt IGA architecture- The role also involves troubleshooting and resolving issues within the team and collaborating with Saviynt support to ensure seamless operations and system efficiency. Ensuring quality and efficiency throughout the project lifecycle is key.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams. Professional & Technical Skills: - Must Have Skills: Proficiency in Saviynt IGA.- Strong knowledge of Saviynt IGA architecture, with hands-on experience in application onboarding, connector configurations, and workflow implementation. Solid experience in design discussions, creating design documents, and performing unit testing- Ability to troubleshoot and resolve technical issues within the team and in collaboration with Saviynt support.- Proficiency in Segregation of Duties (SOD), certifications, and custom JARs. Familiarity with identity governance processes, role management, and security protocols is essential. Experience in troubleshooting and optimizing complex systems is a must.- Detail-oriented, strong problem-solving abilities, excellent collaboration and communication skills, proactive, and able to work effectively in team-oriented environments. Focused on delivering projects on time and to specification. Additional Information:- The candidate should have a minimum of 4 years of experience in Saviynt IGA. Overall IT work experience should be 5 years or above- A 15 years full time education is required.- Bachelors degree in Computer Science, Information Technology, or a related field. Certifications are a plus." Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Delivery Excellence Good to have skills : NAMinimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Should be able to manage the delivery for the large client with multiple skills and different verticals. Should be able to lead large number of teams.As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure and efficient cloud environment. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Engage with multiple teams and responsible for team decisions.- Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems.- Facilitate workshops and training sessions to enhance team understanding of cloud security practices.- Continuously assess and improve the cloud security framework to adapt to evolving threats and business needs. Professional & Technical Skills: - Must To Have Skills: Proficiency in Delivery Excellence.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management in cloud environments.- Ability to design and implement security controls tailored to cloud architectures.- Familiarity with compliance standards and regulations related to cloud security. Additional Information:- The candidate should have minimum 18 years of experience in Delivery Excellence.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

- - - - - - The key objective of this role is to ensure that processes- across IT operate securely. The remit extends across all aspects of IT- security (i.e. policies and procedures, authorization and administration of- accesses, networks and firewalls, servers and workstations, operation- systems, databases and applications), wherever applicable and covers all IT- teams and usage of the IT platform by other departments. Another key- objective is to ensure that IT maintains an appropriate level of security in- compliance with company policy and requirements from regulatory & market- authorities and in accordance with recommendations from General Inspection,- Compliance, Internal Audit and External Auditors. This role also contributes- to the design, testing and roll-out of security controls such as access- management, exception management, data leakage prevention, etc. in accordance- with established regional processes - - - - - - Responsibilities - - - - - - Direct Responsibilities - - 1. IT Risk Management - - - Inform- APAC IT Security Risk Management team about any new projects or major change- within India for further risk assessment. - - - Ensure- risk assessment on the in-scope projects, third-party vendors and the deviation- of policies & best practice is properly conducted. Ensure the- recommendation issued for projects and security exceptions / risk acceptances- are properly followed up. - - - To- translate policy statements into local guidelines and procedures in order to- produce enforceable actions - - - To- enforce an efficient user account management process in order to authorize- and control users accesses and habitations to IT Systems - - - To- monitor and ensure immediate and accurate reporting of any SIPL IT Security- related incident (intrusion, virus, etc.) to the regional & global IT- Security and Incident Management processes. - - - To- be part of the network rules review and recertification process, by reviewing- and approving all network access requests (including firewall, proxy and SMTP- requests), and perform periodical review. - - - To- work in partnership with the Business Lines, Organization & Methods,- Information Systems, and others to draw up measures for implementing the Company's- Information Systems Security Directives. Especially to participate to all- projects in order to ensure respect of good IT Security practices - - - To- occasionally participate in regional security risk assessment activity of- business line applications - - - To- work with different stakeholders and assist India CIO to implement the IT- risk management framework - - - To- conduct necessary security controls, reviews, assessment to ensure the best- security practice is in place . - - 2. IT Security Control Design, Testing and Implementation - - - To- gather control requirements based on regulatory guidelines and business needs - - - To- assist in the design of local and business-specific security controls - - - To- contribute to the processing of day-to-day security events, leading or- supporting security investigations and escalation to relevant stakeholders- (Business, Compliance, Legal, HR, IT) - - - To- maintain exception management workflows and to track local exceptions and- their recertification - - - To produce- periodic KPI and KRI dashboards and distribute them to local management - - 3. Coordination & Cooperation - - - To- actively coordinate and cooperate with other IT and APAC Security teams to- ensure best IT Security practices, deliveries and a smooth interaction - - - To- work closely with IT Infrastructure & Production team, as well as- Business Lines IT teams for closure of non-compliant issues found within- scope of responsibilityTo assist the production & follow up of Security- Dashboard by APAC SecurityTo maintain an IT Security Awareness training- program towards all local employees - - - To assist SIPL COO/CIO for the production of required- and requested reporting to the local regulatory & market authorities - - - To- answer requests raised by Internal Audit and Risk and to promptly close- findings and recommendations - - 4. Team management - - - As- team head to supervise and lead the SIPL information security team: - - - Ensure the team's mandated learnings- (eLearning, classroom training) are completed before due date - - - Ensure block leave and carryover leave are managed- per policy - - - Ensure timesheets are recorded in Clarity - - - Identify development and training plan for the team - - - Create succession plan and backup plan for the team - - - When necessary, manage low performers with- development plans and keep track of the progress (if applicable) - - 5. Permanent Control Aspects - - - Direct- contribution to BNPP operational permanent control framework. - - - Responsible- for the implementation of operational permanent control policies and- procedures in day-to-day business activities, such as Control Plan - - - Responsible- for ensuring team members (if applicable) to comply with regulatory- requirements and internal guidelines. - - - Responsible- for reporting all incidents according to the Incident Management System - - - Responsible- for ensuring job descriptions are written, distributed and updated - - - Ensure- audit recommendations are resolved within the specific timeline. - - Contributing Responsibilities - - 1. Cooperation - - - To improve IT quality and process generally - - 2 . Compliance- & Control - - - Comply- with the BNPP IT Security policies - - - Comply- with the BNPP standards of Code of Conduct - - - Comply- with regulatory requirements and internal guidelines. - - - Ensuring- appropriate escalation to management and/or Permanent Control (or Compliance- as appropriate) as soon as an issue is identified - - - Minimizing- operational failure, including but not exclusively, the risk of fraud, by- helping to devise, and by implementing, sufficient regular controls - - 3 . Committees - - - Participate and- contribute to different committees related to the job scope, including but- not limited to IT management, IT risk management (TRM), country supplier risk- management, data governance, data protection, local outsourcing management,- etc. - - - - - - - Technical & Behavioral Competencies - - - - - - - To be- knowledgeable of IT Security concepts. - - - To know IT- Security regional roadmap. - - - To maintain- a good knowledge of the technologies, systems, integration and workflows of- the IT Security program. - - - To know the- organization of global IT Security, as well as regional Security, who to- action depending on the matter and to maintain good relationships with IT- Security managers. - - - To know- program management methodology. - - - To know how- to define an action plan and to follow up on progress. - - - To be- organized and meticulous. - - - To know how- to communicate clear instructions and follow up while delegating- appropriately. - Negotiation skills. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Specific Qualifications (if required) - - - - - - - - - Securities practitioner- qualification is a must; - - - Strong local regulatory- experience on SEBI is required - - - Bachelors degree in- Computer Science, Information Security or equivalent experience - - - Holder of information security and risk- management (e.g. CISM, CISSP, etc.) preferred - - - - - - Skills Referential - - - - - - Behavioural Skills : (Please- select up to 4 skills) - - - - - - Ability- to collaborate / Teamwork - - - - - - - Communication skills - oral &- written - - - - - - - Decision Making - - - - - - - Personal Impact / Ability to- influence - - - - - - - Transversal- Skills: (Please select up to 5- skills) - - - - - - - - - Ability- to understand, explain and support change - - - - - - - Ability- to manage a project - - - - - - - Ability- to develop and adapt a process - - - - - - - Ability- to inspire others & generate people's commitment - - - - - - - Ability- to manage / facilitate a meeting, seminar, committee, training - - - - - - - Education- Level: - - - - - - - - - - - Bachelor Degree or equivalent (3 years) - - - - - - Experience- Level - - - At- least 7 years - - - - - - - Other/Specific Qualifications (if- required) - - - - - - - - - - - - - - - - - - - - - -

A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical & Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications (if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certification: in IT Audit - CISA (Certified Information System Audit) required other IT certification: Cybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential Behavioural Skills : Communication skills - oral & written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical Ability Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to anticipate business / strategic evolution Education Level: Master Degree or equivalent Experience Level At least 10 years

This role will be responsible for supporting the Third-Party Technology Risk Management team in identifying and evaluating potential/ recognized risks related to Information Security, Business Continuity and Physical Security. The 3rd Party Security Risk Assessor, reporting to the Manager, Third Party Risk Management team that performs security assessments of vendors, service providers and 3rd party companies that manage systems or information for BNP Paribas Responsibilities Direct Responsibilities As a Third-Party Technology Risk Assessor, you will perform third-party information and cyber security assessment to identify, monitor, remediate, and manage third party risks across the third-party lifecycle. Risk Assessor role requires good risk experience technology expertise (areas of information and cyber security, business continuity, incident management, compliance, and human resource security) in accurately scoring the inherent risk profile of 3rd parties, making sure the risk assessments are completed on time with quality. In addition, the role requires the ability to prioritize and drive workload. Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of: ISO 27001, SIG (Shared Assessments), TruSight, SOC / equivalent reports, as well as knowledge of controls related to Privacy, Compliance, Business Resiliency, Cyber and other risk domains. Work with Line of business partners, by navigating them through the different stages of the risk assessment life cycle and making sure that they are being compliant to the organization requirements. Communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams as applicable. Monitor and track the identified findings as part of the assessment lifecycle. Contributing Responsibilities Actively participate in identifying process gap and should be ready to own and update/ document relevant TPTRM policies and procedures Support Internal and external TPTRM audit requirements Compile and generate Weekly/Monthly/Quarterly dashboard on KPI Technical Behavioral Competencies Ideally in financial services with minimum of 5+ years of experience in TPRM or Risk management background. Bachelor's degree with professional certification in Information, Cyber, Network and Cloud Security. Experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc. Experience in one or more risk disciplines an advantage i.e., Information Security, Business Continuity, Data Privacy etc. Experience in Governance, Risk Compliance (GRC) tools an advantage. Experience in providing stakeholders with specialist risk knowledge and monitoring its execution. Strong self-motivated multi-tasker who can prioritize competing tasks and stakeholders. Ability to work independently in a fast adapting and agile work environment. Proactive and deliverable focused, with a dedication to delivering against hard deadlines. Excellent analysis skills with keen eye for detail. Strong capabilities in Microsoft Excel, PowerPoint, and Word. Familiarity with vendor management, procurement, and contract negotiation. Ability to communicate effectively with both technical and non-technical stakeholders. Strong analytical and problem-solving skills. Specific Qualifications (if required) Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral written Attention to detail / rigor Creativity Innovation / Problem solving Transversal Skills: Ability to develop and adapt a process Ability to understand, explain and support change Ability to develop others improve their skills Education Level: Bachelor Degree or equivalent Experience Level At least 5 years

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Risk and Audit Operations, Governance Risk & Compliance (GRC) Platform OperationsMinimum 5 year(s) of experience is required Educational Qualification : Bachelors degree in computer science, IT, information systems management or equivalent area Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Additionally, you will assess the effectiveness of existing security protocols and recommend enhancements to improve overall security posture. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Good To Have Skills: Experience with Security Risk and Audit Operations, Governance Risk & Compliance (GRC) Platform Operations.- Strong understanding of cloud security frameworks and architecture.- Experience in risk assessment and management methodologies.- Familiarity with compliance standards and regulations related to security. Additional Information:- The candidate should have minimum 5 years of experience in Integrated Security Risk Management.- This position is based at our Bengaluru office.- A Bachelors degree in computer science, IT, information systems management or equivalent area is required. Qualification Bachelors degree in computer science, IT, information systems management or equivalent area

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Showcasing creativity and expertise in cloud security solutions. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Lead security governance initiatives and ensure compliance with industry standards.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of security architecture design.- Experience with data security and compliance regulations.- Knowledge of cloud security best practices.- Hands-on experience in implementing security controls and measures.- Familiarity with security assessment tools and methodologies. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Coimbatore office.- A 15 years full-time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Coimbatore office- A 15 years full-time education is required Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security architecture design discussions- Develop security architecture solutions- Conduct security assessments and provide recommendations Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design- Strong understanding of cloud security principles- Experience with security tools and technologies- Knowledge of security compliance standards- Hands-on experience in implementing security controls Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Architecture Design- This position is based at our Noida office- A 15 years full time education is required Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Knowledge of regulatory compliance requirements related to cloud security.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 12 years of experience in SailPoint IdentityIQ.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About the Role We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development. Key Responsibilities Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions. Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation. Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy. Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats. Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries. SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations. Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency. Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. Basic Qualifications B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity 3+ years of experience in a SOC or cybersecurity operations role. Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions. Hands-on experience in threat detection, security monitoring, and incident response. Knowledge of network security, intrusion detection, malware analysis, and forensics. Basic experience in SIEM administration (log ingestion, rule creation, dashboard management). Proficiency in Python scripting for automation and playbook development. Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence. Strong analytical, problem-solving, and communication skills. Ability to work in a 24x7 SOC environment (if applicable) Preferred Qualifications Certified SOC Analyst (CSA) Certified Incident Handler (GCIH, ECIH) Splunk Certified Admin / QRadar Certified Analyst CompTIA Security+ / CEH / CISSP (preferred but not mandatory

Key Role Deliverables: Facilitating ISO and SOC 2 corporate-wide examinations Assisting special compliance and audit related projects as assigned Assisting internal VAPT audits and sharing the reports with the management Planning and conducting testing to confirm continuous efficiency and effectiveness of information system controls Understanding the business and IT infrastructure including applications and servers through interactions and walkthrough Managing and measuring the IT Security Framework and developing and maintaining a technology risk assessment program for business applications and processes Collecting information and reviewing information systems policies, standards and procedures to verify that they address the organization's internal and external requirements and to identify information systems control deficiencies Performing a root cause analysis of the various risks/ incidents identified and development of solutions to mitigate the risks and the flow of data and information and performing a threat and risk analysis of each process Assisting with development and implementation of corporate compliance procedures and controls Keeping the department updated with the latest technological changes and cybersecurity advancements Reviewing of Business Impact Analysis, Risk Assessment, Current State Network assessment and Recovery Strategy Analysis Prerequisites: Attention to detail Good understanding of IT and network security Experience of working in cyber security risk management preferred Excellent time management skills preferred Ability to work well under pressure with tight deadlines while delivering high quality and output Experience 0-2 years Education BE/ B.Tech or equivalent specialization in IT are preferred One or more of the following information security certifications or advanced degree in information security/cybersecurity: CISSP/SSCP/CISM/CRSC/CISA/HISP or equivalent CEH V11 or other equivalent Ethical Hacker degree is preferable

Role Description This is a full-time on-site role for a Data Privacy Consultant located in Riyadh. The Data Privacy Consultant will be responsible for overseeing privacy regulations, developing privacy policies, ensuring data privacy compliance, and implementing cybersecurity measures. Qualifications Privacy Regulations and Privacy Policies knowledge Data Privacy and Privacy Compliance expertise Cybersecurity skills Experience in data protection laws and regulations Strong analytical and problem-solving skills Excellent communication and interpersonal abilities CISSP, CIPP, or other relevant certifications are a plus Bachelor's degree in Information Technology, Computer Science, or related field Some keywords to search for: Data Sharing / Data Transfer / Control Framework / Data Minimisation / Scrambling / Obfuscation Data Reclassification / Data Masking / Data Residency / Cross-Border Data Sharing / Privacy Operationalisation / Data Cybersecurity Controls / Cybersecurity Risk Assessment / Data Loss Prevention / Controlled sharing Strong English language communication is important Experience working with regulation e.g. GDPR/CCPA and bonus points if with KSAs PDPL / NCA Experience with Banks in similar role preferred

Staff Cybersecurity Engineering As a Staff cybersecurity engineer with Convera, we are looking for the primary administrator of an automated GRC platform to support the Convera cybersecurity program and all the IT stakeholders. You will also support efforts using this system for responding to regulator questions, independent audit, and customer assurance. You will be responsible for: Represent the Convera cybersecurity team in the India region with respect to compliance and cybersecurity activities. * Ensure controls are followed continually and without material audit findings or qualifications. Respond and assist with urgent new cybersecurity requirements, security incidents, outages, and customer grievances. Participate and report on multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise. Develop and manage project plans and budget/resource estimates as needed. Participate in Vendor / Supply Chain Risk Management to ensure availability * Perform vendor due diligence Cyber risk reviews to ensure supply chain compliance Assist in Vendor Onboarding/Contract Negotiations related to cybersecurity Perform cyber resiliency assessments to detect and identify weaknesses in the security posture of the organization's resiliency and recovery strategies Assist with vendor due diligence risk reviews and questionnaires to ensure supply chain compliance. Assist in working with Convera vendors, contactors, and third parties to confirm compliance to Convera policies, service level agreements, and acceptable usage policies. Find, report, and help remediate cybersecurity risks and compliance gaps to Convera and Convera-contracted services by working with IT teams, business teams, and other stakeholders. * Oversee regular vulnerability assessments, internal technical reviews, and penetration testing of cloud environments and applications Partner with IT teams to develop and implement remediation strategies for identified security issues Develop metrics and reports to track vulnerability management program effectiveness Evaluate and recommend security tools and technologies Provide security guidance to technical teams Facilitate, coordinate, and obtain vulnerability reporting requirements from multiple stakeholders. Assist on Risk Assessments * Document, analyze, and report control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Partner with IT teams to develop and implement remediation strategies for identified security issues Assist in investigating internal and external information security risk and exceptions assessments Partner with SecOps & Enterprise Tech on new business solutions & architecture Help assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks. Inform the proper stakeholders of important concerns and hazards. Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements. Operate with a high degree of independence regarding cybersecurity project and program activities. * Manage multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise. Respond and assist with urgent new requirements, security incidents, outages, and customer grievances. Develop and manage project plans and budget/resource estimates as needed. Assist in security incident response and forensic investigations when needed Assist in internal and external audit efforts. Support new security and privacy compliance changes from all over the world. About You CompTIA Security+, (ISC)2 SSCP, GSEC, AWS Certified Cloud Practitioner, Azure Security Engineer Associate, Certificate of Cloud Security Knowledge or other industry recognized technical, or security certification(s). CISSP, CISA, CISM, or other industry recognized security certification(s) are preferred. Hands on experience with vulnerability scanning tools and penetration testing methodologies Skilled at analyzing complex problems, impact analysis, and enabling informed decision making. Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation. Up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape. Expertise in planning and delivering a wide range of projects including embedding risk and governance frameworks, introducing new policies and processes, and implementing IT systems. Successful at stakeholder engagement and experienced at operating at both strategic and tactical levels. Can quickly identify key operational risks, material impacts, risk indicators and controls within the business area. Experience with working on IT systems in a global 24x7 operation with varying levels of uptime and security requirements. Have a strongly motivated to work independently, desire to learn and grow in a fast-paced, complex environment. Develop and manage project plans and budget/resource estimates as needed. A fast learner, able to manage details and complex needs. Are up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape. Have strong and honest communication skills as well as confident communicating verbally and in writing. Have a basic understanding of the finance industry, risk management, and cloud technology. Familiar working with industry-standard regulatory requirements (SOC1/2, PCI, GDPR, etc.) and technical standards (CIS, NIST, STIG, etc.) Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation and confident in communicating verbally and in writing with respect to local cultures and languages. About Convera Our teams care deeply about the value we bring to our customers which makes Convera a rewarding place to work. This is an exciting time for our organization as we build our team with growth-minded, results-oriented people who are looking to move fast in an innovative environment. As a truly global company with employees in over 20 countries, we are passionate about diversity; we seek and celebrate people from different backgrounds, lifestyles, and unique points of view. We want to work with the best people and ensure we foster a culture of inclusion and belonging. We offer an abundance of competitive perks and benefits including: Competitive salary Opportunity to earn an annual bonus. Great career growth and development opportunities in a global organization A flexible approach to work #LI-KP1,

Lead in assessing cybersecurity posture and maturity for client based on requirements and pain areas. Recommending cybersecurity strategy and architecture based on client's pain areas and risk assessments. Lead in performing information security risk assessment, tracking and monitoring the risk remediation. Collaborate with internal department of client in addressing and remediating various identified information security risk. Present complex cybersecurity solutions to clients in a clear, concise, and engaging manner, translating technical jargon into understandable benefits. Design and propose customized security solutions that address the client's unique challenge. Define and document security metrics and dashboard to measure and monitor cybersecurity KRI and KPIs. Develop, Implement, and maintain control requirement basis standards such as ISO 27001, HIPAA, HITRUST. Review and update current information security policies and procedures. Create and oversee the implementation of new security and compliance policies and procedures. Profile Description: Strong expertise in cybersecurity principles and best practices Thorough understanding of various security standards, framework, and certifications/attestations e.g., ISO 27001, HIPAA, HITRUST. Thorough understanding of various IT and Information security risk assessment framework/standards In-depth knowledge of various security tools and technologies In-depth understanding of various firewall and vulnerability assessment solutions Top-notch communication skills, both written and verbal, to deliver presentations and consult with diverse client. Excellent analytical and problem-solving skills. Ability to develop security standards and guidelines based on best practices and industry standards for existing and new technologies. Security certifications (e.g., CISSP, CISA) would be added advantage. Stay up to date on the latest cyber threats and vulnerabilities. Familiarity with common tech stacks Understanding of various virtualization tools like PowerBI, Tableau and tool like PowerShell, Python would be added advantage. Engineering in Computer Science, or relevant field We are Mindsprint! A leading-edge technology and business services firm that provides impact driven solutions to businesses, enabling them to outpace speed of change. For over three decades we have been accelerating technology transformation for the Olam Group and their large base of global clients. Working with leading technologies and empowered with the freedom to create new solutions and better existing ones, we have been inspiring businesses with pioneering initiatives. Awards bagged in the recent years: Best Shared Services in India Award by Shared Services Forum 2019 Asias No.1 Shared Services in Process Improvement and Value Creation by Shared Services and Outsourcing Network Forum 2019 International Innovation Award for Best Services and Solutions 2019 Kincentric Best Employer India 2020 Creative Talent Management Impact Award SSON Impact Awards 2021 The Economic Times Best Workplaces for Women 2021 & 2022 #SSFExcellenceAward for Delivering Business Impact through Innovative People Practices 2022

Job Title: Solution Architect Cybersecurity Job Location: Hyderabad Day Shift & 5 days a week Experience: 4+ Years Relevant Experience: 2+ Years Certification: CISSP, CISM, CEH, or equivalent Job Summary: We are looking for a seasoned Cybersecurity Solution Architect to join our team. The ideal candidate will have a deep understanding of cybersecurity principles, extensive experience in designing secure IT infrastructure solutions, and a proven track record in driving security initiatives. This role will involve collaborating with clients to understand their security needs and architecting solutions that align with their business goals. Key Responsibilities: Design and implement comprehensive cybersecurity solutions for IT infrastructure. Conduct security assessments and gap analysis to identify vulnerabilities and recommend remediation strategies. Develop and maintain security architecture artifacts (models, templates, standards, and procedures). Collaborate with cross-functional teams to ensure seamless integration of security solutions. Stay updated on the latest cybersecurity threats, technologies, and regulatory requirements. Provide technical leadership and guidance to clients and internal teams. Support pre-sales activities by providing technical expertise and designing security solutions for proposals. Conduct risk assessments and develop risk management strategies. Ensure compliance with industry standards and best practices (e.g., ISO 27001, NIST). Mentor and train junior staff on cybersecurity practices and principles. Qualifications: Bachelors degree in computer science, Information Technology, or a related field. Masters degree preferred. Minimum of 5 years of experience in cybersecurity, with at least 3 years in a solution architect role. Professional certifications such as CISSP, CISM, CEH, or equivalent. Strong knowledge of cybersecurity frameworks, protocols, and best practices. Experience with security technologies such as firewalls, IDS/IPS, SIEM, DLP, and endpoint protection. Familiarity with cloud security (AWS, Azure, GCP) and hybrid cloud environments. Excellent problem-solving skills and the ability to think strategically. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Preferred Skills: Experience in IT infrastructure design and implementation. Knowledge of software development and secure coding practices. Understanding of regulatory requirements and industry standards. Experience with network security and architecture. Why Join Us: Be part of a dynamic and innovative team. Opportunity to work on cutting-edge cybersecurity projects. Competitive salary and benefits package. Professional growth and development opportunities www.locuz.com | www.cymune.com Best Regards, Talent Acquisition Team Sales & Consulting Email shiva.vobaigari@locuz.com,

As a Director Technology Testing Specialist at Morgan Stanley, you will play a key role in planning and executing full-scope and other tests related to Technology Risk within the Global 2LOD Non-Financial Risk Testing organization. Your responsibilities will include executing and documenting test activities, attending engagement kickoff meetings, interviewing stakeholders, proposing appropriate test activities, developing test scripts, and preparing test reports. You will be expected to bring to the role at least 8 years of audit/risk/compliance experience in the financial services industry or a regulatory organization, along with expertise in executing/conducting Technology reviews. Knowledge of global regulatory requirements such as GLBA, GDPR, Part 30 Information Security, NYDFS, and technology control standards like NIST, FFIEC, COBIT, CIS is essential. Strong analytical, organizational, and problem-solving skills, as well as investigative skills and the ability to prioritize and work effectively on multiple reviews, are also required. In addition to the technical skills, you must have excellent written and oral communication skills, a high degree of organization and attention to detail, and the ability to work independently as well as in a team. Proficiency with tools like Microsoft Word, Excel, PowerPoint, Adobe, SharePoint, and Bloomberg is expected. Chartered Accountant (CA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designations are highly desirable. A BA/BS degree with a concentration in Computer Science, Information Technology, or Cyber Security is required, and other relevant industry certifications in the Technology field such as CISSP or cloud certifications are a plus. Your coverage will be Monday to Friday from 11:30 AM to 8:30 PM, with flexibility required based on business needs and during some Indian holidays. You can expect a supportive and inclusive environment at Morgan Stanley, where diversity and inclusion are valued, and employees are encouraged to maximize their full potential. As part of a global leader in financial services, you will have the opportunity to work with trusted colleagues, committed mentors, and a culture that values diverse perspectives and cross-collaboration.,

: Job TitleNFRM Information Security & Technology Risk Specialist LocationMumbai, India Corporate TitleAssociate Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (5+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 3+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controlsSDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How well support you

: Job TitleApplication Security Specialist Corporate TitleAssistant Vice President LocationPune/Bangalore India Role Description DWS is evolving and expanding its internal information security team. In the CSO Information Security Assurance division, your role will involve assessing the implementation of controls to ensure adherence to Information Security Policies and Procedures. This verification process utilizes the most advanced compliance data sources (i.e., compliance evaluation based on operational data, self-assessment, and independent reviews) to determine whether the necessary information security controls have been established in DWSs applications, infrastructure, and IT processes, including EUDA/EUMA. In this context, it evaluates associated risks and identifies vulnerabilities related to unimplemented controls. The service also offers guidance on training and the application of security controls. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Your main responsibility will be to adhere to the Information Security roadmap for the applications (ensuring information security compliance) based on IS principles (confidentiality, integrity, and availability), and to verify their alignment with DWS/DB policies. Assist application team with the applications that are scheduled for migration/re-migration projects ensuring that its IS Criticality ratings are updated according to the DWS/DB IS criticality methodology. Take part in CSO assurance meetings associated with secure architecture design, new product approvals or other risk review discussions to prevent any delays or escalations arising from non-compliance. Assist the DWS CSO in executing the hybrid model as outlined for decisions related to the Aurora Operating Model, ensuring proper alignment with DB CSO ORR controls. Perform security assurance tasks on DWS CSO solutions, business applications, and IT infrastructure located within the Proteus environment. Conduct a security assessment when retiring business applications or IT applications in the Proteus environment. Aid in resolving regulatory findings and guarantee that there are no outstanding audit issues. Act as a liaison among key role holders such as ITAOs and TISOs to create a secure environment by assessing the Information Security needs. Provide support for the governance of EUDA within a DWS Unit. Contribute to the creation, testing, and management of IS Security Compliance campaigns in accordance with business needs (including documentation and training). Oversee Assurance processes and evidence evaluations throughout DWSs application portfolio to aid in reducing risks linked to non-compliant controls for all DWS entities. Assist in ensuring consistency with all other Control Functions for Operational Readiness. Security compliance reporting is a crucial aspect of the security assurance team. Therefore, you are required to work on the promptness of reporting, the precision of the content, and the comprehensiveness of risk and controls. Ensure automation in reporting and delivering value. Your skills and experience Clear understanding of information security risk and compliance framework. Experience in application security assessment activities. Minimum 8-14 years experience in Information security management area. Understanding on how application security policies, standards, requirements and controlsare defined. Strong Microsoft office (excel macro), automation and analytics experience. Experience in working with information security governance solutions. Experience in CISO Application Security Governance process design Proven experience with Information Security Standards implementation (e.g. ISO27001, ) Proven experience in implementing Risk management standards Any globally recognized information security certification (highly preferred) Graduation and above (preferably IT, Computer science) Understanding of current industry and agency standards, best practices, and/or frameworks i.e.MITRE ATT&CK, NIST, DORA, ENISA, ISO27001, SOC2, SoX, PCI, etc. Dedicated to undertaking any assigned tasks or projects related to CSO. Ability to explain, document and present Information Security risks in a clear, concise and understandable manner, ability to present a big picture and connect the dots Detailed oriented, collaborative and team oriented, ability to manage conflicts with Senior stakeholders Must work independently and can collaborate comfortably in a matrix organization with international teams. Excellent verbal and written communication skills, including the ability to effectively participate in and sometimes lead discussions and meetings with internal and/or executive management and other groups involved in Physical Security/technology control assessments. Structured and reliable work style How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred technical and professional experience Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques.Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Job Summary Network Security Architect Responsibilities Key Responsibilities Review and approve firewall requests in line with risk appetite Review and analyse firewall rules to ensure they are effective and in line with security best practices Ensure all firewall rules are recertified by owners in the specified timeframe Where no owner is made available ensure an owner is found and that necessary information is updated Perform firewall ruleset review Validate the rule compliance report of the firewalls generated from the automated firewall review solution and share with the respective stakeholders Perform ACL ruleset management add update remove optimize to remove defunct duplicate rules Follow the change management process for creationmodificationremoval of rules with necessary approvals Clearly document all changes to firewall rules including the reason for the change the details of the change the requestor and the date and time of the change Periodically reviewing existing firewall rules to ensure they are still necessary and appropriate Remove outdated or redundant rules Regularly assess rule effectiveness Adjust rules based on issues identified Experience Qualifications Should have 16 to 20 years of experience in setup configuration and ongoing management of firewall devices like Palo Alto F5 Zscaler Cisco ISE Azure DDoS Strong in Network Architecture and has to design and develop the architecture framework Should have experience in preparing HLD and LLD documents Should have experience in managing endtoend delivery Should have excellent communication skills Strong leadership and team management skills Ability to work collaboratively with crossfunctional teams Good to have CISSP Certified Ethical Hacker CEH CISM certifications

Position Summary We are seeking an experienced SOC Analyst to join our Security Operations team. This role demands an individual with a strong technical background in incident analysis, SIEM administration, and rule fine-tuning. The ideal candidate will have experience working with diverse environments, including Windows, Linux, and network security, and will be well-versed in ELK stack management and troubleshooting beats agents. Key Responsibilities 1. Incident Detection and Analysis: o Conduct deep-dive analysis on security incidents, assessing root causes, and recommending solutions. o Proactively monitor and respond to security alerts, managing incident escalation and resolution processes. o Prepare detailed reports and document incidents to support future analysis and security measures. 2. SIEM Administration and Rule Fine-Tuning: o Oversee SIEM configurations, including tuning rules to optimize alerting and reduce false positives. o Conduct SIEM platform upgrades, troubleshoot performance issues, and ensure platform availability. o Collaborate with IT teams to integrate new data sources into SIEM and enhance visibility. 3. System and Network Security: o Perform continuous monitoring and analysis across Windows and Linux systems and network infrastructures. o Utilize tools for traffic analysis, anomaly detection, and threat identification. o Support configurations and policies within the IT and network environment to strengthen security. 4. ELK Stack and Beats Agent Management: o Manage and troubleshoot ELK Stack components (Elasticsearch, Logstash, and Kibana) to ensure seamless data flow. o Perform regular maintenance and troubleshooting of beats agents, ensuring reliable log ingestion and parsing. 5. Security Policies and Compliance: o Contribute to policy updates, ensuring adherence to organizational and industry compliance standards. o Document and enforce security controls aligned with best practices and regulatory requirements. Skills and Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. Experience: o Minimum of 5+ years in SOC operations or a similar cybersecurity role. o Proven experience in SIEM administration, incident analysis, and configuration fine-tuning. o Proficiency in monitoring and troubleshooting Windows and Linux systems and managing network security protocols. o Hands-on experience with the ELK Stack, with expertise in troubleshooting beats agents. Technical Skills: o Familiarity with SIEM tools (e.g., Splunk, QRadar) and network protocols. o Strong command of incident response processes, security frameworks, and best practices. o Knowledge of communication protocols and system integrations for data protection. Certifications (preferred): CISSP, CompTIA Security+, CEH, or similar security certifications. Competencies Strong analytical skills with attention to detail. Excellent verbal and written communication abilities. Ability to work independently and collaboratively in a fast-paced environment. Additional Preferred Skills Knowledge of regulatory compliance standards. Experience in using EDR solutions. Ability to document processes and create incident playbooks. This role offers an opportunity to work on advanced cybersecurity initiatives within a dynamic SOC environment, contributing to enhanced organizational security.