726 Cissp Jobs - Page 29

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Lead security solution development projects Conduct security assessments and audits Develop security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in Security Solution Development Strong understanding of cloud security principles Experience with security architecture design Knowledge of security compliance standards Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in Security Solution Development This position is based at our Pune office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: Expected to be an SME. Collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Facilitate training sessions to enhance team knowledge and skills. Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Good To Have Skills: Experience with SailPoint IdentityNow. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security frameworks. Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information: The candidate should have minimum 5 years of experience in SailPoint IdentityIQ. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities: Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements. Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity. Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces. Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle. Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular). Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules. Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification. Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning. Lead red team exercises and security reviews in coordination with product security and development teams. Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262. Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis. Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces. Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular. In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications. Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments. Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434. Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards. Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering. Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment. Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams. Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information: 7+ years' experience implementing and performing Automotive Cybersecurity This position is based at our Bengaluru office A 15-year full time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: Expected to be an SME. Collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Facilitate training sessions to enhance team knowledge and skills. Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: Must To Have Skills: Proficiency in One Identity Manager. Strong understanding of cloud security principles and practices. Experience with identity and access management solutions. Familiarity with compliance frameworks such as ISO 27001 or NIST. Ability to analyze security incidents and develop mitigation strategies. Additional Information: The candidate should have minimum 5 years of experience in One Identity Manager. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: 3+ years' experience implementing and performing Automotive Cybersecurity Knowledge of tools like CANoe, Wireshark, or Ghidra. Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Red Teaming Expert – Adversarial ML, Threat Simulation, and AI Security StrategyWe are seeking a highly experienced and visionary AI Red Teaming Expert 12+ years of experience across cybersecurity and machine learning. This role is ideal for professionals who thrive in dynamic environments and possess a passion for securing cutting-edge AI/ML systems. You will lead red teaming operations, simulate adversarial threats, and guide the organization's AI security posture at strategic and technical levels. The ideal candidate demonstrates deep technical expertise, exceptional leadership, and a keen understanding of adversarial machine learning and risk mitigation frameworks. Roles & Responsibilities: Define and execute the AI red teaming strategy across the organization. Simulate realistic and advanced adversarial attacks against AI/ML systems aligned with business contexts. Review AI/ML system architecture to identify security gaps and advocate for secure design patterns. Establish internal standards and workflows for AI threat modeling, risk assessment, and adversarial testing. Stay ahead of evolving adversarial ML threats and guide the development of defensive strategies. Contribute to secure development practices for model deployment pipelines and lifecycle management. Lead and mentor a specialized team of AI security analysts and red teamers. Represent AI security strategy in executive forums and drive cross-functional alignment. Collaborate with engineering, data science, compliance, and legal stakeholders to integrate security into AI innovation cycles. Drive internal policy-making efforts around responsible and secure AI development practices. Own and lead remediation initiatives, translating findings into actionable improvements across teams. Professional & Technical Skills: Exceptional communication and leadership skills with the ability to convey technical issues to non-technical stakeholders. Proven experience managing high-impact security initiatives and leading diverse teams. Strategic thinker capable of aligning AI security objectives with business goals. Passionate about AI safety, responsible innovation, and emerging threat landscapes. Strong analytical and problem-solving skills in high-pressure environments. Hands-on expertise in red teaming AI/ML systems at scale. Strong understanding of adversarial ML techniques, threat simulation tools, and AI model manipulation tactics. Experience implementing and aligning with frameworks such as OWASP Top 10 for LLMs, ISO 42001, NIST AI RMF. Proficiency in AI/ML pipeline security, model risk evaluation, and secure MLOps practices. Familiarity with deep learning frameworks (e.g., TensorFlow, PyTorch) and their associated vulnerabilities. Demonstrated ability to design, execute, and scale red teaming programs in AI-native environments. Additional Information:Bachelor's or Master's degree in Computer Science, Information Security, Machine Learning, or related field.Recognized certifications such as CEH, OSCP, CISSP, or credentials specific to AI security (e.g., MITRE ATLAS experience) are a plus. 12+ years of experience spanning cybersecurity, AI/ML, and adversarial testing This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about security architecture and driven to protect against the latest threats? We are seeking a Security Lead who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Security Lead, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customer’s assets. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from a Junior Architect to Principal Architect – we have opportunities for that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise •Minimum of 8 years of experience in security architecture design and implementation within a Service Provider organization •Experience with security frameworks such as NIST CSF, ISO 27001, or CIS Controls. . Exp in Fortigate Firewall, WAF or Zscaler(Mandatory) •Deep understanding of security technologies, such as firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint protection •Strong knowledge of cloud security concepts and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) Preferred Technical and Professional Experience •Relevant industry certifications such as CISSP, CISM, or CCSP •Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Skill required.. •Accomplish ITQM objectives in the assigned project by planning, executing and evaluating quality activities (as per service description). Accountable that assigned projects implement security and compliance with applicable laws/regulations like CSV, NVS Standards, the IMF, and project methodology Hands-on experience in Regulatory Compliance (UK DPA, SOX, PII, Data Privacy & Security etc.). Should be able to liaison with the client information security, compliance & legal teams on regulatory requirements & facilitate evidence provisioning during audits • Experience in implementation of at least 2 complete cycles of Information Security Management Systems. Good understanding of domains such as Network security, Firewall audits, VA/PT, Access Management etc. Should have experience in domains such as ISAE3402 • Strong knowledge of Qualification and Validation project development/implementation processes. • Excellent FDA GxP understanding. • Knowledge of SoX, cGMPs, FDA and EMA guidelines. • Preferred Certifications: ISO 27000 LA, CISA, CISM, CISSP, ISO 9000 • Experience in planning & conducting & leading internal audits on information security, pharma quality & compliance • Experience in audits of ITSM processes (Change Mgmt, Incident/Problem Mgmt). ITIL V3 foundation must. • Good Program/Project management skills along analytics & reporting skills with strong communication & presentation. • Ability to work with all level of clients & internal resources • Knowledgeable about Business Continuity Management & Disaster Recovery. ISO 22301 experience preferred. JD • Point of contact for client stakeholders as well as HCL Operations team for guidance & support regarding compliance control requirements and implementation into service operations • Create & Document the control compliance plans for all services in scope • Lead Compliance processes for large Pharmaceutical Client for specific geography • Manages the infrastructure Qualification of hardware/Servers. • Maintains categorization of Off-the-shelf validation categories. • Ensure that the operations run-books & SOPs are inline & map with Policies, Standards, and Guidelines relating to security, privacy, and confidentiality for the Client IT Environment. Development of Security plan & ensuring adherence for all security domains relevant for in-scope services • Develop & Plan internal audit calendar aligned to clients internal as well as external audit schedule • Execute Security audits as per the agreed upon plan with client stakeholders and work with operations teams for remediation of any gaps and non-compliances • Provide agreed upon and ad-hoc reports for audits & compliance operations. • Facilitate in-time evidence provisioning to client audit, risk & compliance teams at time of external audits • Conduct process audits for ITSM as per agreed upon process controls • Participate in client meetings and committees that investigate compliance needs and develop new and modified Policies, Standards, and Guidelines We are looking for functional consultants have extensive experience in GxP related policies & process definitions and enforcements.

Client interface for understanding the SOX IT General Controls as applicable to Application &Infrastructure operations Conducting assessment of existing processes and align them to COBiT 2018 standard. Conducting TOE and TOD for ITGCs Documentation of as-is SOX 404 IT General Controls as they are currently being executed in client environment. Identify process exceptions and risk with respect to materiality defined by the SOX controller. Evaluating 3rd parties and their ITGC environments by assessment of SSAE18 reports Create Process Summaries, Compliance runbooks and RCMs. Define RACI for Control owners, executioners etc. Work with Senior Management of the organization and business teams in getting assertions. Point of contact for the client compliance & IT audit team for provisioning SOX audit evidence within the SLAs defined. Provide strategic guidance& consulting support on implementation of SOX controls for Networks, Operating Systems, System Security, Backup & Recovery, Storage, BCP/DR Identify technical remediations for SOX 404 ITGC and create short term and long term roadmap for remediation Conducting regular training for technical teams for SOX control implementation & audits Should have worked on consulting/implementation & audit of SOX IT General Controls associated with IT Operations (Mandatory) CGEIT, COBiT Experience & COSO ERM execution (preferred) Excellent understand & experience in IT applications &infrastructure management which includes SDLC, App Security, DevOps, Networks, Data Centre Operations, Service Management/Service Desk, Server Management etc. Excellent understanding of IT Service Management processes. ITIL certified. Should be able to identify & report risks related to SOX ITGC design effectiveness & operational effectiveness gaps Should have experience in executing end-to-end SOX ITGC audit life cycle Exposure to other regulatory compliances such as Data Protection Act Candidate should have client facing experience B.E/B.Tech with MBA preferred. Candidates with following Certifications will be preferred: CISA/CGEIT/CISM/CISSP ISO 27001 Implementer, Lead Auditor ITIL V3.0

L1/L2/L3 Must-Have Skills: 4+years in SOC 2-3 years as L3 level Team Lead Valid-Active CISM/CISSP certification Expertise in EDR, Incident Response, Threat Hunting Proficiency in Splunk for security monitoring Good-to-Have Skills: CEH, OSCP, GIAC certifications Cloud Security expertise in AWS, Azure, or GCP Scripting with Python, PowerShell Familiarity with MITRE ATT&CK Knowledge of ISO 27001, NIST, GDPR, RBI guidelines Digital Forensics & Malware Analysis Strong stakeholder management skills Academic Qualifications: Valid-Active CISM/CISSP certification Requirements: Location: Mumbai (Kurla) Client Site Job Type: Hybrid Shift Timings: General shift (5 days/week, 2 working Saturdays) Key Performance Indicators: Timely incident resolution Regular metrics and report presentation SIEM efficiency and compliance Integration of SIEM with other solutions Stakeholder collaboration effectiveness kumari nanhi 7505229019 kumari@zyvka.com

Job Summary :- We are seeking a detail-oriented and proactive Employee Monitoring Specialist to oversee and manage employee activity monitoring systems to ensure compliance with company policies, enhance productivity, and protect sensitive information. The ideal candidate will have experience with monitoring tools (e.g., Teramind, ActivTrak, or similar platforms), data analysis, and compliance management. Key Responsibilities :- Administer and manage employee monitoring software (e.g., Teramind, ActivTrak, etc.) to track user activity, system access, and data handling. Monitor, review, and analyze employee activity reports to identify anomalies, suspicious behaviors, or policy violations. Work closely with compliance, HR, and IT departments to investigate incidents, prepare reports, and recommend corrective actions. Ensure that monitoring activities comply with company policies, data privacy regulations, and legal standards. Develop and maintain monitoring dashboards, alerts, and reporting mechanisms for leadership. Assist in drafting and updating company policies related to acceptable use, data handling, and system access. Conduct audits and periodic reviews of employee system usage, application access, and document handling. Train relevant stakeholders on monitoring systems, security best practices, and compliance requirements. Maintain accurate and secure records of monitoring activities, incidents, and resolutions. Stay current on best practices, industry trends, and evolving regulations related to employee monitoring and data protection. Required Qualifications :- Bachelors degree in Information Technology, Cybersecurity, Business Administration, or a related field. 2+ years of experience in employee monitoring, IT compliance, or cybersecurity. Hands-on experience with monitoring platforms like Teramind, ActivTrak, Veriato, or similar. Strong understanding of data privacy laws, including GDPR, HIPAA, or other relevant regulations. Excellent analytical, problem-solving, and communication skills. Ability to handle sensitive and confidential information with discretion and integrity. Preferred Qualifications :- Certifications in IT security, compliance, or data privacy (e.g., CIPP, CISSP, CISM, CompTIA Security+). Experience working in a regulated industry (e.g., finance, healthcare, or SaaS). Familiarity with incident response and investigation processes.

Job Description :- We are seeking a highly skilled Teramind Monitoring Expert with hands-on experience in compliance, monitoring, and system surveillance. The ideal candidate will be responsible for the effective implementation and management of Teramind monitoring solutions to ensure adherence to regulatory requirements and optimal system performance. Key Responsibilities :- Implementation & Configuration :- Install, configure, and manage Teramind monitoring software across the organization. Monitoring & Surveillance :- Continuously monitor system activities, user behaviors, and network traffic to detect and prevent security breaches. Compliance Management :- Ensure all monitoring activities comply with relevant regulatory standards and organizational policies. Incident Response :- Quickly respond to security incidents and anomalies detected by the Teramind system. Reporting & Analysis :- Generate detailed reports and analysis of monitoring data for management review and compliance audits. Policy Development :- Develop and update security policies and procedures related to system monitoring and data protection. Training & Support :- Provide training and support to staff on the use of Teramind tools and best practices for system monitoring. System Optimization :- Continuously evaluate and enhance the performance of the Teramind system to ensure optimal efficiency and security. Collaboration :- Work closely with IT, security, and compliance teams to integrate monitoring solutions with other security measures. Qualifications :- Education :- Bachelor's degree in Computer Science, Information Technology, or a related field. Experience :- Minimum of 3-5 years of hands-on experience with Teramind or similar monitoring software. Technical Skills :- Proficiency in system monitoring, network security, and compliance standards (e.g., GDPR, HIPAA). Analytical Skills :- Strong analytical and problem-solving skills with the ability to interpret complex monitoring data. Communication Skills :- Excellent verbal and written communication skills for effective reporting and collaboration. Certifications :- Relevant certifications such as CISSP, CISM, or equivalent are a plus. Preferred Attributes :- Detail-oriented with a proactive approach to identifying and mitigating security risks. Ability to work independently and as part of a team in a fast-paced environment. Strong ethical standards and commitment to maintaining confidentiality and data integrity.

IS audit of Banks’ Application systems and related IT operations such as IT Governance, Information Security Governance, Audit of IT General Controls, IT Infrastructure audits, Audit of Outsourced agency having impact on banks’ IS operations, etc. Required Candidate profile Experience - 15 to 25+ years Location - Mumbai -Andheri East

Job Description Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check Career Level - IC3 Responsibilities Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Designing, implementing, managing & maintaining endpoint solutions (Tanium, Crowdstrike), Hands on experience on endpoint tools and overall cybersecurity practices Strong ethics and understanding of ethics in business and information security Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check

Job Description Design, develop, troubleshoot and debuSaaS Security Testing Services team is looking for Security Testing and Tools Engineers with various degree of experience in AppSec/Product Security field in Oracle India Development Center under the Oracle SaaS Cloud Security (SCS) organization. Oracle SaaS a.k.a. Oracle Cloud applications, built on machine learning, offer the most complete application suite with the best technology, enabling fast innovation with a modern UX and customer-first approach and one of the top strategic cloud services for Oracle. The SCS organization is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day. You will get the opportunity to join our efforts to reshape not only future of security testing and automation for Fusion App SaaS Services at Oracle but influence the security testing landscape across all the SaaS offerings. We are seeking hands-on, senior security analyst with the depth and breadth to evaluate complex web applications and technology stacks for security and build/code to address the security threats. You will have the opportunity to work in a cloud-scale environment using the latest security technologies/tools and collaborate with the best minds in the industry, to collectively stay ahead and respond to growing threats to cloud services. SaaS STS team will optimally engage in conducting white box/grey box application security testing - complementing what the development teams do in a more integrated and more coordinated setting through the security automation and tooling. SaaS STS team responsibilities will include implementation of Static Code Analysis, Dynamic App Security Testing/Fuzz Testing, Interactive / manual App security testing, facilitate automation of security verifications in CI/CD pipeline and evidence capturing for compliance audits. This position requires technical security knowledge and Cloud/DevSecOps or product development experience. Career Level - IC4 Responsibilities Job Requirements: MS or equivalent degree in computer science, or equivalent 6+ years of software engineering and technical leadership with proven results in software development, appsec and pen-testing Detailed exposure to web application pen test, forensics and intrusion handling The ideal candidate will have the following skills: Experience in product development or Security QA or penetration testing of Enterprise software, SaaS, IaaS or PaaS cloud services preferred Web application pen test, intrusion detection, vulnerability assessment Proficiency with Java, RESTful API, micro-services, Python. Experience in file system and operating system security analysis and attack vector detection Experience in database encryption methods and implementation, DB fuzzing and DB pen test Hands-on expertise on pen-testing of cloud applications and related infrastructure Understanding exploit mechanisms using CVEs for web services and microservices Should have worked on industry standard tools for security BURP, Web Inspect, Qualys, Nessus, REST API fuzzer, SAST tools etc. Ability to work in an agile and continuous software integration model. Security certifications like OSCP, LPT, ECSA, CISSP would be an added advantage Key Responsibilities You will work with Oracle Fusion Apps and other SaaS Services development teams to identify gaps in security testing and implement scalable solutions to improve security testing You will perform appsec and pen-testing of Oracle SaaS applications and infrastructure. You will implement automated security processes and security tooling in CI/CD pipeline. You will work with development teams and provide remediation mentorship to address any security findings You will evaluate and deploy new security tools and technologies to handle constantly evolving security threats landscape and support hyper-scale SaaS growth.

Job Description Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Strong ethics and understanding of ethics in business and information security Demonstrated knowledge working with Endpoint solutions like Crowdstrike, Trellix and Tanium Multicloud security hands on experience and knowledge Good to have Knowledge on network access controls products such as Cisco ISE Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check Key Activities Managing and administering enterprise security solutions and infrastructure delivering high availability and performance Perform system maintenance activities including software upgrades and patch management Assess new software releases and patches, contribute to development of test plans, and develop implementation procedures and guidelines Implement new changes in the system following the proper procedure and change management process Contribute to the design and development of solution performance data collection, alarm and performance criteria and reporting capabilities Provide technical support on system and application performance issues Participate in incident, change and problem management functions Participate in the development of business continuity and disaster recovery plans, process and procedures Career Level - IC3 Responsibilities Must have requirements: Minimum of 5+ years work experience working with security tools and with security administration. Strong ethics and understanding of ethics in business and information security Demonstrated knowledge working with Endpoint solutions like Crowdstrike, Trellix and Tanium Multicloud security hands on experience and knowledge Good to have Knowledge on network access controls products such as Cisco ISE Ability to mentor juniors and get them up to speed with the process Possess any current security certifications (e.g., CISSP, Security+) Ability to present and articulate findings to technical staff and executives Ability to participate in on-call rotation as needed Must be able to pass a background check

Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Develop and maintain vulnerability management processes, Analyze assessment results to identify and prioritize risks. Perform penetration testing.

We are looking for experienced TPRM (Third-Party Risk Management) Consultants with a strong background in the Life Sciences domain. The role involves conducting internal audits and third-party risk assessments focused on cybersecurity, compliance, operational, and fraud risks within pharmaceutical or healthcare settings. Candidates should be skilled in evaluating vendor risks, drafting SOPs and policies, performing gap analyses, and ensuring regulatory alignment. Relevant certifications like CISM, CISA, or CISSP are a plus. Location : - India(Remote) Preferably Hyderabad

primary Skills: Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organisation Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWS Job Description: The candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manual work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Apply here: https://career.infosys.com/jobdesc?jobReferenceCode=INFSYS-EXTERNAL- 210430

Security Architect Selected candidate to support our client, APAC based Investment bank, in Security Architect profile. Our client is seeking a highly skilled and proactive Security Architect to play a crucial role in their team ensuring the security and compliance of project / application implementation, with a particular focus on Cloud services and technologies for all business units. KEY RESPONSIBILITIES Conduct security-by-design reviews on new programs, initiatives, projects, Cloud services and technologies regionally (in-house development, Commercial Off-The-Shelf, SaaS), ensuring sufficient documentation for compliance / audit. Collaborate with Group and Regional information security teams, as well as business stakeholders, to ensure project implementation aligns with security controls in accordance with policies, standards, guidelines, and regulations. Take part in the security architecture blueprint and design review process for the Cloud hosted solutions. Ensure critical vulnerabilities are tracked and remediated prior to application go-live. Analyse, review, and approve non-standard software/technology implementations regionally. Perform ad-hoc and periodic reviews of Proxy/Network/Firewall requests, designs, and configurations in client network. Provides advisory and consultation to business units, business owners, and project teams for any Cloud Security related matters. Create a culture of security-by-design awareness by conducting related training for LBUs and other relevant stakeholders. Create, maintain, and update relevant security policies, standards, and operating procedures for client. Support the team leader with any assigned security operation tasks related to endpoint security, network security, data protection, DLP, VAPT, security alerts, and incidents. EXPERIENCE / QUALIFICATIONS Recognized degree in Computer Science or related Engineering fields. 5-10 years of demonstrated experience in reviewing and identifying gaps in architecture blueprints and designing controls, especially in the Cloud domain. Candidates with proven experience in financial services industry is preferred. Must be able to recommend mitigations to threat models based on threat vectors and exploits. Good knowledge and experience with regulations, including PDPA, MAS guidelines, and technology/cybersecurity regulations in other Asian countries (e.g., Thailand, Malaysia, Taiwan). Understanding of asset and/or wealth management businesses, including trade lifecycle and operational processes, is a plus. Certifications such as CISA, CISSP, and CCSP are encouraged and demonstrate continuous learning and application of standard methodologies. Ability to understand business requirements and security risks during security assessments and consultations. Understanding of the company's business direction from products, solutions, market, and technology perspectives in the Cloud domain. OTHER TRAITS Possess exceptional problem-solving and data analysis skills. Positive attitude and collaborative mindset. Highly motivated to stay updated with the latest developments in technology-related regulations and to acquire broad technical knowledge and skills. Strong communication, presentation, and interpersonal skills; ability to work collaboratively and effectively with employees at all levels in different geographies. A good team player in managing internal and external stakeholders to resolve issues and align with objectives. Exhibit proactiveness in identifying, articulating, and remediating gaps and issues.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Configure, manage, and support SailPoint IdentityNow (IDN) for provisioning, de-provisioning, role management, and access governance across the enterprise.Maintain and troubleshoot SailPoint IDN connectors for integration with various on-premise and cloud-based systems, such as Active Directory, SAP, Office 365, and AWS.Identity Lifecycle Management:Manage the entire identity lifecycle process, including user provisioning, role-based access control (RBAC), access reviews, and compliance reporting.Automate identity-related processes using SailPoint's workflows and policies to enhance operational efficiency.Access Request and Approval Workflow:Design, configure, and maintain user access request workflows, approval processes, and access certification campaigns in IdentityNow.Work closely with stakeholders to define and enforce role-based access policies, ensuring compliance with security best practices.Integration and API Management:Integrate SailPoint IdentityNow with enterprise applications and third-party tools using connectors, APIs, and out-of-the-box integrations.Collaborate with IT teams to integrate IAM solutions into the broader enterprise architecture and security ecosystem.Security & Compliance:Implement role mining, entitlement management, and access certification processes to maintain compliance with internal and external regulatory requirements.Generate reports and dashboards to track access violations, security events, and audit findings.Troubleshooting & Support:Provide support for any issues related to SailPoint IdentityNow, including troubleshooting and resolving user access, workflows, and integration problems.Participate in system upgrades, patches, and testing to ensure continuous functionality and security of the identity management system.Collaboration & Documentation:Work closely with stakeholders to gather requirements and design solutions that meet business needs.Document processes, configurations, and best practices related to SailPoint IDN administration and configuration.Training & Awareness:Provide training and knowledge transfer to the internal teams on how to effectively use SailPoint IdentityNow.Educate users on identity governance processes, including access requests, role management, and compliance. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityNow. Strong understanding of cloud security principles. Experience with security tools and technologies. Knowledge of regulatory compliance requirements. Hands-on experience in implementing security controls. Good To Have Skills: CISSP certification. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityNow. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-. Provisioning and DeprovisioningAutomated User Onboarding:When a new user joins an organization, SailPoint can automatically assign the appropriate roles and permissions based on predefined rules.Deprovisioning:Automatically revoking access when a user leaves the organization or changes roles.2. Access ReviewsAutomate periodic access reviews, where managers or users themselves review the permissions they have in various systems to ensure compliance with security policies.3. Role ManagementAutomating the creation and management of roles and ensuring that roles are properly assigned based on business rules, job functions, or regulatory requirements.4. Policy EnforcementAutomating policies that define acceptable access rules and automatically enforcing them, such as ensuring users do not have conflicting access or excessive permissions.5. Lifecycle ManagementAutomatically handling the lifecycle of a user's access based on their status (e.g., employee, contractor, etc.), department, or organizational role.6. Custom Workflows and ApprovalsUsing workflows to automate approval processes, such as multi-step approval for granting access to critical systems.7. Scheduled JobsSailPoint allows you to automate jobs that need to run on a schedule, such as syncing identity data from external systems, updating entitlements, or importing logs.8. Integration with Other SystemsSailPoint can integrate with other enterprise systems (HRMS, CRM, etc.) and automatically sync user data and permissions across systems. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of cloud security principles Experience in implementing security controls in cloud environments Knowledge of industry security standards and best practices Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: . Provisioning and DeprovisioningAutomated User Onboarding:When a new user joins an organization, SailPoint can automatically assign the appropriate roles and permissions based on predefined rules.Deprovisioning:Automatically revoking access when a user leaves the organization or changes roles.2. Access ReviewsAutomate periodic access reviews, where managers or users themselves review the permissions they have in various systems to ensure compliance with security policies.3. Role ManagementAutomating the creation and management of roles and ensuring that roles are properly assigned based on business rules, job functions, or regulatory requirements.4. Policy EnforcementAutomating policies that define acceptable access rules and automatically enforcing them, such as ensuring users do not have conflicting access or excessive permissions.5. Lifecycle ManagementAutomatically handling the lifecycle of a user's access based on their status (e.g., employee, contractor, etc.), department, or organizational role.6. Custom Workflows and ApprovalsUsing workflows to automate approval processes, such as multi-step approval for granting access to critical systems.7. Scheduled JobsSailPoint allows you to automate jobs that need to run on a schedule, such as syncing identity data from external systems, updating entitlements, or importing logs.8. Integration with Other SystemsSailPoint can integrate with other enterprise systems (HRMS, CRM, etc.) and automatically sync user data and permissions across systems. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Strong understanding of cloud security principles. Experience with security architecture design. Knowledge of security compliance standards. Hands-on experience with security tools and technologies. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Okta Workforce Identity Cloud (WIC) Administration:User Provisioning & Lifecycle Management:Administer and manage Okta Workforce Identity Cloud (WIC) for user provisioning, de-provisioning, and lifecycle management of internal employees and contractors.Design and implement user authentication flows, multi-factor authentication (MFA), Single Sign-On (SSO), and federated identity integrations to provide secure access to corporate applications.Access Management & Policy Enforcement:Configure and maintain access policies, including role-based access control (RBAC) and dynamic access policies based on user attributes and risk context.Implement Okta's Adaptive Authentication to assess risk levels and apply additional security controls based on user behavior.Integration:Integrate Okta WIC with on-premise and cloud-based enterprise applications (e.g., Office 365, Google Workspace, Salesforce, AWS) to enable seamless authentication and authorization.Ensure Okta integration with Active Directory (AD), LDAP, and other identity repositories to manage workforce access.Monitoring & Reporting:Monitor Okta's WIC platform for performance, security events, and access-related incidents.Generate reports on user activity, authentication logs, and security events to ensure compliance with internal and external regulations.Okta Customer Identity Solutions (CIS) Administration:Customer Identity Management:Administer and optimize Okta Customer Identity Solutions (CIS) for external customers, managing user registration, self-service access, and user authentication across web and mobile applications.Configure and customize customer-facing authentication flows, such as SSO, social logins (Facebook, Google, etc.), and multi-factor authentication (MFA).Customer Experience & Security:Collaborate with product and marketing teams to design a seamless, user-friendly registration and login experience for customers, while ensuring compliance with security and privacy standards.Implement adaptive authentication for customer identities to ensure secure and personalized access across applications and services.API & Developer Tools Integration:Leverage Okta APIs and developer tools to integrate Okta's Customer Identity capabilities with third-party services, such as customer relationship management (CRM) and marketing tools.Support customer-facing applications in scaling Okta-based authentication and user identity flows for optimal performance. Professional & Technical Skills: Must To Have Skills: Proficiency in Okta Identity Management Strong understanding of cloud security principles Experience with security architecture design Knowledge of identity and access management Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in Okta Identity Management. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Develop, configure, and customize the Saviynt IGA platform, including Identity Governance and Access Management features.Design and implement role-based access control (RBAC), access certifications, and policy enforcement in the Saviynt environment.Work with business and technical stakeholders to gather requirements and deliver IAM solutions that meet organizational needs.Configure and customize Saviynt's connectors to integrate with various enterprise applications, systems, and cloud platforms.Develop and implement identity workflows, including user provisioning and de-provisioning, role assignments, and access requests.Troubleshoot and resolve issues related to identity governance and access management in the Saviynt environment.Collaborate with the security and compliance teams to ensure that all IAM solutions adhere to security standards and regulatory requirements.Develop custom scripts, API integrations, and automated processes to streamline identity management tasks.Participate in designing and implementing audit logs and reports for compliance tracking and access reviews.Provide ongoing support and maintenance of Saviynt IGA implementations, including troubleshooting and performing software upgrades.Stay updated on industry trends in identity management, governance, and Saviynt platform updates to continuously enhance system features. Professional & Technical Skills: Must To Have Skills: Proficiency in Saviynt Identity Platform. Strong understanding of cloud security principles. Experience with implementing security controls in cloud environments. Knowledge of identity and access management concepts. Hands-on experience with security tools and technologies. Additional Information: The candidate should have a minimum of 3 years of experience in Saviynt Identity Platform. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education