516 Cissp Jobs - Page 3

5+ exp compliance or policy development in IT, cybersecurity, or endpoint management Policy Development and Implementation Compliance Monitoring and Reporting Risk Management Training and Awareness Incident Management Collaboration and Support Required Candidate profile Compliance & Policy Development CISA, CISM, CISSP Preferred Work with IT, legal, CISO office, and cybersecurity Present compliance reports to - Unified Endpoint Manager, CISO office stakeholders

QA Issue Reviewer This job is responsible for performing moderately complex Issues QA reviews (control failures/control weaknesses) across the Global Technology organization. Key responsibilities include designing and executing reviews for multiple issues of any type sseverity within a technical domain / organization as identified by the Issues Lead. This issue reviewer may have one or more junior reviewers aligned to assist. In this role, it is expected the reviewer will already possess a rich Issues QA acumen and a thorough understanding of the assigned LOB/CIO. Also, deep knowledge of the industry is required. This resource will promote teamwork, diversity and share experiences. An awareness and application of operational excellence and an efficiency mindset will be developing. Responsibilities: To execute review activities according to the instructions given by the Issues Lead and follow issues review documentation requirements. Develop test approach to leverage during review of assigned Issues To interact with business lines, control, and governance groups in order to gain understanding of business processes and controls. To fully comply with corporate standards and regulatory requirements. Identifies deficiencies, discusses with line management, and initiates recommendations Establishes business partner relationships, primarily with line management, to develop business knowledge Executes QA strategy by executing sound QA practices, leveraging automation and innovative methods, and delivers in a timely and high-quality manner Exercises intellectual curiosity and judgment to effectively influence and challenge management to drive continuous improvements on QA Develops skills to use innovative tools to complete review activities more efficiently

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity Access Management (IAM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity Access Management (IAM).- Strong understanding of cloud security principles and best practices.- Experience with identity governance and administration tools.- Knowledge of regulatory compliance frameworks related to cloud security.- Familiarity with risk assessment methodologies and security incident response. Additional Information:- The candidate should have minimum 3 years of experience in Identity Access Management (IAM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Operation Automation.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Third Party IT Risk Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular assessments of cloud security measures and recommend improvements.- Facilitate training sessions for team members on cloud security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Third Party IT Risk Management.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment methodologies and tools.- Ability to develop and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information:- The candidate should have minimum 7.5 years of experience in Third Party IT Risk Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Service Delivery Good to have skills : Security GovernanceMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture while adapting to evolving threats and compliance requirements. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team understanding of cloud security practices.- Continuously evaluate and improve the cloud security framework based on emerging threats and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Service Delivery.- Good To Have Skills: Experience with Security Governance.- Strong understanding of cloud security principles and best practices.- Experience in risk assessment and management related to cloud environments.- Ability to design and implement security controls tailored to cloud architectures. Additional Information:- The candidate should have minimum 15 years of experience in Service Delivery.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

We are seeking a Senior Cyber Security Consultant with extensive experience in enterprise IT security, risk management, and cloud-based security solutions. The ideal candidate will have a deep understanding of managing cyber security risks during digital transformations and will be responsible for leading hands-on engagements and delivering results that address critical security concerns. This role involves working closely with both technical and business teams to identify and mitigate risks in complex environments. Key Responsibilities Leadership in Execution & DeliveryLead hands-on engagements, managing the development of deliverables from start to finish. Work with teams to analyze requirements and produce prioritized results aligned with client needs and risk profiles. Expert Cyber Security AdvisoryProvide expert advice on best practices for managing cyber security risks during digital transformation, including adoption of cloud, DevOps, containerization, microservices, and zero trust frameworks. Security Reviews & AssessmentsConduct security reviews and maturity assessments across technology and business teams to identify and address cyber risks. Provide clear, organized findings and actionable recommendations for risk mitigation. Trusted Engineer for ClientsAct as a trusted advisor and security engineer for customers' engineering teams, ensuring that security is integrated into every phase of digital transformation. Risk and Vulnerability AnalysisAssess and implement security measures to safeguard IT environments. Identify vulnerabilities, focusing on security protocols, cryptography, authentication, authorization, and performance. Security ImplementationLead the implementation of security solutions, including multi-factor authentication (MFA), single sign-on (SSO), identity management, and related technologies. Client Interaction & CommunicationEffectively communicate security measures and solutions to a broad audience, including both technical and executive teams. Manage client expectations with clear, concise verbal and written communication. Continuous Learning & InnovationStay updated with the latest security protocols, vulnerabilities, and best practices to ensure the adoption of the most effective security controls and technologies. Security MaturityWork with clients to evaluate and improve their security maturity, providing insights into the current cyber threat landscape. Minimum Qualifications 8+ years of total IT experience. 5+ years of consulting experience in enterprise security environments. Expertise in information security, IT risk management, and performance reliability. Solid understanding of security protocols, cryptography, and authentication technologies. Experience in implementing multi-factor authentication, SSO, and identity management. Ability to explain and enforce security measures to a broad range of stakeholders. Excellent verbal and written communication skills. Degree in Information Technology, Computer Science, or related fields. Preferred Qualifications Google Cloud Security Engineer certification. Strong knowledge of infrastructure, OS, application vulnerabilities, security architecture, and controls. 5+ years of experience with cloud computing security concepts and solutions. Security-related certifications such as CISSP, CISM, or GCIH.

The Security Compliance Specialist works with the Security Compliance Leader and will have the execution responsibility around (but not limited to) the following areas: Compliance enforcement: Implementing necessary controls and measure to ensure organization’s overall security compliance, in alignment with internal security standards, applicable regulations and industry standards (e.g., ISO 27001, NIST, GDPR). Ensure adherence to the compliance requirements for network infrastructure, OpenShift environments, and IBM Z systems based on the actionable policies and procedures using approved IBM technology choices. Policy Creation and Management: Maintain and enforce security policies, standards, and controls applicable to network operations, cloud environments, and mainframe systems. Partner with IBM CISO organization to regularly review and update security policies to address emerging threats, regulatory changes, and organizational needs. Risk Management: Conduct risk assessments to identify potential compliance gaps and vulnerabilities within the organization’s IT environment. Collaborate with IT and security teams to develop risk mitigation strategies and implement necessary compliance controls. Audit and Assessment: Prepare for regular compliance audits for network, OpenShift platform, and IBM Z systems. Ensure prompt rectification of any compliance findings and develop action plans for continuous improvement. Training and Awareness: Conduct comprehensive training programs to raise awareness of security compliance requirements and best practices among employees. Foster a culture of security compliance by regularly communicating the importance of adherence to security standards. Monitoring and Reporting: Adopt/leverage metrics and reporting frameworks to continuously monitor compliance status and effectiveness of security controls. Prepare regular reports for executive management on compliance initiatives, audit findings, and the overall status of security compliance across the organization. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Qualifications & Skills 8-10 years of professional experience with at least 5+ years of relevant experience in the information technology security & compliance domain. Bachelor’s degree in Cybersecurity, Information Technology, or a related field; advanced degree or security certifications (e.g., CISSP, CISM, CISA) are a plus. Extensive experience in security compliance management, particularly in network security, cloud security, and mainframe environments. Strong understanding of regulatory requirements and compliance frameworks relevant to the industry. Should be open and willingness to learn new technologies and be open for continuous upskilling experience. Excellent analytical and problem-solving skills to assess compliance issues and risks. Strong Proficiency in working with Secured communications across varied Hybrid platforms (On-Prem, On-Cloud etc). Strong leadership and communication skills to influence and guide cross-functional teams. Ability to work collaboratively with various stakeholders, including technical teams, executive management, and external auditors. Proficiency in compliance management tools and security frameworks. Proficiency in automation tools such as Ansible and pipeline orchestration tools such as Tekton and GitHub Actions.

You will be responsible for maintaining satisfactorysecurity and compliance posture for Managed IT Infrastructure. You will be responsible to act as security focal for the team and preform as liaison to drive collaboration initiatives You are expected to take lead initiatives in driving security enhancement projects You are expected to takelead initiatives to drive automation around security and compliance areas You will be responsible for timely preparations and reporting weekly/monthly and quarterly security assessment and operational metric reports and submissions. You will be demonstrating effective verbal and written communication Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise In-depth knowledge of IT Security, Compliance and governance, Industry Security practices and benchmarks Must have working experience with VMware, Linux and Windows Should be familiar with IT middlware such as DB2, WAS, MQ Strong grasp on configuration management and automation tools Must have working knowledge of productivity tools Must demonstrate good verbal and written communication Preferred technical and professional experience Solid knowledge of Hypervisors such as KVM & VMware ESXi and Linux and windows Servers in virtualized environments Should have basic knowledge of Networking and corporate networks. Should demonstrate zeal to learn and grow and passion for IT Security. Must have an eye for early detection for non-compliances and potential risks and exposures. Familiarity with scientific threat modelling and risk assessments Preferably CISSP Certified

5 years in sec ops with focus on SOC operations & incident response Indepth knowledge of sec technologies, tools, & methodologies SIEM, IDS/IPS, EDR Understanding of cyber threats, attack vectors Exp with security compliance frameworks NIST ISO 27001 Required Candidate profile Technical Leadership Soc Process Optimization Tool Evaluation Incident Response & Threat Intelligence Strong Scripting skills- mandatory Exp-Tomcat/JBoss/Apache/Ruby/ NGINX Ability to work with Devops Perks and benefits Mediclaim + Additional 10% variable

Job Summary: We are looking for an experienced IT Audit Specialist with a proven track record in Big 4 consulting firms (Deloitte, PwC, EY, or KPMG). The ideal candidate must hold a valid CISA or CISSP certification and demonstrate deep expertise in IT general controls (ITGC), risk management, cybersecurity, and compliance. This role is focused solely on IT audits and advisory, not statutory or financial audits. Key Responsibilities: Lead and perform IT audits, including ITGC testing, automated controls reviews, and application audits across various environments. Evaluate cybersecurity controls, risk mitigation practices, and IT governance processes. Conduct assessments for SOX IT compliance, SOC 1/SOC 2, GDPR, and other regulatory frameworks. Work closely with internal stakeholders and client teams to identify control weaknesses and recommend remediation strategies. Participate in risk assessments, control design evaluations, and implementation of industry best practices. Document findings, prepare reports, and present results to senior leadership or client executives. Stay updated on emerging IT risks, technologies, and industry regulations to enhance audit effectiveness. Required Qualifications: 6+ years of IT audit experience with exclusive background in Big 4 firms (Deloitte, PwC, EY, KPMG). Professional certification: CISA (required); CISSP or other security certifications are a plus. Strong knowledge of ITGCs, application controls, and security frameworks (COBIT, NIST, ISO 27001). Experience in ERP systems audits (e.g., SAP, Oracle) and cloud environment assessments (AWS, Azure, GCP). Strong analytical, documentation, and communication skills. Ability to manage multiple projects and meet tight deadlines in a client-facing environment. Preferred Skills: Experience with SOC 1/SOC 2 reporting, vulnerability assessments, or data privacy audits. Familiarity with tools like Archer, ServiceNow GRC, or audit analytics platforms. Exposure to IT risk advisory or cybersecurity transformation projects.

Role Overview We are seeking a highly capable and visionary Technical Manager Cybersecurity Solutions to lead the planning, execution, and delivery of advanced security programs across our enterprise. This role demands deep technical expertise, strategic thinking, and the ability to lead cross-functional teams to secure complex IT environments. Key Responsibilities Drive the design, implementation, and lifecycle management of advanced cybersecurity tools and platforms. Lead end-to-end delivery for key technologies including: Data Discovery & Classification File Upload Security Attack Surface Management (ASM) Breach and Attack Simulation (BAS) and Red Teaming Decoy/Honeypot Solutions Secure Data Backup & Ransomware Protection Oversee the deployment and optimization of Phishing Simulation, MDM, AD Security, and NAC. Provide technical leadership and mentorship to security engineering and L3 teams. Collaborate with GRC, IT Ops, and Risk teams to align security initiatives with compliance standards. Evaluate vendor solutions and manage third-party security integrations. Represent the security function in internal and external audits, assessments, and executive briefings. Required Skills & Experience 8+ years of experience in cybersecurity, including leadership of technical teams. Proven expertise in deploying and managing enterprise-grade security solutions (as listed above). Strong understanding of regulatory frameworks (ISO 27001, NIST, GDPR, etc.). Experience in red teaming, threat simulation, or adversary emulation is a strong plus. Exceptional communication, project management, and stakeholder engagement skills. Bachelors or Master's degree in Computer Science, Information Security, or related field. Relevant certifications (e.g., CISSP, CISM, OSCP) preferred.

Job Title : Senior Audit Manager Location: Thane What does a successful Senior Audit Manager do at Fiserv? At Fiserv, within the dynamic world of our Corporate Assurance & Advisory Services (CAAS) department, we are dedicated to delivering world class audit and advisory services that elevate the performance of Fiserv and our clients. This international team covers a wide range and scope of audit activities in the highly regulated payments and card industry! By joining the Audit team, you will be a key player in refining a diverse range of audits spanning operational, compliance, financial, and info-security/cybersecurity. What you will do: Provide guidance and direction to the planning process and the execution of fieldwork such as overseeing interviews and walkthroughs, reviewing materials, the design and execution of audit testing, analyzing results, drawing conclusions within the allotted time scheduled. Manage the audit lifecycle, staffing, scheduling, methodology and approach to testing and fieldwork and finally, the quality and timeliness of all work products you oversee. You will be expected to provide weekly, monthly, or periodic status reporting and work with the CAAS leadership team to ensure the appropriate allocation and assignment of resources. Assist the Audit Director in the development and mentoring of Senior and Staff Auditors by providing regular and timely feedback regarding their execution of tasks performed during each audit engagement and their overall performance. What you will need to have: 7+ years of audit experience applying Auditing principles, methodology and standards in a risk-based environment across a variety of audit areas at varying degrees of complexity 5 + years of financial services industry experience and/or experience working in a public accounting firm 2+ years of experience managing other professionals Active professional Audit certification such as CPA, CIA, CISA, CFE Bachelors degree or an equivalent combination of education, work, and/or military experience What would be great to have: Experience working with risk assessment methodologies, control activities, control monitoring, control evaluations and measurement of control effectiveness in accordance with regulatory compliance requirements such as corporate governance, consumer protection, AML/CTF and Financial Crimes, data protection/data privacy, ethics or conduct risk Important info about this role: Were better together. This role is fully on-site. This is a full-time, direct-hire position, and no contract options for unsolicited agency submissions will be considered.

10 years relevant experience preferred relevant architecture leadership experience preferred Applications Architect position Multiple SFDC certifications preferred Security or Infrastructure Architect position - CISSP certification preferred Salesforce, Apex Technical Architect CDP (Cloud Data Platform) Financial cloud Industry cloud (automotive/telecom/communication/or any other Details like what kind of projects they worked on. For eg: E2E implementation, Advisory roles, Expert role etc., Adaptability is one of the prime factors we are looking for. Like how will he/she be able to provide an industry solution using core skills

Here's a reframed job description for a SOC L2/L3 Professional, tailored to your specifications: SOC L2/L3 Professional Location: Bengaluru Experience: 4-6 Years We are looking for a skilled and dedicated SOC L2/L3 Professional with 4-6 years of hands-on experience in a Security Operations Center (SOC) or security technology operations. Based in Bengaluru , you will play a critical role in our 24/7 security defense, contributing to the detection, analysis, and response to sophisticated cyber threats. You will be responsible for advanced incident analysis, threat hunting, and leveraging a wide array of security technologies to safeguard our clients environments. This role requires flexibility to work rotating shifts to ensure continuous support. Key Responsibilities: Perform advanced security incident analysis and response, escalating critical issues to relevant teams and management. Utilize Security Information and Event Management (SIEM) tools to monitor security alerts, investigate anomalies, and identify potential threats. Conduct in-depth analysis of security events from various sources including IDS/IPS, EDR, DLP, WAF, Proxies, and firewalls. Contribute to threat hunting initiatives using threat intelligence to proactively identify hidden threats and vulnerabilities. Operate and optimize security technologies such as Endpoint Detection and Response (EDR), Anti-Virus solutions, Sandboxing, and network/host-based firewalls. Understand and analyze Advanced Persistent Threat (APT) tactics, techniques, and procedures (TTPs) to enhance detection capabilities. Recognize and interpret various attack activities, including network probing/scanning, DDoS attacks, and malicious code activity. Collaborate with internal and external teams during incident response, providing technical expertise and guidance. Document incident details , remediation steps, and contribute to the continuous improvement of SOC processes and playbooks. Maintain up-to-date knowledge of the latest cybersecurity threats, vulnerabilities, and industry best practices. Required Qualifications: 4-6 years of demonstrable experience working in a Security Operations Center (SOC) or in a strong security technology operations role. Bachelor's degree in Computer Science, Information Security, or a related field is preferred. Willingness and ability to work shifts on a rotating basis to provide 24/7 support for clients. Mandatory Skills & Certifications: Certifications (one or more highly preferred): Certified Information Systems Security Professional (CISSP) GIAC Certified Intrusion Analyst (GCIA) GIAC Continuous Monitoring (GMON) Certified Ethical Hacker (CEH) Or equivalent industry-recognized security certifications. Security Technologies Expertise: Security Information and Event Management (SIEM) platforms. Intrusion Detection/Prevention Systems (IDS/IPS). Data Loss Prevention (DLP) solutions. Proxy and Web Application Firewalls (WAF). Endpoint Detection and Response (EDR) tools. Anti-Virus and Sandboxing technologies. Network- and host-based firewalls. Threat Intelligence platforms and their application. Exposure to Penetration Testing concepts and methodologies. Threat Intelligence Knowledge: Understanding of Advanced Persistent Threats (APT) tactics, techniques, and procedures (TTPs). Attack Recognition: Strong understanding of common attack activities such as network probing/scanning, DDoS attacks, and malicious code activity. Networking Fundamentals: Solid understanding of common network infrastructure devices (routers, switches) and basic networking protocols (TCP/IP, DNS, HTTP). Security Architecture: Basic knowledge in system security architecture and security solutions.

Hi, We are having an opening for Network Security Operations Manager at our Mumbai location. Job Summary : We are looking for a highly capable Network Security Operations Manager to lead, manage, and enhance the organizations network security infrastructure and operations. This role will be responsible for managing key security technologies such as firewalls, proxies, VPNs, NAC, DNS security, WAF , EDR & Data Security and ensuring operational governance and compliance. The ideal candidate should have hands-on experience managing large-scale network security operations and coordinating with cross-functional and incident response teams. Areas Of Responsibility : Security Operations Management Lead day-to-day operations of all network security tools and platforms , including: Firewalls (NGFW Palo Alto, Fortinet, Cisco)- Policy governance, segmentation, and high-availability Web Proxy & Cloud Proxy (e.g., Zscaler, Netskope)- URL filtering, threat prevention, and data leak protection VPN (IPSec, SSL VPN, Remote Access Solutions)- Strong encryption and access control for workforce and partner Network Access Control (NAC)- Role-based access, posture checks, and OT/IoT security DNS Security & Filtering- DNS-layer protection, malicious domain filtering, and response management Web Application Firewall (WAF) On-prem & Cloud-based- Protection of patient data, portals, financial apps, and APIs Ensure continuous monitoring, tuning, and updating of policies and signatures across platforms. Manage security device configurations, rule optimization, and lifecycle management. Compliance, Audit & Governance Ensure adherence to security compliance requirements such as ISO 27001, NIST, GDPR, and internal IT security policies . Ensure full compliance with sector-specific regulations ( Pharma: GxP, 21 CFR Part 11, HIPAA) Prepare and present periodic audit reports, incident reports, and configuration review summaries . Drive risk assessments and remediation plans for security operations. Maintain security documentation, SOPs, and audit trails Team & Vendor Management Lead and mentor a team of network security engineers and analysts. Oversee vendor engagements, support contracts, SLAs, and AMC renewals for security technologies. Engage with audit, QA, compliance, and legal teams for incident reporting and regulatory inspections Coordinate with for integrated security coverage (EDR/DS, if escalation/overlap arises). Incident Response & Troubleshooting Collaborate with SOC for effective investigation and response to network security incidents . Coordinate the response to security incidents, including detection, analysis, containment, eradication, and recovery. Lead root cause analysis and containment for network-based threats (e.g., suspicious VPN activity, firewall rule violations). Manage escalations and coordinate with external vendors or OEMs for critical issues. Projects & Improvements Drive security hardening and optimization projects related to network security tools. Lead or support security hardening, firewall rule optimization, and proxy architecture redesign projects Lead or contribute to technology upgrades, migration projects, mergers, acquisitions, data center shifts. Maintain security documentation, playbooks, and standard operating procedures. Prepare and validate BOM, BOQ, and risk registers for new deployments Educational Qualification : Bachelor's or Masters in Computer Science, Information Security, or related field Specific Certification : CISSP, CISM, CCNP Security, CP, Palo Alto PCNSE, Fortinet NSE, ISO 27001 LA Experience : 10-12 years of experience in network operations, with 3-5 years in leadership or managerial role Skill (Functional & Behavioural): Firewalls: Checkpoint, Fortinet, Palo Alto, Cisco Firepower Proxies: Netskope, Forcepoint, Zscaler VPN: Cloudflare, Cisco AnyConnect, FortiClient, GlobalProtect NAC: Forescout, Cisco ISE, Aruba ClearPass DNS Security: Cisco Umbrella, Infoblox, Cloudflare DNS WAF: AWS/Azure WAF, F5, Imperva, Akamai, Cloudflare EDR & DS: Crowdstrike, Falcon, Trellix, MS Defender, Sentinel, etc.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You ll find an environment that inspires and empowers you to thrive both personally and professionally. There s no one like you and that s why there s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals (CISSP ); Certified Information Systems Auditor (CISA ); Certified Information Security Manager (CISM ) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills to Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable

Position and Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities: Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications and Experience: Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols

Hi, We are having an opening for Senior Manager-Network Architect at our Mumbai location Job Summary : We are looking for a dynamic and forward-thinking Senior Network Architect to lead the strategy, design, and implementation of our enterprise-wide IT and OT network infrastructure. This role requires a perfect blend of technical expertise, leadership, and project delivery skills , with a focus on cloud connectivity, network security, segmentation, and emerging technologies (SD-WAN, 5G/6G). You will be responsible for designing scalable, secure, and high-performance network architectures that support business growth, compliance, and digital transformation. This role demands a strategic thinker with a deep understanding of networking technologies, protocols, and best practices to support our organization's evolving needs. Areas Of Responsibility : Architecture, Design & Delivery Lead the end-to-end design of enterprise network architecture , including cloud, data centre, campus, OT, encompassing LAN, WAN, WLAN, SD-WAN, and cloud networking that aligns with business objective Develop High-Level Design (HLD) and Low-Level Design (LLD) documents along with Bill of Materials (BOM) and Bill of Quantities (BOQ) . Evaluate and integrate emerging technologies to enhance network performance and security. Design and implement macro and micro segmentation , next-generation firewall architectures, and secure SD-WAN topologies. Architect cloud networking and security solutions (AWS, Azure, GCP) using Transit Gateway, VPC peering, Azure Firewall, etc. Project & Program Management Lead the technical delivery of complex networking projects including cloud integration, OT segmentation, secure remote access, and SD-WAN rollouts. Own project lifecycle from requirement gathering and solutioning to handover and documentation. Define capacity planning models to forecast bandwidth, throughput, and resource utilization. Oversee the deployment of network solutions, ensuring minimal disruption to business operations. Ensure compliance with industry standards and organizational policies during implementation Technology Evaluation, POCs, RFPs & RFIs Evaluate and recommend new technologies, platforms, and OEMs through competitive assessments, RFI/RFP , and Proof of Concept (POC) . Drive strategic network transformation initiatives by selecting the most appropriate solutions based on TCO, scalability, and regulatory needs . Design and enforce network security protocols to protect organizational data and resources. Ensure compliance with relevant regulations and standards (e.g., ISO 27001, NIST). Leadership & Vendor Management Lead and mentor a cross-functional team of engineers, architects, and project managers. Manage technical engagements with vendors and partners ensuring alignment with architecture standards and service levels. Collaborate with cybersecurity, infrastructure, operations, and compliance teams to maintain enterprise governance. Manage and monitor vendor driven agreed SLAs based parameter set Security, Cloud & OT Integration Architect secure IT and OT connectivity using Zero Trust models , EDR/XDR , NAC , and network segmentation . Design and enforce network security protocols to protect organizational data and resources. Design resilient OT networks that meet ISA/IEC 62443 , NIST , and GxP compliance standards. Collaborate with the security team to address vulnerabilities and implement mitigation strategies. Stakeholder Communication & Presentation Present technical solutions, risks, roadmaps, and architecture proposals to leadership, including CIO, CISO, and steering committees. Translate business goals into network design and infrastructure strategy. Maintain detailed documentation of network configurations, processes, and procedures Provide training and mentorship to junior network staff and other stakeholders. Educational Qualification: Bachelor's/Masters in Computer Science, Engineering, or IT Specific Certification : CCNP/CCIE, PCNSE, AWS/Azure Network Specialty, CISSP, TOGAF, PMP/ITIL v4 Experience : 10-12 years experience Skill (Functional & Behavioural): Networking: BGP, OSPF, VXLAN, SD-WAN, MPLS, 5G/6G, WAN Optimization Cloud Networking: AWS Transit Gateway, Azure VNet, ExpressRoute, Direct Connect, NSG/UDR Security: NGFWs (Palo Alto, Fortinet, Cisco), ZTNA, CASB, Zscaler/Netskope, EDR/XDR (CrowdStrike, Defender), NAC Segmentation: Micro and macro segmentation, VRFs, SGTs, VLANs OT Networking: Industrial firewalling, SCADA/PLC segregation, ICS/OT security policies

1. Sr. Security Analyst / Sr. Technology Specialist Qualifications and Experience: - Education: B.E. / B. Tech / MCA degree - Certified with: EC Council-CEH / CompTIA Security+ / CISSP / CHFI, Proposed OEM certification - 5+ years of relevant experience in managing all aspects of risk and incident analysis in SOC - Must have experience in managing at least 1 project for enterprise scale clients - Shall be responsible for deployment, maintaining, tuning, monitoring, and managing all aspects of client SOC - Responsible for coordinating, in a timely manner, all activities necessary for: - Security incident monitoring - Analysing incidents / risks - Incident / risk containment - Identifying root cause - Initiating problem resolution - Incident / risk response and communication - Experience monitoring database security logs/alerts and complete ownership of the same - Well versed in database security, access control, identity management, encryption of data, data obfuscation techniques - Experience with firewall, IPS, Anti-APT solution, etc. 2. Security Analyst Qualifications and Experience: - Education: B.E. / B. Tech / MCA degree - Certified with: OEM Certification / Certified SOC Analyst (CSA) - EC Council / CompTIA CySA+ - 3+ years of overall experience with at least 1 year of relevant experience in all aspects of Incident monitoring in SOC

Overview Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Conduct cybersecurity and privacy risk assessments in alignment with internal frameworks and regulatory requirements. Engage with risk owners and business stakeholders to manage and mitigate identified risks. Develop and present risk reports to senior leaders and governance forums. Advise on cybersecurity architecture and leading practices to strengthen the enterprise risk posture. Assist global agency teams and networks with compliance to cybersecurity regulations and requirements. Monitor the global threat landscape and identify emerging risks; implement proactive control measures. Contribute to the maintenance and effectiveness of the Information Security Management System (ISMS). Participate in risk governance, compliance programs, and strategic risk reduction initiatives. Qualifications 3–5 years of experience in information risk management, cybersecurity, or GRC domains. Proficiency in risk assessment methodologies, threat modelling, and risk mitigation practices. Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST, CIS, GDPR). Experience preparing risk reports and dashboards for leadership audiences. Excellent collaboration and stakeholder engagement skills across global teams. Analytical mindset with the ability to evaluate and prioritize risks effectively. Preferred Qualifications Industry certifications such as CRISC, CISM, CISSP, ISO 27001 Lead Implementer, or similar. Exposure to cloud security risk and compliance monitoring tools. Experience working within enterprise ISMS or regulatory compliance programs .

Description We are seeking a skilled SOC L2/L3 Professional to join our security operations team in India. The ideal candidate will be responsible for monitoring security incidents, conducting in-depth investigations, and implementing effective security measures to protect our organization from cyber threats. Responsibilities Monitor security alerts and incidents, analyze security breaches, and respond to security incidents. Conduct thorough investigations of security events and provide detailed reports to management. Collaborate with other teams to implement security measures and enhance overall security posture. Maintain and update documentation related to incident response and security processes. Provide mentorship and training to junior SOC team members. Skills and Qualifications 4-6 years of experience in a Security Operations Center (SOC) environment. Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent. Able to work shifts on a rotating basis for 24/7 support of clients. Experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc. Knowledge of Advanced Persistent Threats (APT) tactics, technics and procedures. Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc. Understanding of common network infrastructure devices such as routers and switches. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP. Basic knowledge in system security architecture and security solutions. Relevant certifications such as CISSP, CEH, CISM, or CompTIA Security+ are preferred.

Job Title: Security Operation Manager Location: Noida Job Tyoe : Full-Time Experience: 7+ Years Department: Operation/ Security Reports To: Operation Director Job Summary: The Security Operational Manager is responsible for overseeing the day-to-day operations of the organization's security infrastructure. This role involves managing the security operations center (SOC), leading incident response efforts, and ensuring the effectiveness of security policies, procedures, and protocols. The Security Operational Manager will collaborate with various departments to safeguard the company's information assets and maintain a robust security posture. Key Responsibilities: Manage Security Operations: Oversee the daily activities and operations of the security operations center (SOC), ensuring continuous monitoring, detection, and response to security incidents. Incident Response: Lead the incident response team in identifying, managing, and resolving security breaches and vulnerabilities. Conduct post-incident analysis and reporting to prevent future occurrences. Security Monitoring: Implement and maintain security monitoring tools and technologies to detect and respond to threats in real-time. Penetration Testing and Vulnerability Scanning: Conduct regular penetration testing and vulnerability scanning to identify and mitigate security weaknesses within the organization's systems and applications. Policy and Compliance: Develop, enforce, and update security policies, procedures, and protocols in alignment with industry standards and regulatory requirements. Ensure compliance with relevant laws and regulations. Team Leadership: Tain, and mentor the security operations team, fostering a culture of continuous improvement and professional development. Risk Management: Conduct regular security risk assessments and implement mitigation strategies to reduce identified risks. Collaboration: Work closely with IT, legal, and other departments to ensure comprehensive security measures are integrated into all business processes. Reporting: Prepare and present regular reports on security operations, incidents, and compliance status to the Customers. Emergency Response: Develop and maintain emergency response plans for security incidents, ensuring the organization is prepared for potential crises. Qualifications: Education: Bachelors degree in Computer Science, Information Security, or a related field.. Experience: Minimum of 7 years of experience in information security, with at least 3 years in a managerial role overseeing security operations. Certifications: Relevant certifications such as CISSP, CISM, CEH, or similar are highly desirable. Technical Skills: Proficient in security technologies such as SIEM, IDS/IPS, firewalls, antivirus software, and endpoint protection. Expertise in conducting penetration testing and vulnerability scanning. AWS Expertise: In-depth knowledge and experience with Amazon Web Services (AWS) security practices and tools. Knowledge: In-depth understanding of security frameworks (e.g., NIST, ISO 27001), compliance requirements (e.g., GDPR, HIPAA), and incident response best practices. Leadership: Strong leadership and team management skills with the ability to motivate and guide a diverse team. Communication: Strong verbal and written communication skills, with the ability to convey complex security issues to non-technical stakeholders. Working Conditions: The role may require occasional on-call work to address security incidents. Must be able to work in a high-pressure environment and handle multiple tasks simultaneously.

Skills: AI, API AWS, Azure, GCP, Go, Java, JavaScript, Cryptography, Graph QL, Palo Alto Python Threat Vulnerability Bachelor's Degree in Computer Science, Information Systems, Business Administration or other related field Certification may be required for specific functions 6-9 years of information security experience Experience with gathering functional requirements, deployment of information security tools, and data analysis In-depth experience with desktop software and office automation tools Experience with information security risk management and process improvement Preferred Qualifications: Experience with threat modeling frameworks, attack vectors and vulnerability analysis: CAPEC, ATT&CK, STRIDE. Experience with application security controls (Web, API, Mobile, AI). Experience with common information security management and application frameworks: NIST 800-53, CSF, OWASP ASVS. Experience with Application Security design and DevSecOps Full stack knowledge of application architectures including: Single Page Applications, REST APIs, SOAP APIs, Mobile Applications. Experience with Java, Javascript and mobile application development. Knowledge or familiarity with database architectures including Oracle, SQL, DB2 and NoSQL Databases Experience with Cloud security, architecture, design, implementation, and operations Exposure to IAM Controls (OAuth 2.0, OIDC, JWT) Strong familiarity with Cryptography Controls (Data at rest, in motion). CISSP, CISM, CSSLP, CISA, CRISC, OSCP.

Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. You'll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, you'll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. You'll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. We'll look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology 5+years Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English