827 Cissp Jobs - Page 31

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Microsoft Threat Protection. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: PKI - Certificate Management. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Symantec DLP. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

About The Role Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ? Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ? i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ? 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ? Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: SailPoint Identity Now. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Knowledge of operating systems, system administration, and application security. Proficiency in security tools and technologies Experience with incident response methodologies. Strong knowledge of IT security protocols, data privacy standards Required Candidate profile Certified Information Systems Security Professional (CISSP) Vulnerability Scanner/Nessus, CrowdStrike, Cisco Meraki, Forcepoint One. Experience with cloud security and network security.

Who we are Were a leading, global security authority thats disrupting our own category. Our encryption is trusted by the major ecommerce brands, the worlds largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. Thats digital trust for the real world. Job Summary The Risk Analyst will support the operational functions of DigiCerts Risk Management and assist in maintaining Vercara GRC practices. This role involves collaboration with team members and stakeholders to ensure effective risk management. What you will do Assist in maintaining the risk register and issues register. Support risk and compliance council meetings. Complete customer security assurance tasks. Assist in policy maintenance and updates. Support external compliance audits and assessments. Assist in third-party risk management and business resiliency support. Support the administration of GRC tools and program documentation. What you will have Bachelors degree in information systems, computer engineering, or computer science. Certifications helpful: CRISC, CISSP, CISA, CSM, CompTIA Security. Experience in IT, risk management, or related roles. Knowledge of GRC functions and standards. Good communication and analytical skills.

We are looking for a highly skilled and experienced Third-Party Risk as a Service (TPRaaS) - Staff to join our team in Bengaluru. The ideal candidate will have 1 to 4 years of experience in Third-Party Risk Management, with expertise in TPRM tools and technology solutions. ### Roles and Responsibility Participate in the delivery of Third-Party Risk Management (TPRM) engagements, including walkthroughs, testing, documentation, and other engagement-related activities. Provide delivery updates during vendor calls and client interactions. Follow policies and procedures to support the successful implementation of TPRM operating models. Assist in process walkthrough discussions to document end-to-end business processes and functional requirements. Contribute to assessing the application of legal and regulatory requirements to clients' TPRM practices. Identify process gaps and propose preventive/corrective actions. Demonstrate interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfilling project activities to achieve exceptional client service. Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring an innovative mindset and analytical thinking capability to enhance service delivery. ### Job Requirements Bachelor's degree in IT/Computer Science, BSc.(IT), BE, MCA from a tier 1 or tier 2 college. 1 to 4 years of demonstrated experience in Risk Management, preferably in Third-Party engagement lifecycle (pre-contracting, contracting, and post-contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices, and Contract Risk Reviews. Good exposure to TPRM tools and technology solutions, such as GRC enablement solutions (Process Unity, Prevalent, Archer, ServiceNow). Basic knowledge of standards like ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc., and privacy regulations like GDPR, CCPA, etc. Basic knowledge of TCP/IP, OSI layer, networking, security concepts, Physical & Environmental Security, Asset Security, and Identity & Access Management. Good to have certifications: CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer. Exposure to tools like ProcessUnity, ServiceNow, Archer is desirable.

We are looking for a highly skilled and experienced Cyber Security Consultant to join our team in Bengaluru. The ideal candidate will have 6-8 years of experience in information security, with a focus on email security, security incident management, and EDR solutions. ### Roles and Responsibility Design, implement, and maintain Email security solutions (Proofpoint/M365) to safeguard Email flow. Manage and respond to security alerts triggered by email security solutions. Collaborate with cross-functional teams to integrate security solutions and ensure seamless operations. Monitor and analyze security incidents, responding promptly to security breaches and user incidents. Stay updated on industry best practices and emerging security threats, adapting security protocols as needed. Perform regular security audits and assessments to identify and mitigate risks. Develop and maintain security documentation, policies, and procedures. Provide technical support and guidance to other IT teams to enhance overall security posture. Troubleshoot and resolve security-related issues in a timely manner, continuously improving and optimizing security processes and procedures to enhance efficiency and effectiveness. ### Job Requirements Bachelor's degree in Computer Science, Information Security, or a related field. 6-8 years of professional experience in information security, focusing on email security, security incident management, and EDR solutions. Hands-on experience with Proofpoint email security and its components. Strong understanding of ITIL processes and the ability to handle security escalations as L2/L3. Excellent verbal and written communication skills, proficient in documentation and PowerPoint. Good social, communication, and technical writing skills, capable of interfacing with internal and external clients. Strong analytical problem-solving skills, able to prioritize tasks and work accurately under pressure to meet deadlines. Ability to understand and follow workplace policies and procedures. Proficiency in security tools and technologies, including encryption, O365, AV, and certificates. Relevant certifications such as CISSP, CISM, or relevant certifications are a plus. Excellent problem-solving skills and attention to detail. Strong communication and teamwork skills. Ability to work independently and manage multiple tasks. Willingness to stay current with evolving security technologies and threats. Clear and concise communication skills.

We are looking for a highly motivated and detail-oriented individual with 2 to 7 years of experience to join our team as a Portfolio Compliance Enablement Specialist in Bengaluru. The ideal candidate will have a strong foundation in Cyber Security, Information Security, or a related field. ### Roles and Responsibility Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies.### Job Requirements At least 2 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Understanding of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills, and the ability to work effectively within a team environment.

We are looking for a highly skilled and experienced Supervising Analyst to join our team in Bengaluru. The ideal candidate will have 3 to 8 years of experience in risk management, compliance, or a related field. ### Roles and Responsibility Serve as part of the GDS Account Data Risk - Independent Control Monitoring team, executing independent testing of controls related to Data Protection at the client account level. Execute control testing in line with EY’s global data protection framework. Consult and collaborate effectively across key data protection stakeholders on testing activities. Evaluate and summarize test results, proposing remediation activities. Document findings and observations to contribute to continuous learning and improvement. Participate in activities supporting a cohesive and balanced approach across Global Risk Management Data Protection and the client account. ### Job Requirements Bachelor's degree and approximately 3+ years of related work experience. Experience or background in quality, risk management, compliance, cybersecurity, or familiarity with data protection law. Strong understanding of metrics and reporting. Ability to work independently and collaboratively within a team environment. Excellent communication and problem-solving skills. IAPP certifications (CIPP/E, CIPP/US, CIPM) are preferred; CISA, CISM, CISSP, or equivalent certifications are also desirable.

We are looking for a skilled Security Analyst / Consultant with 1 to 2 years of experience to work on various Identity and Access Management projects in the Risk Consulting team. The ideal candidate will have a strong background in security, excellent communication skills, and the ability to work effectively in a team environment. ### Roles and Responsibility Engage in Identity & Access Management projects as an executioner of deliverables. Establish, maintain, and strengthen internal and external relationships. Identify potential business opportunities for EY and GTH within existing engagements and escalate them as appropriate. Anticipate and identify risks within engagements and share issues with senior team members. Collaborate with cross-functional teams to design and implement secure solutions. Develop and maintain documentation of security procedures and protocols. ### Job Requirements Advanced knowledge of LDAP and LDAP-based directories. Minimum 5 years of hands-on experience with PingDirectory Suite (PingDirectory, PingDirectory Proxy, and PingData Sync). Experience in implementing migration projects from Oracle LDAP/Radiant logic to PingDirectory. Strong knowledge of PingDirectory administrative configuration. Good understanding of Authentication and Authorization standards, particularly OAuth 2.0 and OIDC. Ability to develop consumption tools/widgets for applications to consume data from Ping Directory using Ping Directory API. Knowledge of SSL/TLS, PKI, certificates, and certificate authorities. Hands-on experience in setting up the Identity and Access Management environment in standalone and cluster environments. Development experience on Provisioning Workflows, triggers, Rules, and customizing the tool as per requirements. B.Tech./B.E. with sound technical skills. Strong command over verbal and written English language. Experience in HTML, CSS, and JavaScript. Strong interpersonal and presentation skills. Desirable to have certifications in the security domain, such as CISSP and CISA or any IAM product-specific certifications. AWS Cloud practitioner and Azure AZ-900 certification.

We are looking for a skilled Security Analyst / Consultant with 1 to 2 years of experience to work on various Identity and Access Management projects in the Risk Consulting team. The ideal candidate will have a strong background in security domain, such as CISSP and CISA or any IAM product-specific certifications. ### Roles and Responsibility Engage in Identity & Access Management projects, including execution of deliverables. Establish, maintain, and strengthen internal and external relationships. Identify potential business opportunities for EY and GTH within existing engagements and escalate them as appropriate. Anticipate and identify risks within engagements and share issues with senior team members. Confer and consult with business, technology, and operations to build and manage solutions using PingDirectory, PingDirectory Proxy, and PingData Sync. Perform installation, configuration, and upgradation of Ping Directory instances. Ensure directory architecture, designs, plans, controls, and processes align with both security and business strategy and standards, and communicate and defend solution architecture positions. Support continuous improvement by investigating alternatives and technologies and presenting these for architectural review. Create network design, server configuration/sizing specifications, and deploy globally PingDirectory and PingDirectory Proxy to provide high-volume, low-latency directory solutions. Implement real-time synchronization, identity correlation, and directory storage using Ping/VDS Directory. Increase efficiency and maintainability incorporating scripting and automation whenever appropriate. ### Job Requirements Advanced knowledge of LDAP and LDAP-based directories. Minimum 5 years of hands-on experience with PingDirectory Suite (PingDirectory, PingDirectory Proxy, and PingData Sync). Experience in implementing migration projects from Oracle Ldap/Radiant logic to PingDirectory. Strong knowledge of PingDirectory administrative configuration. Good understanding of Authentication and Authorization standards and patterns, particularly OAuth 2.0 and OIDC. Ability to develop consumption tools/widgets for applications to consume data from Ping Directory using Ping Directory API. Knowledge of SSL/TLS, PKI, certificates, and certificate authorities. Hands-on experience with cloud providers – Azure or AWS or GCP. Experience in scripting languages like Python, PowerShell, and Bash. Knowledge of other Ping products – Ping Federate and Ping Access. B.Tech./B.E. with sound technical skills. Strong command over verbal and written English language. Experience in HTML, CSS, and JavaScript. Strong interpersonal and presentation skills. Desirable to have certifications in the security domain, such as CISSP and CISA or any IAM product-specific certifications. AWS Cloud practitioner and Azure AZ-900 certification.

We are looking for a highly skilled and experienced Senior Analyst to join our team in Mumbai. The ideal candidate will have 0-3 years of experience, responsible for conducting detailed IT audits to ensure compliance with controls and regulatory mandates. ### Roles and Responsibility Conduct comprehensive IT audits to address and ensure compliance with established controls and regulatory requirements. Identify and review IT General Controls (ITGCs) and IT Application Controls (ITACs) to safeguard organizational assets and ensure the accuracy of financial reporting. Execute SOX compliance activities, including risk assessments, controls testing, and remediation efforts. Prepare and assess Service Organization Control Reports (SOCR) to validate the effectiveness of IT controls objectives. Conduct IT process reviews through stakeholder interviews, data validations, and document analysis. Apply IT-related and internal control knowledge to deliver high-quality engagements. Review Change Management processes, ensuring changes are thoroughly reviewed, tested, and approved. Review Access Management procedures to ensure proper access levels and permissions, and evaluate Segregation of Duties (SOD) concerns to prevent unauthorized access and potential conflicts. Collaborate with cross-functional teams to identify control gaps and develop effective remediation plans. Stay abreast of industry trends, regulatory changes, and emerging technologies related to IT controls and compliance. Prepare and communicate audit findings, recommendations, and status updates to key stakeholders and management. ### Job Requirements Excellent analytical and problem-solving skills with attention to detail. Effective communication and interpersonal skills for collaborating with internal teams and external auditors. Relevant professional certifications such as CISA, CISSP, or equivalent are preferred. Ability to adapt to a fast-paced environment and manage multiple priorities. Strong understanding of IT controls and auditing principles. Experience working with various software applications and systems.

We are looking for a highly skilled and experienced Associate Consultant to join our team in Mumbai. The ideal candidate will have 0-3 years of experience in IT controls and auditing, with excellent analytical and problem-solving skills. ### Roles and Responsibility Conduct comprehensive IT audits to ensure compliance with established controls and regulatory requirements. Identify and review IT General Controls (ITGCs) and IT Application Controls (ITACs) to safeguard organizational assets and ensure accurate financial reporting. Execute SOX compliance activities, including risk assessments, controls testing, and remediation efforts. Prepare and assess Service Organization Control Reports (SOCR) to validate the effectiveness of IT controls objectives. Conduct IT process reviews through stakeholder interviews, data validations, and document analysis. Collaborate with cross-functional teams to identify control gaps and develop effective remediation plans. Review Change Management processes, ensuring that changes are thoroughly reviewed, tested, and approved. Evaluate and address Segregation of Duties (SOD) concerns to prevent unauthorized access and potential conflicts. Stay abreast of industry trends, regulatory changes, and emerging technologies related to IT controls and compliance. Prepare and communicate audit findings, recommendations, and status updates to key stakeholders and management. ### Job Requirements Excellent analytical and problem-solving skills with attention to detail. Effective communication and interpersonal skills for collaborating with internal teams and external auditors. Relevant professional certifications such as CISA, CISSP, or equivalent are preferred. Ability to adapt to a fast-paced environment and manage multiple priorities. Strong knowledge of IT controls, auditing, and compliance. Experience working with EY or similar organizations is an advantage.

We are looking for a highly skilled and experienced Associate Consultant to join our team in Pune. The ideal candidate will have 2-5 years of experience in IT controls, ITGCs, ITACs, SOX 404 controls testing, and IT auditing. ### Roles and Responsibility Conduct comprehensive IT audits to ensure compliance with established controls and regulatory requirements. Identify and review IT General Controls (ITGCs) and IT Application Controls (ITACs) to safeguard organizational assets and ensure accuracy of financial reporting. Execute SOX compliance activities, including risk assessments, controls testing, and remediation efforts. Prepare and assess Service Organization Control Reports (SOCR) to validate the effectiveness of IT controls objectives. Conduct IT process reviews through stakeholder interviews, data validations, and document analysis. Apply IT-related and internal control knowledge to deliver high-quality engagements. Review Change Management processes, ensuring changes are thoroughly reviewed, tested, and approved. Review Access Management procedures to ensure proper access levels and permissions. Evaluate and address Segregation of Duties (SOD) concerns to prevent unauthorized access and potential conflicts. Collaborate with cross-functional teams to identify control gaps and develop effective remediation plans. Stay updated on industry trends, regulatory changes, and emerging technologies related to IT controls and compliance. Prepare and communicate audit findings, recommendations, and status updates to key stakeholders and management. ### Job Requirements Bachelor's degree in Computer Science, Statistics, or M.C.A. Proven experience in IT controls, ITGCs, ITACs, SOX 404 controls testing, and IT auditing. Strong knowledge of Change Management, Access Management, SOD, business process IT controls, and ICFR principles. Familiarity with Service Organization Control Reports (SOCR) and related frameworks. Familiarity with ERPs such as SAP, Oracle, Dynamics 365, etc. Excellent analytical and problem-solving skills with attention to detail. Effective communication and interpersonal skills for collaborating with internal teams and external auditors. Relevant professional certifications such as CISA, CISSP, or equivalent are preferred. Ability to adapt to a fast-paced environment and manage multiple priorities.

We are looking for a highly skilled and experienced Supervising Analyst to join our team in Bengaluru. The ideal candidate will have 3 to 8 years of experience in risk management, compliance, or quality assurance. ### Roles and Responsibility Serve as part of the GDS Account Data Risk - Independent Control Monitoring team, executing independent testing of controls related to data protection at the client account level. Execute control testing in line with EY's global data protection framework. Consult and collaborate effectively across key data protection stakeholders on testing activities. Evaluate and summarize test results, proposing remediation activities. Document findings and observations to contribute to continuous learning and improvement. Support the development and maintenance of reporting, such as regional/area risk leaders, service line leaders, and account leaders. ### Job Requirements Bachelor's degree and approximately 3+ years of related work experience. Experience or background in quality, risk management, compliance, cybersecurity, or familiarity with data protection law. Strong understanding of metrics and reporting. Ability to work independently and collaboratively within cross-functional teams. Excellent communication and problem-solving skills. IAPP certifications (CIPP/E, CIPP/US, CIPM) are preferred; CISA, CISM, CISSP, or equivalent certifications are also desirable.

We are looking for a skilled Security Consultant Lead with 9 to 14 years of experience in information security, preferably in cloud security. The ideal candidate will have advanced knowledge of computer science and experience in managing significant Information Security risk management functions. ### Roles and Responsibility Review security architectures and provide pragmatic security guidance that balances business benefits and risks. Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on implementation. Perform threat modeling and risk assessments of information systems, applications, and infrastructure. Maintain Information Security Policies and Compliance standards and enhance InfoSec risk assessment and certification methodologies. Define security configuration standards for shared and multi-tenant platforms and technologies. Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit. Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stakeholders. Provide knowledge sharing and technical assistance to other team members, acting as a Subject Matter Expert (SME) in responsible technologies with a deep technical understanding of services and technology portfolios. ### Job Requirements Advanced degree in Computer Science or a related discipline; or equivalent work experience. Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or CISSP, CISM, or CISA, or similar cloud-security oriented certifications. Minimum 9 years of experience in managing a significant Information Security risk management function. Experience in managing communication of security findings and recommendations to IT project teams, business leadership, and technology management executives. Strong working knowledge of cloud security, infrastructure security, application security, Agile & DevSecOps methodologies, and operational security. Knowledge of common information security standards such as ISO 27001/27002, CSA and CIS Controls, NIST CSF, PCI/DSS, FEDRAMP is preferred. Experience with Azure Active Directory (AAD) based Identity and Access Management and Authorization design and integration with API, IDaaS, and Federation technologies is preferred.

We are looking for a highly motivated and detail-oriented individual with 2 to 7 years of experience to join our team as a Portfolio Compliance Enablement Specialist in Bengaluru. The ideal candidate will have a strong foundation in Cyber Security, Information Security, or a related field. ### Roles and Responsibility Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies. ### Job Requirements At least 2 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or an interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Understanding of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills, and the ability to work effectively within a team environment.

We are looking for a highly skilled and experienced Consultant to join our team in Gurgaon. The ideal candidate will have 2-3 years of experience in IT Audits, preferably with experience working on FS clients. ### Roles and Responsibility Conduct IT audits, including statutory and internal audits, to ensure compliance with regulatory requirements. Develop and implement effective IT General Controls (ITGC) testing procedures to identify areas for improvement. Collaborate with cross-functional teams to design and execute IT Application Controls (ITAC) testing and Automated Business Controls testing. Perform IT Infrastructure risks and control assessments to identify potential vulnerabilities. Assist in SOC1, SOC2 audits and reporting, as well as IT Compliance and regulatory reporting. Develop and maintain expertise in emerging technologies such as cloud, RPA, AI/ML, and Blockchain. ### Job Requirements Bachelor's degree in Computer Science, Statistics, or M.C.A; Master's degree preferred. Minimum 2-3 years of relevant experience in IT Audits, with a focus on client-facing roles managing audits. Strong knowledge of ITGC, ITAC, and IT Automated Business Controls testing. Experience with IT SOX 404, SOC1, SOC2 audits, and reporting. Familiarity with risk and control assessments considering emerging technologies. Preferred certifications include CISA, CISSP, CISM, CRISC, CCSK, and others relevant to the role.

We are looking for a skilled Email Security Engineer with 5 to 10 years of experience to join our team in Bengaluru. The ideal candidate will have a strong focus on Microsoft Defender for Office 365 (MDO) technologies and be able to enhance email security, optimize delivery, and integrate various security technologies and protocols. ### Roles and Responsibility Architect, implement, and manage solutions with a focus on Microsoft Defender for Office 365 (MDO), including anti-phishing policies, safe links, and attachments. Configure and optimize MDO services and integrate with other security solutions such as Cisco, Proofpoint, and Fortra. Implement and manage protections for Microsoft Teams, SharePoint, and OneDrive. Manage email authentication protocols (SPF, DKIM, DMARC) and implement encryption solutions like S/MIME and Office 365 Message Encryption. Handle L4 email security incidents, develop incident response plans, and provide technical guidance. Monitor systems, analyze metrics, and optimize for performance and compliance. Conduct proof of concepts (PoCs), product evaluations, and manage requests for comment (RFCs). Prepare and deliver presentations to leadership and support the security awareness training program. Work independently on projects from conception to completion and manage vendor relationships. ### Job Requirements Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent work experience. Minimum 5 years of experience in email security engineering, with proven experience in incident response and managing security solutions. Strong analytical, problem-solving, and communication skills. Ability to collaborate effectively with diverse teams and deliver presentations to senior leadership. Proficiency in PowerShell, Python, and understanding of network protocols (TCP/IP, SMTP, etc.). Expertise in Microsoft Exchange Online and Defender for Office 365. Proficient in email security tools and platforms, anti-spam, malware detection, phishing prevention, encryption, and DLP. Experience with SPF, DKIM, DMARC, and email security solutions from Cisco, Proofpoint, and Fortra. Knowledge of MDO protections for Teams, SharePoint, and OneDrive. Desired Certifications: CISSP, CESS, or Microsoft 365 Certified: Security Administrator Associate. ### Additional Information Occasional on-call support or off-hours work may be required. Join our team and play a vital role in safeguarding our organization's email communication against emerging threats. If you are passionate about email security, possess strong technical skills, and are committed to maintaining a secure digital environment, we encourage you to apply.

We are looking for a skilled Senior Manager TPRM with 10 to 12 years of experience to join our team in Bengaluru. The ideal candidate will have a strong background in information security, risk management, and controls concepts. ### Roles and Responsibility Provide guidance and share knowledge with team members on complex, judgmental, and specialized issues. Brief the engagement team on client's environment and industry trends, maintaining relationships with client management to manage expectations of service. Demonstrate a thorough understanding of complex information systems and apply it to client situations, using extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Manage client engagements, determining and deploying the right team with adequate skill sets for executing engagements and periodically reviewing status updates. Contribute to thought leadership documents and develop new methodologies, facilitating discussions/knowledge sharing with key client personnel. Plan and schedule client engagements, staying abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Identify buyers, influencers, and stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity, and leadership, working with team members to set goals and responsibilities for specific engagements and fostering teamwork and innovation. Drive performance management for self and team, managing the performance management process for direct reportees as per organizational policies. Train and mentor project resources, participating in organization-wide people initiatives. ### Job Requirements Strong knowledge of information security concepts, risk, and controls is required. Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc., and regulations like FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, OSI layer, networking, and security concepts, along with sound familiarity with OWASP and Secure SDLC standards/frameworks. Experience in LAN/WAN architectures and reviews, cryptography, physical and environmental security, asset security, and identity and access management. CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer certifications are preferred. A BE/BTech degree with a sound industry experience of 10 to 12 years is required.

We are looking for a highly skilled and experienced Chartered Accountant (CA) or Master’s degree in management, Information Systems/Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline with 5 to 10 years of experience to join our team as a Senior Manager in Risk Consulting - Protect Tech. The ideal candidate will have a passion for technology and an ardent desire to work in risk management. ### Roles and Responsibility Consistently deliver quality client services, driving high-quality work products within expected timeframes and on budget. Foster relationships with client personnel to analyze, evaluate, and enhance information systems, developing and improving security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, communicating this information to the engagement team and client management through written correspondence and verbal presentations. Demonstrate deep technical capabilities and professional knowledge, quickly assimilating new knowledge. Identify strategic, IT, and business risks, control gaps, weaknesses, and areas of improvement. Design IT Risk Controls frameworks and RACMs, and implement IT general controls, application controls, and business process controls. Conduct IT internal control reviews and review SOC1 or SOC2 reports. Perform IT Risk and Controls assessment with exposure to technologies such as SAP, Oracle, Workday, MS Dynamics, or emerging technologies like Cloud, RPA, AI/ML. Possess knowledge of IT risk, information security, or cyber security frameworks such as COSO, COBIT, ISO, NIST, etc. Understand IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS, etc. Have strong exposure working in client-facing roles and collaborating with cross-functional teams including internal audits, IT security, and business stakeholders to assess control effectiveness and facilitate remediation activities. Exhibit excellent communication, documentation, and report writing skills. Relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001 are a plus. ### Job Requirements A Chartered Accountant (CA) or Master’s degree in management, Information Systems/Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline is required. Minimum 5 years of experience in risks & controls, preferably in a Big 4 or professional firm. Passion for technology and a desire to work in risk management. Strong understanding of IT risk, information security, or cyber security frameworks such as COSO, COBIT, ISO, NIST, etc. Experience in conducting IT internal control reviews and reviewing SOC1 or SOC2 reports. Excellent communication, documentation, and report writing skills are essential. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001.

We are looking for a highly skilled and experienced Cyber Security Consultant to join our team in Bengaluru. The ideal candidate will have 5-8 years of experience in supporting Data Security Technology, with a strong background in Information Security concepts related to Governance, Risk & Compliance. ### Roles and Responsibility Build and deploy DATA PROTECTION solution concepts and deployment requirements. Deploy and administer endpoint protection tools. Collaborate with vendors to support DATA PROTECTION technology, including troubleshooting and upgrades. Monitor and respond to alerts from Data Protection systems and other technologies. Follow incident response processes through event escalations. Respond to escalations by the Incident Response Team. Maintain leading DATA LOSS PREVENTION/CASB systems. Assist clients in privacy-related incident response activities and support their teams as an interim member (e.g., security officer, security manager, security analyst). ### Job Requirements Bachelor's or master’s degree in Computer Science, Information Systems, Engineering, or a related field. At least 5-8 years of experience in supporting Data Security Technology. Experience in administering DLP, CASB tools, including configuring policies, upgrading, and patching for leading vendors such as Digital Guardium, McAfee, Forcepoint, Netskope, Symantec CloudSOC, MCAS, etc. Technical/Vendor certification is an added advantage. Knowledge of core Information Security concepts related to Governance, Risk & Compliance. Ability to work independently and adapt to a changing environment. Demonstrated integrity in a professional setting. Strong analytical and problem-solving skills. Excellent verbal and written communication skills. Proficient in documentation and PowerPoint. Good social, communication, and technical writing skills. Ability to interface with internal and external clients. Flexible to work on rotational shifts and some weekend work may be required based on job needs. Professional certificate or active pursuit of related professional certifications such as CompTia Security+, CEH, CISSP, or Vendor/Technical certification; certified candidates are expected to complete one of the business-required certifications within 12 months of hire.