827 Cissp Jobs - Page 4

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Zscaler Architecture Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges that may arise throughout the day. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Continuously evaluate and improve the cloud security framework based on industry best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Zscaler Architecture.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards and regulations.- Ability to design and implement security solutions in cloud environments.- Familiarity with risk assessment methodologies and threat modeling. Additional Information:- The candidate should have minimum 5 years of experience in Zscaler Architecture.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security practices.- Evaluate emerging security technologies and recommend improvements to existing frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Knowledge of compliance standards such as ISO 27001, NIST, and GDPR.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Architecture Design.- This position is based in Chennai.- A 15 years full time education is required. Qualification 15 years full time education

Wells Fargo is seeking a Control Management Manager In this role, you will: Manage and develop a team to handle complex customer service tasks and create Escalations related initiatives and programs to support business goals and objectives Engage internal partners associated with the Escalations functional area Identify and recommend opportunities for process improvement, service standards, and goals within the Escalations functional area Make decisions and resolve issues regarding internal and external client complaints Interpret and develop Escalations policies and procedures to ensure quality and that service standards meet business objectives Collaborate with Customer Service team and first line supervisors Interact directly with internal and external customers to resolve their inquiries and complaints Manage allocation of people and financial resources for aligned functional area or business group Mentor and guide talent development of direct reports and assist in hiring talent Required Qualifications: 4+ years of Risk Management or Business Controls experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education 2+ years of Leadership experience Desired Qualifications: Identify, assess and mitigate risks across all risk types, in coordination with LOB and assurance activities consistent with the risk management framework and policies established by Independent Risk Management. Leads control evaluations, which may vary in complexity and risk level, and may perform quality reviews of these evaluations. Proficient understanding of quality reviews to ensure the accuracy of evaluation scope, test scripts, assessment results, and control deficiencies identified. Consults on the development, maintenance and execution of control evaluation test scripts and evaluation strategies. Completes control evaluations on schedule. Maintains and executes the Evidenced-Base Control Evaluation Plan. Assesses, documents, and communicates emerging risks, themes and identified control deficiencies to management and risk partners in a timely manner. Ensures any potential control deficiencies discovered during the completion of the control evaluation are properly documented and follow through on reporting, escalation, and resolution. Foster strong relationships with team and collaborate effectively. Ensures coordination with team, line of business, other business units, Audit, and regulators on risk related topics. Completes applicable documentation in accordance with requirements. Ensures internal collaboration with the team, line of business, and risk partners. Aggregates emerging risks from teams as control evaluations are performed. Interfaces internally with the team, line of business, and risk partners. Dynamic leader role with the opportunity to lead project/virtual teams and mentor less experienced employees. Manages a team of Associate Managers, Officers, Senior Associates and/or Associates or cross-functional teams in accomplishing goals. Job Expectations: University degree in Business or related discipline. Strong relationship management skills Ability to effectively listen and elicit information Experience leading, training, and providing feedback to staff and corresponding managers and Management experience Ability to exercise independent judgment to identify and resolve problems Time management skills and ability to meet deadlines coupled with experience renegotiating times lines when needed. Audit or internal control evaluation experience preferably within the financial services industry. Experience drafting and executing control evaluation test scripts to assess the design and performance of internal controls. Experience implementing control evaluation methodologies to support the target state. Thorough knowledge of industry standards and best practices around control evaluations and risk management processes. Proficiency with risk types, methodologies and frameworks for evaluating or testing controls and assessing results, conducting research, and identifying control deficiencies. Experience in assessing risk, reviewing risk ratings, and identifying control deficiencies. Experience evaluating the adequacy and effectiveness of policies, procedures, processes, systems and internal controls; additional experience analyzing business and/or systems changes to determine impact. Familiar with various quality assurance techniques. Risk management experience with demonstrated leadership skills and ability to drive improvements. Proficient at influencing and consulting strategically across a large organization and with various levels of leadership/stakeholders. Experience communicating in both written and verbal formats with senior executive-level leaders. Balance strong, innovative problem-solving skills with the practical ability to implement workable solutions to problems in a fast-paced, deadline driven environment. Role: Risk Management & Compliance - Other Industry Type: IT Services & Consulting Department: Risk Management & Compliance Employment Type: Full Time, Permanent Role Category: Risk Management & Compliance - Other Education UG: Any Graduate PG: Any Postgraduate

Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk & Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web & mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing & cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / Certification: ISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

Role & responsibilities Audit IT Infrastructure: Evaluate systems, processes, and controls in place. Ensure compliance with IT-specific laws, policies, ISMS policies, and standards. Identify vulnerabilities in IT systems and associated management. Discuss findings with the auditee department and finalize audit reports. Submit reports to the reporting manager. Collect auditee replies and present them to management (PRM). Follow up on findings from previous internal audits. Risk-Based Audits: Analyze applications or processes when there is a process change or weakness in controls. Present risks to management. External Audit Support: Present external audit status to management as required Support other Manappuram group audit teams as needed. Sample Audits: Vendor Risk Management Audit Software License Audit Software and Hardware Asset Inventory Audit Business Continuity Plan and Disaster Recovery Audit Software Patch Management and Hardening Tech-Specs Audit Physical and Environmental Security Audit Information Security and Management Systems (ISMS) Audit of HR, Administration, Facilities, Access Control, and Password Policy. System Audit of PPI MAKASH as per RBI norms. Audit of IT Governance Information and Cyber Security Audit as per RBI Master Direction on NBFC IT Framework. IT Operations Audit as per RBI Master Direction on NBFC IT Framework. Managing Audit of Outsourced IT Services

YOU MUST HAVE: Bachelor s degree or equivalent work experience in Cyber Security or Information Technology 6+ years experience in Cyber Security. Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders Knowledge of secure software development lifecycle Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment Product architecture and development background Software engineering or development experience Secure software development lifecycle experience Knowledge of penetration testing Familiarity of security regulations and standards Understanding of Agile software development practices. WE VALUE: Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools

As an experienced professional in capacity and performance management, you are well-versed in the understanding of application lifecycle management. Your expertise includes hands-on experience with various infrastructure technologies tailored to organizational needs, encompassing operating systems, software, virtualization, and automation across multiple platforms. Your primary responsibilities within the Infosys delivery team entail ensuring effective Design, Development, Validation, and Support activities to guarantee client satisfaction with high service levels in the technology domain. By gathering and translating client requirements into system specifications, you will be pivotal in the estimation of work requirements, providing essential project estimations to Technology Leads and Project Managers. Your role as a key contributor involves building efficient programs and systems to support clients in their digital transformation journey. Your technical expertise should include designing IT infrastructure solutions, formulating technology strategies with logical and physical designs aligned with client needs using standard architecture methodologies. You will be adept at handling multiple infrastructure technologies based on project requirements, preparing detailed documentation such as bill of material and technical write-ups for developed solutions, and articulating architecture design to various stakeholders, including CxO level executives. Additionally, you will have the opportunity to engage in detailed briefings and presentations for a larger client audience, working as an individual contributor to ensure timely delivery of infrastructure solutions within project timelines through collaboration with internal and external partners. Furthermore, holding industry-standard IT Infrastructure certifications such as RHCE, MCSE, MCTS, CCNA, CCIE, VCP, or CISSP is essential, while possessing PMP or ITIL certification would be advantageous for this role. If you are passionate about Infrastructure, Server Administration, Cloud Infrastructure, and Converged Infrastructure Solutions, and are ready to contribute to the digital transformation journey of our clients, this role at Infosys is the perfect fit for you.,

As a Platform and Network Security Expert at ANDREW in Bangalore, Karnataka, you will play a crucial role in enhancing security measures for DAS and RAN products. Your responsibilities will include designing and defining security policies, architecting secure environments, and ensuring compliance with telecom security standards and customer requirements. You will collaborate with internal and external stakeholders, engage in security testing, and develop tools to automate security monitoring and vulnerability management. To be successful in this role, you should have a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security, along with 10+ years of experience in the Telecommunications and Cellular industry. Expertise in mobile network security principles, knowledge of O-RAN architecture, cloud security, and security frameworks is essential. Proficiency in security testing tools, Linux security, and scripting is also required. Strong communication and collaboration skills are key for interfacing with centralized security teams and development stakeholders. Certifications such as CISSP, CEH, GICSP, or vendor-specific security certifications are a plus. Experience with AI/ML-based threat detection, 3GPP standards, and telco cloud environments will excite us. Join ANDREW, part of the Amphenol family, and be a part of our legacy of over 85 years in wireless innovation. We offer exciting career opportunities, a supportive work environment, and the chance to make a positive impact within a global organization. Visit our website at https://www.andrew.com to learn more about us.,

We are reaching out regarding an exciting opportunity in Cybersecurity Operations Leadership with a global organization known for innovation and resilience in cyber defense. In this role, you'll lead a 24x7 global Security Operations Center (SOC) and drive strategy and execution across threat detection, incident response, forensics, and automation using tools like Splunk, Phantom, CrowdStrike, and Tanium. Youll work closely with audit and compliance teams and ensure security operations are aligned with regulatory and industry best practices (NIST, MITRE ATT&CK, ISO 27001). Key Highlights: Lead SOC teams and security incident response globally Enhance SIEM/SOAR platforms, automate detection & response Hands-on experience with forensic tools, cloud security (AWS/Azure), and vulnerability management Strategic reporting, playbook creation, and regulatory compliance Preferred certifications: CISSP, CISM, GCIH, GCFA, CEH, or equivalent Experience: 10–15 years with at least 3–5 years in Cybersecurity Operations If you’re passionate about building world-class cybersecurity defense mechanisms and enjoy leading high-performing teams, we’d love to speak with you!

At EY, you will have the opportunity to shape your future with confidence by joining a globally connected powerhouse of diverse teams. As part of our highly successful Cyber Security team, we are currently seeking Security Architects with varying levels of experience. Whether you are considering a career change now or in the future, we invite you to connect with us and explore this exciting opportunity to contribute to building a better working world. As a Security Architect at EY, you will play a crucial role in leading the implementation of security solutions for our clients. You will work alongside an international team of specialists to address complex information security needs and enhance our clients" business resilience. Your responsibilities will include designing security solutions, developing security policies and guidelines, evaluating existing security controls, and collaborating with stakeholders to ensure effective security measures are in place. To excel in this role, you must possess expert-level knowledge in technical IT security domains such as infrastructure, networks, databases, security monitoring, and cloud security. Additionally, you should have experience in assessing solution architectures for security issues, managing multiple stakeholders, and implementing security vulnerability remediation strategies. Industry certifications such as CISSP, CISA, CISM, and experience in areas like Cyber Threat Management, Identity & Access Management, and Data Protection will be advantageous. To qualify for this role, you should have 8-10 years of professional experience in cyber security consulting, strong project management skills, and advanced communication abilities. While technical skills are essential, we value candidates who demonstrate strong interpersonal skills, relationship-building capabilities, and a commitment to delivering excellence in client service. Joining EY offers you the opportunity to work on inspiring projects, receive support and coaching from engaging colleagues, and develop new skills to progress your career. You will be part of a diverse and interdisciplinary environment that promotes knowledge exchange and emphasizes high quality in all endeavors. At EY, you will have the freedom and flexibility to shape your role in a way that suits you best, supported by a culture that values individual growth and personal development. If you are looking to be part of a market-leading team of professionals, collaborate with leading businesses globally, and contribute to building a better working world, we invite you to explore the exciting opportunities available at EY.,

The role of Senior Technology Auditor at Booking Holdings involves planning and executing IT operational, governance, and compliance related audits at Booking.com and other Booking Holdings companies. This position is based in Bangalore COE and may require occasional travel to other Booking Holdings companies. In this role, you will be responsible for planning and executing SOX control testing across Booking Holdings companies, as well as IT operational audits covering a wide range of topics. You will coordinate with stakeholders such as Risk & Compliance, Product Development & Engineering, Central Security & Technology teams, External Auditors, and others. Additionally, you will assist in conducting risk assessments, identifying controls to mitigate risks, and documenting audit results in accordance with internal audit department and Institute of Internal Auditors (IIA) standards. Furthermore, you will support in preparing audit reports for senior management and leadership teams, provide advice on internal control, participate in enhancing control procedures for Holdings companies, and drive continuous improvement of the internal audit function. The ideal candidate for this role should have strong knowledge of various IT environments gained through at least 5 years of relevant experience in IT. They should possess an understanding of risk definitions and controls implementation in an IT environment, negotiation skills, relationship building skills, problem-solving abilities, and timely problem escalation skills. Excellent analytical, report writing, oral communication, time management, and organizational skills are essential, along with a minimum of a Bachelor's degree preferably in Technology and certifications such as CISA/CISM/CISSP or equivalent. The successful candidate should be a culture fit for the energetic and fast-paced environment at Booking Holdings, displaying a self-starter attitude, commercial awareness, results-oriented approach, data-driven decision-making skills, stakeholder management abilities, relationship-building skills, and a commitment to self-development. Being detail-oriented while grasping the bigger picture is crucial for this role. Booking Holdings values diversity and inclusivity within its team, aiming to provide an environment that fosters innovation, creativity, and collaboration. The Global Internal Audit function at Booking Holdings plays a key role in providing assurance, analysis, insights, and advice on key risks, working towards making the company stronger and more successful. GIA operates globally, partnering with brands and individuals across cultures to drive positive change and growth within the company.,

The Manager, Continent Information Security Partnerships, Property Security Compliance plays a crucial role in managing continent security aspects related to the Marriott Security Compliance Assessment program. Your primary responsibilities include planning, executing, and overseeing the program to ensure maximum security compliance status across IT Operations in the continent. You will enforce Marriott Security Standards and requirements for properties, while reporting directly to the Senior Director/Director, Continent Information Security Partnerships. Building strong relationships with Area Operation/IT Leaders, you will offer support to continent operations and collaborate with various Information Security teams. This role involves up to 75% travel for work purposes. **Candidate Profile:** **Education and Experience:** - 5+ years of Information Technology or information security work experience, with a focus on technology plans and/or information security projects. - 3+ years of experience in implementing enterprise security risk management frameworks. - Bachelor's degree in Computer Sciences, Information Technology, Information Security, Cybersecurity, or equivalent field experience. - Proficiency in spoken and written English. **Preferred:** - Professional certifications related to security assessment (e.g., CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor). - Knowledge of Hotel IT Management and Cybersecurity. - Understanding of PCI DSS, NIST CSF, and global regulatory standards. - Expertise in network and technical security controls. - Experience in coordinating security incident responses. - Ability to apply organizational information security policies effectively. - Familiarity with IT security in an infrastructure environment. - Proven ability to prioritize tasks in high-pressure environments. - Graduate/postgraduate degree. **Core Work Activities:** - Conduct audits, security assessments, and control reviews across various domains. - Evaluate the effectiveness of information security controls aligned with corporate standards. - Perform risk-based assessments and identify vulnerabilities and improvement opportunities. - Develop and manage audit or assessment programs from planning to follow-up. - Collaborate with stakeholders to develop remediation plans and track progress. - Prepare detailed audit reports with actionable findings. - Contribute to the enhancement of information security internal audit methodology. - Additional Functions include representing Security in new property openings, providing tactical communications, tracking compliance performance, and reporting on security & compliance metrics. **Additional Responsibilities:** - Keep supervisors and team members informed through effective communication. - Attend relevant meetings and present information clearly. - Use problem-solving methodology for decision-making. - Maintain positive working relationships and manage time effectively. - Perform any other duties as assigned by the manager. Marriott International is an equal opportunity employer, committed to a diverse workforce and an inclusive, people-first culture. Non-discrimination based on any protected basis is our principle, ensuring fairness and respect for all employees.,

The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" Director, Cyber Security. What Youll Contribute 3+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.

Role & responsibilities : Design and comply with applicable ISO27001 and NIST CSF standards. Monitor and protect against IT security threats with regular and effective oversight, testing, awareness building and employee training. Help develop a company-wide cultural mentality regarding the importance of information security. Prepare reports on IT security issues, testing, threats and incidences on a regular basis. Perform information security risk assessments. Identify and track the resolution of security incidences and vulnerabilities. Develop communication plans in advance of incidents to ensure a prompt and strategic response to both internal and external personnel. Ensure that adequate physical security controls exist to protect sensitive data and information systems. Responsibilities include asset, building, and network protection. Participate in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements, to ensure all security concerns, requirements, and responsibilities are addressed. Qualifications: Bachelors degree or masters degree in a computer field. Ten years or more IT operations experience and management. Ten years or more of experience leading technology projects in a high uptime, telecom, call center and/or Software-as-a-Service environment. CISSP or CISM qualifications Track record of ISO27001 program implementation, certification and maintenance In-depth knowledge of Windows and Linux server environments Ability to maintain composure and sound judgment in high-pressure environments Demonstrated leadership and personnel/project management skills Highly self-motivated and directed Proven analytical and problem-solving abilities Strong customer service orientation Experience working in a team-oriented, collaborative environment

Hiring a Senior Cybersecurity GRC Consultant, you will play a pivotal role in helping organizations manage and improve their Governance, Risk, and Compliance (GRC) frameworks. You will be responsible for setting up and leading assessments, implementing strategies, and advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements. 8+ Years of Experience in cybersecurity, risk management, and governance, with a proven track record of leading GRC initiatives. Educational Background: Bachelors or Masters degree in Information Technology, Cybersecurity, Computer Science, Business Administration, or a related field. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or similar. Must have experience in customer facing projects (onsite / offsite); Should be able to lead the junior team members. In-depth Knowledge of Cybersecurity Frameworks: Expertise in implementing and advising on security frameworks such as Unified Cybersecurity Framework, NIST/RBI/IRDAI/SEBI Cybersecurity Frameworks, ISO 27001/2, CIS Controls etc. Project Management: Proven ability to manage and lead multiple GRC projects simultaneously, with strong organizational and time-management skills. Client-Focused: Demonstrated ability to build and maintain relationships with clients, providing expert advice and ensuring customer satisfaction. Cloud Security: Knowledge of cloud environments (AWS, Azure, Google Cloud) and their associated risks and compliance requirements. Penetration Testing & Vulnerability Management: Familiarity with vulnerability assessment, penetration testing, and ethical hacking practices. Incident Management: Experience in developing or improving incident response plans, business continuity plans, and disaster recovery strategies.

Job Role- Internal Audit - Process & IT Work days - 5 days Experience - Minimum 8-10 years of relevant insurance / financial services experience including IT operations/ audit. Recognized accounting/auditing/information system certifications (e.g. CA, CISA, CIA, CISSP) Traveling - Primarily based out of Mumbai Head Office. Occasional travel as per requirement. Job Overview Concerned individuals will be responsible for Planning and execution of internal audits in accordance with the laid down process. Providing support to the Head-internal audit for other internal audit related activities including Board presentations and liaising with senior management. Responsibility- Executing internal audits (process-based as well as IT) in accordance with the approved audit plan including o Compliance with the internal audit methodology o Using data analytics for a stratified sample o Working closely with management and recommending appropriate risk and control initiatives including best practice Display independence in execution of audit and management of various stakeholders Ensure upkeep with applicable rules and regulations Ensure upkeep with Companys policies and procedures Using CAATs and other tools to extracts and analyze data for trends and patterns, and designs review mechanism to identify potential irregularities and increase coverage and efficiencies for audit projects Liaise/manage external firms deployed which provide support to the Internal Audit department Follow up with process owners/ stakeholders on the progress for remediation initiatives, and validate adequacy of the remediation actions Support the Head of Audit with reporting to Board and/or Audit Committee Liaise with Regional Office including group auditors on audit progress, remediation status and other audit initiative Provide support to additional projects and to identify and pursue on-going process improvements. Support continuous improvement of internal audit practices and tools.

Company: Leading Health Insurance. Role: Internal Audit - Process & IT. Location: Jogeshwari, Mumbai. Experience - Minimum 8-10 years of relevant insurance / financial services experience including IT operations/ audit. Recognized accounting/auditing/information system certifications (e.g. CA, CISA, CIA, CISSP) Job Overview Concerned individuals will be responsible for Planning and execution of internal audits in accordance with the laid down process. Providing support to the Head-internal audit for other internal audit related activities including Board presentations and liaising with senior management. Responsibility- Executing internal audits (process-based as well as IT) in accordance with the approved audit plan. Compliance with the internal audit methodology. Using data analytics for a stratified sample. Working closely with management and recommending appropriate risk and control initiatives including best practice. Display independence in execution of audit and management of various stakeholders. Ensure upkeep with applicable rules and regulations. Ensure upkeep with Companys policies and procedures. Liaise/manage external firms deployed which provide support to the Internal Audit department. Follow up with process owners/ stakeholders on the progress for remediation initiatives, and validate adequacy of the remediation actions. Liaise with Regional Office including group auditors on audit progress, remediation status and other audit initiative. Provide support to additional projects and to identify and pursue on-going process improvements. Support continuous improvement of internal audit practices and tools. Interested candidates can share their resumes at bhumika@rightmatch.co.in / +918788674591

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Illumio Micro Segmentation. Experience: 8-10 Years.

The Impact You'll Make Danfoss Power Solutions designs and manufactures a complete range of engineered components and systems. From hydraulics and electrification to fluid conveyance, electronic controls, and software, our solutions are engineered with an uncompromising focus on quality, reliability, and safety. Join us at our site in Pune/ Remote as a Cyber Security Embedded Software Engineer (m/f/d) to contribute to state-of-the-art secure solutions in our product designs. What You'll Be Doing As a Cyber Security Embedded Software Engineer for Embedded Operating Systems (EOS), you are a security expert ensuring that we develop and implement secure designs in our EOS products which protect us against all types of cybercrime techniques for hardware and embedded software. To be more precise, your tasks will be the following: - Designing and implementation of cyber security technical measures (Secure Boot and Secure Software update mechanisms, etc.) - Defining/reviewing technical security requirements - Vulnerability assessments, classifying, prioritizing, and fixing issues - Conducting Threat Assessment for new and existing products - Responding to incidents and implementing corrective measures for security breaches - Cyber Security Culture development through team internal training and coaching What We're Looking For For this position, you have an educational background in Embedded Software or a similar field and several years of practical experience from a similar role. Further requirements are: - Experience with systematic embedded software development - Expertise in international cyber security regulation and standards - CISSP, CSSLP, or CEH certification preferred - Great team-player qualities and the ability to work in a cross-functional environment - Creative, analytical, structured, and proactive approach as well as a positive mindset - Fluency in English What You'll Get from Us We promote from within and support your learning with mentoring, training, and access to global opportunities. You'll have flexibility, autonomy, and support to do your best work while maintaining a healthy work-life balance. Your well-being matters to us. We strive to create an inclusive work environment where people of all backgrounds are respected and valued for who they are. You'll receive benefits like the 13th salary, annual bonus, paid vacation, pension plans, personal insurance, and more. These vary by country and contract, but they're worth asking aboutwe think they're pretty great. Ready to Make a Difference If this role excites you, we'd love to hear from you! Apply now to start the conversation and learn more about where your career can go with us.,

As a SOC Architect at Sennovate, located in Coimbatore, you will be a part of an Information Security managed Security Service provider specializing in Identity and Access Management (IAM) and Security Operations Center (SOC) powered by AI. Your role will involve leading the SOC Team with a strong focus on research and development in the Security domain. If you align with Sennovate's culture, which emphasizes accountability, respect, continuous learning, personal ownership, rejecting average standards, showing gratitude, and valuing time and simplicity, then you are the right fit for this role. Your responsibilities will include providing technical leadership in designing, implementing, and maintaining SOC systems. You will be expected to embrace thought leadership, provide mentorship to team members, and develop strategies to enhance security protocols, incident response, and threat detection capabilities. Additionally, you will drive improvements in SOC processes, workflows, and toolsets, while also leading the R&D team in exploring innovative security solutions. The ideal candidate will hold a Bachelor's degree in Computer Science, Information Technology, or a related field, with 6-10 years of extensive experience in SOC operations, security architecture, and design. Hands-on experience with security tools across various platforms, strong knowledge of Linux and Windows OS, and an understanding of security architectures are required. Additionally, the candidate should have excellent communication and presentation skills, demonstrated expertise in leading R&D initiatives, and relevant certifications such as CISSP, CISM, or CISA would be advantageous. Strong leadership, communication, and problem-solving skills are also essential for this role.,

We are seeking a technically strong IT person to oversee IT operations, infrastructure, software development, and cybersecurity practices in alignment with ISO/IEC 27001:2022.

As a Security Lead at Big Data Exchange (BDX), you will play a crucial role in providing security incident response and readiness within a 24x7 Security Operations Centre supporting the IT Infrastructure and Operations team. Your responsibilities will include managing security incidents, responding to operational incidents, coordinating incident responses, and developing incident response playbooks and procedures. You will be responsible for supporting global vulnerability management processes, conducting regular vulnerability assessments, collaborating with IT teams to implement security patches, and validating updates. Additionally, you will manage the Total Cost of Ownership for security solutions, operate various security tools such as HIDS, NIDS, IPS, analysers, and scanners, and monitor and analyze security tools to identify threats and vulnerabilities. Your role will involve assisting in the identification and evaluation of security threats and vulnerabilities, conducting in-depth analysis of security events, and providing recommendations for mitigation and remediation solutions. You will also be required to participate in industry cyber forums, support audits and reviews, and stay updated on developments in the information security industry. To excel in this role, you should have a proven track record in managing technical resources, relevant information security experience, solid knowledge of cloud technologies, and familiarity with cloud security architecture and operations. You must also possess experience with SecDevOps principles, Security Automation and Orchestration, and industry best-practice approaches to IT systems design and management. Strong communication skills, both written and verbal, are essential for effectively communicating with senior management and technical/non-technical audiences. A relevant University degree in Computer Science, Information Management, or a related field, or equivalent experience is a must. Additionally, holding certifications such as CISSP, CCSP, or other relevant cyber security certifications is advantageous. For this role, essential competencies and behavioral skills include a Bachelor's degree in computer science, at least 10 years of relevant experience in cyber security, knowledge of information technology operation, cyber security assessment, cyber security products, and market best practices and frameworks. Certification in cyber security and project management is desirable for this position. Big Data Exchange (BDX) offers a dynamic environment where you can contribute to the security operations and incident response functions while staying abreast of the latest developments in the information security industry. Join us in our mission to provide mission-critical infrastructure for Enterprise IT workloads and support digital transformations and sustainability.,

As a Security Verification professional with Job Id 56781 based in Mumbai, India, you will be responsible for leading SecArch deep dives with the requestor of the assessment. Your key duties will include conducting assessments and providing technology risk/requirements to the requestor, covering areas such as Authentication, Authorization, Auditing, Application Security, Secure data transport and storage. It will also be your responsibility to periodically review security reference architecture and conduct updates/enhancements, as well as participate in various Operational and Technology Risk governance processes. Additionally, you will assist in identifying new areas and opportunities for technology investment within the firm. To excel in this role, you must possess excellent communication skills in written, oral, and presentation formats, along with active listening abilities. Your ability to influence through factual reasoning, manage time effectively by handling multiple concurrent assessments, and strong follow-up and tracking skills will be crucial. You should have a strong focus on delivery, especially when faced with short timelines and increased involvement from senior management. Your capacity to adjust communication of technology risks versus business risks based on the audience will be highly valued. In terms of Security Architecture skills, you are required to have in-depth knowledge of application security and basic knowledge of network and platform security vulnerabilities. You should be able to explain these vulnerabilities to developers, have experience in conducting Information Security, IT Security, and Audit assessments, as well as reviewing technical designs and functional requirements to identify areas of security weakness. Furthermore, you must have a working experience in various application/network security domains such as Authentication, Entitlements and identity management, Data protection, App Security, Cryptography, and more. Moreover, familiarity with programming and scripting languages like Java, JavaScript, C#, C/C++, Perl, Python, Ruby is essential for this role. Understanding frameworks, protocols, and subsystems like J2EE, .NET, Spring, RPC, SOAP, and more, as well as database design and programming experience, will be advantageous. Experience in liaising with 3rd Party Entities, conducting and reviewing penetration tests, vulnerability assessments, and knowledge of geographic regulations impacting security assessments will be beneficial. Previous experience in Financial Services and industry qualifications like CISSP are preferred. In summary, as a Security Verification professional, you will play a critical role in ensuring the security and integrity of technology systems within the organization. Your expertise in security architecture, communication skills, and ability to manage multiple assessments will be instrumental in safeguarding the firm against potential risks and vulnerabilities.,

1 Role title: Cyber Security Architect Grade Required Qualifications Advanced degree in Computer Science 5+ years of cyber security engineering experience Any of the following: CISSP, CISM, CEH along with Azure, GCP or AWS certifications Experience with security tools and technologies (e.g., firewalls, IPS, Email Security, SOAR, Threat Intel, SIEM, DLP, EDR, encryption, etc.). Experience in global manufacturing, pharma, and/or a life sciences company Summary of Role Duration Key responsibilities Required skills The Security Architect role is a pivotal position within the Cyber Security Office, reporting directly to the Security Architecture Lead. This role offers an exciting opportunity to collaborate with cross-functional teams from IT, Cyber Security, and Business Units to architect and design robust security solutions that effectively protect organisation's enterprise networks from evolving cyber threats. As an individual contributor, you will focus on strategic design and innovation, ensuring that our security strategies align with industry standards and best practices such as TOGAF, SABSA, Purdue, and NIST frameworks. This role is designed for individuals who are passionate about cybersecurity, possess strong expertise in security, and are eager to make a significant impact on organisation's security posture Drive the strategic design and implementation of innovative security solutions and controls Stay at the forefront of industry standards, regulations, and best practices related to IT and OT security, ensuring continuous improvement Generate comprehensive documentation, certification, and testing protocols for the deployment of new security solutions Continuously monitor and analyze current cybersecurity threats, trends, and emerging technologies to inform strategic security initiatives Work closely with engineering and architecture teams to ensure security requirements are integrated into all phases of the system development lifecycle Define and implement advanced security configurations, policies, and procedures for IT and OT assets and systems Effectively communicate with stakeholders at all levels, translating complex technical concepts into actionable security strategies Support the development and implementation of security architectures across various domains, including data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, and platform security Conduct security assessments and gap analyses to identify and mitigate security risks Provide technical guidance and mentorship to security engineers and other team members Perform assessments of capabilities and tools to ensure alignment with GSK business and security needs Assist with product Proof of Concept (POC) evaluations to validate security solutions Create and execute test plans to rigorously evaluate security controls and document results to provide unbiased outcomes that demonstrate alignment with GSK business and security needs in a seamless manner Proven experience in developing security strategies and reference architectures Familiarity with TOGAF, SABSA, or Purdue Enterprise Reference Architecture Experience in designing and deploying network security controls and solutions Extensive knowledge of security technologies, including encryption, authentication, authorization, security protocols, data and privacy, AI/ML, and application development Strong communication and interpersonal skills, ability to effectively manage stakeholders Proficiency in writing, developing, and maintaining technical documentation, including security standards, strategies, and implementation plans Ability to prioritize and filter actions to focus on those with significant impact on the program Capability to work with multiple stakeholders to promote practical solutions to complex security problems Excellent problem-solving and analytical skills, with the ability to work under pressure Hands-on experience in at least three of the following security domains: data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, or platform security Experience with threat modeling and risk assessment methodologies Experience in security automation and orchestration Knowledge of AI and machine learning security considerations Understanding of regulatory requirements/industry standards (e.g., GDPR, HIPAA, PCI)

We are seeking a highly skilled Cybersecurity Officer with a strong background in information security, cyber risk management, and technical infrastructure protection.As a global provider of financial and data clearing applications for mobile network operators, we understand the critical importance of robust cybersecurity measures.This role is specifically focused on the digital security of enterprise systems, cloud infrastructure, application environments, and customer data. Nextgen Clearing is the market leading provider of global roaming services. We operate internationally across 20 global locations, employing over 300 talented people. We offer Award-winning Data and Financial Clearing services, along with unique value-added features on a single flexible online platform. Nextgen Clearing serves more than 160 operators worldwide, giving them a 24/7 holistic overview of their full roaming business Key Responsibilities: Define and implement security policies and controls to protect the company's digital assets and ensure regulatory compliance. Continuously monitor the company's security posture and quickly respond to security incidents. Develop security strategies and plans for preventing and responding to security breaches. Provide expert guidance and support to software teams on implementing secure development practices, security requirements, and conducting security testing. Foster secure application deployment and configuration, ensuring the protection of data integrity and confidentiality. Conduct regular training and awareness sessions for the company's staff to promote security best practices. Assist in the response to security incidents, including the management of communications and recovery efforts. Work collaboratively with customer service teams to safeguard customer data, enhance data privacy, and ensure secure customer interactions. Contribute to the company's efforts to prevent fraud and manage security incident communications to maintain trust with customers. Stay up-to-date on the latest cybersecurity trends, threats, and security technologies to continuously improve the organization's security stance. Collaborate with IT and other departments to establish a security-focused culture across the company. Develop and maintain documentation related to security policies, procedures, and incident response plans. Stay up to date on emerging cybersecurity threats and vulnerabilities and proactively recommend and implement countermeasures to mitigate risks. Foster security awareness and monitor security policy implementation Requirements Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree or cybersecurity certifications (e.g., CISSP, CISM, CEH, TOGAF) are a plus. A minimum of 5 years of experience in information security or cybersecurity. Strong understanding of information security principles, best practices, and industry standards. Experience with implementing and managing security protocols, cybersecurity tools, and technologies. Familiarity with compliance requirements and standards such as ISO 27001, GDPR, and PCI DSS. Ability to identify security vulnerabilities and risks, as well as implement preventive and corrective measures. Knowledge of secure software development life cycle (SDLC) practices. Excellent problem-solving skills and the ability to work in a fast-paced, high-pressure environment. Strong communication and interpersonal skills to collaborate with diverse teams and educate non-technical stakeholders on security-related matters. Incident response and crisis management experience. Working Conditions: The role may require availability outside of standard business hours to respond to security incidents and maintain critical security measures. Benefits A supportive, dynamic, and collaborative work environment. Exceptional opportunities for professional and career advancement. Engagement with the leading provider of roaming services, catering to global Mobile Network Operators as clients. For more information, please visit www.nextgenclearing.com. Private Health Insurance Training & Development