827 Cissp Jobs - Page 5

The Security Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution. Good knowledge of SIEM, SIEM Architecture, SIEM health check. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Good verbal/written communication skills. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Raising change management tickets for SOC Administration activities like Patch upgrade for SIEM, onboarding log sources etc. Helping L3 and L1 with required knowledge base details and basic documentations. Co-ordination SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. High ethics, ability to protect confidential information. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures. Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Ready to work on 24/7 shifts to support client requirement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 2 Years of Experience in SOC monitoring and investigation. Audit the SIEM in the customer environment. Troubleshoot issues regarding SIEM and other SOC tools. Build of use case for the customer. Data archiving and backup and data purging configuration as per need and compliance. Helping L3 and L1’s with required knowledge base details and basic documentations. Co-ordination with SOC Monitoring team for troubleshooting issues and highlighting them to clients for further resolution and escalation. Troubleshooting at device and connector/agent end to fix the anomaly reported by other team and observed on day to day basis. Building of incident reports, advisories and review if SLA has been met for Incident alerting and Incident closure. Update and maintain SOC knowledge base for new security incidents and docs. Creation of daily status report sheet and submit to SOC manager for review. Review advisories and make necessary detection measures.\ Provide analysis and trending of security log data from a large number of security devices. Troubleshooting non-reporting devices fix and maintain device status. Working with OEM (Tool support) in a way to resolve the issue or incident raised. Administration of Windows and Unix servers. Building Parser for the SIEM using regex. Preferred technical and professional experience Escalation point for L1’s and SOC Monitor team. Ability to drive call and summarizing it post discussion. Good Understanding of Firewall, IDP/IPS, SIEM functioning (Generalize HLD as well as LLD). Deep understanding on Windows, DB, Mail cluster, VM and Linux commands. Knowledge of network protocols TCP/IP and ports. Team Spirit and working ideas heading to resolution of issues. Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification) will be preferred. Thorough knowledge in SIEM tool and experience in networking, Cloud security experience will be preferred. SOC Senior Analyst experience with multiple customers.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We need skilled Ping Identity Engineer with strong experience implementing and supporting customer identity and access management (CIAM) solutions using the Ping Identity suite, including PingOne, Ping DaVinci, and PingFederate. You will design, deploy, and maintain modern CIAM capabilities, working closely with business stakeholders, developers, and security teams to deliver secure and seamless customer authentication experiences. Roles & Responsibilities:-Develop customer authentication and authorization workflows-Integrate with third-party identity providers, directories, and social logins-Configure PingOne platform (PingOne MFA, PingOne Risk, PingOne DaVinci orchestration)-Set up policies for adaptive authentication, step-up authentication, and user journeys-Implement PingFederate for SSO and federation use cases-Support provisioning and lifecycle management via PingOne-Ping DaVinci:Design and build drag-and-drop workflows for identity verification, fraud detection, and progressive profiling-Integrate DaVinci flows with APIs, third-party tools, and identity proofing services Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Knowledge of security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and compliance requirements. Additional Information:- The candidate should have minimum 5 years of experience in Ping Identity.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Key Responsibilities Manage projects and activities that ensure timely response to internal and external customer cybersecurity and privacy requirements. Coordinate across multiple functions (sales channels, product development, product security, and information security) to meet customer and company expectations and timelines. Interface with sales channel leaders, field engineering managers, and product managers on approaches to improve cybersecurity compliance, drive security as a differentiator, collect voice-of-customer feedback, and identify ways to enhance the customer experience. Build and manage a library of standardized security and privacy messaging for customer facing communications. Maintain a Frequently Asked Questions list to assist sales and field interactions with customers. Coordinate with sales, field, and product teams to capture market data and voice of the customer feedback. Maintain current knowledge of security and privacy organizations, associations, events and media outlets pertinent to company offerings. Support product vulnerability disclosure process. Continuously monitor product cybersecurity acceptance with key customers. Periodically report to senior leadership on health and status of the Johnson Controls cybersecurity position within targeted markets. Assist in cybersecurity business value assessment of merger/acquisition opportunities. Educate internal stakeholders on customer security and privacy requirements and trends. Monitor product security differentiation efforts to successful completion including the development of supporting marketing collateral and documentation. Coordinate with legal and other regulatory and compliance groups to ensure messaging is compliant with Johnson Controls practices as well as key laws, regulations, and certifications. Assist with security technical documentation for internal and external use. Define, gather, and monitor meaningful metrics for and tracking and analyzing of customer engagement trends for continuous improvement. Participate in product security committees, boards, councils and working groups. Work with technology partners to cross promote solutions Create written content for web pages, blog posts, email, videos, case studies, social media posts, PowerPoint presentations, white papers, spec sheets, brochures, press releases and more. Assist in development of product positioning, messaging and promotion Ensure consistent use of branding based on company guidelines Required Qualifications Knowledge of cybersecurity, particularly as applied to smart buildings. Excellent technical written and verbal communication and presentation skills with focus on brevity and clarity. The ability to condense many technical attributes to easily communicate customer benefits is critical Demonstrated problem-solving skills to analyze customer cyber issues and requirements (regulatory, policy, customer, industry standard) and link to appropriate organizational capabilities, product features and building value messages. Track record of effective collaboration with corporate, customer, and government entities. Technical project management experience using agile methodologies. Ability to assess and translate cybersecurity product features into business value to the customer. Ability to establish a high level of trust and confidence with customers and stakeholders. Experience working with security governance, risk, and compliance. Experience with Operational Technologies (e. g. Controls Systems, Building Management) a plus. Customer relations acumen with ability to explain complex technical details to a wide audience. Excellent interpersonal, organizational, written and verbal communication skills. Overall, 3-7 Years of experience and minimum of 3 years of professional work experience in cybersecurity market analysis, communication and project/program management roles. Marketing automation software (e. g. Pardot) a plus. BS/BA in cybersecurity, computer science, engineering, marketing or related degree. Cybersecurity certifications, e. g. CISSP, GSEC, Sec+, or related are preferred. Travel is occasional at

The IT Infrastructure Manager position in the pharmaceutical and life sciences sector in Chennai, Tamil Nadu requires a professional with 5-9 years of experience. As the IT Infrastructure Manager, you will be responsible for overseeing the hospital's entire IT infrastructure to ensure reliable, secure, and efficient systems that support healthcare delivery. Your primary duties will include managing servers, networks, data centers, cybersecurity, and hardware/software systems while adhering to healthcare regulations. Your key responsibilities will involve planning, implementing, and managing the hospital's IT infrastructure, which includes LAN, WAN, wireless, servers, and storage systems. It will be crucial for you to ensure the 24/7 availability and optimal performance of critical hospital systems such as EMR/EHR, PACS, LIS, and HIS. Maintaining cybersecurity protocols and compliance with healthcare data protection laws like HIPAA and NABH will be a key aspect of your role. You will lead infrastructure projects, upgrades, and migrations while supervising and supporting IT technical staff, vendors, and third-party contractors. Conducting regular risk assessments and disaster recovery drills, managing IT asset inventory and lifecycle, and collaborating with clinical and administrative departments to resolve IT-related issues will also be part of your responsibilities. Your experience should include a strong understanding of hospital systems and IT compliance standards, along with proficiency in virtualization, cloud platforms, firewalls, and enterprise networks. Possessing certifications such as CCNA, MCSE, ITIL, or CISSP would be advantageous. Moreover, excellent leadership, communication, and problem-solving skills are essential for this role. Developing documentation, policies, and standard operating procedures (SOPs) will also be a part of your duties as the IT Infrastructure Manager.,

As a Manager, Information Security Incident Response at NTT DATA, you will be responsible for leading the Information Security Incident Response Management team. Your role will involve ensuring that your team is well-equipped to detect and monitor threats and suspicious activities affecting the organization's technology domain. You will serve as the escalation point for incident workflows and actively participate in delivering security measures through analytics and threat hunting processes. Your primary responsibilities will include managing a team of security professionals while fostering a collaborative and innovative team culture focused on operational excellence. You will be expected to have at least 10 years of experience in SOC, with a minimum of 4 years as a SOC Manager. Additionally, you should have 4+ years of experience in SIEM (Splunk) and hold a CISM/CISSP certification. Your role will also involve troubleshooting technical issues to ensure project success, implementing changes to align with client demands, and providing guidance to the team to achieve specific objectives. You will be responsible for developing and executing a timeline for the team to achieve its goals, monitoring incident detection and closure, and presenting regular metrics and reports. Furthermore, you will be required to conduct periodic DR drills, design SIEM solutions to enhance security value, and conduct root-cause analysis for security incidents. It will be vital for you to ensure that the SIEM system is optimized for efficient performance, align reports SIEM rules and alerts with security policies, and compliance reports requirements. You will also collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. To qualify for this role, you should have a Bachelor's degree or equivalent in Information Technology, Computer Science, or a related field, along with industry certifications such as CISSP or CISM. You should possess advanced experience in the Technology Information Security industry, prior experience working in a SOC/CSIR, and advanced knowledge of tools, techniques, and processes used by threat actors. Additionally, you should have practical knowledge of indicators of compromise (IOCs), end-point protection, enterprise detention, response software, SIEM, and IPS technologies. This is an on-site working position at NTT DATA, where diversity and inclusion are embraced, and you will have the opportunity to continue growing, belonging, and thriving in a collaborative environment. NTT DATA is an Equal Opportunity Employer, and your career progression here will involve seizing new opportunities, expanding your skills, and preparing for future advancements within the global team.,

As a Security Delivery Associate Manager at Accenture, you will be part of the Technology for Operations team, serving as a trusted advisor and partner to Accenture Operations. Your role will involve providing innovative and secure technologies to assist clients in building an intelligent operating model that drives exceptional results. Collaborating closely with the sales, offering, and delivery teams, you will identify and develop innovative solutions to meet client needs. Your responsibilities will include establishing and maintaining a security governance framework, supporting management structures and processes to ensure information security strategies align with business objectives and comply with relevant laws and regulations. By adhering to policies and internal controls, assigning responsibilities, defining metrics, and reporting, you will help manage risk and compliance requirements effectively. We are seeking a candidate with a commitment to quality, experience in research and development, strong negotiation skills, effective problem-solving abilities, and proficiency in risk management. The ideal candidate will possess in-depth knowledge in application security, hands-on experience in SAST, DAST, and penetration testing, as well as familiarity with DevSecOps and Software Composition Analysis. Additionally, expertise in scripting using Python, database knowledge, networking skills, and certifications such as CISSP, CCSP, CISM, CEH, and ECSA would be advantageous. In this role, you will analyze and resolve moderately complex problems, create new solutions by adapting existing methods and procedures, and align your work with the strategic direction set by senior management. Your primary interactions will be with your direct supervisor or team leads, as well as peers and management levels within Accenture and client organizations. You should be able to work independently on new assignments with minimal guidance, making decisions that impact your team and occasionally other teams. If in a leadership role, you may manage medium-sized teams or work efforts at a client or within Accenture. Please be aware that this position may involve working in rotational shifts.,

If you're seeking a career that will empower you to distinguish yourself, consider joining HSBC to unlock your full potential. Whether you aspire to ascend to the pinnacle of success or embark on a thrilling new path, HSBC offers a platform replete with opportunities, support, and rewards that will propel you towards greater heights. HSBC stands as one of the world's largest banking and financial services organizations, operating in 64 countries and territories globally. Our mission is to position ourselves where growth thrives, empowering businesses to flourish, economies to prosper, and individuals to achieve their aspirations and dreams. Currently, we are in search of a seasoned professional to become part of our team in the capacity of DBS Senior Control Tester. In this pivotal role, your responsibilities will include: - Conducting meticulous preparation, steering, and engaging in the execution of a diverse array of Technology control testing activities - Ensuring prompt delivery of control testing with a commitment to transparency and accuracy in the fulfillment of testing objectives - Exercising sound judgment in identifying and disclosing control testing findings by pinpointing key risks and issues - Infusing quality into control testing deliverables and upholding compliance with the CCO Control Testing Methodology - Offering expertise and counsel on control testing throughout CCO, while applying critical judgment and decision-making skills in the identification and disclosure of control testing findings by highlighting key risks and issues - Nurturing relationships with key stakeholders, staying abreast of significant business, regulatory, and industry developments, as well as any modifications to procedures and practices - Assisting in the preparation of testing reports to update key stakeholders on the testing outcomes and review work - Monitoring and pursuing actions identified as a result of testing and review work, escalating when necessary - Adhering to and demonstrating compliance with all pertinent internal and external rules, regulations, and procedures that govern the business operations in which the jobholder is engaged, particularly Internal Controls and any associated policies and procedures Requirements: To excel in this role, candidates should meet the following criteria: - At least 3-5 years of pertinent experience in IT controls testing within the Financial Service industry or process assessment experience - Proficiency in ITGC, SOX, NON-SOX, Internal Control, Automated Control Testing (BACs) - Preferred qualifications include IT Risk certifications (CRISC, CISM, CISA, CISSP, or equivalent) - Demonstrated expertise in Technology control testing, risk management, internal control, or internal audit, preferably within a financial/banking services operations environment - Proven ability as a self-starter and effective collaborator Your journey to success is amplified when you become a part of HSBC. HSBC is dedicated to nurturing a culture where each employee is esteemed, respected, and their opinions hold significance. We pride ourselves on providing a workplace that fosters continuous professional growth, flexible work arrangements, and avenues for advancement within an inclusive and diverse setting. Personal data shared with the Bank regarding employment applications will be handled in accordance with our Privacy Statement, accessible on our website. Issued by HSBC Software Development India,

Design, Implement and maintain GRC framework and policies. Conduct risk assessments. Coordinate internal and external audits. Conduct root cause analysis and recommend corrective actions.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and experienced Senior SailPoint Identity Security Cloud (ISC) professional to lead the development and support of our identity governance solutions. This role requires deep hands-on experience with SailPoint ISC, advanced troubleshooting capabilities, performing root cause analysis, and developing custom connectors or workflows to meet complex business requirements Roles & Responsibilities:-Customize identity workflows to meet business needs--Provide advanced troubleshooting of SailPoint ISC issues-Track and close defects through to permanent fix-Act as L3 SME support for SailPoint ISC issues-Integrate SailPoint ISC with target systems (AD, Azure AD, SAP, cloud SaaS apps)-Build or modify custom connectors where OOTB does not fit-Advise on SailPoint best practices and standards-Contribute to process improvements and automation within the identity team-Hands-on with SailPoint Identity Security Cloud (or IdentityNow with migration to ISC)-Familiarity with REST APIs, JSON, SCIM, and modern identity protocols (OAuth, SAML, OIDC) Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and best practices.- Experience with identity governance and administration solutions.- Familiarity with regulatory compliance requirements related to cloud security.- Ability to analyze and mitigate security risks in cloud environments.-Hands-on Exp with SailPoint Identity Security Cloud (or IdentityNow with migration to ISC)-Familiarity with REST APIs, JSON, SCIM, and modern identity protocols (OAuth, SAML, OIDC) Additional Information:- The candidate should have minimum 7.5 years of experience in SailPoint IdentityNow.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Looking for an experienced Senior CyberArk Cloud Engineer to lead the design, implementation, and support of our privileged access management (PAM) program leveraging CyberArk Privilege Cloud. The ideal candidate will have a deep understanding of privileged access controls in cloud and hybrid environments, hands-on CyberArk experience, and the ability to drive security best practices across the organization. Roles & Responsibilities:-Define secure vaulting, session isolation, credential rotation, and privileged task automation-Develop architecture diagrams and documentation for hybrid and multi-cloud PAM solutions-Integrate CyberArk Privilege Cloud with cloud platforms (AWS, Azure, GCP) and on-prem systems-Lead CyberArk Privilege Cloud onboarding and migration initiatives-Configure privileged account onboarding, safe structures, access controls, and policies-Set up session recording, monitoring, and auditing-Integrate with directories (AD/Azure AD) and identity providers (SSO)-Act as senior escalation point for CyberArk issues-Support upgrades, patching, and ongoing maintenance of the CyberArk SaaS environment-Monitor vault performance, logs, and incident trends-Perform troubleshooting and root cause analysis of PAM issues Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with compliance standards such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Identity Management Good to have skills : Test Data Management ImplementationMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in strategic discussions to align security initiatives with organizational objectives, providing guidance and expertise to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate workshops and training sessions to enhance team understanding of security protocols.- Continuously evaluate and improve security processes and frameworks to adapt to evolving threats. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Identity Management.- Good To Have Skills: Experience with Test Data Management Implementation.- Strong understanding of cloud security principles and practices.- Experience in designing and implementing security architectures.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 15 years of experience in ForgeRock Identity Management.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : Identity Access Management (IAM)Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security best practices into cloud operations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform.- Good To Have Skills: Experience with Identity Access Management (IAM).- Strong understanding of cloud security principles and frameworks.- Experience in designing and implementing security controls in cloud environments.- Familiarity with regulatory requirements and compliance standards related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Saviynt Identity Platform.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Evaluate and recommend new security technologies and practices to improve the cloud security framework. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance requirements related to cloud security.- Ability to assess and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 10 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Develop and maintain comprehensive documentation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity and access management principles.- Experience with security incident response and risk management.- Familiarity with cloud service providers and their security offerings. Additional Information:- The candidate should have minimum 7.5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Conduct regular assessments of security frameworks to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security principles and practices.- Experience with risk assessment methodologies and tools.- Ability to design and implement security controls in cloud environments.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 7.5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Strong understanding of cloud security frameworks and best practices.- Experience with identity and access management solutions.- Familiarity with compliance standards and regulations related to cloud security.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 12 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development of security policies and procedures to enhance the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance frameworks such as GDPR and HIPAA.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 2 years of experience in SailPoint IdentityNow.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Familiarity with security compliance frameworks such as ISO 27001 or NIST.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 2 years of experience in SailPoint IdentityNow.- This position is based at our Hyderabad office.- A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualification BE or MCA or MSc with Good Computer Science Background with good academic record.

Core Responsibilities o Provide support in building IAM controls, standards & policies along with best practices to ensure compliance with information security directives and industry standards o Contribute into designing & integrating IAM solutions for web/mobile apps to strengthen security controls at enterprise scale o Collaborate with enterprise & application designers, developers, other information security teams, enterprise infrastructure and testing teams to deliver high quality solutions for remediating security threats o Identify Key control deficiencies and provide roadmap for closures o Define and document issues for escalation to engineers o Work closely with business to address their incidents and task requests Mandatory Skills Technical- Hands-on experience in implementing IAM controls, policies, standards across enterprise Experience in implementing SailPoint IdentityIQ 8.X including design, development, implementation and application support Customize, configure, and develop IAM solution integration Ability to understand the business requirements and implement them with minimal customizations to the product. Expert level experience in the application and user onboarding, using OOTB and custom connectors. Expert knowledge of User Access Review certifications (Targeted, Manager, Role, Application etc.) Ability to understand the business requirements for User Access review and implement them technically in the system to achieve the desired outcomes with minimal changes to the system. Experience in Roles and Entitlement used in IAM solution. Deep understanding of RBAC concepts and understanding of the SailPoint IdentityIQ Roles to ensure proper discovery and implementation. Good knowledge of web server and application server. Good understanding of LDAP concepts and working experience with the directories. Experience in using database client tools like MS SQL Management Studio, Toad, etc. Excellent development coding skills relevant to SailPoint IdentityIQ (java beanshell oracle jsf XML etc.). Behavioral- Excellent communication (both - verbal & written), collaboration and relationship-building skills. Demonstrated initiative, creativity & ability to influence Client focused mindset - exceed the expectations of our internal and external customers Strong interpersonal, communication, motivational, organizational and planning skill Qualification Eligibility BE / B. Tech / MCA from reputed institute 5+ years of relevant experience across Information Security, Software Engineering, and Software Development roles to handle IAM projects Proven engineering skills in delivering IAM solutions related capabilities and practices Preferred Certification CISSP ( Certified Information Systems Security Professional) and/or CISA( Certified Information Systems Auditor) designation and/or CEH( Certified Ethical Hacker)

This role is for one of Weekday's clients Salary range: Rs 1200000 - Rs 2200000 (ie INR 12-22 LPA) Min Experience: 7 years Location: Hyderabad, Telangana JobType: full-time About the role A minimum of 0810 years of experience in Information Security, with at least 05-06 years in a senior Offensive Security role, preferably within the financial or banking sector. Hands-on experience in conducting covert security assessments, including physical, network, application, and social engineering scenarios. Proficiency in exploiting vulnerabilities, bypassing security controls, lateral movement, privilege escalation, and exfiltration techniques. Strong understanding of operating systems, networking protocols, cloud platforms, and web applications. Analytical thinking, creativity, and adaptability in dynamic attack scenarios. Excellent communication skills to explain technical findings to non-technical audiences and work effectively within multi-disciplinary teams. Should have experience to performed Web Application, API (Rest & GraphQL), Infrastructure, Mobile Application (Android & iOS) Security Assessments. Regular Risk assessment Identifying and prioritizing protection resources for key assets in danger of exploitation Strengthening techniques making organization security stronger by knowing how to fix vulnerability weaknesses. Experience in monitoring and detection systems by using packet sniffing devices, SIEM systems, IDS, and IPS etc.. Threat Detection and Threat Hunting : Monitoring of indicators of compromise (IOCs) using SIEMs or EDRs and active threat search with SIEMs or EDRs Forensic analysis investigating and evaluating the impact and scale of a security incident Early threat detection to analyzing CVEs and 0-day vulnerabilities, the team will deploy decoys (deception)Excellent written, oral communication and presentation skills. Advanced Attack Simulations: Develop complex and realistic attack scenarios that mimic Advanced Persistent Threats (APTs) and other sophisticated tactics to test the resilience of security measures. Comprehensive Penetration Testing: Implement in-depth penetration testing modules that allow users to practice finding and exploiting vulnerabilities within a controlled environment. Operational Security (OpSec) Training: Create training modules focused on OpSec, teaching users how to avoid detection and maintain stealth during Red Team operations. Custom Exploits and Payloads: Develop and deploy custom exploits and payloads that can be used to test specific system vulnerabilities. Incident Response Testing: Simulate breaches to test and improve the incident response procedures of organizations, ensuring they can swiftly and effectively handle real-world attacks. Adversary Emulation Plans: Develop detailed adversary emulation plans that mirror the techniques, tactics, and procedures (TTPs) of known threat actors to provide a realistic training experience. Continuous Learning and Adaptation: Implement a system for continuously updating the platform with new tactics and vulnerabilities as they emerge, ensuring Red Team exercises remain relevant and challenging. Core Deliverables Advanced Penetration Testing: Conduct thorough penetration tests on simulated environments to identify and exploit vulnerabilities. Red Team Operations: Design, plan, and execute sophisticated red team exercises to assess organizational readiness against cyber threats. Threat Emulation: Develop and deploy threat emulation scenarios that mimic real-world adversaries tactics, techniques, and procedures (TTPs). Incident Response Simulation: Create and execute realistic incident response scenarios to test and enhance the response capabilities of blue teams Continuous Red Team Training: Train and mentor junior red team members and other IT staff on the latest security threats and tactics. Oversee the execution of automated vulnerability assessments Responsible and actively participate in Meetings to discuss assessment scope, requirements, deliverables, and client expectations. Responsible to authoring and presenting assessment reports to clients to discuss security findings and recommendations. Conduct simulated attacks on the organization's computer systems or physical locations Identify and exploit vulnerabilities, weaknesses, and gaps in the security systems and policies. Report findings and recommendations to the organization. Provide feedback and training to the blue team. Stay updated on the latest trends and developments in the security field. Plan and initiate Red Team activities based on realistic threats, by creating attack techniques and utilizing custom tooling to generate exploits. Platform-Specific Deliverables: Scenario Development: Design dynamic and scalable training scenarios tailored to the organization's needs, leveraging the capabilities of next-generation cyber range platforms like CYBER RANGES and others2. Automation and Scripting: Develop scripts and automation tools to enhance the efficiency and scalability of cyber range operations. Integration with Existing Tools: Ensure seamless integration of the cyber range platform with existing security tools and infrastructure. Comprehensive Reporting and Analysis: Deliver detailed reports on the findings from red team exercises, including risk assessments, detailed debriefs, and actionable recommendations. Data Analysis: Use data collected from exercises to provide insights into potential security improvements and adjustments. Continuous Improvement: Stay updated with the latest developments in cybersecurity and continuously improve the cyber range platforms and training scenarios. Emerging Threat Awareness: Identify and incorporate emerging threats into the training scenarios to keep defences robust and current. Certifications: Certified Red Team Professional (CRTP) - Mandatory CISA / CISM / CISSP / CEH / CRISC - Mandatory (atleast one certification). Offensive Security Certified Professional (OSCP) - Mandatory Offensive Security Certified Expert (OSCE) GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)CompTia Security+

Oversee staff auditors (both internal staff and external co-source resources). Perform and/or review targeted risk assessments to determine scope of audit projects. Perform process walk-throughs to facilitate the development of the audit scope and approach during the planning phase. Prepare corresponding engagement request lists and other key planning documents. Determine, perform and/or review data analytics for the relevant areas as available and identify outliners / key focus areas for testing of internal controls. Execute/conduct technology, regulatory, and operational audits, which includes the testing of internal controls and business-related processes. Specifically: Act as a key liaison with stakeholders, DXC management and external auditors throughout the audit process. Contribute to the design of the control testing approach and related audit program. Re-confirm/update process walkthroughs as needed. Identify, analyze, and interpret data using statistical techniques to recognize trends or patterns in complex data sets. Provide leadership to and supervision of other auditors participating in the project. Provide training of and feedback to less experienced auditors on the engagement. Monitor audit progress to ensure completion within allotted timeframes. Identify areas/processes for improvement and propose recommendations. Draft reports of audit findings and obtain management responses in accordance with the functions KPIs and procedures. Follow up on remediation efforts related to such findings. Document testing results in the reporting tool. Actively participate in special projects. Job Requirements: Bachelor s degree in a business-related field, preferably with a concentration in Information Technology, Accounting, or Finance Demonstrate high level of integrity and sound independent judgement. Strong analytical and organizational skills with the ability to collect, organize, analyze, and disseminate significant amount of information with attention to detail and accuracy Information Technology/Auditing background with 4-7 years of experience in internal controls, consulting, advisory, and professional services. Big-4 experience required. Ability to multi-task, work effectively in a team-oriented environment as well as independently. Excellent verbal and written communication skills Strong time management and presentation skills Advanced computer skills. Detailed knowledge of MS Office is a must. Open to travel, including international travel Preferred Qualifications: Relevant professional certification (CISA or CISSP) In-depth data analytics experience Technology industry experience Financial Audit experience Experience with data analytics and visualization software Additional language skills

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

Job Overview: We are seeking a highly experienced and certified Compliance & Information Security Manager to lead and oversee our organizations compliance, quality assurance, and cybersecurity initiatives. The ideal candidate will possess a robust background in ISO standards, IT and Security Operations, and internal/external audit coordination across service industries. Key Responsibilities: Lead the implementation, maintenance, and audit of ISO standards, including ISO 27001, ISO 9001, AS9100D, GDPR, DPDP Ensure compliance with SOC 2, HIPAA , and other applicable regulatory frameworks. Collaborate with cross-functional teams to design, review, and implement information security policies and risk mitigation strategies . Manage and prepare for internal and external audits; represent the organization during surveillance and certification audits. Develop and deliver employee training programs related to information security, regulatory compliance, and quality assurance. Identify and address security risks in networks, systems, and applications , and recommend corrective controls. Update and maintain documentation related to compliance and audit standards. Required Qualifications: Bachelors degree in engineering/technology (preferably Computer Science or related discipline). CISA, CISO, CISM, CISSP Certified (any) Desirable Lead Auditor certifications for ISO 9001:2015, ISO 27001:2022 and AS9100D. Strong exposure to GDPR, HIPAA and SOC 2 frameworks. Proficiency in conducting internal, supplier, and customer audits . Experience with tools such as Microsoft Office Suite. Demonstrated ability to lead cross-functional teams, manage compliance projects, and drive process improvement.

We are seeking a skilled and motivated Cyber Security Engineer to lead efforts in ensuring the security, integrity, and regulatory compliance of our Software as a Medical Device (SaaMD) products. This role is pivotal in upholding global security standards, including ISO/IEC 27001 , ISO/IEC 27002 , and ISO 13485 , while embedding security best practices across the software development lifecycle. You will be responsible for implementing security controls, conducting threat modeling and penetration testing, supporting compliance audits, and driving continuous improvement in our security posture. Key Responsibilities 1. Security Control Implementation Design, implement, and monitor security controls within the SaaMD development lifecycle. Ensure alignment with ISO/IEC 27001, 27002, and ISO 13485 standards. Collaborate with development teams to integrate security practices across the SDLC. Advise on secure coding, vulnerability management, and DevSecOps principles. Maintain a risk-based security approach, identifying threats and vulnerabilities early. 2. Compliance & Audit Support Provide documentation and evidence for internal/external audits (ISO/IEC 27001, 27002). Work closely with Quality and Regulatory teams to ensure ISO 13485 compliance. Create and maintain policies, procedures, and documentation for audit readiness. Manage change documentation processes to support audit traceability. 3. Threat Modeling & Penetration Testing Build and refine threat models using tools such as LucidChart . Perform penetration testing and security assessments using tools like BurpSuite , nmap , Wireshark , and Deptrack . Conduct both static and dynamic code analysis to uncover vulnerabilities. 4. Vulnerability Management Conduct vulnerability assessments with tools such as Grype , Dockle , and Trivy . Collaborate with development teams to triage and resolve issues. Track vulnerabilities through identification to remediation. Establish a robust vulnerability management process with defined KPIs. 5. Reporting & Communication Create comprehensive security and penetration test reports with clear remediation steps. Effectively communicate risks and collaborate with cross-functional teams. Provide management with periodic updates on security posture, vulnerability status, and remediation progress. 6. Security Awareness & Training Assist in the development and delivery of security training for engineering teams. Foster a strong security culture by promoting best practices and awareness. Qualifications Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience). 3+ years of experience in cybersecurity engineering, ideally in the medical device or healthcare domain. Deep knowledge of ISO/IEC 27001 , ISO/IEC 27002 , and ISO 13485 standards. Hands-on experience with threat modeling and pen-testing tools (e.g., BurpSuite, nmap, Wireshark, LucidChart). Experience with vulnerability scanning tools like Grype , Dockle , Trivy , and Deptrack . Strong grasp of secure coding, secure software development practices, and DevSecOps. Demonstrated success in security audit preparation and compliance processes. Familiarity with cloud security, container security, and modern environments (e.g., Docker, Kubernetes). Preferred Relevant certifications: CISSP , CEH , OSCP , CISM , or ISO/IEC 27001 Lead Implementer . Experience in SaaMD or highly regulated environments (healthcare, pharma, etc.). Knowledge of NIST , HITRUST , or other risk management frameworks. Experience working within CI/CD pipelines and DevOps workflows. Skills Strong analytical and problem-solving abilities. Excellent written and verbal communication; able to translate technical details to non-technical stakeholders. Detail-oriented with a proactive mindset toward risk management. Team player with the ability to collaborate effectively across departments.