827 Cissp Jobs - Page 7

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SailPoint Identity Mgmt and Governance. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: F5 Load Balancers. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Azure Cloud Workload Security. Experience: 8-10 Years.

We are seeking a skilled and motivated Cyber Security Engineer to lead efforts in securing our Software as a Medical Device (SaaMD) offerings. This pivotal role ensures global compliance and best-in-class security practices throughout the software development lifecycle, anchored in standards like ISO/IEC 27001, ISO/IEC 27002, and ISO 13485. Key Responsibilities : Security Control Implementation : - Design, implement, and monitor robust security controls across the SaaMD SDLC. - Align with ISO/IEC 27001, 27002, and ISO 13485 frameworks. - Guide secure coding, DevSecOps practices, and vulnerability management. - Apply a risk-based approach to identify and mitigate threats proactively. Compliance & Audit Readiness : - Support internal and external audits with detailed documentation. - Collaborate with Quality & Regulatory teams for ISO 13485 compliance. - Maintain audit-ready procedures and manage change documentation. Threat Modeling & Penetration Testing : - Develop threat models using tools like LucidChart. - Conduct pen-testing via BurpSuite, nmap, Wireshark, and Deptrack. - Run static and dynamic code analysis for vulnerability detection. Vulnerability Management : - Assess vulnerabilities using Grype, Dockle, Trivy, and Deptrack. - Partner with development teams for triage and resolution. - Drive remediation workflows and monitor KPIs. Reporting & Stakeholder Communication : - Produce detailed security assessments with actionable steps. - Deliver periodic updates on security posture to leadership. - Translate complex risks into business-friendly language. Security Awareness & Training : - Build training modules to cultivate a security-first mindset. - Advocate for secure engineering culture across teams. Qualifications : Required : - Bachelors in Computer Science, Information Security, or relevant experience. - 3+ years in cybersecurity engineering, ideally in healthcare or medical devices. - Proven knowledge of ISO/IEC 27001, 27002 & ISO 13485. - Hands-on expertise with LucidChart, BurpSuite, nmap, Wireshark, Deptrack. - Experience with Grype, Dockle, Trivy; DevSecOps & secure coding practices. - Track record in audit support and regulatory compliance. Preferred : - Certifications like CISSP, CEH, OSCP, CISM, or ISO/IEC 27001 Lead Implementer. - Background in SaaMD or regulated industries (healthcare/pharma). - Familiarity with frameworks like NIST, HITRUST, and CI/CD workflows. Skills & Traits : - Strong analytical, communication, and problem-solving skills. - Detail-oriented with a proactive risk management approach. - Team collaborator able to influence across engineering and compliance functions.

Minimum 5+ years of experience in Information security and preferably in Banking and Financial services sector In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent. Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM. Strong knowledge and subject matter expertise in multiple areas within Information Security. Hands on skill and expertise in performing risk / threat assessments/risk consulting. Excellent written, oral communication and reporting skills. Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems. Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide. Time management and organizational skills Ability and desire to learn new skills quickly Performs other related duties as assigned.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats. Do Design and develop enterprise cyber security strategy and architecture Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses Identify risks associated with business processes, operations, information security programs and technology projects Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge Identify security design gaps in existing and proposed architectures and recommend changes or enhancements Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. Provide support during technical deployment, configuration, integration and administration of security technologies Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity Provide solution of RFPs received from clients and ensure overall design assurance Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture Depending on the clients need with particular standards and technology stacks create complete RFPs Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps Evaluate and recommend solutions to integrate with overall technology ecosystem Tracks industry and application trends and relates these to planning current and future IT needs Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers Provide training to employees on issues such as spam and unwanted or malicious emails Stakeholder Interaction Stakeholder Type Stakeholder Identification Purpose of Interaction Internal Program Manager/Director Regular reporting & updates Infrastructure (CIS team) For infrastructure support External Customer To coordinate for all security breaches & resolutions Display Lists the competencies required to perform this role effectively: Functional Competencies/ Skill Leveraging Technology - Knowledge of current and upcoming security technologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) and understanding of compliance regulatory requirement like PCI DSS, HIPAA, etc.- Expert Systems Thinking - Understanding of the Wipro system (interrelatedness, interdependencies and boundaries) and perform problem solving in a complex environment - Expert Leveraging Technology - In-depth knowledge of and mastery over ecosystem technology that commands expert authority respect - Master Technical Knowledge - Certified Information Systems Security Professional (CISSP), Cloud Architect Certification from AWS and Azure, ToGAF or SABSA certification- Master Competency Levels Foundation Knowledgeable about the competency requirements. Demonstrates (in parts) frequently with minimal support and guidance. Competent Consistently demonstrates the full range of the competency without guidance. Extends the competency to difficult and unknown situations as well. Expert Applies the competency in all situations and is serves as a guide to others as well. Master Coaches others and builds organizational capability in the competency area. Serves as a key resource for that competency and is recognized within the entire organization. Behavioral Competencies Effective Communication Managing Complexity Client centricity Technology Acumen Innovation Problem Solving approach Collaborative Working Execution Excellence

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: IDAM Security Consulting. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do T hreat Intelligence platforms Proactive threat hunting Define hypothesis to test Analyze available logs to test hypothesis Identify potential patterns of malicious behaviour Provide feedback on IOCs/Use cases for real time detection Creating IoC databases for threat hunting 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do : 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Checkpoint Firewalls and VPN Experience : 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do : 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: PKI - Certificate Management Experience : 8-10 Years.

Role Purpose The purpose of the role is to support process delivery by ensuring daily performance of the Production Specialists, resolve technical escalations and develop technical capability within the Production Specialists. Do Oversee and support process by reviewing daily transactions on performance parameters Review performance dashboard and the scores for the team Support the team in improving performance parameters by providing technical support and process guidance Record, track, and document all queries received, problem-solving steps taken and total successful and unsuccessful resolutions Ensure standard processes and procedures are followed to resolve all client queries Resolve client queries as per the SLAs defined in the contract Develop understanding of process/ product for the team members to facilitate better client interaction and troubleshooting Document and analyze call logs to spot most occurring trends to prevent future problems Identify red flags and escalate serious client issues to Team leader in cases of untimely resolution Ensure all product information and disclosures are given to clients before and after the call/email requests Avoids legal challenges by monitoring compliance with service agreements Handle technical escalations through effective diagnosis and troubleshooting of client queries Manage and resolve technical roadblocks/ escalations as per SLA and quality requirements If unable to resolve the issues, timely escalate the issues to TA & SES Provide product support and resolution to clients by performing a question diagnosis while guiding users through step-by-step solutions Troubleshoot all client queries in a user-friendly, courteous and professional manner Offer alternative solutions to clients (where appropriate) with the objective of retaining customers and clients business Organize ideas and effectively communicate oral messages appropriate to listeners and situations Follow up and make scheduled call backs to customers to record feedback and ensure compliance to contract SLAs Build people capability to ensure operational excellence and maintain superior customer service levels of the existing account/client Mentor and guide Production Specialists on improving technical knowledge Collate trainings to be conducted as triage to bridge the skill gaps identified through interviews with the Production Specialist Develop and conduct trainings (Triages) within products for production specialist as per target Inform client about the triages being conducted Undertake product trainings to stay current with product features, changes and updates Enroll in product specific and any other trainings per client requirements/recommendations Identify and document most common problems and recommend appropriate resolutions to the team Update job knowledge by participating in self learning opportunities and maintaining personal networks Mandatory Skills: Embedded Security Engineering. Experience: 5-8 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: PKI - Certificate Management. Experience: 8-10 Years. >

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Threat Protection. Experience: 8-10 Years. >

The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Position Title: Information Security Analyst Team: Regional Security Support Crew (Information security) Reporting Location: Bangalore (B4 / B5) Job Overview: As a Regional Security Support crew, your primary role, will be to assist the Regional Information Security Officers (RISO) in implementing and maintaining cybersecurity strategies for various legal entities Globally. You will be responsible for ensuring compliance with group security policies, managing risks, and supporting the continuous improvement of the regional security posture. This role offers a unique opportunity to be part of a newly established team, providing a dynamic environment where you can help shape security processes from the ground up. Key Responsibilities: Provide direct support to the RISO in managing and implementing security plans for legal entities across the region. Assist in the creation, follow-up, and management of remediation plans for identified security risks and non-compliance issues. Conduct security risk assessments and ensure that security measures are aligned with the Group"™s standards and adapted to each legal entity"™s needs. Support the RISO in reviewing and approving changes to systems, processes, and applications prior to deployment. Perform and prioritize security audits, vulnerability scans, and reviews (including access rights, firewall rules, cloud compliance, etc.). Coordinate and support legal entities during internal and third-party security audits, ensuring compliance with all security policies. Conduct security training and awareness programs customized for regional entities, ensuring all staff are informed and compliant. Maintain accurate inventories of assets, third-party vendors, and local processes for audit and security monitoring purposes. Collaborate with regional and Group IT teams to ensure a "security by design" approach is applied in all regional architectures, applications, and processes. Assist in evaluating third-party vendors to ensure they meet security standards. Support the development of Disaster Recovery (DR) and Business Continuity (BC) plans. Assist the RISO with the development and implementation of policies, procedures, and guidelines that cater to local regulatory requirements and Group standards. Core Responsibilities in Incident Response and Vulnerability Management: Assist the RISO in incident response activities by investigating security breaches and incidents in collaboration with the Security Operations Center (SOC). Analyze vulnerability reports and assist in remediation efforts, ensuring timely patching and risk mitigation. Support the review and approval of firewall rules, configurations, and exceptions to maintain network security. Collaborate with the RISO in monitoring for emerging threats and recommending security improvements based on current trends. Qualifications & Skills: Strong communication and interpersonal skills, with the ability to work effectively with multiple stakeholders across various legal entities. Ability to manage multiple priorities and work under pressure in a fast-paced environment. Strong knowledge of cybersecurity concepts, including vulnerability assessments, incident management, network architecture, firewalls, and cloud security. Expertise in general IT concepts, including Active Directory, Office 365, and modern networking solutions like micro-segmentation, SASE, SD-WAN, etc. Demonstrated ability to assist in the creation and execution of security policies, procedures, and standards. Familiarity with security frameworks such as ISO 2700x, ITIL, and the EU Privacy Directives. Experience in conducting security assessments and working with audit teams during internal or external security reviews. Education & Experience: At least 3+ years of experience in cybersecurity, information security, or a related field. Certifications such as CISM, CISSP, or CEH are nice to have. Atypical profiles with experience from bug bounties, open-source projects, or bootcamps are also encouraged to apply if they can demonstrate strong skills and knowledge in the required areas. Key Competencies: A quick learner who is autonomous, adaptable, and detail oriented. Ability to work in large, complex IT environments and be comfortable with ambiguity and fast-changing priorities. A passion for cybersecurity, with strong problem-solving skills and a proactive approach to risk management. Strong English language skills are required, additional language is a plus. How You Will Help: Regularly test legal entities for compliance with security policies and procedures. Assist in conducting vulnerability assessments and implementing remediation measures based on Group standards. Investigate security incidents in collaboration with the SOC and provide technical support during audits. Support the development of Security Key Performance Indicators (KPIs) to monitor and improve the region"™s security posture. This is an exceptional opportunity for cybersecurity professionals who thrive in dynamic environments and enjoy creating and improving security processes. If you are passionate about cybersecurity and want to play a crucial role in protecting a diverse range of legal entities across Europe, we encourage you to apply. Qualifications A bachelor"™s degree in computer science / Equivalent Stream, Information Security, or a related field is preferred.

environmental, pharmaceutical and cosmetic product testing and in AgroScience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, CDMO, advanced material sciences and in the support of clinical studies. The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Young and dynamic, we have a rich culture, and we offer fulfilling careers. Job Title Information Security Consultant "“ Cloud Security Reporting to Manager Reporting Location Bangalore We are looking for a motivated Cloud Security Consultant to join our team, focusing on Cloud-Native Application Protection Platform (CNAPP) technologies . The main focus area will be Cloud Secure Posture . The ideal candidate will possess deep expertise in scaled virtual systems and security technologies and be capable of maintaining and enhancing our application security posture through proactive operational management, effective communication, and continuous learning. You will be responsible for: Operational IntegrityMaintain the operational integrity of CNAPP and related tool sets and process, ensuring configurations are up to date and optimized, and escalating issues appropriately., Risk and Threat AnalysisProvide thorough analysis of risks and threats, suggesting and implementing potential remediations - Providing necessary information and guidance to IT Technology Owners, - Monitoring remediation actions. Business UnderstandingGather and incorporate an understanding of business-relevant factors impacted by security toolsets. Security AdvocacyPromote security awareness among relevant stakeholders and best practices throughout the organization. You will have the ability to continuously learn about technologies and associated vulnerabilities, practice interactions with IT stakeholders and get detailed understanding of corporate processes (e.g. IT Change Management, Software Development). SPECIFIC ASSIGNMENTS: You will be working on running the Cloud-Native Application Protection Platform. You will be responsible for maintaining and elevating the security across our cloud environments. The main goal of this role is to reduce risk while allowing the business to operate quickly, safely, and efficiently. If you are motivated and passionate about cloud security architecture and operations, this could be the ideal role for you. Your role is strategic for the organization "“ running the CNAPP is key to secure the Company, build strong layer of defense and improve Company"™s security posture! Technical details, leading security products, industry best practices, guidelines - you will be working with them on day-to-day basis to grow your security skills and improve Eurofins IT environment. Qualifications If you have: - Educational background in IT or Information Security and, - 4+ years of experience with public cloud providers (Azure, AWS, GCP) involving cloud security architecture. - Experience in Kubernetes - Previous experience in Security (at least 7+ years) we are looking for you! Willingness to learn and motivation to act towards the achievable goal is key for us! On the role of Cloud Security Consultant, you can utilize your technical skills: Understanding of various Cloud Service Providers (CSP); Assessing and evaluating cloud-policies; Utilizing CVEs, collecting and processing information from vulnerability databases; Experience using CI/CD pipelines for change management and automated security testing; Working with leading industry products and services (e.g. Wiz, ServiceNow); Added advantage if candidate has CISSP/CCSP/Any cloud security or architecture certification; As you'll be working in an international environment, your English needs to be excellent . You have to be an effective communicator (both to technical and non-technical professionals), convincing that your concepts are relevant and important for the whole organization. Other skills you'll need are orientation on details, team collaboration, problem solving. Additional Information What we can offer: Very attractive, multicultural and friendly work environment in fast-growing international company (more than 50 000 employees now); Possibility to grow and make the next step in your professional career and self-development; Long-term relationship and competitive salary package;

Company Description The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Position Title: Senior Information Security Analyst Reporting To: Manager Team: Regional Security Support Crew (Information security) Reporting Location: Bangalore (B4 / B5) Job Overview: As a Regional Security Support crew, your primary role, will be to assist the Regional Information Security Officers (RISO) in implementing and maintaining cybersecurity strategies for various legal entities Globally. You will be responsible for ensuring compliance with group security policies, managing risks, and supporting the continuous improvement of the regional security posture. This role offers a unique opportunity to be part of a newly established team, providing a dynamic environment where you can help shape security processes from the ground up. Key Responsibilities: Provide direct support to the RISO in managing and implementing security plans for legal entities across the region. Assist in the creation, follow-up, and management of remediation plans for identified security risks and non-compliance issues. Conduct security risk assessments and ensure that security measures are aligned with the Group"™s standards and adapted to each legal entity"™s needs. Support the RISO in reviewing and approving changes to systems, processes, and applications prior to deployment. Perform and prioritize security audits, vulnerability scans, and reviews (including access rights, firewall rules, cloud compliance, etc.). Coordinate and support legal entities during internal and third-party security audits, ensuring compliance with all security policies. Conduct security training and awareness programs customized for regional entities, ensuring all staff are informed and compliant. Maintain accurate inventories of assets, third-party vendors, and local processes for audit and security monitoring purposes. Collaborate with regional and Group IT teams to ensure a "security by design" approach is applied in all regional architectures, applications, and processes. Assist in evaluating third-party vendors to ensure they meet security standards. Support the development of Disaster Recovery (DR) and Business Continuity (BC) plans. Assist the RISO with the development and implementation of policies, procedures, and guidelines that cater to local regulatory requirements and Group standards. Core Responsibilities in Incident Response and Vulnerability Management: Assist the RISO in incident response activities by investigating security breaches and incidents in collaboration with the Security Operations Center (SOC). Analyze vulnerability reports and assist in remediation efforts, ensuring timely patching and risk mitigation. Support the review and approval of firewall rules, configurations, and exceptions to maintain network security. Collaborate with the RISO in monitoring for emerging threats and recommending security improvements based on current trends. Qualifications & Skills: Strong communication and interpersonal skills, with the ability to work effectively with multiple stakeholders across various legal entities. Ability to manage multiple priorities and work under pressure in a fast-paced environment. Strong knowledge of cybersecurity concepts, including vulnerability assessments, incident management, network architecture, firewalls, and cloud security. Expertise in general IT concepts, including Active Directory, Office 365, and modern networking solutions like micro-segmentation, SASE, SD-WAN, etc. Demonstrated ability to assist in the creation and execution of security policies, procedures, and standards. Familiarity with security frameworks such as ISO 2700x, ITIL, and the EU Privacy Directives. Experience in conducting security assessments and working with audit teams during internal or external security reviews. Education & Experience: A bachelor"™s degree in computer science / Equivalent Stream, Information Security, or a related field is preferred. At least 3+ years of experience in cybersecurity, information security, or a related field. Certifications such as CISM, CISSP, or CEH are nice to have. Atypical profiles with experience from bug bounties, open-source projects, or bootcamps are also encouraged to apply if they can demonstrate strong skills and knowledge in the required areas. looking 9+ yrs of overall IT Infra Experience. Key Competencies: A quick learner who is autonomous, adaptable, and detail oriented. Ability to work in large, complex IT environments and be comfortable with ambiguity and fast-changing priorities. A passion for cybersecurity, with strong problem-solving skills and a proactive approach to risk management. Strong English language skills are required, additional language is a plus. How You Will Help: Regularly test legal entities for compliance with security policies and procedures. Assist in conducting vulnerability assessments and implementing remediation measures based on Group standards. Investigate security incidents in collaboration with the SOC and provide technical support during audits. Support the development of Security Key Performance Indicators (KPIs) to monitor and improve the region"™s security posture. This is an exceptional opportunity for cybersecurity professionals who thrive in dynamic environments and enjoy creating and improving security processes. If you are passionate about cybersecurity and want to play a crucial role in protecting a diverse range of legal entities across Europe, we encourage you to apply.

The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Position Title: Senior. Information Security Analyst Team: Regional Security Support Crew (Information security) Reporting Location: Bangalore (B4 / B5) Job Overview: As a Regional Security Support crew, your primary role, will be to assist the Regional Information Security Officers (RISO) in implementing and maintaining cybersecurity strategies for various legal entities Globally. You will be responsible for ensuring compliance with group security policies, managing risks, and supporting the continuous improvement of the regional security posture. This role offers a unique opportunity to be part of a newly established team, providing a dynamic environment where you can help shape security processes from the ground up. Key Responsibilities: Provide direct support to the RISO in managing and implementing security plans for legal entities across the region. Assist in the creation, follow-up, and management of remediation plans for identified security risks and non-compliance issues. Conduct security risk assessments and ensure that security measures are aligned with the Group"™s standards and adapted to each legal entity"™s needs. Support the RISO in reviewing and approving changes to systems, processes, and applications prior to deployment. Perform and prioritize security audits, vulnerability scans, and reviews (including access rights, firewall rules, cloud compliance, etc.). Coordinate and support legal entities during internal and third-party security audits, ensuring compliance with all security policies. Conduct security training and awareness programs customized for regional entities, ensuring all staff are informed and compliant. Maintain accurate inventories of assets, third-party vendors, and local processes for audit and security monitoring purposes. Collaborate with regional and Group IT teams to ensure a "security by design" approach is applied in all regional architectures, applications, and processes. Assist in evaluating third-party vendors to ensure they meet security standards. Support the development of Disaster Recovery (DR) and Business Continuity (BC) plans. Assist the RISO with the development and implementation of policies, procedures, and guidelines that cater to local regulatory requirements and Group standards. Core Responsibilities in Incident Response and Vulnerability Management: Assist the RISO in incident response activities by investigating security breaches and incidents in collaboration with the Security Operations Center (SOC). Analyze vulnerability reports and assist in remediation efforts, ensuring timely patching and risk mitigation. Support the review and approval of firewall rules, configurations, and exceptions to maintain network security. Collaborate with the RISO in monitoring for emerging threats and recommending security improvements based on current trends. Qualifications & Skills: Strong communication and interpersonal skills, with the ability to work effectively with multiple stakeholders across various legal entities. Ability to manage multiple priorities and work under pressure in a fast-paced environment. Strong knowledge of cybersecurity concepts, including vulnerability assessments, incident management, network architecture, firewalls, and cloud security. Expertise in general IT concepts, including Active Directory, Office 365, and modern networking solutions like micro-segmentation, SASE, SD-WAN, etc. Demonstrated ability to assist in the creation and execution of security policies, procedures, and standards. Familiarity with security frameworks such as ISO 2700x, ITIL, and the EU Privacy Directives. Experience in conducting security assessments and working with audit teams during internal or external security reviews. Education & Experience: At least 3+ years of experience in cybersecurity, information security, or a related field. Certifications such as CISM, CISSP, or CEH are nice to have. Atypical profiles with experience from bug bounties, open-source projects, or bootcamps are also encouraged to apply if they can demonstrate strong skills and knowledge in the required areas. Total of 9+ years of experience Key Competencies: A quick learner who is autonomous, adaptable, and detail oriented. Ability to work in large, complex IT environments and be comfortable with ambiguity and fast-changing priorities. A passion for cybersecurity, with strong problem-solving skills and a proactive approach to risk management. Strong English language skills are required, additional language is a plus. How You Will Help: Regularly test legal entities for compliance with security policies and procedures. Assist in conducting vulnerability assessments and implementing remediation measures based on Group standards. Investigate security incidents in collaboration with the SOC and provide technical support during audits. Support the development of Security Key Performance Indicators (KPIs) to monitor and improve the region"™s security posture. This is an exceptional opportunity for cybersecurity professionals who thrive in dynamic environments and enjoy creating and improving security processes. If you are passionate about cybersecurity and want to play a crucial role in protecting a diverse range of legal entities across Europe, we encourage you to apply. Qualifications A bachelor"™s degree in computer science / Equivalent Stream, Information Security, or a related field is preferred.

Domain Certifications CISSP, CISA, CRISC, ISO 27001 Responsibilities Own and lead the governance program at account level for a large Financial services account with 700 + head count and multi country locations having high security Offshore Delivery Centres & Work from home teams Develop, implement and monitor Account level Information security governance program; meeting client compliance requirements proactively Perform contract reviews, cyber security risk assessments and drive compliance programs to meet contractual and organizational cyber security requirements within the client offshore delivery centres. Experience in Application security and code reviews which can be leveraged to guide and work with delivery teams on covering the cyber security risks associated with Application security, development and maintenance projects. Work closely with different teams internally like IT, business, HR, facilities, cyber security which operate at Organization level to translate client requirements and assess residual risk if required Give directions and monitor the compliance and operations activities within the account through dedicated team and work closely with account team on ensuring the compliance within account team Develop account level procedures, metrics and review programs to maintain and enhance the governance model within the account Be a single point of contact for client interactions during third party audits and liaise within the organization Prepare the account for certification and internal audit requirements based on industry standards like PCI DSS and ISO 27001 requirements Focus and objective driven to demonstrate ongoing improvements; identify early indicators of non compliance and able to draw mitigation actions Hold technical skills to participate in technical discussions for delivery centre setup, connectivity models Excellent communication skills and have demonstrated effective CXO level reviews

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: IDAM Security Consulting. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: IDAM Security Consulting. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: IDAM Security Consulting. Experience: 8-10 Years.

Conduct Cyber Risk reviews for the organizational clients in a swift and thorough manner Assist in understanding common cyber threats and vulnerabilities Assist in understanding common cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations Assist in understanding Business continuity and disaster recovery planning methodologies Assist in understanding risk management methodologies and procedures Understand Underwriting Insights for Risk Report Creation Assist to prepare a risk report based on organizational internal cyber resilience network, which can become the primary basis of underwriting the cyber risk. Assist in understanding qualitative and quantitative methods for analyzing, interpreting, and synthesizing raw data into intelligence for deriving insights for liability underwriting Roles and Responsibilities 2

We are looking for cyber Security for Aurangabad location. Experience with security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, and encryption technologies Strong skills in system design and architecture.

Job Description Role and Responsibilities: Act as a primary liaison between technical teams and business stakeholders, facilitating expert advice on vulnerability remediation strategies and best practices. Ensure strict adherence to security standards and advocate for the seamless integration of security measures into the Software Development Life Cycle (SDLC). Develop and nurture collaborative relationships with business and development teams to align security objectives with business priorities, ensuring mutual benefit and effective prioritization. Assess risks identified in vulnerability assessment results and other security-related data, prioritizing remediations in alignment with business objectives. Partner with application teams to devise strategies for mitigating identified security gaps, assisting in the planning and prioritization of security remediation efforts and control implementations. Provide technical guidance and support to application teams in implementing security controls, advocating for security-by-design principles, and integrating security scanning into the application build process. Collaborate closely with stakeholders to ensure the completeness and accuracy of information security exception requests, aligning them with predetermined criteria and established risk tolerance levels. Regularly communicate with management and stakeholders, presenting detailed reports and updates on vulnerabilities, ongoing remediation efforts, and the status and trends of exception requests Conduct ongoing security research to stay abreast of current security challenges, identifying new opportunities for security integration and automation to enhance overall security posture. Provide training and awareness on vulnerability risk management practices to technical teams and business stakeholders. Requirements: Bachelor's degree in computer science, Information Security, or a related field. Good to have advanced degree or relevant certifications (e.g., CISSP, CISM). Minimum 8 years of demonstrated expertise in application security, coupled with proficiency in development. Strong understanding of application security concepts, vulnerabilities, and attack vectors. Robust Information Security technical skills and knowledge to identify, research, and understand security control gaps and program compliance issues. Exceptional ability to communicate security concepts, threats, controls, and mitigation/remediation strategies to diverse audiences, including those unfamiliar with such topics. Proven track record in information security vulnerability assessment, remediation, and security governance. Familiarity with Security Policies, Procedures, Audit, and Compliance requirements. Expert understanding of code syntax and semantics of at least one object-oriented programming language. Possess an analytical mindset with the ability to prioritize and assess risks related to vulnerabilities and exception requests. Proven ability to work independently, prioritize tasks, and manage multiple projects simultaneously in a fast-paced environment, ensuring timely and efficient completion of objectives. Soft Skills: Excellent communication and interpersonal skills, adept at articulating technical concepts to non-technical stakeholders. Capable of effectively collaborating with cross-functional teams and building consensus is essential. Commitment to continuous learning and staying updated on industry developments and emerging technologies. Good to have: Familiarity with cloud security concepts, cloud services, and cloud security controls. Knowledge of security frameworks, standards, and benchmarks.