833 Cissp Jobs - Page 9

As a Senior Network and Security Engineer at our organization, you will play a crucial role in our IT infrastructure team. Your primary responsibility will be to design, deploy, and maintain the campus network system and security architectures effectively. Your duties will include setting up, configuring, and maintaining the campus-wide network infrastructure to ensure seamless operations. You will be involved in VLAN creation and management for optimized network segmentation, as well as SNMP implementation for network monitoring and management. Additionally, you will handle the installation, configuration, and administration of firewalls to enforce security policies and proactively identify and remediate network security breaches. Collaboration with other IT teams will be essential to ensure secure and efficient network operations. Your expertise in CCTV installation and maintenance will also be valuable for our organization. To excel in this role, you must have proven experience in enterprise network environments and possess a strong understanding of routing, switching, and network protocols. Experience with firewalls such as Fortinet, Palo Alto, and Cisco ASA is required, along with familiarity with SNMP, VLAN, and network monitoring tools. Excellent troubleshooting and documentation skills are crucial for success in this position. Relevant certifications like CCNP, CISSP, Fortinet NSE, and Sophos are considered advantageous. Experience with CCTV/IP Surveillance systems will be beneficial for your role. This is a full-time, permanent position with benefits including cell phone reimbursement and health insurance. The work schedule is during the day shift, and a performance bonus is also offered. If you are stationed in Visakhapatnam and possess experience with NM tools like PRTG/SolarWinds, we encourage you to apply. A Bachelor's degree is preferred, and you should have at least 3 years of experience in IP networking and 2 years in network security. Proficiency in English and Telugu is preferred, and holding certifications like CCNA, Cisco/PaloAlto/Fortinet security certificate is required. A 2 Wheeler License is preferred for this role. The work location is in person.,

You will be responsible for providing end-to-end support to shore and vessel users, resolving hardware, software, and system-related tickets. Your duties will include performing routine maintenance, responding promptly to critical alerts, managing Level 13 escalations, and ensuring timely resolution with clear communication to stakeholders. It will be important for you to maintain comprehensive documentation of systems, procedures, and issue resolutions to ensure continuity and knowledge transfer. You will also provide training to users and IT staff, develop user guides, and support materials to facilitate effective learning and system adoption. In addition, your role will involve supporting IT procurement, system deployments, and collaborating with vendors to deliver business-aligned solutions. You may also be required to perform additional tasks to support IT initiatives and contribute to the organization's overall strategic objectives. To qualify for this position, you should have a degree or diploma in IT, computer science, or a related field. You must hold certifications in Azure, MCSA/MCSE, Sharepoint, ITIL Foundation, and CCNA. A minimum of 3 years of experience in an IT role is required, along with strong communication, analytical, and problem-solving skills. You should be able to multitask, prioritize work in a fast-paced environment, and collaborate effectively as part of a team. Attention to detail, organizational skills, and a thorough understanding of IT systems and infrastructure are essential. CISSP certification and experience in the maritime industry are preferred. This role may require sufficient mobility to complete equipment installations, cabling, and other setup tasks. Please note that only shortlisted candidates will be notified. Thank you.,

We are seeking an experienced Application Security Specialist to join our team. As an Application Security Specialist, you will be responsible for conducting SSDLC security assessments, integrating security throughout the software development lifecycle, and ensuring that applications meet the highest security standards before deployment. Your key responsibilities will include conducting internal and third-party SSDLC risk assessments on critical assets and processes, coordinating with project teams to enforce security frameworks in all phases of the SSDLC, and preparing security effectiveness reports for management. You will also be tasked with performing SSDLC assessments aligning with security practices, ensuring that new applications undergo SSDLC assessments before induction into data centers, and defining and enhancing application security requirements for agile development and traditional architectures. Additionally, you will assist DevSecOps teams in creating secure CI/CD pipeline processes, follow up on and escalate closure of identified security gaps, and contribute to standardizing application security tools and methodologies. The ideal candidate should have at least 6 years of experience in Information Security with a focus on application and software security, along with 4 years of experience in software development lifecycle security reviews. You should also possess expertise in architecture reviews, software design reviews, threat modelling, and design flaw assessments, as well as hands-on experience with SAST, DAST, SCA, IAST, RASP, and other application analysis tools. Familiarity with OWASP, SANS, ISACA, NIST, IETF best practices is required, and the ability to develop detailed security frameworks for developers to integrate into the SDLC is essential. Preferred certifications include CISSP, CSSLP, Cloud Security Certifications, and DevSecOps Automation Certifications. If you meet these qualifications and are passionate about enhancing application security, we encourage you to apply for this position.,

As a Cyber Risk Manager at Stryker, your primary role will involve identifying, analyzing, evaluating, and mitigating present and future risks to Stryker's data and assets. You will be responsible for driving efforts to achieve acceptable risk levels by collaborating with IT, Business, and Partner stakeholders. Your responsibilities will include completing reviews for all aspects of the cyber risk management lifecycle. Key duties and responsibilities of this role include: - Leading and completing 3rd party cyber security assessments of vendors and other parties engaging Stryker. - Driving the completion of cyber risk assessments across functions and proactively identifying opportunities to minimize risk. - Engaging with stakeholders to leverage partnerships and triage existing risks based on inherent and overall risk to the organization. - Designing, implementing, maintaining, and enforcing cyber risk management policies, procedures, and controls. - Utilizing tools such as ServiceNow and OneTrust to streamline risk assessment activities. - Identifying key metrics to measure program effectiveness and the inherent risk to the organization. - Continuously improving the cyber risk assessment process from request intakes to completion. To qualify for this role, you should have a Bachelor's degree in computer information systems or Information Security, with relevant certifications such as CRISC, CISM, CISSP being preferred. You should also have at least 8 years of experience in a regulated industry, strong negotiation and leadership skills, and the ability to communicate, motivate, and influence others effectively. This position requires a results-oriented leader who can drive change, collaborate effectively, and possess excellent communication skills. You must demonstrate strategic agility, high energy, and stamina to navigate complex issues and deliver solutions successfully. Additionally, you should be a process and metrics champion with a focus on continuous improvement and driving outcomes through influence. Join Stryker, a global leader in medical technologies, and be part of a team dedicated to making healthcare better for millions of patients worldwide.,

As a Senior Information Security Engineer, you will be responsible for leading vulnerability assessments and policy compliance scans across various environments including on-premises, cloud, container, database, and web environments using tools like Qualys. Your role will involve validating scan results, eliminating false positives, and delivering accurate, actionable reports to stakeholders. You will serve as a technical Subject Matter Expert (SME), analyzing findings, diagnosing root causes, and guiding remediation efforts. Additionally, you will be expected to develop and maintain a knowledge base to support continuous improvement and team expertise while staying current on emerging threats, tools, and vulnerability management lifecycle advancements to recommend service enhancements. Effective communication of security requirements across the organization and stepping in as an interim team lead when necessary will also be part of your responsibilities. In terms of experience and education, you should have a minimum of 8 years in the field of information security along with a Bachelor's degree in Engineering, Computer Science, Information Technology, or equivalent. Industry certifications such as CISSP, CISA, CISM, CRISC, or CCNA/CCNP/CCIE Security are preferred. You are expected to be proficient in working with vulnerability scanning platforms like Qualys, Nessus, etc., false-positive tuning, and compliance frameworks. Your technical expertise should span across cloud and on-premises systems, network devices such as routers, firewalls, proxies, and various infrastructure components. Skills in risk and threat assessment, as well as security policy enforcement, are essential. Familiarity with containers, DDI (DNS/DHCP/IPAM), WAF/CDN/DDOS solutions (e.g., Infoblox, Zscaler, Imperva) will be advantageous. Knowledge of scripting languages like Python and experience with monitoring tools like Spectrum, SevOne, ThousandEyes, CyberArk, and MS-Entra-ID will also be beneficial. Apart from technical skills, soft skills and leadership qualities are equally important. Excellent analytical, communication, and report-writing abilities are required. Strong organizational and time-management skills are essential for success in this role. Demonstrated leadership abilities, including guiding teams, managing escalations, and fostering a security culture, are expected. As an adaptable self-starter, you should be committed to continuous learning and proactive problem-solving.,

As an IT Application Owner (ITAO) at Home Loan Savings, you will be a crucial part of the team in India, collaborating closely with the existing team in Germany. Your role will involve leveraging virtual collaboration techniques and the diversity within the team to achieve continuous delivery, process improvement, and internalization of technical expertise. Your responsibilities will include working closely with business and operational units, as well as the development team, to ensure the structural stability of applications and compliance with technical, risk, and policy-related processes. You will also be responsible for managing the technical roadmap of applications in alignment with Deutsche Bank's digitalization journey. In this role, you will be responsible for setting up various environments for development, testing, and production, as well as implementing and upgrading system hardware and application software. Additionally, you will lead discussions with the business and vendors for new requirements, product implementation, customization, and enhancements. You will oversee the delivery of application releases, defect fixes, and provide support to more junior team members. Key responsibilities also include ensuring application compliance with Deutsche Bank IT policies and procedures, onboarding applications onto IT risk and control related tools, interfacing with auditors, identifying IT risk and control related gaps, and managing technical projects to deliver required business services. To be successful in this role, you should have a minimum of 8 years of experience in a similar role, basic experience in databases, mid-range technical stack, and open-source skills. Knowledge of ITIL, experience with software development lifecycle tools, application governance, and Agile/SCRUM methodologies is essential. Proficiency in English is required, and German language skills are a plus. Experience in Home Loan Savings and Mortgage Lending is desirable, along with familiarity with GCP or other cloud technologies. You should possess strong analytical skills, problem-solving abilities, and excellent interpersonal skills. Being proactive, detail-oriented, and able to think outside the box are also essential qualities for this role. Furthermore, certifications such as COBIT, ITIL, PMP, CRISC, CSSLP, CISSP, or equivalent are preferred. As part of our team, you will receive training and development opportunities, coaching from experts, and a culture of continuous learning to support your career progression. We value a positive, fair, and inclusive work environment, where everyone is encouraged to excel together and celebrate successes. For more information about our company and culture, please visit our website at https://www.db.com/company/company.htm. Join us at Deutsche Bank Group, where we strive to empower our employees to excel together every day.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting, JCL, Batch/Job Scheduling Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security threats and solutions. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and frameworks.- Experience with incident response and threat intelligence.- Familiarity with security compliance standards such as ISO 27001 and NIST.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Purpose/Summary : - Evaluate and enhance the performance of SIEM/SOAR systems to ensure optimal threat detection and incident response. - Develop and maintain automation scripts and playbooks to streamline incident detection, analysis, and response processes. Leverage SOAR capabilities to reduce manual intervention and improve response times. - Oversee the day-to-day administration of SIEM/SOAR platforms, ensuring their availability, reliability, and security. Perform regular updates, patches, and configuration changes. - Collaborate with the Incident Response team to ensure seamless integration of detection and response functions. Provide support during security incidents to ensure timely and effective remediation. - Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity posture. - Maintain detailed documentation of automation, scripts, and improvement. - Manage execution of standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/SOAR platforms. - Manage technical documentation around the content deployed to the SIEM/SOAR. - Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholders. Qualification: - Bachelor's degree in Computer Science, Information Security, EXTC or related field. - Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable. - Proven experience (3+ years) working within the Cybersecurity field, with a focus on security platform implementation & administration. - Experience with deploying and managing a large SIEM/SOAR environment. - Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc. - Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, etc. - Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect, candidate would be primarily responsible for solution architecture effort on deals that are large and complex and own all components of complex deals. Lead or work as Lead Solution Architect on complex and bundled deals and independently can come up with the solution. Conduct solution reviews with SMEs and the DCSO approver. Attend calls with the client team to understand the requirement. Can be able to bring value and differentiated solutions. Work on building the cost model for the solution. Roles & ResponsibilitiesShould be able to lead the joint solutioning workshops with client and be able to walk through technical security solutions with the clients during Orals. Should possess excellent stakeholder management skills and be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Frequently interacts with senior client leadership. Develop statement of work Performs Peer Reviews Assists in performing QA Frequently sells to senior client leadership Leads negotiations or develop business terms and conditions Leads QA or plays major QA role for largest, most complex deals Has led solution development for multiple deal types Work with delivery leads for the approval of solution/efforts Bring out technical differentiators and value in the solution Able to represent the solution in front of the client leadership team. Professional & Technical Skills: Prior experience at least 5 years in leading solution development in a reputed organization Deep knowledge and experience in Cyber security Infra Sec, App Sec, Threat and Vulnerability Management and Identity Access Management is necessary Should be a good presenter Should have leadership qualities Should keep himself/herself up to date on various SA Cost models and processes, work independently to develop IDL files Good communication and collaboration skills Prior experience in leading solution development will be an advantage Experience in leading delivery and solution planning of large, complex deals at least 5 opportunities with Security TCV of greater than10m in the recent experience Comfortable in using relevant tools and estimators Comfortable working in extended working hours Good to have CISSP, CISM, CISA Cloud Security knowledge and certification AWS, Azure Solution Architect Core Training Good to have Solution Architect Advance Training Additional InformationMinimum 15- year full time education with Bachelor or college degree in related field or equivalent work experience The candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

The position will be primarily responsible for implementation and / or assessment of ISO 27001:2022, 27002, SOC 2 standard for clients. The position will work independently or with senior consultants for the implementation and management of information security compliance and/or other best practices. Key Performance Indicators Experience in ISO 27001/27002 controls verification and compliance: Assist Clients to get ISO 27001 certification by identification and implementation of appropriate controls in the Audit scope. Conduct Risk assessment of activities and coordinate with stakeholders till closure signoff / risk acceptance. Define, Develop and review information security policies, procedures, guidelines, forms and templates as per best practice Create and review baseline standards for OS, Database, webservers and applications and recommend improvements Support post implementation and continuous audits for ISO 27001:2013 and ensure compliance. Create organizational information security awareness program and conduct awareness. Assist and recommend measures to ensure compliance with Security standards (ISO, NIST, CIS, PCI DSS etc) or any best practices. Skills: Information Technology and/or Cybersecurity skills: Information Technology and/or Cybersecurity skills a solid IT foundation, ability to communicate technical information verbally and through written documentation, Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred Presales skills: Excellent communication, problem-solving, client-facing, ability to work as a team Competence: ISO 27001 / Cybersecurity Certifications. Willingness to obtain the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designations.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards and regulations.- Ability to design and implement security architectures for cloud environments.- Familiarity with threat modeling and risk assessment methodologies. Additional Information:- The candidate should have minimum 12 years of experience in Network Security Operations.- This position is based at our Coimbatore office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Your role will also require you to stay updated on emerging security threats and technologies, enabling you to make informed decisions that enhance the overall security architecture. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular security assessments and audits to ensure compliance with established standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity and access management principles.- Experience with security risk assessment methodologies.- Familiarity with security incident response processes. Additional Information:- The candidate should have minimum 7.5 years of experience in SailPoint IdentityIQ.- This position is based in Hyderabad.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure they align with business objectives.- Collaborate with cross-functional teams to integrate security practices into the development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of risk management frameworks and compliance standards.- Experience in implementing security controls and monitoring solutions.- Familiarity with cloud service models and their security implications. Additional Information:- The candidate should have minimum 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for InfoSec(Cyber Resilience-BCP/BCM/DR) in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Job Description: Information Security(Cyber Resilience-BCP/BCM/DR) 1)Digital Risk Consulting_Partners with IT and business units to identify critical systems, document impacts, asses risks, and define recovery objectives to ensure minimal disruption during incidents. They monitor evolving regulatory requirements to continuously update resilience plans and drive continuous improvement. Additionally, they advance the current state o CMDB and BCM by updating policies, standards and templates as well as defining workflows and integrating business continuity management system practises into change management and IT service management processes and procedures. OR 2)BCP- Partner with IT and business units to update existing impacts, loss scenarios, risks and application recovery plans on regular cadence. They are responsible to ensure that assets and configuration items are correctly tiered and that all dependencies are documented. They are also responsible for documenting backups, alternatives and redundancy plans that drive our systems towards greater resilience OR 3) Cyber Resilience _Responsible for ensuring IT infrastructure, applications and critical technology services including multicloud workloads on AWS, Azure, Google cloud are resilient against disruptions. They lead the execution of technology resilience strategies, enterprise-grade backup and disaster recovery planning and crisis response initiatives to mitigate risks and maintain operational continuity. They will collaborate with IT, cybersecurity, business continuity and risk management teams to architect, deploy and test cloud backups and DR solutions at scale. Additionally they perform tests, exercises, drills, simulations and audits of systems, processes and procedures to ensure adherence to enterprise policies and standards and measure the effectiveness of resilience efforts. Those who have relevant experience and Skills, as mentioned above please revert back your updated resume to Sreenivasa.k@happiestminds.com, It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: DOB: Degree: Regards Sreenivas Sreenivasa.k@happiestminds.com

Senior SOC Eng to lead incident response, threat detection & automation initiatives for Rocket EMS's globl security operatn. SIEM/SOAR optimization, advanced threat hunting & direct response to cyberattacks across endpoints, cloud & identity systems.

Hi all, We are hiring for the role Information Security Risk Specialist Experience: 7 - 9 Years Location: Bangalore Notice Period: Immediate - 15 Days Skills: Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Skills and Competencies: • Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. • Proven analytical expertise in evaluating and prioritizing risks effectively. • Advanced proficiency in utilizing security tools for risk assessment and mitigation. • Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. • Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. • Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. • Skilled in leading security initiatives and managing projects across global teams. • A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. • An effective team player with exceptional interpersonal and collaboration skills. If you are interested drop your resume at mojesh.p@acesoftlabs.com Call: 9701971793

We are seeking a highly skilled and proactive Cybersecurity Engineer with 68 years of experience in securing enterprise environments. The candidate will be responsible for implementing and maintaining cybersecurity solutions, detecting vulnerabilities, monitoring threats, and ensuring regulatory compliance. This role requires hands-on expertise in security tools, threat intelligence, incident response, and security architecture. Key Responsibilities: Design, implement, and maintain security infrastructure, tools, and policies. Monitor security alerts and conduct threat detection , analysis , and response . Perform vulnerability assessments and penetration testing ; recommend and implement mitigation strategies. Manage and maintain security technologies such as: Firewalls, IDS/IPS SIEM tools (e.g., Splunk, QRadar, LogRhythm) Endpoint Detection and Response (EDR) DLP, IAM, and PAM solutions Conduct incident response , including containment, eradication, and post-incident analysis. Implement and manage network segmentation , encryption protocols , and secure configurations . Participate in security audits , risk assessments , and compliance initiatives (e.g., ISO 27001, NIST, GDPR, HIPAA). Create and maintain security documentation, runbooks, and reports. Stay updated on the latest threats, vulnerabilities, and regulatory requirements. Collaborate with IT, DevOps, and compliance teams to embed security in the development and operations lifecycle (DevSecOps). Conduct internal security training and awareness sessions. Required Skills & Qualifications: 68 years of hands-on experience in cybersecurity engineering or information security roles. Strong knowledge of network security , cloud security , application security , and endpoint protection . Experience with tools such as: SIEM (Splunk, IBM QRadar, ELK) EDR (CrowdStrike, SentinelOne, Carbon Black) Firewalls (Palo Alto, Fortinet, Check Point) Vulnerability scanners (Qualys, Nessus, Rapid7) Solid understanding of TCP/IP , DNS , VPNs , TLS/SSL , and encryption techniques . Strong scripting or automation skills (Python, PowerShell, Bash) for security automation. Familiarity with cloud security practices on AWS, Azure, or GCP. In-depth knowledge of security frameworks like NIST, MITRE ATT&CK, CIS Controls. Preferred Skills (Good to Have): Professional certifications such as: CISSP , CEH , CISM , GIAC , or CompTIA Security+ Experience in DevSecOps or working with CI/CD pipelines . Exposure to zero-trust architectures , SASE , and identity governance tools. Previous experience in SOC , MSSP , or large enterprise security operations.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. We're counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself and contribute to creating a better working world for all. As a Manager in Risk Consulting - Protect Tech, specifically focusing on IT Risk Emerging Tech or Cloud, you will have the opportunity to embark on your next adventure. Are you a tech-savvy professional with a risk mindset passionate about leveraging people, technology, and innovation to build a better working world Our dynamic Risk Consulting - Technology Risk team offers an incredible opportunity for you to make a real impact in our rapidly evolving world. You will work in areas such as IT Risk Management, IT SOX, IT Regulatory Compliance, IT Audits, and IT and Digital Transformations, including ERP, Emerging Tech, and Cloud transformations. By enabling technology to better manage risk, you will collaborate with industry leaders to help transform businesses and address complex challenges with our clients. In this client-facing role within a rapidly growing practice, you will build relationships with key stakeholders, including management executives of globally recognized brands. This role provides a platform to deepen your understanding of complex business transactions, recommend solutions to pressing business challenges, and process inefficiencies. You will collaborate with our global professionals in multidisciplinary engagements to assist major global clients in transforming and sustaining business performance. Leveraging emerging technologies like AI and ML, you will develop and enhance new solutions, actively contributing to building multiple tools and assets for efficient and effective client delivery. By connecting with our market-leading global network, you will gain the experience necessary to excel as an IT Risk Advisor. Key responsibilities include supervising delivery, providing technical and project leadership to team members, building client relationships, delivering quality client services, and driving high-value work products within expected timeframes and budgets. You will monitor progress, manage risks, and ensure key stakeholders are informed about progress and expected outcomes. Additionally, you will understand clients" challenges and industry-related issues, participate in go-to-market activities, create proposals, respond to RFPs, and identify opportunities for cross-selling to current clients. You will travel to client locations for meetings, workshops, and knowledge-sharing sessions, jointly lead global account relationships, manage engagement deliveries, ensure quality, and drive the growth agenda on accounts. As a Manager, you will also manage a team of Seniors and Staff across geographies, foster an innovative and inclusive team-oriented work environment, and play an active role in counselling and mentoring junior consultants within the firm. To qualify for this role, you must have a bachelor's or master's degree and approximately 5-7 years of related work experience, with at least 3-4 years of experience in IT Risk Management focusing on Emerging Tech and Cloud. You should possess knowledge of strategic, IT, and business risks, control gaps, IT regulatory compliances, information security frameworks, IT general controls, IT application controls, business process controls, and risks during Digital Transformations and Cloud migrations. Your exposure to working in client-facing roles, collaborating with cross-functional teams, and strong communication, documentation, and report writing skills are essential. Relevant industry certifications such as CISA, CISM, CISSP, or CCSK are desirable. EY is dedicated to building a better working world by creating long-term value for clients, people, and society while fostering trust in the capital markets. Our diverse teams across over 150 countries leverage data and technology to provide trust through assurance, help clients grow, transform, and operate across various service lines. Join us in asking better questions to find new answers for the complex issues facing our world today.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Technology Transformation Risk Senior, you will play a pivotal role in ensuring that technology transformations within the organization are carried out with a comprehensive understanding and management of the associated risks. You will assist in identifying, assessing, and mitigating risks associated with significant technology changes, such as system upgrades, cloud migrations, and the introduction of new digital tools and platforms. Your role will ensure that technology advancements are implemented securely and in compliance with the company's risk management policies. Key responsibilities: - Assist in conducting risk assessments for technology transformation projects, identifying potential risks and vulnerabilities. - Support the development and implementation of risk mitigation strategies to address identified risks. - Collaborate with project teams to ensure risk considerations are integrated throughout the project lifecycle. - Monitor and report on the status of risk mitigation activities, providing updates to the Technology Transformation Risk Manager and other stakeholders. - Participate in the creation and maintenance of risk documentation, including risk registers, reports, and dashboards. - Contribute to the development of risk management policies, procedures, and training materials. - Engage with internal and external stakeholders to communicate risk findings and recommendations. - Stay informed about emerging technology trends, threats, and regulatory requirements that may impact the risk landscape. - Support the Technology Transformation Risk Manager in fostering a culture of risk awareness and proactive risk management within the organization. To qualify for the role, you must have a Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field, along with a minimum of 3 years of experience in technology risk management, with a focus on transformation projects. A strong understanding of IT governance frameworks, cybersecurity principles, and data privacy regulations is required. Desired experience includes internal controls within SAP ECC/S4 Applications, professional certifications such as CRISC, CISM, CISSP, or equivalent are highly desirable, and exposure working in client-facing roles with cross-functional teams. EY exists to build a better working world, helping to create long-term value for clients, people, and society, and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

Work Flexibility: Hybrid What You will do: Administer user access and authorization within SAP or JDE systems. Implement and uphold security policies and guidelines for SAP environments. Conduct regular security audits and assess vulnerabilities in the systems. Investigate and respond to security incidents, collaborating with IT and security teams. Stay informed on SAP or JDE security trends and recommend necessary enhancements. Maintain documentation of security configurations and provide training on best practices. What You will Need: Bachelors degree in Computer Science, Information Security, or a related field. 4 to 6 years of experience in SAP/JDE security administration, ideally within a complex enterprise setting Excellent problem-solving skills to analyze complex security issues. Proficiency in SAP or JDE security best practices. Experience with security audits and vulnerability assessments. Knowledge of compliance standards such as GDPR and SOX . Professional certifications in JDE security administration (e.g., Oracle Certified Professional) and/or cybersecurity (e.g., CISSP, CISM) are a plus. Travel Percentage: 10%

Lead security architecture and GRC initiatives across IT, OT, cloud, and hybrid environments. Perform risk assessments, enforce security standards, and integrate controls across platforms (Cisco, Palo Alto, AWS, Azure). Required Candidate profile 8–15+ yrs experience with NIST, ISO, CIS; scripting; cloud security. Relevant certs: CISSP, CCSP, SABSA, CCIE, PCNSE, AWS/Azure Security.

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program. Responsibilities Include: Work with peers to identify and assess Information Security risks Conduct risk assessments using CME Groups established GIS Third Party Risk Management assessment process Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc. Assist the GIS TPRM function with: Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions Assist in compiling and delivering business and operational metrics at regular intervals Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support Problem Solving: Objectively assess the impact, likelihood, and velocity of identified risks Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers Rapidly analyze complex technical details Synthesize detailed analysis into a big picture view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company Decision Making: Recommend risk treatment decisions Recommend remediation actions when risk mitigation is desired Recommend improvements to methods, instrumentation, training, documentation, and processes Recommend solutions for automating and streamlining GIS TPRM risk management practices Working Relationships: Interacts with peers across all elements of the Technology Division Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Interact occasionally with industry peers from other Systemically Important Financial MarketUtilities(SIFMUs),research organizations, solution providers, etc. Required Experience: Bachelors Degree or equivalent experience Minimum of 1 to 3 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.) Demonstrable knowledge of a broad range of InfoSec technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Additional preferred experience: Demonstrable knowledge of InfoSec risk management methods and practices Experience with operating GRC solutions Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.)

Job Title: Senior Manager Information/Cyber Security Job Location: Pune / Bangalore / Mumbai Job Summary: We are looking for a seasoned professional in Information/Cyber Security to be part of the Digital Trust and Security team at Capgemini Invent This role requires a resource who is experienced in managing client-facing cybersecurity programs, providing strategic advisory, and enhancing security capabilities within the organization. Key Responsibilities: Client Advisory & Leadership: Lead cybersecurity engagements for clients, and providing strategic direction and ensuring alignment with their business and security goals. Program Oversight: Manage the delivery of multiple cybersecurity projects, ensuring high-quality service, timely execution, and compliance with client expectations. Risk Management & Compliance: Oversee risk assessments for clients and ensure the implementation of security controls that meet industry standards (ISO 27001, NIST, GDPR, etc.). Team Development: Mentor and develop the internal cybersecurity team, fostering a culture of continuous improvement and ensuring the team is equipped to handle evolving client needs. Stakeholder Engagement: Collaborate with senior client stakeholders, including C-level executives, to communicate security risks, program progress, and recommend improvements. Innovation & Thought Leadership: Drive the adoption of new security technologies and best practices, positioning the organization as a thought leader in cybersecurity services. Business Development & Solutioning: Lead the development of cybersecurity solutions tailored to client needs, aligning with emerging threats and industry trends. Collaborate with sales and account teams to identify new business opportunities and expand client relationships through cybersecurity offerings. Develop and present compelling proposals, including RFP/RFI responses, for cybersecurity services. Engage in pre-sales activities, providing expertise and thought leadership to support business development efforts. Drive solution architecture and proposal strategies for large-scale cybersecurity projects to win new business. Required Skills and Qualifications: Master’s degree in Information security, Cybersecurity, Information Technology , or a related field. 10-15 years of experience in Information/Cybersecurity , with at least 7 years in a client-facing leadership role within a consulting environment. Deep understanding of cybersecurity frameworks (e.g., ISO 27001, NIST etc.) and regulatory standards (GDPR, HIPAA, PCI-DSS etc.). Proven track record in managing complex security programs for large clients, including risk management, cloud security, incident response , and compliance management . Certifications such as CISSP, CISM, CRISC, CISA, or PMP are highly preferred. Personal Attributes: Strong leadership and team-building skills, with a focus on mentoring and developing the next generation of cybersecurity leaders. Excellent communication and presentation skills, with the ability to influence senior stakeholders at client organizations.

Cybersecurity Engineer + Analyst (Hybrid Chandigarh / Mohali) Infinity Healthcare Solutions, LLC is expanding its cybersecurity operations and is actively seeking a highly skilled and motivated Cybersecurity Engineer + Analyst to join our team. This role is designed for professionals who bring both deep technical engineering expertise and analytical skills to secure enterprise infrastructure, identify vulnerabilities, and respond to evolving cyber threats. This position will work at the intersection of IT security architecture, incident response, risk management, and compliance operations to ensure the security and integrity of our organizations data and systems. Key Responsibilities: Security Operations & Monitoring: Monitor infrastructure, networks, and cloud environments using SIEM tools (e.g., Splunk, Microsoft Sentinel) Identify, investigate, and respond to real-time alerts and security incidents Analyze logs and network traffic to detect anomalies and unauthorized activities Perform deep-dive forensic analysis and root cause investigations on security events Incident Response & Threat Management Lead and execute end-to-end incident response processes including containment, eradication, and recovery Maintain incident response playbooks, runbooks, and documentation for various threat scenarios Collaborate with cross-functional teams to remediate vulnerabilities and improve incident readiness Stay up to date with the latest threats, vulnerabilities, zero-day exploits, and malware campaigns Security Engineering & Hardening Manage and configure endpoint protection, firewalls, IDS/IPS, and other security controls Assist in the secure deployment and configuration of cloud environments (AWS, Azure, GCP) Evaluate and implement security tools and automation for risk mitigation Apply industry best practices to harden systems and reduce attack surfaces Governance, Risk & Compliance Perform routine risk assessments, internal security audits, and gap analysis Ensure adherence to regulatory and compliance standards: ISO 27001, NIST, SOC 2, GDPR Support internal and external audits by preparing documentation and evidence Develop and maintain security policies, procedures, and technical documentation IAM & Access Controls Manage Identity and Access Management (IAM), including user provisioning, role-based access, MFA Enforce least privilege and zero-trust principles across all systems and environments Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field Minimum 3 years of hands-on experience in cybersecurity operations, security engineering, or threat analysis Proficient with SIEM, IDS/IPS, EDR, antivirus, and endpoint security platforms Solid understanding of network protocols, firewalls, routing, and segmentation Practical knowledge of security for cloud platforms (AWS, Azure, or GCP) Experience working with IAM, RBAC, MFA, VPNs, and secure access controls Strong documentation and reporting skills; ability to communicate technical issues clearly Preferred Skills & Tools: Familiarity with MITRE ATT&CK, CIS Controls, OWASP Top 10 Experience using tools such as Wireshark, Nmap, Nessus, CrowdStrike, Qualys Scripting or automation experience (e.g., PowerShell, Python, Bash) is a plus Familiarity with DevSecOps practices is desirable Preferred Certifications (Any): CEH Certified Ethical Hacker CompTIA Security+ CISSP Certified Information Systems Security Professional CISA, CISM, or other GIAC certifications Why Join Us: Opportunity to work in a security-first environment with global impact Collaborative, forward-thinking team culture Exposure to enterprise-grade cloud security architecture and compliance frameworks Career development.

Role Overview We are seeking a highly experienced CloudOps & InfoSecurity Lead/Manager to take ownership of our cloud infrastructure, security posture, and compliance initiatives. This role will be responsible for overseeing mission-critical CloudOps functions on AWS, leading InfoSec initiatives including VAPT, DR drills, and ISO27001/SOC 2 compliance, and ensuring smooth and secure technology operations across the organization. The role also involves liaising with Vendors to manage on prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc, This is a hands-on leadership role that requires deep expertise in AWS infrastructure, DevOps pipelines, security frameworks, and experience collaborating with engineering, operations, and compliance teams. Key Responsibilities Cloud Operations (AWS) Manage and maintain core AWS services including: EKS (Kubernetes), EC2, RDS, S3, CloudWatch, Glue, Kinesis Own and optimize DevOps pipelines built on GitLab CI/CD. Implement cost-optimized, secure, and highly available cloud architectures. Ensure system monitoring, alerting, scaling, and backup strategies are effective and well-documented. Manage Disaster Recovery (DR) environments and conduct periodic DR drills. Information Security & Compliance Lead Vulnerability Assessment & Penetration Testing (VAPT) cycles and remediation efforts. Drive and maintain ISO27001 and SOC2 compliance: Work with external auditors and internal teams to ensure readiness. Own documentation, policy updates, and evidence collection. Implement and monitor security controls, incident management protocols, and regular access audits. Prepare and share weekly/monthly infosec and infra reports with leadership. Platform & SaaS Administration Oversee GCP Workspace (formerly G Suite) including Gmail, Drive, user provisioning, storage planning, and backup policies. Ensure data retention and security across productivity tools. Team & Vendor Collaboration Work with external vendors (e.g., for security testing, DR hosting, cloud services), Infra services Collaborate with engineering and QA teams for security reviews and infrastructure needs. Support procurement and vendor evaluation for infra and security tooling. Manage Vendors who manage on-prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc and governance aspects related to regular reporting, auditing etc of IT infrastructure. Required Skills & Experience 8-10 years of experience in cloud infrastructure and information security domains. Proven expertise in AWS services like EKS, EC2, S3, CloudWatch, RDS, Kinesis, Glue, etc. Hands-on experience with DevOps pipelines (GitLab preferred). Strong understanding of infosec frameworks , compliance processes, and experience managing ISO27001 / SOC2 audits. Experience conducting and managing VAPT assessments and DR drills . Familiarity with Google Workspace (GCP) administration for email, storage, and access management. Strong communication and reporting skills with experience preparing stakeholder-ready documents. Experience managing or working with cross-functional teams and external vendors. Good to Have Certifications such as AWS Certified Solutions Architect , CISSP , CISM , or ISO27001 Lead Auditor . Exposure to container security , SAST/DAST tools , IAM best practices , and cloud cost optimization . Experience in a regulated domain such as Fintech/NBFC is a plus.