74 Compliance Frameworks Jobs - Page 3

Location : Mumbai, Delhi / NCR, Bengaluru , Kolkata, Chennai, Hyderabad, Ahmedabad, Pune, Remote (India-based preferred) Experience Required : 710 Years Employment Type : Contract Primary Skills Cloud Security, AWS, IAM, DLP, Security Consultant, Data Encryption, Logging, Secrets Management, Security Posture, Risk Assessment, Compliance Frameworks, SIEM, SOAR, Incident Response, Automated Security, AIin Security Job Description We are seeking an experienced Security Consultant with 710 years of deep technical expertise across AWS security practices, posture assessment, incident response, and automation in security environments. The ideal candidate will play a key role in advising on cloud security design, conducting risk assessments, and strengthening compliance and data protection mechanisms in cloud-native environments. Key Responsibilities Lead cloud security strategy and implementation for AWS-based applications Conduct Security Posture Assessments, identify gaps, and define risk prioritization plans Implement and manage AWS security controls: IAM (Identity & Access Management) Network Security & Logging Data Encryption & Secrets Management Ensure adherence to compliance frameworks (ISO 27001, NIST, CIS, etc.) Implement Data Loss Prevention (DLP), Data Masking/Obfuscation solutions Drive SIEM/SOAR integration for intelligent threat detection and response Develop and maintain Incident Response plans and coordinate response activities Conduct automated security scanning and integrate into DevSecOps pipelines Provide consultation and innovation around Agentic AI applications in security Qualifications 7+ years of hands-on experience in cloud security, with a focus on AWS Deep knowledge of IAM, encryption, secrets management, and compliance frameworks Experience with SIEM/SOAR platforms, automated scanning tools, and AI-driven security solutions Strong documentation, communication, and stakeholder collaboration skills Ability to work independently in a remote team structure

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 6+ years of experience in a Security Operations Center (SOC) or similar security role. Relevant certifications preferred such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Strong understanding of networking protocols and technologies, vulnerability assessment, and incident response procedures. Experience with SIEM tools (e.g., Splunk, ArcSight, or similar). Familiarity with compliance frameworks (e.g., ISO 27001, NIST, GDPR). Strong analytical and problem-solving skills. Excellent verbal and written communication skills.

You are a highly skilled and experienced Azure Data Architect & Senior Data Engineer who will be responsible for designing, implementing, and maintaining robust data solutions that support the business objectives. You have a deep understanding of data engineering principles, cloud technologies, and the Azure platform. You possess expertise in data modeling, integration, design, and data management. You can produce relevant data models and design the organization's data flow. You have experience with Azure cloud solutions related to data acquisition, transformation, storage, analysis, and loading, including SQL application data and unstructured data. Your proficiency extends to various SQL database languages such as T-SQL, Databricks, PL/SQL, and MySQL. You understand the advantages and drawbacks of each and can set them up effectively and securely across different data platforms and environments. You excel in building and maintaining data pipelines and workflows using tools like Azure Data Factory, Azure Functions, and others. You develop ETL/ELT processes to extract, transform, and load data from various sources into data warehouses and data lakes. Implementing data integration solutions using Azure Synapse Analytics, Azure SQL Database, and other Azure data storage options is also within your skillset. In addition, you develop and maintain comprehensive data architecture blueprints and roadmaps aligned with the business strategy. You assess and optimize existing data systems and processes for efficiency and scalability. Designing and implementing data governance frameworks to ensure data quality and integrity is part of your responsibilities. You have strong proficiency in Azure data services, including Azure Data Factory, Azure Synapse Analytics, Azure SQL Database, Azure Data Lake Storage, Azure Cosmos DB, and Azure Databricks. You are an expert in data modeling, data warehousing, and data lake concepts. Your knowledge also extends to data engineering tools and technologies, such as ETL/ELT tools, data integration frameworks, and data quality tools. Programming languages like Python, SQL, and Scala are familiar to you, and you have an understanding of data governance and compliance frameworks such as GDPR and CCPA. You hold a Bachelor's degree in Computer Science, Engineering, or a related field, with 10+ years of experience in data engineering and data architecture roles. You have at least 5+ years of hands-on experience with Azure data services like Azure Synapse, Azure SQL Database, Azure Cosmos DB, Azure Data Lake, Azure Data Factory, and Azure Databricks, or related services. Proven experience working with Azure cloud technologies, strong analytical and problem-solving skills, excellent communication and interpersonal skills, and the ability to work independently and as part of a team are some of your key qualifications. Additionally, certifications related to Azure data technologies, such as Azure Certified Data Engineer, are considered a plus.,

As an innovative, analytical, and growth-minded Lead Product Manager at CDK Global, you will take ownership of the Enterprise Data Warehouse and Governance initiatives. Your main responsibility will be to define and execute the strategy for data platforms, ensuring accuracy, accessibility, and scalability. Collaborating with engineering, business, and analytics teams, you will deliver innovative SaaS-based data solutions for seamless integration, governance, and insights for enterprise clients. Additionally, you will play a crucial role in delivering an OEM Analytics solution that enables better business decisions for OEMs and Dealers based on actionable insights and predictive analytics. Your role will involve owning customer-facing OEM Analytics and identifying market opportunities and customer pain points to grow the business. Your key responsibilities will include defining product strategy and building roadmaps for enterprise data warehouse and governance platforms, prioritizing requirements, driving execution and delivery, building new features for seamless integrations with the CDK Data Platform, overseeing the product lifecycle, and ensuring compliance with regulatory standards. You will collaborate with various teams at CDK to ensure successful go-to-market plans, conduct customer research, implement operating models, and mitigate risks associated with data governance. To be successful in this role, you should have a Bachelor's degree in business, Computer Science, Engineering, or equivalent industry experience, along with 6 to 8+ years of product management experience in Enterprise SaaS and 5+ years of experience with data governance and scaling data platforms. You should possess a strong understanding of data warehousing, ETL processes, API integration, compliance frameworks, and data governance principles. Experience with agile development methodologies, working in a product-led environment, and collaborating with globally distributed teams is essential. Qualifications also include a proven track record of delivering automated and scalable enterprise data platforms, influencing and driving strategy across multiple stakeholders, critical thinking skills, excellent communication abilities, and a data-driven mindset. Financial acumen, willingness to travel, and technical knowledge of SQL, Python, or cloud platforms are preferred qualifications. At CDK, we value inclusion and diversity to inspire meaningful connections among our people, customers, and communities. If you are authorized to work in the US and are looking to join a dynamic environment where your skills and expertise can make a real impact, we encourage you to apply.,

Ensure compliance with Companies Act, SEBI regulations, and other applicable statutory requirements. Organize and manage Board and General Meetings, including drafting agendas, minutes, and resolutions. Maintain and update statutory registers.

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure , automation , and CI/CD processes. The ideal candidate will have hands-on experience in building , deploying , and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization , cloud security , networking and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design , implement , and manage cloud infrastructure solutions on AWS , Azure , or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform , CloudFormation ,or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions , Jenkins ,GitLab CI/CD , BitBucket Pipelines , or AWS CodePipeline. Manage and orchestrate containers using Kubernetes , OpenShift , AWS EKS , AWS ECS , and Docker. Work on cloud migrations , helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2 , PCI ,HIPAA , GDPR , and HITRUST. Set up and optimize monitoring , logging , and alerting using tools like Datadog ,Dynatrace , AWS CloudWatch , Prometheus , ELK , or Splunk. Automate deployment , configuration , and management of cloud-native applications using Ansible , Chef , Puppet , or similar configuration management tools. Troubleshoot complex networking , Linux/Windows server issues , and cloud-related performance bottlenecks. Collaborate with development , security , and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps , cloud infrastructure , or platform engineering. Expertise in at least one major cloud provider: AWS , Azure , or GCP. Strong experience with Kubernetes , ECS , OpenShift , and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform , AWS CloudFormation , or similar tools. Proficiency in scripting/programming languages like Python , Bash , or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins , GitHub Actions , GitLab CI/CD , or BitBucket Pipelines. Experience with Linux operating systems (RHEL , SUSE , Ubuntu , Amazon Linux) and Windows Server administration. Expertise in networking (VPCs , Subnets , Load Balancing , Security Groups ,Firewalls). Experience in log management and monitoring tools like Datadog , CloudWatch , Prometheus , ELK , Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices , including IAM , WAF , GuardDuty , CVE scanning , vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub , Azure Security Center , Google Security Command Center). Experience in compliance frameworks (SOC 2 , PCI , HIPAA , GDPR , HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk , Fluentd , AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing , intrusion detection , and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

At Nouryon, our global team of Changemakers takes positive action every day, to reach higher goals collectively and individually. We create innovative and sustainable solutions for our customers to answer societys needs – today and in the future. Purpose/Key Objectives of the Job: The purpose of this role is to lead Nouryon’s Governance, Risk, and Compliance (GRC) program. Enhance short/long-term GRC program strategy to align with regulatory and business needs. Lead GRC in cross-functional projects and initiatives. Apply advanced GRC knowledge/experience to mature and improve processes, controls library, and metrics reporting. Manage and review team members day to day work product. About The Job (Job Responsibilities): Track and support compliance with various findings. Build, track and support a cyber security risk program. Build, track and support a cyber security compliance program. Develop, track and support metrics and reports on KPIs, SLAs and other internal metrics. Develop policy, processes, procedures and guidelines. Build, track and support compliance to various frameworks such as ISO 27001, NIST CSF/800-53, etc. Responsible for Penetration Testing program. Track and help improve the GRC program maturity. Provide other support to the Office of the CISO. We believe you bring (Education & Experience) Former leader role in GRC with knowledge of regulatory and industry requirements and standards. 10+ years’ experience working in an enterprise environment. Experience with multiple GRC tools such as Archer, ServiceNow GRC, etc. Preferred one or more of: CISSP, CRISC, CISA, CISM. Must have experience conducting/implementing/managing risk/compliance management frameworks. Must possess strong written and verbal communication skills. Proficiency with all Microsoft (MS) Office programs is necessary, including familiarity with SharePoint. Conducting and/or coordinating information security risk assessments for technology and security frameworks. Facilitating multiple stakeholders to agree on appropriate security solutions and verifying that security risks are mitigated appropriately. Verifying that required security controls are built into new products Performing deep dives on Information security-related processes and systems. Identifying system limitations that could lead to regulatory risks in new products and services and provide guidance for resolution and risk mitigation. Staying abreast of innovative business and technology trends in Information Security, risk, and controls and advising leadership on technology initiatives. Carrying out risk assessments and gap analysis of multi-networks and cloud environments using compliance standards and frameworks such as CSF and NIST. Creating, managing, and enforcing compliance requirements for business process and information systems and assisting in the development of Authority wide cybersecurity compliance program. Designing and/or implementing Information Security solutions in an enterprise environment. Leading initiatives for re-architecting and reengineering of security controls to enhance the security posture of the Authority. Strong knowledge of Vulnerability Management Remediation. Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon.com/careers/how-we-hire/ We look forward to receiving your application! We kindly ask our internal candidates to apply with your Nouryon email via Success Factors. We’re looking for tomorrow’s Changemakers, today. If you’re looking for your next career move, apply today and join Nouryon’s worldwide team of Changemakers in providing essential solutions that our customers use to manufacture everyday products such as personal care, cleaning, paints and coatings, agriculture and food, pharmaceuticals, and building products. Our employees are driven by the wish to make an impact and actively drive positive change. If that describes you, we will gladly make way for your ambitions. From day one we support you with your personal growth, through challenging positions and comprehensive learning and development opportunities, in a dynamic, international, diverse, and proactive working environment. Visit our website and follow us on LinkedIn . #WeAreNouryon #Changemakers

About the Role We are seeking a highly skilled Staff Engineer to lead the architecture, development, and scaling of our Marketplace platform - including portals & core services such as Identity & Access Management (IAM), Audit, and Tenant Management services. This is a hands-on technical leadership role where you will drive engineering excellence, mentor teams, and ensure our platforms are secure, compliant, and built for scale. A Day in the Life Design and implement scalable, high-performance backend systems for all the platform capabilities Lead the development and integration of IAM, audit logging, and compliance frameworks, ensuring secure access, traceability, and regulatory adherence. Champion best practices for reliability, availability, and performance across all marketplace and core service components. Mentor engineers, conduct code/design reviews, and establish engineering standards and best practices. Work closely with product, security, compliance, and platform teams to translate business and regulatory requirements into technical solutions. Evaluate and integrate new technologies, tools, and processes to enhance platform efficiency, developer experience, and compliance posture. Take end-to-end responsibility for the full software development lifecycle, from requirements and design through deployment, monitoring, and operational health. What You Need 8+ years of experience in backend or infrastructure engineering, with a focus on distributed systems, cloud platforms, and security. Proven expertise in building and scaling marketplace platforms and developer/admin/API portals. Deep hands-on experience with IAM, audit logging, and compliance tooling. Strong programming skills in languages such as Python or Go. Experience with cloud infrastructure (AWS, Azure), containerization (Docker, Kubernetes), and service mesh architectures. Understanding of security protocols (OAuth, SAML, TLS), authentication/authorization, and regulatory compliance. Demonstrated ability to lead technical projects and mentor engineering teams & excellent problem-solving, communication, and collaboration skills. Proficiency in observability tools such as Prometheus, Grafana, OpenTelemetry. Prior experience with Marketplace & Portals Bachelor's or Masters degree in Computer Science, Engineering, or a related field

Key Responsibilities: Strategy Governance Develop and implement an enterprise-wide external workforce strategy aligned with scientific, clinical, and operational goals. Establish and maintain governance frameworks, policies, and compliance standards in partnership with Legal, HR, Procurement, and department leaders. Program Vendor Management Oversee the full lifecycle of the external workforce including sourcing, onboarding, tracking, and offboarding via VMS such as SAP Fieldglass. Manage key vendor relationships (CROs, staffing firms, consultants), ensuring high performance and cost-effectiveness. Partner with regional and functional leads on continuous improvement initiatives. Risk Compliance Ensure adherence to labor laws, co-employment risks, GxP, and FDA/EMA requirements. Serve as process owner for SOX audits, including execution of monthly controls and support for audit readiness. Technology Analytics Lead development of dashboards and reporting tools (e. g. , Tableau, Alteryx) to monitor cost, utilization, and workforce trends. Provide insights and recommendations to senior leadership to inform strategic workforce planning. Stakeholder Engagement Team Leadership Act as a trusted advisor to business leaders across various functions. Mentor and manage a team (where applicable), and champion process standardization, scalability, and operational excellence. Support change management, training, and policy adherence across the organization. What We Expect of You Bachelor s degree in Human Resources, Business, Life Sciences, or related field (MBA or MS preferred). 8-12 years of experience managing external workforce programs, with 3+ years in life sciences or biotech preferred. Deep expertise in contingent workforce models and VMS tools (Fieldglass, Beeline). Strong knowledge of regulatory and compliance frameworks (e. g. , SOX, GxP, FDA). Proven success leading cross-functional programs and influencing senior stakeholders. What You Can Expect from Us As we work to develop treatments that take care of others, we also work to care for our teammates professional and personal growth and well-being. We offer competitive annual base salary, and a Total Rewards Plan comprising health and welfare plans for staff and eligible dependents, financial plans with opportunities to save towards retirement or other goals, work/life balance, and career development opportunities.

We are looking for a qualified and experienced Company Secretary to join our team in Gurugram. The ideal candidate will play a crucial role in ensuring corporate governance, statutory compliance, and regulatory reporting in line with applicable laws. This is a strategic role offering exposure to senior leadership and cross-functional collaboration. Keywords Ensure compliance with Companies Act, 2013 and other relevant corporate and regulatory requirements. Manage board and committee meetings prepare agendas, draft minutes, and maintain statutory records. Handle ROC/MCA filings, including incorporation, annual returns, and other statutory submissions. Advise management on corporate governance best practices and legal implications of strategic decisions. Draft resolutions, board reports, and maintain registers and secretarial records. Liaise with external regulators, auditors, and legal counsel as necessary. Support in fundraising and due diligence processes, managing investor documentation and cap table records. Assist with shareholding structures, ESOP administration, and regulatory disclosures. Work Experience 5 to 10 years of post-qualification experience, preferably in a high-growth startup or tech-driven organization. Required Skills Must be based in Gurgaon or willing to relocate immediately. Member of the Institute of Company Secretaries of India (ICSI). 5 to 10 years of post-qualification experience, preferably in a high-growth startup or tech-driven organization. Strong knowledge of corporate and secretarial laws, SEBI regulations, and compliance frameworks. Excellent drafting, communication, and interpersonal skills. High attention to detail, proactive problem-solving approach, and ability to work independently. Prior experience with VC-funded companies and handling investor relations is a plus. Preferred Attributes Prior experience working with fleet operators, real estate developers, or government departments.

Bachelor's degree in Computer Science, Information Security, or related field. 7+ years of experience in security engineering, cloud security, or compliance roles. Strong knowledge of cloud security principles, architectures, and practices. Familiarity with security frameworks and best practices: CIS v8, NIST, ISO 27001, CSA. Hands-on experience with cloud platforms (AWS, Azure, GCP) and relevant security tools (SIEM, WAF, vulnerability scanners, pen testing tools). Experience writing and maintaining security documentation (policies, standards, guidelines). Technical Expertise: Strong understanding of OWASP Web/API vulnerabilities (CSRF, XSS, SQL Injection, etc.) and appropriate mitigations. Expertise in API security mechanisms (OIDC, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust). Solid grasp of cryptographic concepts (Encryption, Authentication, Symmetric & Asymmetric Cryptography). Scripting experience in Python, Bash, or PowerShell for automation and tooling. In-depth knowledge of regulatory compliance standards: SOC 2, PCI DSS, HIPAA, GDPR. Soft Skills: Excellent communication skills, able to explain complex security concepts to technical and non-technical audiences. Strong attention to detail, with a focus on quality assurance and documentation. Effective collaborator with cross-functional teams in cloud and security environments. Certifications (Mandatory): One or more: AWS Certified Security Specialty, Azure Security Engineer, CCSK, CCSP.

Bachelor's degree in Computer Science, Information Security, or related field. 7+ years of experience in security engineering, cloud security, or compliance roles. Strong knowledge of cloud security principles, architectures, and practices. Familiarity with security frameworks and best practices: CIS v8, NIST, ISO 27001, CSA. Hands-on experience with cloud platforms (AWS, Azure, GCP) and relevant security tools (SIEM, WAF, vulnerability scanners, pen testing tools). Experience writing and maintaining security documentation (policies, standards, guidelines). Technical Expertise: Strong understanding of OWASP Web/API vulnerabilities (CSRF, XSS, SQL Injection, etc.) and appropriate mitigations. Expertise in API security mechanisms (OIDC, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust). Solid grasp of cryptographic concepts (Encryption, Authentication, Symmetric & Asymmetric Cryptography). Scripting experience in Python, Bash, or PowerShell for automation and tooling. In-depth knowledge of regulatory compliance standards: SOC 2, PCI DSS, HIPAA, GDPR. Soft Skills: Excellent communication skills, able to explain complex security concepts to technical and non-technical audiences. Strong attention to detail, with a focus on quality assurance and documentation. Effective collaborator with cross-functional teams in cloud and security environments. Certifications (Mandatory): One or more: AWS Certified Security Specialty, Azure Security Engineer, CCSK, CCSP.

Bachelor's degree in Computer Science, Information Security, or related field. 7+ years of experience in security engineering, cloud security, or compliance roles. Strong knowledge of cloud security principles, architectures, and practices. Familiarity with security frameworks and best practices: CIS v8, NIST, ISO 27001, CSA. Hands-on experience with cloud platforms (AWS, Azure, GCP) and relevant security tools (SIEM, WAF, vulnerability scanners, pen testing tools). Experience writing and maintaining security documentation (policies, standards, guidelines). Technical Expertise: Strong understanding of OWASP Web/API vulnerabilities (CSRF, XSS, SQL Injection, etc.) and appropriate mitigations. Expertise in API security mechanisms (OIDC, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust). Solid grasp of cryptographic concepts (Encryption, Authentication, Symmetric & Asymmetric Cryptography). Scripting experience in Python, Bash, or PowerShell for automation and tooling. In-depth knowledge of regulatory compliance standards: SOC 2, PCI DSS, HIPAA, GDPR. Soft Skills: Excellent communication skills, able to explain complex security concepts to technical and non-technical audiences. Strong attention to detail, with a focus on quality assurance and documentation. Effective collaborator with cross-functional teams in cloud and security environments. Certifications (Mandatory): One or more: AWS Certified Security Specialty, Azure Security Engineer, CCSK, CCSP.

Position Responsibilities: People & Strategy Talent Management: Hire, coach, and retain a high-performing team of 25-40 full-stack software developers and managers across India and Poland. Foster a culture of psychological safety, inclusivity, and mission focus. Resource Allocation: Strategically manage resource allocation to support existing and emergent products while nurturing the career aspirations of talented software development teams. Strategic Partnerships: Partner with Manufacturing, Engineering, Supply Chain, and AI leaders to translate capability gaps into clear product backlogs and measurable Objectives and Key Results (OKRs). Agile & Lean Adoption: Drive the adoption of modern agile frameworks (Scrum/SAFe) and Lean software metrics (cycle time, Mean Time To Recovery - MTTR, DORA metrics). Technical Leadership: Lead quarterly architecture reviews and technology-radar sessions. Invest in upskilling developers on server-side rendering, micro-frontends, AWS artifacts and services, and generative-AI patterns. Support Model Definition: Define a robust and comprehensive software support model for products in production, ensuring business continuity, cost-effective support, and high reliability of our products. Execution Excellence Full Software Development Lifecycle Ownership: Own the entire software development ecosystem for multiple products, from roadmap definition to production support. Enforce engineering best practices, including code review, test automation, and trunk-based development. DevSecOps Pipeline Ownership: Define and operate global DevSecOps pipelines, encompassing Git-based workflows, Jenkins/GitHub Actions/Argo CD, Infrastructure as Code (IaC) with Terraform, Static/Dynamic Application Security Testing (SCA/SAST/DAST) scanning, Software Bill of Materials (SBOM) generation, and automated container promotion across IL2-IL5 environments. Observability Champion: Champion observability initiatives, including centralized logging, distributed tracing, custom metrics, and synthetic tests, using tools such as Grafana, Prometheus, Splunk, and OpenTelemetry. Compliance Enforcement: Ensure every service adheres to data-classification rules such as ITAR, EAR, and CUI. What You'll Own in Your First 12 Months: CI/CD Modernization: Modernize the existing global CI/CD pipeline to achieve less than a 2-hour secure path-to-production for priority applications. New Product Delivery: Ship two new AI-enabled applications with microservices to production with 99.9% availability. Observability Stack: Stand up an enterprise observability stack that drives MTTR to less than 30 minutes for critical workflows. Team Expansion: Recruit and onboard 10 full-stack software developers, DevOps engineers, and data engineers. Technology Roadmap: Publish a technology roadmap aligning React 18, Spring Boot 3, Java 21 LTS, and Generative AI capabilities with product OKRs. Basic Qualifications (Required Skills/Experience): Experience: 10+ years of professional software engineering experience, with 5+ years leading multi-disciplinary teams and managers that ship production software. Full-Stack Expertise: Proven track record delivering large-scale full-stack solutions with React/TypeScript, Java 11+/Spring Boot, and Node.js/Express in production. DevSecOps Mastery: Demonstrated mastery of CI/CD and DevSecOps in regulated environments, including pipelines that embed security gates, artifact signing, and infrastructure-as-code for AWS (CloudFormation or Terraform). AWS GovCloud Knowledge: Deep knowledge of AWS GovCloud services, including VPC, EKS, S3, RDS/Aurora, Lambda, API Gateway, Secrets Manager, CloudWatch, and KMS. Observability Stacks: Hands-on experience running distributed monitoring/observability stacks (Grafana, Prometheus, Splunk, ELK, OpenTelemetry). Compliance Frameworks: Familiarity with data-classification & export-control frameworks (ITAR, EAR, CMMC) and ability to build compliant technical workflows. AI/ML Patterns: Strong understanding of contemporary AI/ML patterns (LLM orchestration, MLOps, vector search, edge inference) and how to integrate them into transactional systems. Travel: Ability to travel between India and Poland on a regular frequency. Education: Related work experience, relevant military experience, or advanced degree preferred but not required. Preferred Qualifications (Desired Skills/Experience): Advanced Degree: A Master's or PhD in Computer Science or related fields from a top-rated institution. Industry Experience: Prior leadership in an aerospace, defense, or highly regulated industry; exposure to design-to-manufacture value streams. Architectural Patterns: Experience with domain-driven design, microservice & event-driven architectures (Kafka, SNS/SQS), and micro-frontend patterns (Module Federation). Global Team Orchestration: Background in global team orchestration (follow-the-sun release management, 24/7 support). Secure Coding: Demonstrated working knowledge of secure coding guidelines (NIST 800-53, OWASP ASVS, STIG hardening). Leadership Competencies: Customer-Focused: Frames technical decisions around user value and mission impact. Bar-Raiser: Sets a high technical bar, models quality code, and fosters a feedback-rich environment. Data-Driven: Uses leading & lagging metrics to improve predictability and reliability. Innovation: Continuously challenges the status quo with automation, self-service, and reusable platform components. Earns Trust: Earns trust with cross-functional stakeholders by communicating effectively, managing risks transparently, and delivering on commitments. Best in Class: Promotes best practices that enable agile and rapid application development. People Focus: Coaches, mentors, and develops talented individuals ranging from junior to very senior levels of experience. Team Building: Builds a cohesive teaming environment across Poland, India, and US development teams. Typical Education & Experience: Typically 21 or more years related work experience or relevant military experience; an advanced degree (e.g., Bachelor's or Master's) preferred but not required. Relocation: This position does offer relocation within INDIA based on candidate eligibility. Export Control: This is not an Export Control position. Visa Sponsorship: Employer will not sponsor applicants for employment visa status.

Job Description:The candidate will have expertise in penetration testing, cloud security, compliance frameworks (HIPAA, PCI DSS), security documentation, and security tools such as Qualys, Burp Suite, and other industry-standard solutions Strong communication skills and the ability to document security processes effectively are essential for this role Key ResponsibilitiesPenetration Testing & Vulnerability ManagementPerform penetration testing on web applications, networks, and cloud environments to identify security vulnerabilities Utilize tools like Burp Suite, Qualys, Nessus, Metasploit, and other scanning tools to detect threats Work with development and operations teams to remediate vulnerabilities and strengthen security posture Cloud SecurityEnsure cloud security best practices for AWS, Azure, and other cloud platforms Implement security controls for cloud-hosted applications and workloads Conduct security assessments and recommend security enhancements Compliance & Regulatory SecurityEnsure compliance with HIPAA, PCI DSS, ISO 27001, NIST, and other security frameworks Conduct audits, risk assessments, and compliance gap analysis Assist in developing policies, procedures, and security documentation to meet regulatory requirements Security Operations & Incident ResponseMonitor security logs and alerts for threat detection and response Work with security teams to investigate and mitigate security incidents Conduct forensic analysis in the event of security breaches Documentation & CommunicationDevelop and maintain security policies, procedures, and technical documentation Create security reports and communicate findings effectively to stakeholders Provide security training and awareness programs for employees

What Your Responsibilities Will Be Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems. Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors. Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls. Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection. Coordinate the documentation and migration of control information into Avalara s GRC platform. Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives. Assist with the performance of ad hoc risk and compliance assessments as needed. What Youll Need to be Successful Bachelor s degree in Information Technology, Computer Science, or equivalent experience. 5+ years of experience in IT Audit, IT Security, or IT Risk Management. Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc. Strong understanding of application security principles, including the ability to assess risk through code and design review processes. Deep knowledge of technical controls, including their design, implementation, and effectiveness. Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance. Skilled in identifying business risks and evaluating trade-offs between technical and business objectives. Experience with risk management platforms (e.g., ServiceNow GRC) is a plus. Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision. Strong organizational, planning, verbal, and written communication skills.

What Your Responsibilities Will Be Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems. Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors. Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls. Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection. Coordinate the documentation and migration of control information into Avalara s GRC platform. Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives. Assist with the performance of ad hoc risk and compliance assessments as needed. What Youll Need to be Successful Bachelor s degree in Information Technology, Computer Science, or equivalent experience. 5+ years of experience in IT Audit, IT Security, or IT Risk Management. Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc. Strong understanding of application security principles, including the ability to assess risk through code and design review processes. Deep knowledge of technical controls, including their design, implementation, and effectiveness. Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance. Skilled in identifying business risks and evaluating trade-offs between technical and business objectives. Experience with risk management platforms (e.g., ServiceNow GRC) is a plus. Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision. Strong organizational, planning, verbal, and written communication skills.

What Your Responsibilities Will Be Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems. Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors. Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls. Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection. Coordinate the documentation and migration of control information into Avalara s GRC platform. Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives. Assist with the performance of ad hoc risk and compliance assessments as needed. What Youll Need to be Successful Bachelor s degree in Information Technology, Computer Science, or equivalent experience. 5+ years of experience in IT Audit, IT Security, or IT Risk Management. Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc. Strong understanding of application security principles, including the ability to assess risk through code and design review processes. Deep knowledge of technical controls, including their design, implementation, and effectiveness. Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance. Skilled in identifying business risks and evaluating trade-offs between technical and business objectives. Experience with risk management platforms (e.g., ServiceNow GRC) is a plus. Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision. Strong organizational, planning, verbal, and written communication skills.

Ensure that the company complies with all applicable local, state, national, and international laws and regulations (e.g., labor laws, environmental regulations, and factory laws). Monitor changes in laws and regulations that impact the manufacturing sector. Coordinate internal compliance audits and risk assessments. Draft, review, negotiate, and manage contracts including Vendor and supplier agreements, Purchase orders, NDAs (Non-Disclosure Agreements), Service-level agreements (SLAs), and Licensing and distribution agreements. Ensure all contracts protect the company's interests and are legally sound. Advice HR on legal matters related to employee relations, employment contracts, disciplinary actions, terminations, and union negotiations. Ensure compliance with labour regulations, including health and safety requirements. Handle legal issues arising from workplace accidents, worker disputes, or grievances. Manage ongoing legal disputes, lawsuits, or arbitrations involving the company. Liaise with external legal counsel when needed. Represent the company in negotiations and legal proceedings, if necessary. Oversee the registration and protection of patents, trademarks, copyrights, and trade secrets. Monitor and take action against any infringement of IP rights. Ensure IP compliance in manufacturing processes and products. Ensure manufacturing operations comply with environmental laws and industrial standards. Liaise with government regulatory bodies (pollution control boards, industry regulators). Manage permits, licenses, and certifications required for operations. Identify legal risks and provide strategic guidance to mitigate them. Develop and implement internal policies to ensure legal and regulatory compliance. Train employees and departments on legal awareness and compliance protocols. Support board meetings and legal documentation (resolutions, meeting minutes). Maintain statutory registers and ensure legal documentation is up to date. Assist in legal aspects of mergers, acquisitions, or joint ventures if applicable. Coordinate with insurance providers on coverage for factory operations, employee liability, product liability, etc. Support claims management and legal compliance related to insurance. Promote an ethical culture within the organization by implementing policies related to anti-bribery, anti-corruption, and whistleblower protection. Investigate and respond to breaches of law or internal policies. Integrity and ethical judgment, Confidentiality and discretion, Attention to detail, Proactive mindset, Strong ability to draft, review, and negotiate commercial contracts (vendor agreements, supply chain contracts, NDAs, SLAs, etc.), Familiarity with Factories Act, Environmental Laws, Labour Laws, Industrial Disputes Act, Occupational Safety & Health, and pollution control norms, Understanding of compliance frameworks (local, state, and national), with the ability to implement and monitor them effectively, Skills in handling civil, labor, consumer, and contract-related disputes, including arbitration and coordination with external counsel, Knowledge of patents, trademarks, and trade secrets, especially as they relate to products, processes, or technology used in manufacturing, Ability to foresee legal risks, advise mitigation strategies, and establish policies to prevent compliance failures, Familiarity with Companies Act, secretarial practices, board resolutions, and legal documentation, Ability to assess legal risks and provide actionable business-oriented advice, Strong judgment and decision-making ability, especially under pressure, Excellent verbal and written communication, including drafting legal documents and interacting with external legal counsel or regulators, Ability to explain complex legal concepts to non-legal staff and management, Strong negotiation and conflict resolution skills, Ability to work under pressure and meet deadlines, Excellent problem-solving abilities, etc Education- 3-year LL.B. degree (post-graduation) or a 5-year integrated law degree (like B.A. LL.B., B.B.A. LL.B., etc.) from a recognized university.

Live What You Will Do The External Workforce Sr. Manager is responsible for supporting the management and coordination of the organization's external workforce in partnership with our Master Service Providers (MSP), including contingent workers, independent contractors, vendors, and service providers. This role will lead the planning, governance, and operational management of our external workforce to ensure the efficient use of labor categories and other external resources across the organization while maintaining compliance, optimizing cost, and enhancing workforce agility. This role works cross-functionally with HR, Procurement, Legal, IT, and department heads to ensure cost-effective and compliant use of external talent. As a critical member of our external workforce team, you will help ensure the organization can scale flexibly and compliantly, while meeting the specialized talent needs of a fast-paced and regulated biotech environment. Key Responsibilities: Strategy & Governance Develop and implement an enterprise-wide external workforce strategy aligned with scientific, clinical, and operational goals. Establish and maintain governance frameworks, policies, and compliance standards in partnership with Legal, HR, Procurement, and department leaders. Program & Vendor Management Oversee the full lifecycle of the external workforceincluding sourcing, onboarding, tracking, and offboarding via VMS such as SAP Fieldglass. Manage key vendor relationships (CROs, staffing firms, consultants), ensuring high performance and cost-effectiveness. Partner with regional and functional leads on continuous improvement initiatives. Risk & Compliance Ensure adherence to labor laws, co-employment risks, GxP, and FDA/EMA requirements. Serve as process owner for SOX audits, including execution of monthly controls and support for audit readiness. Technology & Analytics Lead development of dashboards and reporting tools (e.g., Tableau, Alteryx) to monitor cost, utilization, and workforce trends. Provide insights and recommendations to senior leadership to inform strategic workforce planning. Stakeholder Engagement & Team Leadership Act as a trusted advisor to business leaders across various functions. Mentor and manage a team (where applicable), and champion process standardization, scalability, and operational excellence. Support change management, training, and policy adherence across the organization. Win What We Expect of You Bachelors degree in Human Resources, Business, Life Sciences, or related field (MBA or MS preferred). 8-12 years of experience managing external workforce programs, with 3+ years in life sciences or biotech preferred. Deep expertise in contingent workforce models and VMS tools (Fieldglass, Beeline). Strong knowledge of regulatory and compliance frameworks (e.g., SOX, GxP, FDA). Proven success leading cross-functional programs and influencing senior stakeholders.

Risk Identification and Assessment : Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring : Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management : Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications Education: Bachelor's degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience: 2 - 4 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Solid understanding of IT infrastructure, systems, and security standard processes. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical collaborators. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS). Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and fixing skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. Collaboration with distributed team.

We are seeking a seasoned and strategic compliance professional to join our Compliance team as Deputy Vice President (DVP). The ideal candidate will lead and oversee critical compliance functions to ensure that the organization adheres to all regulatory requirements, drives a culture of compliance, and strengthens internal compliance frameworks and systems. This role will involve high-level coordination, review, and guidance across various compliance domains, reporting to senior leadership and working closely with multiple stakeholders. Key Responsibilities: 1. Regulatory Reporting: Supervise the timely and accurate submission of regulatory reports to the Regulator. Provide strategic oversight on regulatory timelines and ensure timely compliance. Guide internal teams in data collation, validation, and regulatory interpretations. 2. Compliance Monitoring Tool: Oversee the monitoring and tracking of regulatory obligations through the compliance tool. Drive enhancements and ensure effective utilization of the compliance tool across functions. 3. Support on Board and Committee Meetings: Provide leadership in the preparation of agendas, presentations, and notes for Board and Committee meetings. Ensure accuracy and completeness of compliance-related records and regulatory documentation. Ensure timely circulation and quality control of meeting minutes and records. 4. Reporting to Parent Company and Other Compliance Activities: Ensure accurate and timely submission of certificates, dashboards, and reports to the Parent Company. Approve marketing and promotional materials from a regulatory compliance perspective. Lead coordination for internal audits and ensure timely closure of audit observations. Provide strategic direction on other compliance matters and initiatives. 5. Policy Formulation and Review Draft, review and update internal compliance policies and SOPs in line with evolving regulations Ensure consistency across business verticals in policy implementation Qualifications & Experience: Graduate/Postgraduate in Law, Commerce, Finance, or a related field. 10+ years of relevant experience in compliance within the BFSI/NBFC sector. Strong knowledge of RBI Master Directions, SEBI regulations, and other relevant compliance frameworks. Strong analytical, leadership, and communication skills.

Required Skills: Cyber Risk Risk Mitigation Strategies for Security Controls SAST and DAST Tools Profile: - 5+ years of experience in application/API security, risk management, or related fields - Strong understanding of application security architecture, compliance frameworks, and risk management principles - Experience with application security assessments, risk assessments, and security controls implementation - Excellent analytical, problem-solving, and communication skills - Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST) - Certifications in cloud security, risk management, or related fields (e.g., CCSK, CRISC, CISSP) Job Summary: We are seeking a seasoned Cyber Risk Consultant to assess and mitigate risks associated with our private cloud control plane (API Services). The successful candidate will perform risk assessments, identify vulnerabilities, and develop strategies to optimize security and compliance in control plane. Responsibilities: - Conduct risk assessments and security evaluations of private cloud control plane services (API Services) - Identify and prioritize vulnerabilities, threats, and potential attack vectors - Develop and implement risk mitigation strategies and security controls - Evaluate security configurations, policies, and procedures - Assess compliance with industry standards and regulatory requirements (e.g., NIST, SOC 2, PCI-DSS, OSWAP) - Develop and maintain risk management frameworks, playbooks, and reporting dashboards - Stay current with emerging application/API security threats and technologies - Communicate risk and security recommendations to stakeholders

About the Role We are seeking a highly skilled Staff Engineer to lead the architecture, development, and scaling of our Marketplace platform including portals & core services such as Identity & Access Management (IAM), Audit, and Tenant Management services. This is a hands-on technical leadership role where you will drive engineering excellence, mentor teams, and ensure our platforms are secure, compliant, and built for scale. A Day in the Life Design and implement scalable, high-performance backend systems for all the platform capabilities Lead the development and integration of IAM, audit logging, and compliance frameworks, ensuring secure access, traceability, and regulatory adherence. Champion best practices for reliability, availability, and performance across all marketplace and core service components. Mentor engineers, conduct code/design reviews, and establish engineering standards and best practices. Work closely with product, security, compliance, and platform teams to translate business and regulatory requirements into technical solutions. Evaluate and integrate new technologies, tools, and processes to enhance platform efficiency, developer experience, and compliance posture. Take end-to-end responsibility for the full software development lifecycle, from requirements and design through deployment, monitoring, and operational health. What You Need 8+ years of experience in backend or infrastructure engineering, with a focus on distributed systems, cloud platforms, and security. Proven expertise in building and scaling marketplace platforms and developer/admin/API portals. Deep hands-on experience with IAM, audit logging, and compliance tooling. Strong programming skills in languages such as Python or Go. Experience with cloud infrastructure (AWS, Azure), containerization (Docker, Kubernetes), and service mesh architectures. Understanding of security protocols (OAuth, SAML, TLS), authentication/authorization, and regulatory compliance. Demonstrated ability to lead technical projects and mentor engineering teams & excellent problem-solving, communication, and collaboration skills. Proficiency in observability tools such as Prometheus, Grafana, OpenTelemetry. Prior experience with Marketplace & Portals Bachelor's or Masters degree in Computer Science, Engineering, or a related field