5 Csa Ccm Jobs

As an I&A On-boarding Information Security Analyst, Associate at Deutsche Bank in Pune, India, you will play a crucial role in the Access Lifecycle On-boarding global family. Your responsibilities will include access management for application end user recertification On-boarding, user access request & approval, user provision On-boarding, Functional Taxonomy SoD On-boarding & maintenance, as well as IDAHO (Access concept) SME services for central DB. You will need to quickly grasp complex application set ups for Identity & Access Management, supporting the Information Security Officer (ISO) and IT Application Owner (ITAO) throughout the central solution On-boarding process. **Key Responsibilities:** - Perform On-boarding assessments for IT assets applicable for end user application access - Gather business requirements and identify future user provisioning setups in adherence to Information Security (IS) internal and regulatory requirements - Engage, manage, and influence stakeholders including Information Security Officer, IT Application Owner, Engineering, and Operations teams - Provide process improvement inputs, identify issues, and develop successful solutions - Report and escalate potential risks to management - Work with distributed teams across different locations - Develop key operational procedures and ensure adherence to policies - Comfortable with Security Policy and Governance in the banking domain - Strong presentation and communication skills - Structured and methodological approach to deliver high-quality results - Proactively address performance issues and ensure alignment with organizational needs - Pro-active and flexible working approach with a team spirit **Qualifications Required:** - Minimum 5 years of experience in Identity & Access Management, Governance, Risk and Control - Experience in team management - Knowledge or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, COBIT, ITIL - Understanding of IT Service Management, IT Governance, IT Delivery Management, IT Project Management, IT Delivery background, IT Security - Knowledge of Database Systems, application interactions, and server operating systems - Excellent Excel knowledge **Competencies:** - Self-motivated and flexible to work autonomously in virtual and multicultural teams - Strong communication skills in English (written/verbal) - Good analytical and problem-solving abilities - Detail-oriented with a continuous improvement mindset - Ability to transfer knowledge and expertise to stakeholders and team members Deutsche Bank offers a comprehensive benefits package including leave policy, parental leaves, childcare assistance, sponsorship for certifications, Employee Assistance Program, insurance coverage, and health screening. You will also receive training, coaching, and support to excel in your career within a culture of continuous learning and collaboration. For further information about Deutsche Bank and our teams, please visit our company website: [Deutsche Bank Company Website](https://www.db.com/company/company.htm),

AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Technical Skills AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Nice-to-have skills Experience with multi-cloud security strategies and implementations Knowledge of regulatory compliance requirements relevant to cloud environments Experience with container security (Docker, Kubernetes, ECS, EKS) Background in implementing Zero Trust architecture in AWS environments Experience with AWS automated incident response and remediation Knowledge of cloud-native security tools and platforms Experience with Hashicorp Vault or similar secrets management solutions Background in implementing security for data lakes and analytics platforms Experience with cloud workload protection platforms (CWPP) Knowledge of serverless security best practices Experience with cloud security in the energy efficiency or sustainability industries Background in threat modeling for cloud architectures Experience working with global teams and offshore development models Qualifications Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM) Hands-on experience implementing security controls in CI/CD pipelines Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform Experience with cloud security posture management (CSPM) tools and processes Strong understanding of identity and access management principles in cloud environments Experience with automated security testing and continuous security validation Proficiency in scripting and programming (Python, Bash, etc.) for security automation Excellent understanding of network security, containerization security, and serverless security In-depth knowledge of DevSecOps principles and practices Excellent written and verbal communication skills Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)

You are seeking an experienced InfoSec Governance, Risk and Compliance (GRC) Lead to join the expanding global team of DNEG. In this role, you will be responsible for managing and steering the Information Security GRC and Privacy function within DNEG. The InfoSec team ensures the confidentiality, integrity, and availability of both internal and client data, PII, and systems. Your expertise in InfoSec GRC will be crucial in collaborating with the team, peers, and business stakeholders to align and effectively manage InfoSec GRC initiatives/projects to meet tactical roadmap requirements and the broader InfoSec strategy. As the InfoSec GRC Lead, you will need to work methodically and concisely, possess experience in a technical InfoSec security program, and demonstrate excellent interpersonal, analytical, and documentation skills. Working closely with the Information Security Program Manager, you will prioritize and deliver GRC and privacy facets of the InfoSec program. Your role will involve managing, maintaining, and maturing the GRC function within DNEG, ensuring effective communication and documentation of audit deliverables, and collaborating with internal technical teams. The ideal candidate will have five to ten years of experience in GRC, Data Privacy, and audit functions. You should be proficient in Risk Management methodologies, capable of leading risk assessments and defining mitigation solutions, and knowledgeable about data privacy legislations such as GDPR. Bringing a progressive and collaborative approach to the InfoSec GRC function is essential, along with expertise in Information/Cyber Security processes and methodologies. Desired qualifications include experience with risk management platforms, prior work in the film or media industry, and familiarity with hybrid or cloud-native environments. While a bachelor's degree in IT or Computer Science is desirable, certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor would be beneficial. In summary, as the InfoSec GRC Lead at DNEG, you will play a vital role in managing and maturing the GRC function, collaborating with internal teams, and ensuring alignment with industry and client-driven audit requirements. Your expertise in InfoSec GRC, risk management, and data privacy will contribute to the overall success of DNEG's Information Security program.,

AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Technical Skills AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Nice-to-have skills Experience with multi-cloud security strategies and implementations Knowledge of regulatory compliance requirements relevant to cloud environments Experience with container security (Docker, Kubernetes, ECS, EKS) Background in implementing Zero Trust architecture in AWS environments Experience with AWS automated incident response and remediation Knowledge of cloud-native security tools and platforms Experience with Hashicorp Vault or similar secrets management solutions Background in implementing security for data lakes and analytics platforms Experience with cloud workload protection platforms (CWPP) Knowledge of serverless security best practices Experience with cloud security in the energy efficiency or sustainability industries Background in threat modeling for cloud architectures Experience working with global teams and offshore development models Qualifications Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM) Hands-on experience implementing security controls in CI/CD pipelines Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform Experience with cloud security posture management (CSPM) tools and processes Strong understanding of identity and access management principles in cloud environments Experience with automated security testing and continuous security validation Proficiency in scripting and programming (Python, Bash, etc.) for security automation Excellent understanding of network security, containerization security, and serverless security In-depth knowledge of DevSecOps principles and practices Excellent written and verbal communication skills Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)

Roles & Responsibilities:- Design and implement secure AWS cloud architectures aligned with business and compliance requirements. Automate security controls and integrate them into CI/CD pipelines Manage and monitor AWS security tools such as GuardDuty, Security Hub, and CloudTrail Develop and enforce IAM policies using least privilege principles Conduct threat modeling, vulnerability assessments, and cloud security posture evaluations Ensure compliance with standards like SOC 2, ISO 27001, and NIST Support audit readiness and implement risk treatment plans Collaborate with DevOps teams to embed security in cloud deployments Promote DevSecOps culture across development and operations teams Create and maintain security-as-code using CloudFormation, Terraform, and scripting Automate detection, remediation, and incident response processes Provide security guidance during cloud migrations and new service adoptions Qualification:- Bachelors in Cybersecurity, Computer Science, or related field (Masters preferred) 7+ years in cybersecurity, with 5+ years in cloud security Strong expertise in AWS security tools (GuardDuty, Security Hub, IAM, KMS, CloudTrail) Familiar with cloud security frameworks (AWS Well-Architected, NIST CSF, CSA CCM) Experience in securing CI/CD pipelines and implementing IaC security (CloudFormation/Terraform) Hands-on with CSPM tools and automated security validation Deep understanding of IAM principles and DevSecOps practices Proficient in scripting (Python, Bash) for automation Strong knowledge of network, container, and serverless security Excellent communication skills (verbal and written) Certifications: AWS Security Specialty, CCSP, CISSP, or equivalent Preferred Qualifications :- Experience with multi-cloud (AWS, Azure, GCP) security Understanding of regulatory frameworks (e.g., GDPR, HIPAA, ISO) Hands-on with container security (Docker, Kubernetes, ECS/EKS) Experience with Zero Trust security models in cloud Familiarity with automated incident response and cloud-native tools Knowledge of Hashicorp Vault or similar tools for secrets management Experience securing data lakes and analytics platforms Worked with CWPP and serverless security best practices Cloud security experience in energy efficiency/sustainability domains Experience in cloud threat modeling and collaborating with global teams