1952 Cyber Security Jobs - Page 8

Experience Required: 4+ years in Cybersecurity, with 2+years hands-on Imperva DAM Reports To: Security Operations Lead / SOC Manager Job Summary: We are seeking an experienced ITSM and CIS Benchmarking Specialist to drive service management excellence and ensure systems are hardened according to industry best practices. The ideal candidate will have deep knowledge of ITIL-based ITSM practices and hands-on experience applying CIS Benchmarks for endpoint and server security compliance. Key Responsibilities: ITSM: Oversee the implementation and continuous improvement of ITSM processes aligned with ITIL framework (e.g., Incident, Change, Problem, Asset, and Configuration Management). Ensure accurate and timely incident/ticket management via ITSM tools (e.g., ServiceNow, BMC Remedy, Fresh service). Develop ITSM dashboards and reports to track SLAs, service availability, and operational KPIs. Collaborate with technical and business teams to streamline service workflows and automate manual tasks. Provide training and guidance on ITSM processes across teams. CIS Benchmarking: Perform security baseline assessments of servers, endpoints, and cloud environments using CIS Benchmarks. Coordinate with IT infrastructure and application teams to implement and validate CIS hardening steps. Use tools such as CIS-CAT Pro, SCAP, Tenable, or Qualys for benchmark scanning and reporting. Maintain a central repository of system configurations, benchmark reports, and deviation justifications. Support internal and external audits by providing CIS compliance evidence and remediation plans. Required Skills and Qualifications: 2+ years of experience in implementing and managing ITSM processes and tools. 2+ years of experience applying CIS Benchmarks across Windows, Linux, databases, or cloud platforms. Strong understanding of ITIL v3 or v4, with certification preferred. Familiarity with endpoint/server hardening, system configuration management, and patching. Experience using configuration and compliance management tools (e.g., Ansible, Chef, SCCM, GPO). Ability to document policies, procedures, and control deviations. Preferred Qualifications: ITIL Foundation or Practitioner certification. Experience in audit/compliance functions, particularly in regulated industries (BFSI, healthcare, government). Familiarity with ISO 27001, NIST 800-53, or other security frameworks. Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : Any ITSM Certification/CEH

Position Specification Global Information Security Architect Johnson Controls, Inc. Private and Confidential Johnson Controls Johnson Controls, Inc. (NYSE: JCI) is a global diversified industrial leader employing 170,000 employees serving customers in more than 150 countries with products, services and solutions on a B2B basis to a wide range of market segments. The company operates across three major business units: Automotive Experience; Power Solutions; and Building Efficiency. Automotive Experience generates approximately $20bn of revenue annually and designs and produces automotive seating and interiors systems that help make the driving experience more comfortable, safe and enjoyable. Building Efficiency provides products and services which enhance the comfort, safety and energy efficiency of buildings. Through its Power Solutions business, Johnson Controls is the worlds leading supplier of batteries used in automobiles, including conventional cars and trucks. In fiscal 2014, Johnson Controls generated $42 billion in revenues. The Role Hosted in Pune, India, Senior Cyber Security Engineer is a position, part of a global team, reporting into the Cyber Security Engineering Manager with responsibility of assisting in development of Processes, Standards, and Designs of JCIs Cyber Security Infrastructure Working closely with Project Managers, Global Operations and Technology groups, Business Unit IT delivery organizations, the identity management, and other infrastructure architecture members when creating and implementing Cyber Security Infrastructure. Ensures compliance with established architecture direction and standards. Works with Service Management and stakeholders to collect functional requirements and ensure the most effective solution is used. Maintains an understanding of relevant industry standards and directions to ensure key vendors, suppliers and service partners development plans include support for same. Primary Responsibilities The responsibilities of the Information Security Global Architecture Senior Manager include, but are not limited to: Provide team support with validating security controls Ensures that third party solutions used within Cyber Security follow all Johnson Controls standards. Acts as an internal consultant to business units and Infrastructure IT. Provides management with accurate and complete status information. Provide technical input into security related standards, technology roadmaps, support requirements and management of infrastructure designs Stay abreast of current and evolving technologies in Cyber Security. Adheres to all current changes and problem management policies and procedures. Candidate Profile The successful candidate will be a passionate information security professional with the ability to communicate to different business and Project managers. The candidate will be able to execute the Cyber Security Engineering management strategy defined by leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven team leader and security strategist. A minimum bachelors degree in computer engineering, computer security or computer science discipline or equivalent experience 10 years of Cyber Security related experience working with teams in security operations, incident analysis, developing applications, and security applications. Experience with validation security tools. Experience with Security features, assessments, and validation of security controls for both Linux and Windows based systems Familiarity with network security methodologies, tactics, techniques, and procedures. Experience performing security/vulnerability reviews of network environments. Experience of network security architecture, understanding of the TCP/IP protocol, and remote access security techniques/products. Experience with enterprise anti-virus/malware solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns. Candidate must be able to react quickly, decisively, and deliberately in high stress situations. Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, to technical and non-technical audiences at different seniority levels and interact with customers. Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a global team setting. Ability to create and maintain good business relationships with counter parts, customers, and external entities to achieve the security operations management goals Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters Familiarity of regulatory compliance requirements (PCI-DSS, HIPAA, FISMA, SOX, etc.) Required Certifications 10+ years Certification Information Systems Security Professional (CISSP) At least 5+ years Certification (or similar) in one of: Certified Information Security Manager (CISM) Information Systems Security Architecture Professional (ISSAP) Certified Ethical Hacker (CEH) Cisco Certified Network Associate Security (CCNA Security) Certificate of Cloud Security Knowledge (CCSK) Certified Cloud Security Professional (CCSP) This job description indicates the general nature and level of work expected of the incumbent. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent. Incumbent may be required to perform other related duties.

Key Responsibilities • Design, implement, and manage email security solutions. • handle Trend Micro CAS & Cisco Umbrella, monitor threats. • respond to incidents, update policies, collaborate with teams • stay updated on email & DNS security trends.

Key Responsibilities: Perform in-depth penetration testing, vulnerability assessments, and security reviews of applications, infrastructure, and networks. Identify, exploit, and document security vulnerabilities across systems and provide remediation recommendations. Simulate sophisticated attacks to test the strength of security controls and identify potential areas of compromise. Collaborate with development, infra, and DevOps teams to integrate security into the development lifecycle and Infrastructure-as-Code (IaC) security. Develop comprehensive security test plans, methodologies, and tools to ensure effective assessment of systems. Create detailed reports that outline vulnerabilities, risks, and recommended mitigations. Perform threat modeling and risk assessments to prioritize testing efforts. Monitor network traffic for threats and respond to security incidents. Ensure security best practices in Cloud environments, security controls for cloud workloads, IAM policies, and network security. Monitor and respond to cloud security incidents using SIEM and cloud-native security tools. Integrate and automate security testing and compliance checks into CI/CD pipelines using tools like SAST, DAST, and IAST . Experience Range: 3 - 5 years Educational Qualifications: -B.Tech/B.E in Computers , -B.Tech/B.E in IT Job Responsibilities: Required Skills & Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or related field . 2-3 years of experience in cybersecurity with a focus on Penetration testing or Ethical Hacking , Application Security, Cloud Security, and DevSecOps . Experience with security tools such as Burp Suite, Metasploit, Nessus, Wireshark, SonarQube, AWS WAF, Google WAF, Kali Linux, and other vulnerability scanning tools, etc. Knowledge of SIEM , EDR , NIST, CIS, and OWASP security frameworks. Proficiency in scripting (Python, Bash, PowerShell) for security automation. Industry certifications like CEH, Security+, AWS/GCP Security, or any DevSecOps-related certification (preferred but not mandatory). Excellent written and verbal communication skills to effectively report vulnerabilities and collaborate with stakeholders.Qualifications: Bachelors degree in computer science . Skills Required: DevOps , Linux , PHP , Python

Summary: The Technical Lead will develop and execute a technology strategy aligned with business objectives, oversee technology operations, ensure compliance with data security regulations, and lead technical staff for efficient product development. The role involves driving digital innovation, optimizing resource allocation, and leveraging emerging technologies for strategic advantage. Responsibilities: Develop and execute a technology strategy. Oversee scalable and secure systems, software solutions, and infrastructure. Manage technology budgets and optimize resource allocation. Ensure data privacy, security compliance, and risk mitigation. Drive cloud technology adoption and data-driven decision-making. Stay updated on technological advancements for maintaining competitive advantage. Qualifications: Bachelors degree in Computer Science, IT, or related field. 5+ years in a senior technology leadership role. Expertise in .Net Core (backend) and React JS (frontend). Proficiency in risk mitigation, cybersecurity, and leveraging cloud technologies. Experience implementing data-driven strategies

: Job Title- Business Control Officer, AVP Location- Pune, India Role Description DWS Group (DWS) is one of the world's leading asset managers. Building on more than 60 years of experience and a reputation for excellence in Germany and across Europe, DWS has come to be recognized by clients globally as a trusted source for integrated investment solutions, stability, and innovation across a full spectrum of investment disciplines. We offer individuals and institutions access to our strong investment capabilities across all major asset classes and solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management as well as our deep environmental, social and governance focus complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground-knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, which guides our investment approach strategically. DWS wants to innovate and shape the future of investingwith approximately 3,500 employees in offices all over the world, we are local while being one global team. We are investors entrusted to build the best foundation for our clients future. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities This role will support India DCO office with activities as outlined below: Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the newly established Independent Testing Team Assess end to end business processes to identify significant gaps and determine issue root causes. Partners with business units to perform control evaluations, monitoring and testing efforts within Compliance and Operation Risk Framework to identify control gaps as well as opportunities for effectiveness and efficiency improvements. These assessments will include coverage for other regulatory programs including SOX Apply critical thinking skills to substantive testing techniques to thoroughly evaluate the effectiveness of high-risk business processes. Assess and monitor risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices. Collaborate with cross-functional teams and stakeholders to support control design and effectiveness. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Your skills and experience Bachelor's degree in information security or related field required, with a preference towards master's degree. Demonstrated ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices Strong and progressive Auditing or Control Testing experience with current knowledge and understanding of Control testing methodology. Experience developing test scripts, audit programs, or testing templates. 6+ years in information security management and governance, with a focus on control design and testing Detailed experience in ISO 27001, GDPR, COBIT, KAIT, BAIT, etc. and other cyber security frameworks Good to have CertificationsCRISC, CISSP, CISM, CISA, ISO 27001 Lead Implementer/ Auditor Should possess strong communication skills (written/ spoken) Should be skilled to work with minimal supervision. Strong analytical and strategic mindset along with the ability to collaborate with different stakeholders including top management representatives. How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm

: Job Title Head of Networks India and Global Product Delivery Assurance Location Pune The Principal Technology Manager (PTM) has responsibility for planning, directing and leading one department, sub-area/group or a major function within a business unit or region. The focus of this role is to support and execute against the vision of the organization in Service Operations. The Principal Technology Manager creates goals and direction for teams and articulates the objectives to senior organizational leadership. The Principal Technology Manager can focus on one or more specialties within the Service Operations Profession. What well offer you 100% reimbursement under child care assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance and Expectations Global Network Services (GNS) is responsible for the design, engineering, deployment and operation of the Deutsche Bank network. GNS supports all aspects of network infrastructure in over 2000 offices and branches in over 70 countries. The Global Head of Product Delivery Assurance for one of the product domains, Datacenter, Secure Connectivity or Workplace (Campus/Branches) works within the Network Demand and Integration function. This is a new role responsible to ensure the priorities for one of the 3 main product domains are aligned to overall GTI and GNS Strategy as well as within the main delivery functions in Network Engineering, Solution Deployment and Network Automation. This covers the aspects of Business Priorities, Strategy rollout, Technology Roadmap compliance, Platform Automation and Major Projects specific to the Product Areas whether business driven or by technology transformation, throughout the lifecycle. Functionally, the successful candidate will manage services globally. Work includes supporting the definition of the Product Strategy, developing Product Roadmaps and assuring their implementation, based on strategic business understanding and insights as to how new or existing services and technology can improve business outcomes. Support identification of market opportunities, translating those into product design, and driving strategies that result in a successful product launch, rollout and management through its lifecycle. Product Delivery Assurance is responsible to coordinate with engineering, deployment, automation, risk and operational functions to bring the product vision to life. Aspects including delivery capacity across the functions, plans and resolution of challenges. Working with a variety of people across multiple departments and organizations, understanding of the Banks technology at a deep level, collaborating with other product managers, infrastructure leads, architects and Operations, ensuring network products are in compliance with architectural principles, control and regulatory requirements. Strategic development of the product based on (documented) user requirements and plans. Act as a central function for all information of the product, ensure shared understanding of all functions involved, across the lifecycle. Driving the development and use of technical solution into a clear product set, ensuring the business needs of the Bank are constantly met throughout the lifecycle of the product. At any time, there may be multiple generations of the product existing in operation. One of the challenges is to optimize and minimize the number. Ensuring implementations are in line with expected timelines of the business and handover in production and operations. Ensuring development and rollout processes are globally uniform and implementations deliver uniform quality, in particular relative to configuration compliance and security controls. Analysis and optimization of the delivery experience for our customers to ensure that it is the same in each region. In this context, responsibility includes assurance of standardization of processes and procedures across different silos and regions. Automation will be an essential part of all future deployments, particularly in a hybrid cloud infrastructure landscape and the candidate has the task to drive and support the introduction of automation wherever possible. Customers and associated functions (e.g. CSO, CIO, other GTI platforms) advocate into the networks organization. The role will also act as the Head of Network Services in India providing administrative management oversight for all India based resources, reporting into the Head of Technology Infrastructure India (GTI). In this responsibility, the candidate coordinates a group of regional team leaders who cover most aspects of the Global Network Services organization in line with local requirements and strategy. The position is based on Pune, India. Local team leadership and management in a matrixed environment including performance evaluations, compensation discussion and other human resources responsibilities. Skills and Experience A highly proactive self-starting ethos, with strong customer focus, outstanding leadership, collaboration and problem-solving skills. A passion to deliver the very best service to the Banks business. The ideal candidate would be leading globally dispersed team members and has experience as a network engineer and/or technical product manager in this field. Strong leadership skills and experience in large infrastructure organizations, with the ability to effectively manage, influence and deliver in a globally matrixed organization. Minimum of 10 years of relevant experience of managing general networks including security practice (WAN, LAN, Routing, Switching, NMS, Firewalling, Authentication, DDI, modern security concepts such as ZTNA) Minimum of 5 years in leadership position in globally distributed Network Organization or -Product Management, with the ability to navigate in complex organizations. Expert knowledge of core networking or certifications such as CNP, CISSP, cloud relevant certifications. Good level of understanding of a broad range of IT infrastructure technologies, including modern Cloud and Hybrid Cloud infrastructures and methods, automation and orchestration methods and systems/platforms. Good understanding of the relevant networks market segment for on premise as well as cloud infrastructure relative to the core functions, security and management thereof. Excellent interpersonal- and active listening skill to communicate with various stakeholders including senior business representatives and to influence across different functions within and outside of the networks organization. Sensitivity to cultural differences in the global context and adaption of communication style to ensure effective collaboration. Clear English communication skills in written and verbal. Very good ability in problem solving and conflict resolution. Ability to identify and analyze problem, effectively resolve conflicts, find acceptable solutions and drive timely decisions. Proven operational and process experience, including an understanding of optimization- and quality improvement methodologies, day to day workload- and client escalation management. Team building skills, management and development of staff. Fundamental understanding of Project- and Program Management Graduate degree or equivalent experience / what the bank typically demands for such a technology leadership role. How well support you About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

: Job Title: TISO - Information Security compliance LocationPune, India Corporate TitleVP Role Description TISO is responsible to enforce Information Security compliance within their area of responsibility in line with the CISO mandate and strategy as well as the banks risk appetite. Furthermore, TISOs are the experts and points of escalation for all IT security related aspects of the IT assets in their area of responsibility. They provide guidance on how to implement technical control aspects and achieve compliance to the related Information Security controls and ensure appropriate handling of any relevant exceptions. In close cooperation with the respective Chief BISOs they support the business divisions as well as the COO IT counterparts to comply with Security Controls. Deutsche Banks Corporate Bank division is a leading provider of cash management, trade finance and securities finance. We complete green-field projects that deliver the best Corporate Bank - Securities Services products in the world. Our team is diverse, international, and driven by shared focus on clean code and valued delivery. At every level, agile minds are rewarded with competitive pay, support, and opportunities to excel.You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Align standards, frameworks and security with overall business and technology strategy Identify and communicate current and emerging security threats Create solutions that balance business requirements with information and cyber security requirements Train users in implementation or conversion of systems Derive the IT Security strategy from the overall Chief Information Security Office (CISO) strategy and requirements and translates this into an operational plan for delivery for their area of responsibility In relation to the IT Assets, processes within their scope of responsibility they: Drive integration of Chief Information Security Office Initiatives, programs and central solutions and ensure alignment with the divisional portfolios. Ensure effective and efficient communication, coordination and implementation of CISO IT Security requirements and decisions Are responsible for the adoption of centrally mandated Security Solutions and the maintenance of technical security documentation and compliance to security controls. Are the recognized expert in DB Information Security Policies and procedures and their implementation in relation to technologies. Proactively manages IT audits and plan (in co-operation with COO IT management) preparation and remediation. Ensure appropriate senior management awareness/oversight of follow-up on action items to resolve identified issues, e.g. information security reviews of vendors, audit issue resolution. Spearhead independent reviews of IT Security Controls, prioritise identified issues and assesses remediation actions for quality, considering the optimal cost-risk ratio as well the strategically optimal resolution (e.g. Information Security control evaluation and respective follow up activities). Verify remediation concepts for critical and systemic issues and monitors their execution according to plan and with quality. Partner with key stakeholders (Chief BISOs and IT management etc.) to act as mediator and subject matter expert for them on Information Technology Security topics. Ensure a common understanding of Information Technology Security risks and their implications for the Group and for their scope of responsibility. Your skills and experience Experience of 8-12 years in: Security considerations of cloud computingThey include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks. Identity and access management (IAM) the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources. Experience with and knowledge of: VB.NET, Java/J2EE, ColdFusion, API/web services, scripting languages and a relational database management system (RDBMS) such as MS SQL Server or Oracle. These are some of the technical elements needed to build security into an organization. ISO27001 specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organizations risk management Control Objectives for Information and Related Technologies (COBIT) Windows and UNIX environment. General Skills: Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background Ability to present and discuss information security related topics to senior committees, fora and groups, and drive decision making Ability to distinguish between noise and real issues, in particular when it comes to the impact of information security risk to the franchise Good understanding of (DB) Findings Management, Control Inventory and how we apply information technology solutions in this space; robust understanding of Anti-Financial Crime Functions in Corporate Banking. Ability to lead, mentor and influence without formal authority, in a complex multi-matrix organization Working with Global teams across multiple time zones Education/Certification Degree in Information Security or a comparable education How well support you

: Job TitleThreat Intelligence Analyst Corporate TitleAVP LocationPune, India Role Description As a Threat Intelligence A VP in the Threat Intelligence and Assessment function, you will play a critical role in safeguarding the organization from cyber threats. In this role, you will be responsible for identifying, assessing, and mitigating threats, you will provide mitigation recommendations in response to evolving threats. You will be required to analyse complex technical issues and develop bank specific solutions while collaborating with diverse teams and stakeholders. This role will also consist of delivering against projects and strategic initiatives to continuously enhance the banks capabilities in responding to threats. What well offer you , 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Pro-actively identify threats and track threat actors, TTPs, and ongoing campaigns to produce timely actionable intelligence. Produce threat assessments to support threat mitigation activities. Analyse multiple data/intelligence sources and sets to identify patterns of activity that could be attributed to threats and develop informed recommendations. Conduct analysis on files/binaries, packet captures, and supporting materials to extract relevant artifacts, observables, and IOCs. Proactively drive improvements of internal processes, procedures, and workflows. Participate in the testing and integration of new security monitoring tools. Meet strict deadlines to deliver high quality reports on threats, findings, and broader technical analysis. Take ownership for personal career development and management, seeking opportunities to develop personal capability and improve performance contribution. Develop and maintain relationships with internal stakeholders, external intelligence sharing communities. Your skills and experience 5+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and mitigation Strong operational background in intelligence related operations with experience in Open-Source Intelligence (OSINT) techniques Operational understanding of computing/networking (OSI Model or TCP/IP). Knowledge on the functions of security technologies such as IPS/IDS, Firewalls, EDR, etc A good or developing understanding of virtual environments and cloud (e.g., VSphere, Hypervisor, AWS, Azure, GCP) Demonstrated knowledge and keen interest in tracking prominent cyber threat actor groups, campaigns and TTPs in line with industry standards Knowledge of or demonstratable experience in working with intelligence lifecycle, intelligence requirements and Mitre ATT&CK Framework Non-Technical Experience Investigative and analytical problem solving skills Excellent verbal and written communication; to both technical and non-technical audiences. Self-motivated with ability to work with minimal supervision. Education and Certifications Preferred - Degree in computer science, networking, engineering, or other field associated with cyber, intelligence or analysis. Desired Experience or Certifications CISSP, CISM, GIAC, GCTI, GCIH, GCFE, GCFA, GREM, GNFA, Security+, CEH How well support you . . . . About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Key Skills: Informationcyber Security, Cyber Security, GDPR, OWASP, Credit Risk Strategy, Project Management, TCP/IP Roles and Responsibilities: Lead and manage cybersecurity risk engagements, including planning, execution, and delivery. Conduct assessments aligned with NIST CSF, ISO 27001/2, OWASP, and CIS Controls. Design and evaluate secure network, system, and application architectures. Manage and mentor cybersecurity team members to ensure quality and efficiency. Perform vulnerability assessments, penetration testing, and threat modeling. Implement and assess endpoint security, intrusion detection systems, and DLP solutions. Configure and secure infrastructure components (Windows, Unix/Linux, routers, switches, firewalls). Develop and maintain security documentation, reports, and risk registers. Conduct cloud platform security assessments (AWS, Azure, etc.). Collaborate with clients to develop cybersecurity policies, standards, and procedures. Stay abreast of emerging threats and industry trends to guide strategic decisions. Participate in disaster recovery and incident response planning and execution. Coordinate and communicate technical security risks and mitigations to non-technical stakeholders. Skills Required: 8+ years of experience in cybersecurity, information security, or related domains. Strong understanding of TCP/IP suite (TCP, SMTP, DNS, HTTP, etc.). Experience with enterprise security platforms (CrowdStrike, Exabeam, Carbon Black, etc.). Knowledge of risk assessment tools and vulnerability management solutions. Hands-on experience with firewalls, IDS/IPS, UBA/UEBA, VPNs, content filtering, and SIEMs. Familiarity with cloud security models and controls across AWS, Azure, or GCP. Exposure to technologies like Hadoop, Elastic, Kibana, Syslog, Kafka, MongoDB, Python, etc. Proven project management and multitasking capabilities in fast-paced environments. Excellent verbal and written communication skills, including technical reporting. Ability to travel regularly based on client requirements. Certifications (Preferred): Certified Ethical Hacker (CEH v9 or higher) Certified Information Systems Security Professional (CISSP) Offensive Security Certified Professional (OSCP) Additional Expectations: Demonstrate professionalism, confidentiality, and a client-first mindset. Flexibility to work irregular hours based on client needs. Ability to work independently and collaboratively in cross-functional teams. Strong analytical, troubleshooting, and documentation skills. Education: Bachelor's and/or Master's degree in Computer Science, Information Technology, Cybersecurity, or related field.

The Cyber Security role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Cyber Security domain.

The Cyber Security E2 role involves working with relevant technologies, ensuring smooth operations, and contributing to business objectives. Responsibilities include analysis, development, implementation, and troubleshooting within the Cyber Security E2 domain.

Essential knowledge• Have over 8+ years of rich experience in information security domain and at least 4-6 years of dedicated experience in Threat-hunting.• Proficiency in using threat intel platforms such as CybelAngel, ThreatConnect, Recorded Future, DarkTrace etc.• Proficiency in using SIEM and SOAR solutions.• Strong understanding of network protocols and security technologies.• Strong understanding of endpoint detection and response (EDR) tools.• Excellent analytical and problem-solving skills• Preferably worked in BFSI domain with proven experience in SOC function.• Knowledge of key security standards and regulations such as NIST 800-61, CERT/CC, ISO 27035 etc.Skills and Application• Maintaining up-to-date knowledge of security landscape, threats, attack patterns and counter measures• Assess and design threat-hunting processes through solutions, tools and methodologies• Reviewing use cases/playbooks for integrating threat-intel• Continuously monitor security hygiene and performance using tools and processes• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilienceOther• Knowledge of evolving advanced tech stacks and related control and risk universe from a threat-hunting perspective.• The ideal candidate will have a technical or computer science degree.• Professional certifications: GCIH, CISSP, CEH,etc.

Have over 12+ years of rich experience in information security domain and at least 8-10 years of dedicated experience in Cyber Security and resilience• Knowledge of cyber resilience frameworks (e.g., NIST CSF, ISO 27001)• Experience in defining and reporting metrics, KPIs and KRAs for cyber resilience.• Experience of managing enterprise Cyber Resilience and of direct and in-direct relationship with senior management.• Familiarity with advanced resilience solutions, risk, threat and security measures.• Knowledge across the Cyber Resilience domains including governance, control frameworks, policies, compliance management, risk management and incident response etc.• Comprehensive knowledge of regulatory and compliance requirements across various industries and how they influence the bank's Information Security strategy.• Having worked in BFSI domain with proven experience in Cyber Resilience.• Understanding of key security standards and regulations such as NIST 800-160, CERT/CC, PCI, ISO 27001:22• Sound knowledge of evolving advanced tech stacks and related control and risk universe from a cyber resilience perspective.• Sound knowledge and expertise in conducting risk assessment and management.• The candidate should have a technical or computer science degree.Preferred certifications : CISA, CCRF, CCRP

Job Title : Cybersecurity Test Engineer Location : Bangalore, India Experience : 4 to 8 Yrs About the Role : Looking for Cybersecurity Test Engineer who will be working closely with Hardware, Software and Systems engineering teams to deliver the next generation of Automotive SOC's. Ideal candidate is someone who has strong knowledge and hands on experience with Cybersecurity ISO 21434 standards. He/she should be able to Validate Cybersecurity features for Automotive SOC's and its applications. Responsibilities : - Perform penetration testing of SoC Automotive products. - Establish the Security goals and requirements. - Verification strategies in compliance with ISO 21434. - Develop test specifications, test cases, and test plans for security vulnerability testing. - Scan vulnerabilities with regards to CVSS levels and patch fixing from NIST database. - Perform code-level fuzz testing using open source tools. - Support documentation of test results and collaborate with the development team. - Participate in automating test process within CI/CD environments. - Setup and maintain traceability in compliance with Automotive SPICE requirements. - Experience in tools like OpenVAS, Nmap , wireshark, penetration testing for embedded systems. - Experience in Automotive domain is a must. - Practical experience performing TARA, security concepts and other Cybersecurity Artefacts mentioned in IS021434.

Management Level: 9-Team Lead/Consultant Must-have skills: Information Security Good to have skills: Knowledge of emerging technologies, cloud computing, and cybersecurity best practices. Job Summary : This role involves driving strategic initiatives, managing business transformations, and leveraging industry expertise to create value-driven solutions. Roles & Responsibilities: Develop and execute technology transformation strategies, oversee implementation projects, and optimize digital capabilities for business efficiency. The Practice- A Brief Sketch: The team helps clients achieve growth and efficiency through innovative R&D transformation, aimed at redefining business models using agile methodologies. As part of this high performing team, you will work closely with an ecosystem of partners to help accelerate resilience in the public cloud for fast, frictionless, scalable, proactive and cost effective cloud security. You will work on the following key areas: Business Problem Analysis :Identify and assess current state security capabilities and risk mitigation posture for our clients Technology-driven journey intersection :Define target state security capabilities and design security roadmap that includes cutting edge trends within Applications, APIs, and data Security Transformation: Apply best in class solutions to mitigate known risks and pre-empt unknown threats to safeguard data, networks, people and assets. High Performance Growth and Innovation :Assisting our clients to build the required capabilities for growth and innovation to sustain high performance. Bring your best skills forward to excel at the role: Develop technology solutions and value adding propositions to drive C-suite/senior leadership level discussions Demonstrate good analytical skills coupled with knowledge in cloud security to conduct analysis of present and anticipated threats; define policies, processes, and technology to address gaps Capitalize on in-depth understanding of security guiding principles, design recommendations and architecture, identity, and access management concepts Lead proof of concept and/or pilot implementations and define the plan to scale implementations across multiple technology domains Maximize subject matter expertise on security-led projects and play a key role in pitches where data-based RFP responses are discussed Contribute in presenting security strategy to clients, develop clients maturity in the use of data within various domains Demonstrate ability to work creatively and analytically in a problem-solving environment. Use knowledge of key value drivers of a business , how they impact the scope and approach of the engagement. Professional & Technical Skills: - Relevant experience in the required domain.- Strong analytical, problem-solving, and communication skills.- Ability to work in a fast-paced, dynamic environment. Additional Information: - Opportunity to work on innovative projects.- Career growth and leadership exposure.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: ForgeRock Identity Manager. Experience3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Microsoft Threat Protection. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: PingFederate. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Checkpoint Firewalls and VPN. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Experience in wide range of DLP services - MIP/AIP, DAR, Policy . DLP policy - design, development, maintenance and fine tuning. Good stakeholder engagement experience - involvement in multiple projects. Good understanding of data controls and risk assessment. Experience in implementation of case management tool for DLP tickets. DLP tool - McAfee, Symantec.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: OT/IOT Security Operations Centre (SOC). Experience1-3 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Fortinet Firewall. Experience1-3 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Symantec DLP. Experience3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Symantec DLP. Experience1-3 Years.