34 Cybersecurity Principles Jobs - Page 2

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Technology Transformation Risk Manager, you will play a pivotal role in ensuring that technology transformations within the organization are carried out with a comprehensive understanding and management of the associated risks. Your responsibilities will include identifying, evaluating, and mitigating risks related to technology change initiatives, ensuring alignment with the company's risk appetite and compliance with relevant regulations and standards. You will lead risk assessments for technology transformation projects such as cloud migrations, system implementations, and digital innovations. Additionally, you will develop and maintain a risk management framework tailored to technology transformations, integrating industry best practices and regulatory requirements. Collaboration with project teams to identify potential risks early in the transformation lifecycle and recommend mitigation strategies will be key. You will monitor the effectiveness of risk mitigation plans, adjust them as necessary to address emerging risks and changes in the project scope, and facilitate risk workshops and training sessions to promote a proactive risk management culture among technology and business teams. Furthermore, you will liaise with internal and external stakeholders, including auditors, regulators, and third-party vendors, to ensure comprehensive risk coverage. Providing regular reporting to senior management on the risk profile of technology transformation initiatives, including key risk indicators and status of mitigation efforts, will be part of your role. To qualify for this role, you must have a Bachelor's or Master's degree in Information Technology, Computer Science, Risk Management, or a related field, along with a minimum of 5 years of experience in technology risk management, focusing on transformation projects. Strong understanding of IT governance frameworks, cybersecurity principles, and data privacy regulations is required. Desired experience in Internal controls within SAP ECC/S4 Applications and professional certifications such as CRISC, CISM, CISSP, or equivalent are highly desirable. You are expected to have strong exposure to client-facing roles, collaborate with cross-functional teams, and possess excellent communication, documentation, and report writing skills. Stay abreast of emerging technologies, industry trends, and regulatory changes that may impact the risk landscape of technology transformations, and support the continuous improvement of risk management policies, procedures, and tools.,

As a Product Security and QA Lead at Aptiv, you will play a crucial role in driving security and quality assurance initiatives for edge AI applications. Your primary responsibility will be to ensure that our edge computing solutions meet the highest standards of security, reliability, and performance. By leading cross-functional teams, you will establish robust security frameworks and quality processes specifically tailored for AI applications deployed at the edge. In terms of security leadership, you will be responsible for designing and implementing comprehensive security frameworks for edge AI applications. This includes ensuring secure model deployment, data protection, and device authentication. You will conduct threat assessments specific to edge AI environments, identify vulnerabilities in AI models, edge devices, and communication channels, and establish security testing protocols such as penetration testing, vulnerability assessments, and adversarial AI testing. Compliance management will also be a key aspect of your role, as you ensure adherence to industry standards and emerging AI governance frameworks, including ISO 27001, NIST, GDPR, and CCPA. Additionally, you will implement privacy-preserving techniques for edge AI, such as federated learning, differential privacy, and secure multi-party computation. In terms of quality assurance leadership, you will develop and execute comprehensive QA strategies for edge AI products, including model validation, performance testing, and reliability assessment. You will create detailed test plans covering functional, performance, security, and AI-specific testing scenarios, and lead and mentor QA engineers, security analysts, and test automation specialists. Establishing KPIs and metrics for product quality, security posture, and AI application/model performance will be essential, along with continuously optimizing testing processes and methodologies for edge AI applications. Your background should include a Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related field, along with 10+ years of experience in product security and/or QA leadership roles, with at least 3 years specifically in AI/ML or edge computing. Deep understanding of cybersecurity principles, threat modeling, security testing methodologies, machine learning algorithms, model training, inference, AI system architectures, edge computing platforms, IoT devices, distributed AI systems, programming proficiency in Python, C/C++, and scripting languages, experience with security testing tools, AI frameworks, cloud platforms, and testing frameworks will be crucial for success in this role. Join Aptiv to be part of an inclusive work environment that fosters growth and development for all individuals, regardless of gender, ethnicity, or beliefs. Make an impact by contributing to a safer world with zero fatalities, zero injuries, and zero accidents. Benefit from resources and support for your family, physical, and mental health, including competitive health insurance. Enjoy hybrid and flexible working hours, higher education opportunities, life and accident insurance, Sodexo cards, well-being programs, EAP Employee Assistance, access to fitness clubs, and creche facilities for working parents. Apply today to be a part of shaping tomorrow at Aptiv!,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Technology Transformation Risk Senior, you will play a pivotal role in ensuring that technology transformations within the organization are carried out with a comprehensive understanding and management of the associated risks. You will assist in identifying, assessing, and mitigating risks associated with significant technology changes, such as system upgrades, cloud migrations, and the introduction of new digital tools and platforms. Your role will ensure that technology advancements are implemented securely and in compliance with the company's risk management policies. Key responsibilities: - Assist in conducting risk assessments for technology transformation projects, identifying potential risks and vulnerabilities. - Support the development and implementation of risk mitigation strategies to address identified risks. - Collaborate with project teams to ensure risk considerations are integrated throughout the project lifecycle. - Monitor and report on the status of risk mitigation activities, providing updates to the Technology Transformation Risk Manager and other stakeholders. - Participate in the creation and maintenance of risk documentation, including risk registers, reports, and dashboards. - Contribute to the development of risk management policies, procedures, and training materials. - Engage with internal and external stakeholders to communicate risk findings and recommendations. - Stay informed about emerging technology trends, threats, and regulatory requirements that may impact the risk landscape. - Support the Technology Transformation Risk Manager in fostering a culture of risk awareness and proactive risk management within the organization. To qualify for the role, you must have a Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field, along with a minimum of 3 years of experience in technology risk management, with a focus on transformation projects. A strong understanding of IT governance frameworks, cybersecurity principles, and data privacy regulations is required. Desired experience includes internal controls within SAP ECC/S4 Applications, professional certifications such as CRISC, CISM, CISSP, or equivalent are highly desirable, and exposure working in client-facing roles with cross-functional teams. EY exists to build a better working world, helping to create long-term value for clients, people, and society, and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As a Technology Transformation Risk Senior at EY, you will be instrumental in ensuring that technology transformations are executed with a thorough understanding and management of associated risks. Your role will involve identifying, assessing, and mitigating risks related to significant technology changes like system upgrades, cloud migrations, and the implementation of new digital tools. By adhering to the company's risk management policies, you will guarantee the secure and compliant implementation of technological advancements. Key Responsibilities: - Conduct risk assessments for technology transformation projects to identify potential risks and vulnerabilities. - Assist in developing and executing risk mitigation strategies to address identified risks. - Collaborate with project teams to incorporate risk considerations throughout the project lifecycle. - Monitor and communicate the status of risk mitigation activities to the Technology Transformation Risk Manager and other stakeholders. - Contribute to the preparation and upkeep of risk documentation, including risk registers, reports, and dashboards. - Participate in the formulation of risk management policies, procedures, and training materials. - Engage with internal and external stakeholders to convey risk findings and recommendations. - Stay abreast of emerging technology trends, threats, and regulatory requirements that could impact the risk landscape. - Support the Technology Transformation Risk Manager in cultivating a culture of risk awareness and proactive risk management within the organization. Qualifications: - Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field. - At least 3 years of experience in technology risk management, particularly in transformation projects. - Profound knowledge of IT governance frameworks (e.g., COBIT, ITIL), cybersecurity principles, and data privacy regulations (e.g., GDPR, CCPA). - Preferred experience in Internal controls within SAP ECC/S4 Applications, IT application controls, IT general controls, and interface controls. - Professional certifications such as CRISC, CISM, CISSP, or equivalent are highly advantageous. - Demonstrated exposure to client-facing roles and collaboration with cross-functional teams including internal audits, IT security, and business stakeholders to evaluate control effectiveness and facilitate remediation activities. - Excellent communication, documentation, and report writing skills. Join EY to craft a fulfilling career and contribute to building a better working world for all.,

As a Security Analyst/Engineer, you will be responsible for supporting the security operations of the organization by assisting in the monitoring, detection, and response to security incidents. This role offers a blend of security analysis and engineering tasks, providing a progression from foundational knowledge to more advanced responsibilities, enabling you to contribute significantly to the organization's cybersecurity efforts. You will be involved in various key responsibilities, including security monitoring and analysis. This involves monitoring security events and alerts from sources such as SIEM, IDS/IPS, antivirus systems, and endpoint detection platforms. Additionally, you will conduct initial analysis of security events, collaborate with senior analysts to investigate and respond to security incidents like malware infections, phishing attempts, and unauthorized access. In incident response activities, you will provide technical assistance during security incidents for containment, eradication, and recovery efforts. You will also document incident response procedures, develop post-incident reports, and implement proactive measures to enhance incident detection and response capabilities, such as developing playbooks for common attack scenarios. Supporting the vulnerability management process will be part of your responsibilities, including assisting in vulnerability scanning, assessment, and remediation efforts. You will help prioritize and track the resolution of identified vulnerabilities, collaborate with system owners and IT teams for timely patching and mitigation, and conduct security assessments and penetration tests to identify weaknesses in systems, applications, and network infrastructure. Furthermore, you will assist in the administration and configuration of security tools and technologies, participate in evaluating and testing new security technologies, optimize the configuration and tuning of security tools, and recommend enhancements based on industry best practices and organizational requirements. You will also support security awareness and training initiatives by assisting in the development of educational materials and delivering security awareness briefings to staff. The ideal candidate should have a Bachelor's degree in computer science, Information Security, or related field, along with 3-5 years of experience in a cybersecurity role. Strong understanding of cybersecurity principles, proficiency in security tools and technologies, excellent analytical and problem-solving skills, effective communication, and stakeholder management abilities are essential. Certifications such as CompTIA Security+, CEH, or equivalent are a plus. Demonstrated experience in conducting security analysis, incident response, and vulnerability management in a complex environment, hands-on experience with security tool optimization, security assessments, and penetration testing, as well as a proven track record of incident response efforts are desired qualifications for this role. This position offers a valuable opportunity for career growth and development in the field of cybersecurity, with the possibility to progress into more specialized roles such as Senior Security Analyst, Incident Responder, or Security Engineer. Continued learning and professional certifications will be encouraged to enhance skills and knowledge in the cybersecurity domain. Joining the global cyber security team at Carmeuse will provide you with the opportunity to contribute to the organization's digitalization strategy while ensuring security. Working with a team of regional senior security managers and cyber architects, you will be involved in security design, delivery, and operations to safeguard Carmeuse's digital IT & OT footprint, participating in innovative initiatives to strengthen operations. Reporting to Victor Alexandrescu, the leader of the team, you will benefit from his extensive experience and practical knowledge. Victor's management style focuses on efficiency, continuous improvement, and proactive problem-solving, aiming to optimize processes and enhance team performance. The organization offers a permanent contract, flexible working hours, home working policy, competitive salary package and benefits, growth opportunities, strong HR and training policy, and work-life balance. The recruitment process includes steps such as resume and cover letter analysis by Georges Mensah-Boateng, a first "Teams" interview with personality questionnaires, a second interview with Victor Alexandrescu and Aurelie Mordant, and a final interview with Stavros Georgakopoulos, Rusty Gavin, and Eugene Marchenko to assess your suitability for the role.,

Why Were Looking for an Intern: As part of our ongoing efforts to strengthen the culture of security awareness, we are in the process of developing a dedicated Intranet library to cater this requirement. Given the need to embed cybersecurity best practices and guidelines in this site, we see this as an excellent opportunity to bring in a motivated intern who can: Assist in the design and development of the SharePoint intranet site. Learn and grow under the guidance of our global cybersecurity team. Get to know about cybersecurity domains and operations.

Evaluate the cyber security functionalities of product and improve the security posture. Work for fulfilling security compliance requirements for the products. Perform Threat modeling/ Security assessment for products Perform product hardening, to allow only necessary function for products operation. Cybersecurity functionality verification on control system components Participate in Vulnerability handling of the products competencies Good understanding of cybersecurity principles like cyber security architecture, defense in depth, default deny, least privilege, compartmentalization, privileged initiation, AAA, etc. Good understanding of cyber security controls like; IDS/IPS (host and network), hardening, security policies, Malware Protection, Filtering, NGFW, etc. Knowledge in Networking, patch management. Hands on Experience with protocols like HTTP, HTTPS, SSL, SSH, ICMP, DHCP, L2TP, PPTP, DNS, SNMP, RDP, and NTP. Windows and Virtual Machine Administration. Experience with Security tools like NMAP, Nessus, Wireshark, etc. Certifications like MCP/MCITP/MCSE/CEH/CISSP are advantage. Knowledge on security standards like IEC 62443, ISO 27001. Knowledge on protocols like IEC 61850, Goose, Modbus is an added advantage. ,

Position Overview: We are seeking a motivated and detail-oriented Junior Vulnerability Management Analyst to join our cybersecurity team. The role focuses on identifying, analysing, and assisting in the remediation of infrastructure vulnerabilities using tools like PingCastle and Qualys SCA. This is an excellent opportunity for individuals looking to grow their expertise in cybersecurity and vulnerability management. Key Responsibilities Vulnerability Scanning & Analysis: Conduct vulnerability scans using PingCastle and Qualys SCA to identify risks in Active Directory and infrastructure systems. Analyze scan results, validate findings, and prioritize vulnerabilities based on risk levels. Monitor scan performance, troubleshoot issues, and report anomalies to senior analysts. Remediation Support : Collaborate with IT Operation Teams to track remediation efforts and ensure timely resolution of identified vulnerabilities. Provide recommendations for configuration hardening based on findings. Reporting & Documentation: Generate detailed vulnerability reports and dashboards for internal stakeholders. Maintain accurate records of vulnerabilities, remediation timelines, and compliance status. Policy & Compliance: Assist in reviewing security policies and ensuring adherence to industry standards like CIS benchmarks. Support compliance efforts by aligning vulnerability management practices with organizational goals.Soft Skills: Strong analytical skills with attention to detail. Effective communication skills for technical reporting and collaboration with cross-functional teams. Eagerness to learn new tools and adapt to evolving cybersecurity challenges.Desirable Skills: Experience with patch management processes. Familiarity with compliance frameworks (e.g., ISO 27001, NIST). QualificationsQualifications & Skills Technical Skills: Foundational understanding of cybersecurity principles, vulnerability management, and risk mitigation. Familiarity with tools like PingCastle, Qualys SCA, or similar vulnerability assessment platforms. Basic knowledge of Active Directory security and IT infrastructure components (e.g., servers, networks).Education & Experience: Bachelors degree in Cybersecurity, Information Technology, or a related field (or equivalent experience) 0-3 years of experience in cybersecurity or IT operations.

Job Summary: We are looking for a highly skilled IT Solution Architect to lead the design and implementation of end-to-end technical solutions that align with business objectives. The ideal candidate will have deep experience across application architecture, systems integration, cloud platforms, infrastructure, data, and security. As a trusted advisor to both technical and business stakeholders, you will play a critical role in defining scalable, secure, and high-performance architectures that support digital transformation and innovation. Key Responsibilities: Translate business requirements into well-architected technical solutions that are secure, scalable, and maintainable. Define and document solution architectures across multiple domains: application, integration, data, infrastructure, cloud, and security . Collaborate with stakeholders, including product owners, developers, and operations teams to ensure technical alignment. Evaluate and recommend tools, frameworks, platforms, and integration patterns that support business objectives. Ensure architecture adheres to enterprise standards, compliance, and governance frameworks. Lead architecture reviews, design workshops, and technical decision-making sessions. Provide technical leadership and mentoring to development teams during project execution. Stay current with emerging technologies and trends to continuously evolve the technology roadmap. Identify and mitigate risks related to solution architecture, including security vulnerabilities, performance bottlenecks, and scalability challenges. Qualifications: Bachelors or Masters degree in computer science, Information Technology, or related field. 10+ years of experience in IT, with at least 5 years in a solution architecture or technical leadership role. Strong understanding of enterprise IT landscapes , including cloud (Azure, AWS, Oracle or GCP), application development, DevOps, databases, and middleware. Good exposure to Oracle EBS and Fusion Applications. Hands-on experience with modern architecture styles such as Microservices, Event-Driven Architecture, Serverless, and API-led integration. Proficiency in architectural modeling (UML, ArchiMate, or similar) and documentation frameworks. Solid grasp of cybersecurity principles, data privacy, identity management , and system resilience. Strong communication skills with the ability to present complex ideas to both technical and non-technical audiences. Experience with Agile methodologies and DevOps practices is a plus.