10 Dora Jobs

Hiring for International Technical Support Role. Any Graduates /UG with 1 year of International Technical Experience can apply. Salary- Up to 7.5LPA Shifts-Rotational Location-Pune *IMMEDIATE JOINERS ONLY* Contact-Janhvi 8055979395

Job Purpose (overall high-level summary of the role) Build and lead global relationships for Cybersecurity (sitting within the wider IT organization), representing WPB IT and WPB Cyber interests within the context of transformational and service uplift from central and federated functions. As a senior Cybersecurity SME for WPB, promote the principles of secure development and ensure effective coverage for all Cybersecurity services consumed. The Senior Cyber SME is, among many other things, responsible for the following key activities: Coordinate and manage the relationship between the central Cybersecurity leadership teams, WPB IT leadership and WBP CISO; reporting to WPB IT CISO. Provide specialist technical and process knowledge to influence support and manage the direction of cyber tooling, processes and practices into WPB IT and engineering teams. Lead the Information Security agenda within the central cyber control owners, including driving business/functional stakeholder engagement to ensure delivery of security programmes, tooling, and initiatives. Develop and maintain strong relationships with the cyber control owners and Heads of cybersecurity functions to ensure optimum synergy and collaboration between them WPB IT. Monitor and engage with cyber control owners, heads of cyber practices and central programme managers to shape and represent WPB IT in order to ensure that deliveries align with WPB IT interests and strategic direction. Promote the development and rollout of security tools and processes that aligns with WPB IT engineering strategies and ensure that group security scanning and orchestration tools can be adopted and used within WPB IT s CI/CD pipeline and engineering teams. Work with service line and value stream CIOs and their representatives to ensure that cyber assurance actions, vulnerability remediation and KCI compliance receives the right level of attention and support, and to escalate and highlight blockers if required. Guide the service lines/value streams CIOs and their representatives with respect to compliance with relevant security policies, standards, and governance, including challenging the risk profile, appetite, and control effectiveness, coordinating with embedded WPB Cyber SMEs, Risk Champions, and central Cyber teams required to ensure overall WPB IT operation within appetite. With specific focus ensure that control and risk metrics and related responsibilities for cyber assurance activities, vulnerability, and secure development practices & tooling, third party security reviews are monitored, actioned, and understood by WPB CIOs and their delegates. Ensure that WPB IT and Cyber priorities are communicated to cyber control owners and central cyber functions. Facilitate ongoing cybersecurity awareness within the Service Line to strengthen the responsible culture. Lead Annual Assurance activities (Pen Test & TMA) for WPB and provide oversight responsibility for TPSR Organization structure Reports to the WPB IT CISO Principal Accountabilities: key activities and decision-making areas Typical Targets and Measures Impact on the Business/Function Protect the Bank. Lead Security embedding within WPB IT together with the WPB CISO, owning the relationship with cybersecurity control owners and heads of cyber functions. Uses technical expertise and experience to enable WPB IT and Cybersecurity to develop implementable designs, solutions and operational plans to ensure compliant security is enforced. Leads and drives this change through effective communication, preparation, and implementation. Driving sustainable growth. Drive efficiencies in the SDL through secure from start development, SecDevOps and minimal iterative issue-remediation. Ensure that evolving technologies are embraced with appropriate mitigation controls and contingency planning. Achieving excellence. Promote the understanding of risk in the context of security in order to align WPB security practices with business risk appetite and strategic objectives. Generate an environment in which innovation is supported by security in the working practices. Measures benefits over the short, medium, and long term. Demonstrates a comprehensive WPB IT view when developing solutions. Executes ideas and innovation that are original but remain aligned to business objectives and cybersecurity principles and plans. Customers / Stakeholders Customer focus. Lead a customer-centered culture, championing activities encouraging outstanding customer advocacy. Proactively seek opportunities to utilize strong Cybersecurity principles to improve availability and ensure privacy for customers. Strengthening stakeholder relationships. Enhance key relationships, using rapport-building expertise and appropriate influencing to add value beyond the initial scope, increasing stakeholder advocacy. Maintain key relationships to include technology and business heads across WPB and Cybersecurity along with other GB/GF/R counterparts across the globe. Understanding markets and customers Cultivate strong relationships with organizationally important global and/or high value stakeholders with a tailored approach. Deliver fair outcomes for our customers and ensure own conduct maintains the orderly and transparent operation of financial markets. Promotes the most appropriate security solution even if there are short term additional costs. Demonstrates sensitivity to the realities and concerns of their stakeholders' situation. Analyses and interprets the evolving security threat landscape. Uses innovation to address the needs of customers and stakeholders (building trust). Leadership & Teamwork Drive the development and communication of a clear vision for secure development and maintenance in WPB IT which is aligned to the overall HSBC and Cybersecurity strategy, values and goals in order to inspire and engage people to create an inclusive, high performing, customer-centered culture. Lead, develop and motivate adoption of and compliance with the cybersecurity principles across the lifecycle in the PODs, XFTs, and service Lines / value streams within WPB IT. Lead and encourage constructive teamwork within value streams by demonstrating collaboration and matrix management in action and taking prompt action to address any activities and behaviors that are not consistent with HSBC's diversity policy and/or the best interests of the business and its customers. Monitors complex dependencies and respond accordingly to ensure on-going delivery to local and WPB IT goals. Translates the required course of action into a clear and realistic vision. Develops international solutions that are beneficial for the Service Line across its geographies and its customers. Identifies and builds relationships with key contacts and influencers Effectively translates coaching requirements to WPB IT s overall performance requirements. Operational Effectiveness & Control: Lead the continuing development, implementation and improvement of the security processes, understanding of risk and controls, and capabilities needed to deliver agreed plans and targets. Collaborate with control owners and WPB leadership to maximize end-to-end integration, effectiveness, and efficiency. Establish and maintain a robust and efficient control environment across the lifecycle to ensure good operational, financial and project management and compliance with HSBC policy and procedures, together with early identification and effective resolution or escalation of issues that arise. Lead the implementation and oversight of the Cyber Risk standards and governance frameworks, process and procedures, including adaptation of documentation, to ensure relevance to WPB operations, effective risk management and regulatory compliance. Creates an environment which anticipates risk, ensuring action is taken to quantify and mitigate them. . Coordinate with central cyber teams, 2LOD and control owners to ensure that WPB specific requirements and ways of working are integral to adopted Cyber Policies, Processes, and tooling. Implement IT best practices in risk policies and governance frameworks in areas across WPB IT. Management of Risk (Operational Risk / FIM requirements) The Senior Cyber SME will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation. The Senior Cyber SME will also continually reassess the Cybersecurity and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology. This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department. Observation of Internal Controls (Compliance Policy / FIM requirements) Maintains HSBC internal control standards vis- -vis cybersecurity operations, including coordination and resolution planning of internal and external audit points together with any issues raised by external regulators. The Senior Cyber SME will also manage and coordinate the implementation of new internal control and risk -related metrics relating to cyber and secure development practices (KCIs, KRIs, and GRAS). This will be achieved by service line / value stream adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified Cybersecurity risks. Escalation to CIOs and CISO when required for prompt addressing to relevant risk forum, such as WPB IT Cyber Working Groups, RCMMs to mention some examples. Local Job Requirements (This could include; Job Dimensions, Job Context & Major Challenges) Budget & people. This is a cross-functional and Senior Cyber SME role which supports and represents WPB IT interests against central cyber and group IT initiatives. This is achieved though and with the support of a large number of CIO delegates (risk champions), embedded cyber-SMEs, pod leads and ITSOs within WPB IT. It will secure applications leveraging right tools and processes enabled by Cybersecurity. The indirect headcount which will be supported by this role would be more than 150-200 staff. Relationships. Key relationships include ownership of the relationship with Cybersecurity control owners and Heads of Cybersecurity Functions and extends to peers across other Global Businesses, Global Functions and Regions up to MD levels in HSBC, including relationships with auditors, regulators and external security forums. This may also include external relationships with TPEMs and potentially vendors, focusing on security support to the WPB IT. Regulatory & Risk Management. Working closely with WPB IT Value Streams and governance counterparts (such as 2LOD, RR and CCO), build strong relationships with internal and external stakeholders (risk, audit, government agencies, industry forums etc) to understand the IT/Information Security risk profile, monitor compliance with policies and standards, and identify and address WPB IT specific requirements. Strategic input. Providing influence and input to ensure alignment between Cybersecurity and Central Cyber Functions and Leadership to represent and ensure WPB IT strategic outcomes and business goals. Uses technical knowledge and experience to solve complex problems, and propose implementable solutions, to deliver ongoing improvements in line with business strategy. Certifications, Qualifications & Experience (For the Job not the Job holder. Minimum requirements of the Job) Good understanding of WPB businesses and general understanding of the bank s businesses and differentiating factors between retail, wholesale, and investment banking A fair understanding of laws and regulations with an emphasis on regulations, rules and standards with global or boarder regional impact (e.g. GDPR, PCI DSS, DORA, HIPAA, etc.) Formal education with a post-graduate degree in IT, Information Security, Risk Management, Business Management or other relevant areas 10+ years of experience in Information Security Management and Cybersecurity High level of personal drive and motivation to ensure delivery of a broad range of outputs simultaneously across WPB IT and HSBC Technology Extensive Programme Management experience and analytical skills. Proven ability to articulate complex issues concisely and in simple language to support problem analysis. Strong knowledge of the external environment regulatory, political, competitors etc. Outstanding relationship management, collaboration and influencing skills. Strong attention to detail and business writing skills and to be able to challenge and shape submissions. Outstanding communication and interpersonal skills with the ability to produce clear and concise reports and communications to senior internal and external stakeholders. Excellent stakeholder management skills with a proven ability to build and maintain strong relationships and communicate on complex issues with a wide spectrum of stakeholders. Proven abilities in working across cultures. Familiarity with Information Security Control and Risk Frameworks (e.g., NIST, ISO 27001, COBIT, etc.) Strong familiarity with and competence in application security tools in general and with specific focus on security tooling used in secure development (e.g., SAST, DAST, MAST, FOSS), threat modelling and risk management. Certifications, Qualifications & Experience (For the Job not the Job holder. Minimum requirements of the Job) Familiarity with security controls around technologies such as cloud, mobile, social, open-banking, etc. Familiarity with OWASP, Cloud, and SANS guidelines on application-security. Experience in supporting Agile and DevOps methodologies. Experience in lifecycle management across the CI/CD pipeline Excellent understanding of banking and security in context of wider industry trends and direction

Hiring for SR. Advisor 1, Technical Support Graduate with 1 year of documented technical experience Location:- Pune Shifts:- Rotational shifts, rotational week offs Both the ways cab facility Contact :- 9158110345 Joell Required Candidate profile Skills:- Looking out for someone who has sound knowledge of DNS, DHCP, AD, O365and Exchange servers. Should have excellent Communication Looking for Immediate joiner Contact:- 9158110345 Joell

Tech Support International Voice Profile 1+ Yrs exp (on paper) Upto- 8LPA Gurgaon Immediate Joiner Skill-Tech Support,DNS,DHCP,0365,Troubleshoot,Networking,ActiveDirectory,Window mansikohliimaginator@gmail.com Required Candidate profile Skill-Technical Support ,DNS ,DHCP, 0365, Troubleshoot, Networking, Active Directory, Window, Dora, Appipa, Configuration, LAN, WAN, Window Server, International Voice , service Desk.

Technical Support Executive||Virtual Interview 1 Yrs in international Technical support SAL Max 8.4(30% hike on last Package) Gurugram NP- 0-25 days Troubleshooting, ticketing, service now, service desk, DNS, DHCP, APIPA, DORA, active directory Required Candidate profile Drop Profiles @sourav.imaginators@gmail.com 8448454147

About the Role: The Lead Third-Party Risk Analyst will serve as a trusted advisor for internal UKG business stakeholders and will be responsible for identifying, assessing, and mitigating risks related to third-party relationships and services. Risks include information security, privacy, financial, business resiliency, and more. The role demands an organized, action-oriented team player with the ability to prioritize daily work and support on multiple initiatives simultaneously; strong communication and customer focus is required. Supports the Third-Party Risk Management program, providing support to Business Partners and Procurement department during vendor selection and contract negotiation processes. Identifies risks with prospective services and products and works with Business Partners to factor the risk into the vendor selection process. Works to gain process efficiencies and performs monthly analysis on team metrics. Supports the Third-Party Risk Management team in daily operations. Periodically reassesses Third Parties based on risk and/or a material change in the utilization of that Third Party Identifies third parties for ongoing monitoring to ensure reviews are performed in a timely manner. Assesses risk associated with third-party partner and vendor relationships, focusing on the third partys ability to demonstrate existence of information security controls, privacy controls and ability to support critical business functions of the company. Advises Business Partners on appropriate implementation of information security and privacy controls for new third-party services, leveraging a combination of these controls and the Third Partys security and privacy programs to maintain UKGs information security and privacy posture. Partners with Procurement and Legal departments during contractual negotiations to provide consultation on security and privacy clauses included in third party agreements. Identifies risks associated with a Third Party and tracks those risks as necessary for future assessment. Administers the companys Vendor Risk Management (VRM) platform which supports the Third-Party Risk program. Responsibilities include access management, configuration changes and report generation. About You: Basic Qualifications: 5-7 years of related work experience in third-party risk, information security governance, enterprise risk, and/or related functions (such as IT audit and IT risk management). 5-7 years of experience providing input into third party contract agreements from an information security and privacy perspective. BS/BA degree in Enterprise Risk Management, Information Security, Computer Information Systems/Management Information Systems or related discipline or equivalent experience. Experience administering Process Unity VRM tool or similar platform. Proficiency in comprehending the dynamics of third-party relationships, including vendors, partners, suppliers, and contractors. Knowledge of the risks associated with external entities that interact with an organizations systems or process confidential information. Ability to assess risks across various dimensions (such as information security, privacy, business continuity, financial, etc.). Understanding of data privacy and cybersecurity regulations (such as GDPR, CCPA, DORA, etc.) Knowledge of business continuity planning and disaster recovery and ability to evaluate third-party capabilities in maintaining business resiliency. Knowledge of security practices in cloud environments (such as data encryption, access controls, and compliance with regulations). Familiarity with Software as a Service (SaaS) and potential risks. Experience with information security management frameworks such as AT101 SOC 2, ISO, ITIL, COBIT, NIST to include development of policies, process, and procedures within the environment. Preferred Qualifications: Excellent verbal and written communication skills to effectively communicate with employees, vendors, third-party partners, customers, business partners, and all levels of management. Experience supporting regulatory and compliance programs (such as HIPAA, PCI, MA 201 CMR 17, FedRAMP). Experience designing and implementing controls within corporate networks to include computer/network security and operating systems such as UNIX, Linux, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection (firewalls). Knowledge of risks associated with GenAI. Experience leveraging Enterprise Risk Management and Issues Management applications in LogicGate platform. CISA, CISM, CRISC, CISSP, CTPRP, or similar security certification.

Key Accountabilities & Responsibilities: Ensure data accuracy, consistency, and integrity in all reports and dashboards- ensure VAIT/DORA compliance. Analyse large volumes of data to identify trends, patterns, and insights relevant to project. Develop and maintain automated reporting systems to streamline data presentation. Collaborate with stakeholders to understand reporting needs and adjust analytics. accordingly. Create data visualizations to effectively communicate key findings and project performance metrics. Support project decision-making by providing actionable insights based on data analysis. Continuously identify opportunities for improvement in data processes and reporting. Thorough experience in one of the below areas IT Security UAM Network Encryption methodologies Expertise with O365 is welcomed Key Competencies & Skills required Technical Skills: Proficiency in English (German is a plus) Thorough knowledge of VAIT/DORA regulations and IT security requirements 3+ years of experience in regulatory reporting (Basel, BaFin, KNF, GSI, ESMA) excellent analytical, documentation and organization skills multiyear experience in creating and redesigning IT processes and key controls Strong track record of delivering regulatory projects in a large, complex environment, in a global Finance/Insurance or regulated industry (5-7+ years) strong management skills including project management, business analysis, security requirements analysis, financial management, change management and facilitation excellent project planning, budget, scoping, costing, and scheduling ability board level presentation skills ability to drive a mixture of functional and geographic workstreams and co-ordinate step change delivery to the business in a unified way experience in managing distributed teams and able to work in a matrix setup proactivity, ownership and can-do

Key Accountabilities & Responsibilities: Manages, creates, iterates, and maintains technical and data architectures. Accounts and drives a high-quality technical system design and development which supports system performance, at optimal operational cost under the circumstances of flexibility and future change. Technical Architects needed to support and participate in high-level and detail design and configuration sessions and workshops with SME's, Architects, and partners for ERGO central IT and Legal Entities; produce Technical Design Documents, Technical Guidance Documents, and integration Specification Documents; work with product owners to support the functional design and configuration of DORA solution in the relevant technology area (such as, Network Security, User Access Management (UAM), Cyber Threat Intelligence (CTI), IT Security Landscape, Logging and Monitoring); conduct technical training, handover, and knowledge transfer sessions; liaise with the Project Manager on project status, issues, and remaining effort on deliverables. Job Description Develops technical architecture blueprints and patterns to ensure efficient usage of technical solutions Supports the implementation of the blueprints and patterns in line with quality guidelines Maintains Tech Roadmaps and Stacks incl. Lifecycle in LeanIX Re-architect Apps to take advantage of Platform-as-a-Service (PaaS) and Container-as-a-Service (CaaS) capabilities Defines high-level technical models and supports preparing business cases in alignment with the IT security and quality guidelines Supports creation of technology strategies to optimize use of technology resources related to IT platforms Takes the role of solution architect in technical projects Thorough experience in one of the below areas: IT Security UAM Network Encryption methodologies Minimum requirements needed for the project: Proficiency with various architectures, including Regulatory, Cloud, Enterprise, Security, IAM, PAM, IDP, and SaaS, as well as methodologies. Strong understanding of customer support processes and infrastructure. Excellent instincts and ability to interface seamlessly with senior-level executives. Exceptional communication, interpersonal, and writing skills. Deep passion for customer service and its transformative potential Strong organizational skills with the ability to multitask effectively when required. Capable of delivering consulting services both onsite and remotely. SLG3 requirements needed for the project: Min. 5 years of experience in system, technical, security

Role Description In this role, you will be accountable for driving Information Security (Kyndryl, DXC and Google) for Tier 1 Vendors within Group Technology. This entails ensuring Vendor partners adhere to Deutsche Bank policies, framework and all contractual obligations including SLAs around the IS domain. You will be responsible for maintaining complete governance, oversight, and risk management related to Information Security domain and you will be expected to be an SME in different tech stacks across Technology Infrastructure including Mainframe with deep understanding of security tooling to manage IS processes and controls. You will oversee and own complete responsibility to ensure all contracted obligations are met by these vendor partners on all accounts related to IS domain. In addition, you will be accountable to drive end-to-end risk management life cycle for IS related topics for these vendor partners and this will include ownership for audit remediation where gaps are identified on topics such as Identity Access Management, Security Monitoring, Security Tooling, VAPT, CBVA, gaps against minimum control requirements originating from DB policies/ISRV (Information Security Risk for Vendors). Lastly, 100% adherence to vendor control risk framework and cloud control frame from IS perspective. Your key responsibilities Vendor compliance to Deutsche Bank policies, 3rd party risk management framework including contractual obligations around IS controls Conducting/facilitating in depth security assessments of existing vendors such as Google, DXC and Kyndryl and ensuring that vendor partners are using DB security tools and comply to DB requirements Conducting Platform security reviews, information security state monitoring, managing vendor SLA compliance as per contractual obligations related to security policies and standards Remain accountable ensuring end-to-end risk management across different IS risk types for inscope vendors Maintaining comprehensive vendor risk register and track remediation efforts Providing SME guidance and support to vendors on improving their security posture Staying informed about the latest security threats and trends affecting third-party services Conduct regular reviews and audits of vendor security practices Report on vendor security performance to senior management Actively partner with the delivery, Tech operations and infrastructure teams to deliver operational excellence Internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for the Company's information and technology systems Present assessment results and options to the DB stakeholder and discuss steps for resolution Own and remediate audit findings/risk remediation efforts that related information security domain Your skills and experience Minimum 10-15 yrs of versatile experience in the information security domain with 2 years of being in the similar or larger role Proven experience and knowledge in information security with deep understanding of different technologies including Cloud operating framework SME on security frameworks and standards such as ISO 27001, DORA, NIST, GDPR etc Excellent problem-solving and analytical skills Relevant certifications such as CISSP, CISM, or CISA are preferred Analytical skills to evaluate risks and control processes Strong communication skills both verbal (incl. presentation skills) or written and Ability to operating complex operating environment and managing senior stakeholders

Must have hands-on experience conducting assessments and providing implementation support for Global directives and regulations, such as NIS2, DORA, and UAE SIA/NESA. Must have a strong understanding of risk and be able to analyze and evaluate different risk scenarios. Required knowledge of Information Security and Privacy Management Systems. Conduct information security risk assessments based on industry standards (SOC2, NIST, ISO 27001, ISO 27017 & ISO 27018) Hands-on knowledge of auditing servers, network devices, endpoints, and other critical systems. Must be well-versed in system hardening guidelines and must be able to review hardening controls in given systems. Write and deliver reports detailing your findings and associated recommendations for information security program development to help the client meet security and compliance standards. Execute consulting engagements working on-site with the client. Achieve high levels of client satisfaction on all engagements by achieving client expectations set by engagement leaders and project managers. Develop strong customer relationships and trust to secure future business. Bachelor's degree in computer science, information technology, or a related field. Minimum 8 years full-time work experience in Information Security out of which at least 5 years in auditing and risk management domain Professionalism, problem-solving, customer-facing and handling skills, time management, written and verbal communication, presentation skills, active listening, flexibility Working knowledge of risk and security frameworks, standards, and best practices. Strong analytical and problem-solving skills, with the ability to think critically and strategically about security issues Ability to work independently and effectively manage multiple projects and priorities CISA/CRISC Certified. Ability to think holistically and identify areas of technical and non-technical risk. Proficient with MS Office (word, excel, PowerPoint) and experience writing technical reports Flexibility to travel ranges from 30-40%