410 Gdpr Jobs - Page 10

Job Description At Oracle Cloud Infrastructure (OCI) we build the future of the cloud for Enterprises. We act with the speed and attitude of a start-up along with the scale and customer focus of the leading enterprise software company in the world. About the team: The Enterprise Engineering SRE team is tasked with ensuring the security and compliance of internal systems by conducting regular audits, identifying potential gaps in existing standards and proactively improving the organization's overall security posture. The team plays a critical role in safeguarding the integrity, confidentiality and availability of all systems while driving risk management initiatives across departments including disaster recovery planning and execution. We are also responsible for liaising with various internal teams during audits, ensuring data sharing is concise, accurate and aligned for successful audit outcomes. Ideally, the candidate will possess several of the following skills: Supports the strengthening of Oracles security posture, focusing on one or more of the following: regulatory compliance; risk management; incident management and response; security policy development and enforcement; Threat and Vulnerability Management; Incident Management and response and similar focus areas. Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, CMMC, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. Conduct and document very complex information security risk assessments and assist in the creation and implementation of security solutions and programs Cloud Security: In-dept knowledge of cloud security principles and best practices, including securing cloud infrastructure, services, and applications in platforms, OCI experience is a plus Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required Incident Management and response: Brings advanced level skills to respond to security events and responding in line with Oracle incident response playbooks to mitigate vulnerabilities Mentors and trains other team members Compiles information and reports for management Qualifications: Bachelors degree in computer science, Information Security, or a related field. Master's degree preferred 8+ years of experience in information systems, business operations, or related fields, 3+ years of experience in security operations, with a focus on incident detection, response, and vulnerability remediation Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are preferred Solid understanding of networking protocols, operating systems (Linux, Windows), MiddleTier, Database, cloud computing and end point computing management Excellent communication skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders Proven leadership abilities with experience leading security projects and initiatives independently Experience with security tools such as SIEM platforms, intrusion detection/prevention systems, and endpoint security solutions Ability to work independently and collaboratively in a fast-paced environment Strong analytical and problem-solving skills with a keen attention to detail Career Level - IC4 Responsibilities Oversee and manage internal audit processes to ensure adherence to security and compliance standards Act as the primary liaison between internal teams, facilitating effective communication and collaboration to ensure audits are completed efficiently and accurately Assess the effectiveness of security controls and ensure auditing requirements are clearly documented, defined and communicated to necessary teams Ensure the timely and accurate sharing of data across departments to support successful audit outcomes Continuously assess and enhance the organizations security posture by addressing any identified weaknesses Lead and manage departmental risk management programs, ensuring alignment with broader organizational risk mitigation strategies Facilitate and drive disaster recovery (DR) planning and preparedness across departments to minimize operational disruptions in case of incidents Collaborate with cross-functional teams to establish and maintain robust security policies and procedures, ensuring alignment with industry best practices Make recommendations and provide guidance/consultation regarding process improvements necessary for remediating internal control gaps. Engage with required teams to close the gap Develop and maintain cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary Develop, implement, and maintain industry best practices and regulatory security policies, procedures, and system standards (servers, databases, endpoints, and application design) Engagement in cloud security technologies and protocols, including cloud security architecture, identity and access management, and data protection Write stakeholder reports to explain the assessment, audit results, and recommendations. Create and provide metrics for cybersecurity leadership. Brief executive leadership on compliance matters

SUMMARY Job Role: Senior Product Owner with Security Expertise Location: PAN INDIA Years of Experience : 10+ Years Any project-specific Prerequisite skills (Must have) Seeking a Senior Product Owner with a strong background in security, requiring over 6 years of experience as a Product Owner and a total of 10+ years’ experience. Detailed JD * Collaborate with cross-functional teams to understand client and team requirements Communicate project status and challenges with team members Engage with external stakeholders and Product Owners to analyze and incorporate feedback into the service/function provided Prioritize product backlog items based on business value, time required, and creation order Evaluate opportunities and potential risks associated with suggestions Advocate the benefits of recommendations and address any uncertainties Support staff and teams in implementing changes and resolving issues Draft user stories based on requirements Coordinate with developers to ensure clear understanding of project requirements Assist development team in understanding business aspects Develop and maintain deep understanding of security architecture and secure software development practices Implement security solutions, including data security, compliance, and incident response Utilize security frameworks and tools such as OAuth, SAML, OpenID Connect, JWT, and LDAP Work with cloud security services like AWS IAM, Azure AD, and Google Cloud IAM, with preference for AWS experience, including AWS Cognito and AVP Implement methodologies and tools like DevSecOps, CICD, SRE, and security testing tools (e.g. OWASP ZAP, Burp Suite, SonarQube) Ensure compliance with security standards and regulations (e.g. GDPR, HIPAA, PCIDSS) Requirements Requirements: Proven experience as a Product Owner with a focus on security Strong understanding of security architecture and secure software development practices Experience with cloud security services, such as AWS IAM, Azure AD, and Google Cloud IAM Familiarity with security frameworks and tools, including OAuth, SAML, OpenID Connect, JWT, and LDAP Knowledge of security compliance standards and regulations, such as GDPR, HIPAA, and PCIDSS Experience with DevSecOps, CICD, SRE, and security testing tools (e.g. OWASP ZAP, Burp Suite, SonarQube)

Job Description .FLEXCUBE Product Knowledge , J2EE Based Technologies and Oracle database experience Good Knowledge in Oracle SQL, PL/SQL, Java/J2EE, SOAP and REST based Webservices. Knowledge of Java Script, HTML Knowledge of Junit, JMeter, Eclipse, GIT, Jira, Ant, Unix Shell scripting Knowledge of DEVOPS, Microservices, Docker, Kubernetes is an advantage Exposure to Application servers WebLogic, Tomcat, JBOSS.. Exposure to middleware concepts JMS, MQ, OSB Exposure to Security concepts PKI, SSO, SAML Good Knowledge of Config, Design & Dev. Good understanding of container deployment and cloud technology Sound knowledge on SDLC - Waterfall and Agile Models Experience in Design / Code reviews Experience in Managed Services, Post Implementation Services, exposure to Production Application Management and ITIL / ITSM / DEVOPS / CI/CD areas. Exposure to working on Mission critical systems and having SLA's, performance KPI's as well as RTO / RTO as well as the Regulatory and security and Data hosting, access, confidentiality, non-repudiation as well as Data Residency as well as PDPR / GDPR and other such governance rules as outlined by Govt, Central Bank Regulator compliance needs. Prior team lead or manager experience. Undergraduate degree or equivalent experience. Broad product, technology or industry expertise. Ability to craft and articulate strategic solutions. In-depth knowledge of implementation methodologies and standard processes. Knowledge of competitive & partner products, technology and solutions. Ability to travel as needed. Operates independently to provide quality work products to an engagement. Performs varied and complex duties and tasks that need independent judgment, in order to implement Oracle products and technology to meet customer needs. Applies Oracle methodology, company procedures, and leading practices. Demonstrates expertise to deliver functional and technical solutions on moderately complex customer engagements. May act as the team lead on projects. Effectively consults with management of customer organizations. Participates in business development activities. Develops and configures detailed solutions for moderately complex projects. Career Level - IC4 Responsibilities Exercises judgment and intuition for business in selecting methods and techniques to design non-routine and complex business solutions applying Oracle products and technology to meet customer needs. Influences customer leadership in acceptance of Oracle solutions and services to facilitate the closing of consulting deals. Supplies to statements of work, work breakdown structures and/or level of effort and staff plans. Presents and demonstrates solutions to customers. Builds and maintains a network and up-to-date specific industry or product knowledge. Responsible for transitioning deal knowledge to implementation team. Leads the domain specific solution design aspects of engagement(s) ensuring high quality and integrated business solutions. Anticipates project risks and suggest risk mitigation to project manager. Resolves complex customer issues by recommending solutions. Demonstrates expertise in multiple business processes across two or more product families or ability to architect and design technology solutions encompassing multiple products. Software Development & Delivery Product Implementation & Support. Should be able to work independently Alignment to Oracle internal processes Working closely with other developers, designers, business and systems analysts Working with coatomer and partners for delivery of Oracle Work. Ability to lead managed services Project or Production Support for FLEXCUBE Experience in client co-ordination and team management that includes working as SPC at client location Prior experience in Consulting & Product Support in Retail/corporate Banking space Experience in FLEXCUBE Support and managing team. Experience in tracking Production incidents and provide response as per the Severity. Diversity and Inclusion: An Oracle career can span industries, roles, Countries and cultures, giving you the opportunity to flourish in new roles and innovate, while blending work life in. Oracle has thrived through 40+ years of change by innovating and operating with integrity while delivering for the top companies in almost every industry. In order to nurture the talent that makes this happen, we are committed to an inclusive culture that celebrates and values diverse insights and perspectives, a workforce that inspires thought leadership and innovation. Oracle offers a highly competitive suite of Employee Benefits designed on the principles of parity, consistency, and affordability. The overall package includes certain core elements such as Medical, Life Insurance, access to Retirement Planning, and much more. We also encourage our employees to engage in the culture of giving back to the communities where we live and do business. At Oracle, we believe that innovation starts with diversity and inclusion and to create the future we need talent from various backgrounds, perspectives, and abilities. We ensure that individuals with disabilities are provided reasonable accommodation to successfully participate in the job application, interview process, and in potential roles. to perform crucial job functions. Thats why were committed to creating a workforce where all individuals can do their best work. Its when everyones voice is heard and valued that were inspired to go beyond whats been done before.

Job Description Oracle Customer Success Services is a One Oracle approach to ensuring customer success, through a broad set of services and solutions that are supported by certified and experienced implementers, helping to accelerate the entire customer journey. Customer Success Services provides a customer-centric delivery and support-integrated service, in conjunction with Oracle Development. As a sophisticated database support engineer of customer success service organization, you will be responsible to deliver support and services on database, engineered systems and cloud technologies to our premium customers. The support and services covers the entire life cycle of the product starting from architecture design, implementation, optimization, maintenance etc. The role involves working with the customers and ensure they get the best out of our products. Career Level - IC4 Responsibilities Design and architect high-performance, scalable database systems leveraging Oracle Exadata platforms. Lead Exadata infrastructure planning, configuration, and administration in coordination with platform and infrastructure teams. Develop and implement data replication, disaster recovery, and business continuity strategies using Oracle GoldenGate and Data Guard. Analyze, troubleshoot, and tune complex SQL queries, procedures, and database components for maximum performance. Work closely with application teams to optimize data access layers and improve overall application throughput. Define and implement database governance, standards, and best practices. Participate in architectural reviews, design sessions, and project planning discussions. Lead database migration projects, including platform upgrades, consolidation, and cloud transitions. Ensure data security, compliance, and auditing across all environments in line with regulatory requirements (e.g., GDPR, HIPAA, SOX). Develop and maintain technical documentation, including architecture diagrams, SOPs, runbooks, and operational procedures. Collaborate with DevOps teams to integrate database solutions into CI/CD pipelines and automate repetitive tasks. Mentor junior team members, provide technical leadership, and guide project teams on database-related decisions

About the role: The global Identity Access Management team is passionately serving our stakeholders while evolving best practices. As an Identity Access Analyst , you have a pivotal operational role to provide and deprovision system access. You have an equally crucial role to partner collectively with stakeholders to mature, streamline, and automate Identity and Access Management procedures for Blackbaud. What you’ll do Ensure appropriate Control through timely removal of unnecessary or inappropriate system access? Expediently provision approved access, often utilizing evolving Role Based Access Controls (RBAC), for Blackbaud systems to prevent excessive permissions and rights. ?? Proactively expand approved RBAC roles through analysis, recommendation and adoption/rollout. Analyze and resolve access issues, coordinating with system owners or technical support resources as necessary. Participate in ongoing audits and assessments, and assist with implementation of audit or compliance recommendations? Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support? Identify , evaluate and recommend opportunities to eliminate, streamline, and automate access management practices. Partner with colleagues including application owners, cloud engineers, cyber security SMEs, etc. to effectively execute improvements based on expected value. Generate reports to perform in-depth analysis and data collection for issues associated with IAM? What you’ll bring 2 years of experience in Identity or Access Management?? Tireless adherence and attention to appropriate IT general computing controls? Ability to understand, work with and where appropriate leverage various technologies including PowerShell , ServiceNow, SailPoint's Identity-Now, Active Directory, EntraID , Salesforce, Workday, etc. Practical experience with SCA, ITIL, COBIT, NIST and/or other security and control frameworks? Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube ? Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

The Senior Manager of Information Security (External Role Description Application / Product Security Architect) will report to the Chief Information Security Officer. As a leader in the Information Security organization, this role will lead the task of refining, managing and executing strategic product/application security roadmap that is based on industry standard software security frameworks. You will plan, implement and track key initiatives focused on product / application security strategy, metrics, compliance, policy, developer awareness, training and stakeholder engagement. You will work closely with multiple teams that make up Information Security, Product Management, Engineering, Legal, Risk and Compliance to improve product / application security controls and drive impactful change to the team and its members. Responsibilities: Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas. Lead a team of high performing individuals who create remediation plans, perform security reviews, and recommend security solutions to meet current and future needs for HMH products and applications. Drive the development and implementation of product and application standard security review processes that result in effective methods for reducing security risks before product releases. Demonstrate an ability to influence all project and portfolio stakeholders; communicate relevant security information to both executive leaders and individual contributors in an effective manner. Accountable for all aspects of staff management, hiring, coaching, training, performance reviews and recommending pay actions and promotions for the Security Engineering team Provide input into the Information Security strategy to ensure that future security investments are aligned appropriately when considering key priorities such as business requirements, industry threat landscape, and risk appetite of HMH. Collaborate closely with the Architecture teams Demonstrated experience handling the demand/supply of project and program resources and tracking allocation. Track policy exceptions and remediation dates through active engagement with development teams and operations teams. Partner with Audit teams to periodically audit controls and secure coding practices being followed by development teams. Staying abreast of latest cyber security threats both internal and external Oversee projects, program delivery, daily monitoring, response; review of cloud infrastructure, physical infrastructure, and the full life cycle of alerts through incident response; and the threat landscape to ensure ongoing and continued maturity of the organization's security controls in addition to service support Drive operational efficiency and excellence leveraging tools, process and automation with appropriate and transparency visibility and metrics that can meet SLAs/SLOs Support and implement controls and visibility to meet third party attestations (SOC2, ISO27001, GDPR, SOX) Balance being collaborative, open, and approachable while still being firm on security policies and in facilitating progress and compromise What you should have: 5 to 6+ years hands-on experience in application security utilizing SAST, DAST, IAST, RASP and WAF. 5+ years of application engineering, architecture or development management experience Proficient analyzing ambiguous problems, compelling communicator with the ability to receive and analyze information, translating security risk to business risk to driving actionable decisions across multiple levels and departments Experience in leading application security remediation work, leading the mitigation initiative to accommodate the developer community priority. Proficient experience with common web application attack vectors and related mitigation strategies that translate to controls within the organization You are highly organized. With many people doing many things in a fast-moving company, strong organizational skillsboth for yourself and for the teamwill be required

The SuccessFactors Administrator will contribute to the administration of our SuccessFactors installation and serve as a System Administrator and resource for our rapidly growing team. This includes deployment activities, configuration, installation, and ongoing improvements on the platform. The individual in this role will work closely with other IT teams, business and functional leaders, and subject matter experts to ensure all project activities are performed to a high degree of quality, meets practice and standards expectations, and ensures delivery in a timely fashion. A blend of technical and problem-solving skills and value-to-business mindset would be an advantage for this role. Essential Duties and Responsibilities: Manage the SuccessFactors application and support 5000+ users from multiple business functions across HMH Ensure application deployments and administration follows controls process Act as a liaison between the technical and functional teams, business functions, and vendors to drive project implementations, deployments, and upgrades Identify process and/or business issues that may arise with the implementation of a solution and recommend process improvements to address those issues Project activities will involve deployment responsibilities for the SuccessFactors platform, along with support for the associated HR team Participate in Agile squads and ensure related the deployment activities follows controls process Certify all user access and changes every quarter Maintain a holistic view of all business system processes and users, to understand functional impacts with regards to configuration, process, workflow and reporting Contribute to ongoing improvements in the value delivered by the IT HR team Adhere to quality standards, pertinent regulatory requirements, and to departmental policies, practices and procedures Address tech debt and make sure we define and enforce process to keep the platform aligned to best practice and standards Perform all other related duties as assigned Competencies: 3+ years of SuccessFactors administration experience Ability to manage integrations across multiple systems that involve bi-directional data sync, API call limitations, bug fixes etc. Experience in the compensation and performance modules. Familiarity with Testing frameworks and design patterns Experience in an Agile organization Excellent communication and interpersonal skills Ability to work cohesively in a team environment Ability to use business acumen to develop solutions to functional and technical issues and be results driven In-depth application troubleshooting skills Understanding of regulations applicable to IT applications (GxP, SOX, GDPR) Ability to provide feedback to manager, peers and team members Creative and analytical thinker with strong problem-solving skills A strong sense of customer service, with proven experience in a similar role In depth application troubleshooting skills. Good to have experience in ADP but not mandatory.

The impact you will have in this role: In this role, you will be responsible for the functional and technical design of business systems; integration of business services & information security; driving industry-specific best practices & standards; understanding regulatory compliance needs; coordinating test planning & execution; providing leadership to AD teams and acting as technology liaison to all IT areas within DTCC, to the business partners, and to the industry. Leading projects, teams, code reviews are required to be able to lead by example. Your Primary Responsibilities: As an expert solutions engineer and senior software engineer, mission is to help lead our team of innovators and technologists toward crafting next-generation solutions that improve the way our business is run. Taking part in the development and deployment of Cyberark solution. Create and enforce Cyberark PAM policies and procedures, ensuring adherence to industry best practices and regulatory requirements. Develop and manage the PAM roadmap, including technology upgrades, new features, and integrations. Manage and maintain the CyberArk PAM platform, including Privileged Session Manager (PSM), Central Policy Manager (CPM), Password Vault Web Access (PVWA), and Vault. Defines and factors in performance, scalability, availability, resiliency, security, maintainability, support, testing and cost requirements when making technology selection and application design decisions. Define approaches for modernizing legacy applications including migration to public or private cloud infrastructure. Own the engineering design practices of our software development organization. Lead design reviews session. Collaborate with Infrastructure and Solution Architecture to choose efficient hosting environment. Focus on industry practices such as lose coupling of applications, standardization, APIs, reusability, concepts of isolation, extensibility, extendibility, and consistency of solutions while proposing and reviewing architectures. Identify and solve for non-functional requirements for the platform consumers. Ensures solutions adhere to security policies and standards of firm and industry. Conduct POCs for tools as seen fit for the area. **NOTE: The Primary Responsibilities of this role are not limited to the details above. ** Qualifications: Minimum of 10+ years of experience in Information Security with at least 5 years in Privileged Access Management Bachelors degree in Computer Science, Information Systems or a related field and/or equivalent experience Talents Needed for Success: Extensive experience with CyberArk PAM platform, including PSM, CPM, PVWA, and Vault. Ability to understand architectural diagrams and design Advanced understanding of privileged user life cycle management and controls around privileged access. Experience with AWS, Azure, and/or GCP IAM and PAM concepts Experience with troubleshooting issues with PAM solutions and applications. Sound understanding of regulatory requirements and standards such as GDPR, FISMA, PCI, HIPAA, SOX, FICA, etc Ability to guide teams through sophisticated issues and drive resolution for issues that arise within sophisticated and high-risk applications Ability to effectively translate technical information between vendors, IT management and other internal and external IT teams Ability to work with all levels of management to define requirements associated with PAM services, incorporating security standard processes.

Key Responsibilities: Lead implementation of privacy policies and compliance frameworks. Conduct and oversee PIAs, TIAs, and maintain RoPA. Manage data mapping, architecture documentation, and privacy controls. Develop and maintain privacy templates and related documentation. Drive small automation initiatives to support privacy operations. Collaborate with cross-functional teams across legal, IT, and business units. Preferred Qualifications: Deep understanding of global privacy regulations (e.g., GDPR, CCPA). Hands-on experience with Microsoft O365 automation tools. Strong documentation, analytical, and communication skills.

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply

GRC Lead will manage and strengthen our Governance, Risk, and Compliance (GRC) initiatives for Managed Security Services (MSS) within the Telecom sector. The GRC Lead will be responsible for ensuring that the services we provide to our telecom clients adhere to industry standards, regulatory requirements, and robust risk management practices. This individual will play a key role in aligning our security services with client business objectives, improving our security posture, and ensuring compliance with telecom-specific regulations and frameworks. You have: 7+ years of experience in Governance, Risk, and Compliance (GRC), with at least 3 years in telecom or Managed Security Services (MSS) with a degree in Telecommunication Engineering, Computer Science, Information Security, or a related field (B.E/B.Tech/M.E/M.Tech/MCA). Expertise in telecom-specific security technologiesFirewalls, IDS/IPS, SIEM, encryption, access management, and incident response platforms. Experience working with security and compliance frameworksISO 27001, NIST CSF, PCI-DSS, GDPR, NIST SP 800-53, ETSI EN 303 645, also telecom infrastructure, including MPLS, 5G, IoT, and SDN/NFV. Familiarity with GRC tools such as RSA Archer, ServiceNow GRC, or MetricStream. Experience in telecom risk management processes, regulatory assessments, and vendor risk governance. It would be nice if you also had: Industry certifications such as CISM, CISA, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer, TOGAF, or ITIL. Experience in stakeholder management, including executive communication, regulatory liaison, and conflict resolution with auditors or vendors. Strong analytical, negotiation, and project management skills in a cross-functional, multicultural telecom environment. Provide security governance leadership tailored to telecom networks, including mobile, 5G, SDN/NFV, and MPLS environments. Lead risk assessment, threat modeling, and management activities for telecom networks and emerging technologies like IoT and cloud. Ensure compliance with global and local telecom regulatory requirements (e.g., TRAI, DoT, GDPR, FCC, ETSI) through audits, reviews, and reporting. Manage and maintain telecom-specific security policies, technical and administrative controls, and compliance frameworks (ISO 27001, NIST, PCI-DSS). Act as the prime security and compliance interface towards customers, internal teams, auditors, subcontractors, and third-party suppliers. Develop and maintain a risk register, tracking treatment plans and mitigation strategies across client environments. Provide proactive consultation and guidance to customers regarding security best practices and compliance requirements. Oversee incident and crisis response activities to minimize business impact and regulatory exposure, ensuring adherence to notification guidelines. Ensure vendor security due diligence, contract compliance, and ongoing third-party risk monitoring within the telecom supply chain.

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Required education Bachelor's Degree Preferred education Doctorate Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Job Role: IT Infrastructure Security Engineer . Location: Bangalore. Notice Period: Immediate to 30 days. Responsible for designing, implementing, and maintaining security measures to protect an organizations IT infrastructure. This role involves securing networks, servers, cloud environments, and other critical IT systems against cyber threats. The engineer works closely with IT, security, and compliance teams to ensure a robust security posture and adherence to industry standards. Key Responsibilities Infrastructure Security & Compliance Design and implement security controls to protect IT infrastructure, including servers, networks, databases, and cloud environments. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses and recommend mitigation strategies. Ensure compliance with industry standards such as ISO 27001, NIST, CIS, GDPR, HIPAA, PCI-DSS, and SOC 2 . Develop and enforce security policies, procedures, and best practices for IT infrastructure. Monitor system logs, network traffic, and security alerts to detect and respond to threats in real-time. Network & Cloud Security Secure on-premises and cloud environments (AWS, Azure, Google Cloud) using security best practices. Implement firewalls, IDS/IPS, VPNs, and Zero Trust architectures to safeguard enterprise networks. Configure and manage endpoint security solutions, SIEM, EDR, XDR , and other security tools. Implement identity and access management (IAM) solutions, including privileged access management (PAM). Incident Response & Threat Management Investigate and respond to security incidents, breaches, and anomalies in coordination with SOC teams. Develop incident response plans (IRP) and lead forensic analysis for security events. Work closely with security operations teams to automate threat detection and response processes. Security Automation & Infrastructure Hardening Use Infrastructure as Code (IaC) to automate security configurations (e.g., Terraform, Ansible). Implement patch management, vulnerability management, and endpoint security policies . Secure containers and Kubernetes environments in DevOps pipelines. Harden operating systems (Windows, Linux) and cloud environments against cyber threats. Collaboration & Continuous Improvement Provide security training and awareness to IT teams. Collaborate with DevOps, IT, and compliance teams to integrate security in CI/CD pipelines. Stay up to date with emerging cyber threats and recommend new security technologies. Qualifications & Skills Technical Skills Strong knowledge of network security, cloud security, and endpoint security . Experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and encryption . Hands-on experience with AWS Security, Azure Security Center, Google Cloud Security, and IAM solutions . Familiarity with scripting and automation (Python, Bash, PowerShell). Expertise in Active Directory (AD), Zero Trust security, and PKI . Knowledge of compliance frameworks like ISO 27001, NIST, CIS, GDPR, PCI-DSS . Soft Skills Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Ability to work under pressure and manage multiple security tasks. Detail-oriented with a proactive security mindset. Certifications (Preferred but Not Mandatory) CEH (Certified Ethical Hacker) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Certifications CISSP (Certified Information Systems Security Professional) Work Environment & Tools Security tools: Wazuh SIEM, Splunk, Palo Alto, Fortinet, CrowdStrike, SentinelOne, Qualys, Tenable, Nessus Cloud platforms: AWS, Azure, Google Cloud . Operating systems: Windows, Linux, macOS . Automation: Python, Terraform, Ansible, PowerShell.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:SailPoint IIQ Development:Design, develop, and configure SailPoint IIQ solutions based on business requirements.Develop and implement custom workflows, rules, and tasks using SailPoint IdentityIQ.Integrate SailPoint IIQ with other enterprise systems such as Active Directory, LDAP, and SAP for seamless identity management.Should be expertise in access reviewIdentity Governance and Compliance:Implement access control policies, role-based access management (RBAC), and entitlement management within SailPoint IIQ.Develop automated provisioning and de-provisioning processes for users across systems.Ensure compliance with relevant regulatory requirements (e.g., SOX, GDPR) and audit policies through the SailPoint IIQ platform.System Integration:Integrate SailPoint IIQ with existing enterprise systems (e.g., directories, databases, and applications) to automate identity lifecycle management.Work with other teams (e.g., systems administrators, security) to ensure integration with Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other IAM technologies.Troubleshooting and Support:Provide ongoing support and troubleshooting for the SailPoint IIQ platform.Address and resolve any technical issues related to identity provisioning, de-provisioning, and access requests.Testing and Deployment:Test and validate SailPoint IIQ configurations, customizations, and integrations.Assist in the deployment of SailPoint IIQ applications and configurations into production environments.Ensure that systems are properly tested for security vulnerabilities, performance, and reliability.Documentation and Reporting:Develop and maintain technical documentation, including design specifications, implementation guides, and troubleshooting procedures.Provide regular status reports on development, implementation progress, and any identified issues to management and stakeholders.Collaboration:Collaborate with business analysts, project managers, and other developers to understand requirements and ensure successful implementation of identity management solutions.Participate in code reviews and ensure adherence to coding best practices and security standards.Continuous Improvement:Stay up to date with the latest SailPoint IIQ features, releases, and best practices.Suggest and implement improvements in processes, workflows, and system designs to improve efficiency and security. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of cloud security architecture Experience with implementing security controls in cloud environments Knowledge of industry security standards and best practices Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-mplement, configure, and manage PAM solutions such as CyberArk or BeyondTrust to ensure privileged access is secure, auditable, and compliant with regulatory standards.Work closely with IT, DevOps, and security teams to design and integrate secure access control systems into existing IT infrastructure.Perform security assessments and identify potential vulnerabilities in privileged accounts, systems, and services.Develop and enforce policies for privileged account management, password rotation, and access control.Monitor the activity of privileged accounts to detect any unusual or unauthorized behavior, escalating issues when necessary.Work with auditing teams to ensure compliance with security regulations and standards (e.g., NIST, PCI-DSS, GDPR).Provide guidance and support to the organization regarding security best practices for privileged access.Develop and maintain detailed documentation on the configuration, deployment, and operational procedures for PAM solutions.Participate in incident response efforts, identifying, containing, and mitigating security incidents involving privileged accounts.Stay current on emerging security threats and PAM technologies, applying this knowledge to enhance the organization's security posture. Professional & Technical Skills: Must To Have Skills: Proficiency in CyberArk Privileged Identity Access Management Strong understanding of cloud security principles Experience in designing and implementing security solutions Knowledge of security compliance standards Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in CyberArk Privileged Identity Access Management This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Role Overview: A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR , ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 . Regulatory Compliance Monitoring : Ensure the technology department complies with relevant laws and regulations, such as GDPR , ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement : Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. Regularly review and update policies. 3. Risk Management : Assess risks related to technology operations, particularly data privacy and cybersecurity risks. Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. Conduct regular audits and reviews of IT systems. 4. Training & Awareness : Educate and train technology teams and other employees on compliance-related matters. Promote awareness of compliance issues 5. Audit & Reporting : Prepare reports for management, regulators, or auditors Coordinate internal and external audits. Implement corrective actions where necessary. 6. Data Privacy Management 7. Incident Management : Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. To Apply - Asthha - 6367203420 / asthha@jobsflix.in

Digital banking security and digital banking products , risk . Key requirements: PCI DSS, GDPR, DPSC, Application Security test and VAPT etc contact HR- 8855045944

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your day will involve strategizing and implementing robust security measures to safeguard critical data and systems. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Develop and implement security solutions to protect the organization's sensitive information. Conduct security assessments and audits to identify vulnerabilities and recommend solutions. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization. Stay updated on the latest security trends and technologies to proactively address potential threats. Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Strong understanding of identity and access management principles. Experience with cloud security technologies and best practices. Knowledge of regulatory compliance requirements such as GDPR and HIPAA. Hands-on experience in designing and implementing security controls. Good To Have Skills: CISSP certification. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ. This position is based at our Pune office. A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualifications BE or MCA or MSc with Good Computer Science Background with good academic record.

Job Title- Associate Location- Pune, Bangalore India About DWS Group DWS Group (DWS) is one of the world's leading asset managers with EUR 700bn of assets under management (as of 31 March 2020). Building on more than 60 years of experience and a reputation for excellence in Germany and across Europe, DWS has come to be recognized by clients globally as a trusted source for integrated investment solutions, stability, and innovation across a full spectrum of investment disciplines. We offer individuals and institutions access to our strong investment capabilities across all major asset classes and solutions aligned to growth trends. Our diverse expertise in Active, Passive and Alternatives asset management as well as our deep environmental, social and governance focus –complement each other when creating targeted solutions for our clients. Our expertise and on-the-ground-knowledge of our economists, research analysts and investment professionals are brought together in one consistent global CIO View, which guides our investment approach strategically. DWS wants to innovate and shape the future of investing: with approximately 3,500 employees in offices all over the world, we are local while being one global team. We are investors –entrusted to build the best foundation for our clients’ future. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy. Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities This role will support India DCO office with activities as outlined below: Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the newly established Independent Testing Team Assess end to end business processes to identify significant gaps and determine issue root causes. Partners with business units to perform control evaluations, monitoring and testing efforts within Compliance and Operation Risk Framework to identify control gaps as well as opportunities for effectiveness and efficiency improvements. These assessments will include coverage for other regulatory programs including SOX Apply critical thinking skills to substantive testing techniques to thoroughly evaluate the effectiveness of high-risk business processes. Assess and monitor risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices. Collaborate with cross-functional teams and stakeholders to support control design and effectiveness. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Your preferred skills and experience Bachelor's degree in information security or related field required, with a preference towards master's degree. Demonstrated ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices Strong and progressive Auditing or Control Testing experience with current knowledge and understanding of Control testing methodology. Experience developing test scripts, audit programs, or testing templates. 6+ years in information security management and governance, with a focus on control design and testing Detailed experience in ISO 27001, GDPR, COBIT, KAIT, BAIT, etc. and other cyber security frameworks Good to have Certifications: CRISC, CISSP, CISM, CISA, ISO 27001 Lead Implementer/ Auditor Should possess strong communication skills (written/ spoken) Should be skilled to work with minimal supervision. Strong analytical and strategic mindset along with the ability to collaborate with different stakeholders including top management representatives. How we’ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm

Skills : Varonis ,Varonis tool including DAT vantage, IT Security, Active Directory, Domain & Identity Management, Remediation approaches(RBAC, Nesting, Audit), GDPR, PII, Required Candidate profile Notice Period: Not Available Education: Not Available

Key highlights of the role are listed below (purely indicative and not limiting): Develop and execute a comprehensive information security strategy, aligned with the organizations goals, to protect sensitive data and systems from cyber threats. Collaborate with senior management to integrate security best practices into the organization's overall strategy and operations. Oversee the development and implementation of risk management frameworks, including business continuity and disaster recovery plans. Identify, assess, and mitigate cybersecurity risks across all organizational levels. Establish and maintain the company’s cybersecurity policies, standards, and procedures. Ensure the organization’s cybersecurity practices comply with regulatory and local data protection laws Manage the company’s security posture, including risk assessments, audits, and compliance initiatives Conduct regular risk assessments to identify potential security gaps and implement corrective actions Define and enforce a risk management framework to address emerging threats and vulnerabilities. Managing and monitoring SOC and drive cyber security related projects. Conduct and complete an annual review of required PCIDSS, ISO 27001 regulations and certification. Conducting risk assessment and security reviews of new applications and initiatives and recommendation to mitigate risk. Ensuring that periodic tests are conducted to evaluate the adequacy and effectiveness of technical security control measures, especially after each significant change to the IT applications/ systems/ networks as well as after any major incident Ensuring regulatory and non-regulatory compliance on IT Governance and Cyber Security within stipulated timelines Develop Information security awareness training and education program. Lead internal and external cybersecurity audits, reviews, and compliance reporting, while conducting security committee meetings and liaising with internal and external auditors on matters related to information security. Ensure personnel only have access to the sensitive information for which they have appropriate authority and clearance. Ensure controlsin place against unauthorized access to workstations and related equipment. Set the access and authorization controls for everyday operations as well as emergency procedures for data. Implement automated and continuous monitoring of security incidents. Respond to cyber incidents in a timely manner. Implement Cyber capability index to identify cyber maturity and reporting the cyber health to regulators. Work closely with the legal and compliance teams to ensure adherence to industry regulations and standards. Stay up-to-date with the latest security trends, threats, and regulatory changes and adjust the security program accordingly. Applicants should possess the following attributes: Extensive experience in information security leadership roles, with a proven track record of strategic planning and execution. Deep understanding of regulatory standards and frameworks, including PCIDSS, ISO 27001, GDPR, and others. Hands-on expertise in cybersecurity technologies such as SIEM, SOAR, UEBA, TIP, and advanced threat detection systems. Strong background in risk management, governance, and compliance across diverse IT environments. Familiarity with emerging technologies, including AI, ML, and blockchain, and their implications on cybersecurity. Exceptional communication skills with the ability to present complex security topics to executive leadership and stakeholders.

We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities 1. Leadership and Management: Team Leadership : Lead, mentor, Build and manage a team of SOC analysts, incident responders, and threat hunters. Foster a culture of continuous improvement, accountability, and professional development within the SOC team. Conduct regular performance reviews and provide constructive feedback to team members. Operational Management : Develop and maintain SOC processes, procedures, and documentation to ensure efficient and effective operations. Ensure the SOC team operates 24/7, providing continuous coverage for security monitoring and incident response. Coordinate shift schedules, resource allocation, and ensure adequate staffing levels. Monitoring and Detection : Oversee the monitoring of security events and alerts generated by various security tools and technologies. Ensure the timely identification, analysis, and escalation of potential security incidents. Develop and fine-tune detection rules, signatures, and use cases to enhance threat detection capabilities. Incident Response : Coordinate and manage the end-to-end incident response process, including detection, analysis, containment, eradication, and recovery. Develop, implement, and maintain incident response playbooks, runbooks, and standard operating procedures (SOPs). Lead post-incident reviews, including root cause analysis and lessons learned, to improve incident response processes. Threat Intelligence Integration : Ensure the SOC team stays up-to-date with the latest threat intelligence and cyber threat landscape. Integrate threat intelligence into SOC operations to enhance detection and response capabilities. Collaborate with threat intelligence analysts to gather, analyse, and disseminate actionable intelligence. Threat Hunting : Develop and lead proactive threat hunting activities to identify and mitigate potential threats before they impact the organisation. Utilise advanced analytical and forensic tools to uncover hidden threats and malicious activities. Internal Collaboration : Work closely with other IT and security teams to ensure seamless integration of security operations. Collaborate with the IT infrastructure team to ensure security controls are properly implemented and maintained. Engage with application development teams to ensure secure coding practices and application security measures. Stakeholder Communication : Communicate effectively with senior management, providing regular updates on SOC activities, incidents, and overall security posture. Develop and deliver regular SOC performance and incident reports to leadership. Serve as the primary point of contact for escalated security incidents and external communications. Process Enhancement : Identify areas for improvement within the SOC and implement enhancements to processes, tools, and technologies. Conduct regular SOC assessments and readiness exercises to ensure operational effectiveness. Stay informed about the latest security trends, technologies, and best practices. Metrics and Reporting : Develop and track key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of SOC operations. Provide detailed reporting on SOC activities, incidents, and trends to senior management and other stakeholders. Monthly CISO reports Regulatory Compliance : Ensure SOC operations comply with relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Support audit activities and provide necessary documentation and evidence for compliance audits. Collaborate with the compliance team to address regulatory changes and ensure ongoing compliance. Employee Training : Develop and deliver regular cybersecurity training programs for SOC staff to enhance their skills and knowledge. Promote security awareness and best practices across the organisation through training and awareness programs. Conduct phishing simulations and other awareness activities to test and improve employee readiness. Professional Development : Encourage SOC team members to pursue relevant certifications and professional development opportunities. Provide guidance and support for career development and advancement within the SOC team. Education and Experience: Education : Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred. Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly desirable. Experience : A minimum of 10-12 years of experience in cybersecurity, with at least 7-8 years in a SOC management or leadership role. Proven track record of managing and leading high-performing security teams in a dynamic and fast-paced environment. Security Operations : Strong understanding of security monitoring and incident response processes and technologies. Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and other security tools. Knowledge of threat intelligence and analysis methodologies. Technical Expertise : Familiarity with regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Proficiency in using advanced analytical and forensic tools for threat detection and incident analysis. Understanding of network security, endpoint security, application security, and cloud security principles. Leadership and Management : Excellent leadership, team management, and mentoring skills. Strong analytical and problem-solving abilities. Effective communication and interpersonal skills, with the ability to interact with technical and non-technical stakeholders. Strategic Thinking : Ability to think strategically and develop long-term plans for improving SOC operations and overall security posture. Demonstrated ability to drive continuous improvement and foster a culture of innovation. This position may require occasional on-call support and the ability to respond to security incidents outside of regular business hours. Hybrid work environment with a combination of on-site and remote work. Perks and Benefits Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

Job description We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24x7 SOC environment to immediately detect, verify, and respond swiftly to cyber threats, and remove false positive. Serve as a technical point of escalation. Responsible for investigating incidents, analysing attack methods, researching new defence techniques and tools, developing security policy, and documenting procedures for SOC. Maintain baselines for secure configuration and operations. Malware analysis and other attack analysis to extract indicators of compromise. Perform data security event correlation between various systems. Prepare reports, summaries, and other forms of communication that may be both internal and client facing. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives. Develop and deploy processes to ensure efficient and effective security operations. Provide guidance and mentorship to other security analysts and junior members of the security team. Keep up-to-date with the latest trends and best practice developments in the field of cybersecurity and SIEM tools Values And Behaiviours Have Fun We take time and effort to make the workplace more enjoyable, we reward and celebrate success, our customers and partners see us as human. Move with Velocity We evolve and grow to stay ahead of the curve, we make decisions quickly and often, we are decisive and show initiative, we are outcome oriented and we question everything to determine what speeds or impedes the desired outcome. Go Further We go beyond delivering what works, we discover delights and help customers transform their business, we have a passion for learning, we have a desire to question the norms, and we are curious to step out of our comfort zones. Thrive Together We are high functioning, supportive and inclusive, collaboration is in our DNA, we step up to assist our team members, and we work as a team to achieve the right outcome. Skills and Capabilities At least 7 years of experience working in a SOC environment, with a focus on using multiple SIEM tools. Strong understanding of security operations and incident response processes Hands-on experience with at least two major SIEM tools (e.g., MS Sentinel Rapid7, Exabeam Splunk, ArcSight, QRadar,) Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work in a fast-paced, dynamic environment Qualifications B-Tech

We are seeking a highly experienced and motivated Senior SOC Manager to lead our Security Operations Center (SOC) team. The Senior SOC Manager will be responsible for managing the day-to-day operations of the SOC, overseeing security monitoring, incident response, threat intelligence activities, and ensuring the organisation's information assets are protected. The ideal candidate will have a strong background in cybersecurity operations, team leadership, and incident management, with a strategic mindset and the ability to drive continuous improvement. Role & responsibilities 1. Leadership and Management: Team Leadership : Lead, mentor, Build and manage a team of SOC analysts, incident responders, and threat hunters. Foster a culture of continuous improvement, accountability, and professional development within the SOC team. Conduct regular performance reviews and provide constructive feedback to team members. Operational Management : Develop and maintain SOC processes, procedures, and documentation to ensure efficient and effective operations. Ensure the SOC team operates 24/7, providing continuous coverage for security monitoring and incident response. Coordinate shift schedules, resource allocation, and ensure adequate staffing levels. Monitoring and Detection : Oversee the monitoring of security events and alerts generated by various security tools and technologies. Ensure the timely identification, analysis, and escalation of potential security incidents. Develop and fine-tune detection rules, signatures, and use cases to enhance threat detection capabilities. Incident Response : Coordinate and manage the end-to-end incident response process, including detection, analysis, containment, eradication, and recovery. Develop, implement, and maintain incident response playbooks, runbooks, and standard operating procedures (SOPs). Lead post-incident reviews, including root cause analysis and lessons learned, to improve incident response processes. Threat Intelligence Integration : Ensure the SOC team stays up-to-date with the latest threat intelligence and cyber threat landscape. Integrate threat intelligence into SOC operations to enhance detection and response capabilities. Collaborate with threat intelligence analysts to gather, analyse, and disseminate actionable intelligence. Threat Hunting : Develop and lead proactive threat hunting activities to identify and mitigate potential threats before they impact the organisation. Utilise advanced analytical and forensic tools to uncover hidden threats and malicious activities. Internal Collaboration : Work closely with other IT and security teams to ensure seamless integration of security operations. Collaborate with the IT infrastructure team to ensure security controls are properly implemented and maintained. Engage with application development teams to ensure secure coding practices and application security measures. Stakeholder Communication : Communicate effectively with senior management, providing regular updates on SOC activities, incidents, and overall security posture. Develop and deliver regular SOC performance and incident reports to leadership. Serve as the primary point of contact for escalated security incidents and external communications. Process Enhancement : Identify areas for improvement within the SOC and implement enhancements to processes, tools, and technologies. Conduct regular SOC assessments and readiness exercises to ensure operational effectiveness. Stay informed about the latest security trends, technologies, and best practices. Metrics and Reporting : Develop and track key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of SOC operations. Provide detailed reporting on SOC activities, incidents, and trends to senior management and other stakeholders. Monthly CISO reports Regulatory Compliance : Ensure SOC operations comply with relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Support audit activities and provide necessary documentation and evidence for compliance audits. Collaborate with the compliance team to address regulatory changes and ensure ongoing compliance. Employee Training : Develop and deliver regular cybersecurity training programs for SOC staff to enhance their skills and knowledge. Promote security awareness and best practices across the organisation through training and awareness programs. Conduct phishing simulations and other awareness activities to test and improve employee readiness. Professional Development : Encourage SOC team members to pursue relevant certifications and professional development opportunities. Provide guidance and support for career development and advancement within the SOC team. Education and Experience: Education : Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred. Relevant certifications such as CISSP, CISM, GIAC, or equivalent are highly desirable. Experience : A minimum of 10-12 years of experience in cybersecurity, with at least 7-8 years in a SOC management or leadership role. Proven track record of managing and leading high-performing security teams in a dynamic and fast-paced environment. Security Operations : Strong understanding of security monitoring and incident response processes and technologies. Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar) and other security tools. Knowledge of threat intelligence and analysis methodologies. Technical Expertise : Familiarity with regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Proficiency in using advanced analytical and forensic tools for threat detection and incident analysis. Understanding of network security, endpoint security, application security, and cloud security principles. Leadership and Management : Excellent leadership, team management, and mentoring skills. Strong analytical and problem-solving abilities. Effective communication and interpersonal skills, with the ability to interact with technical and non-technical stakeholders. Strategic Thinking : Ability to think strategically and develop long-term plans for improving SOC operations and overall security posture. Demonstrated ability to drive continuous improvement and foster a culture of innovation. This position may require occasional on-call support and the ability to respond to security incidents outside of regular business hours. Hybrid work environment with a combination of on-site and remote work. Perks and Benefits Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.