584 Gdpr Jobs - Page 24

The SuccessFactors Administrator will contribute to the administration of our SuccessFactors installation and serve as a System Administrator and resource for our rapidly growing team. This includes deployment activities, configuration, installation, and ongoing improvements on the platform. The individual in this role will work closely with other IT teams, business and functional leaders, and subject matter experts to ensure all project activities are performed to a high degree of quality, meets practice and standards expectations, and ensures delivery in a timely fashion. A blend of technical and problem-solving skills and value-to-business mindset would be an advantage for this role. Essential Duties and Responsibilities: Manage the SuccessFactors application and support 5000+ users from multiple business functions across HMH Ensure application deployments and administration follows controls process Act as a liaison between the technical and functional teams, business functions, and vendors to drive project implementations, deployments, and upgrades Identify process and/or business issues that may arise with the implementation of a solution and recommend process improvements to address those issues Project activities will involve deployment responsibilities for the SuccessFactors platform, along with support for the associated HR team Participate in Agile squads and ensure related the deployment activities follows controls process Certify all user access and changes every quarter Maintain a holistic view of all business system processes and users, to understand functional impacts with regards to configuration, process, workflow and reporting Contribute to ongoing improvements in the value delivered by the IT HR team Adhere to quality standards, pertinent regulatory requirements, and to departmental policies, practices and procedures Address tech debt and make sure we define and enforce process to keep the platform aligned to best practice and standards Perform all other related duties as assigned Competencies: 3+ years of SuccessFactors administration experience Ability to manage integrations across multiple systems that involve bi-directional data sync, API call limitations, bug fixes etc. Experience in the compensation and performance modules. Familiarity with Testing frameworks and design patterns Experience in an Agile organization Excellent communication and interpersonal skills Ability to work cohesively in a team environment Ability to use business acumen to develop solutions to functional and technical issues and be results driven In-depth application troubleshooting skills Understanding of regulations applicable to IT applications (GxP, SOX, GDPR) Ability to provide feedback to manager, peers and team members Creative and analytical thinker with strong problem-solving skills A strong sense of customer service, with proven experience in a similar role In depth application troubleshooting skills. Good to have experience in ADP but not mandatory.

The impact you will have in this role: In this role, you will be responsible for the functional and technical design of business systems; integration of business services & information security; driving industry-specific best practices & standards; understanding regulatory compliance needs; coordinating test planning & execution; providing leadership to AD teams and acting as technology liaison to all IT areas within DTCC, to the business partners, and to the industry. Leading projects, teams, code reviews are required to be able to lead by example. Your Primary Responsibilities: As an expert solutions engineer and senior software engineer, mission is to help lead our team of innovators and technologists toward crafting next-generation solutions that improve the way our business is run. Taking part in the development and deployment of Cyberark solution. Create and enforce Cyberark PAM policies and procedures, ensuring adherence to industry best practices and regulatory requirements. Develop and manage the PAM roadmap, including technology upgrades, new features, and integrations. Manage and maintain the CyberArk PAM platform, including Privileged Session Manager (PSM), Central Policy Manager (CPM), Password Vault Web Access (PVWA), and Vault. Defines and factors in performance, scalability, availability, resiliency, security, maintainability, support, testing and cost requirements when making technology selection and application design decisions. Define approaches for modernizing legacy applications including migration to public or private cloud infrastructure. Own the engineering design practices of our software development organization. Lead design reviews session. Collaborate with Infrastructure and Solution Architecture to choose efficient hosting environment. Focus on industry practices such as lose coupling of applications, standardization, APIs, reusability, concepts of isolation, extensibility, extendibility, and consistency of solutions while proposing and reviewing architectures. Identify and solve for non-functional requirements for the platform consumers. Ensures solutions adhere to security policies and standards of firm and industry. Conduct POCs for tools as seen fit for the area. **NOTE: The Primary Responsibilities of this role are not limited to the details above. ** Qualifications: Minimum of 10+ years of experience in Information Security with at least 5 years in Privileged Access Management Bachelors degree in Computer Science, Information Systems or a related field and/or equivalent experience Talents Needed for Success: Extensive experience with CyberArk PAM platform, including PSM, CPM, PVWA, and Vault. Ability to understand architectural diagrams and design Advanced understanding of privileged user life cycle management and controls around privileged access. Experience with AWS, Azure, and/or GCP IAM and PAM concepts Experience with troubleshooting issues with PAM solutions and applications. Sound understanding of regulatory requirements and standards such as GDPR, FISMA, PCI, HIPAA, SOX, FICA, etc Ability to guide teams through sophisticated issues and drive resolution for issues that arise within sophisticated and high-risk applications Ability to effectively translate technical information between vendors, IT management and other internal and external IT teams Ability to work with all levels of management to define requirements associated with PAM services, incorporating security standard processes.

Key Responsibilities: Lead implementation of privacy policies and compliance frameworks. Conduct and oversee PIAs, TIAs, and maintain RoPA. Manage data mapping, architecture documentation, and privacy controls. Develop and maintain privacy templates and related documentation. Drive small automation initiatives to support privacy operations. Collaborate with cross-functional teams across legal, IT, and business units. Preferred Qualifications: Deep understanding of global privacy regulations (e.g., GDPR, CCPA). Hands-on experience with Microsoft O365 automation tools. Strong documentation, analytical, and communication skills.

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply

GRC Lead will manage and strengthen our Governance, Risk, and Compliance (GRC) initiatives for Managed Security Services (MSS) within the Telecom sector. The GRC Lead will be responsible for ensuring that the services we provide to our telecom clients adhere to industry standards, regulatory requirements, and robust risk management practices. This individual will play a key role in aligning our security services with client business objectives, improving our security posture, and ensuring compliance with telecom-specific regulations and frameworks. You have: 7+ years of experience in Governance, Risk, and Compliance (GRC), with at least 3 years in telecom or Managed Security Services (MSS) with a degree in Telecommunication Engineering, Computer Science, Information Security, or a related field (B.E/B.Tech/M.E/M.Tech/MCA). Expertise in telecom-specific security technologiesFirewalls, IDS/IPS, SIEM, encryption, access management, and incident response platforms. Experience working with security and compliance frameworksISO 27001, NIST CSF, PCI-DSS, GDPR, NIST SP 800-53, ETSI EN 303 645, also telecom infrastructure, including MPLS, 5G, IoT, and SDN/NFV. Familiarity with GRC tools such as RSA Archer, ServiceNow GRC, or MetricStream. Experience in telecom risk management processes, regulatory assessments, and vendor risk governance. It would be nice if you also had: Industry certifications such as CISM, CISA, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer, TOGAF, or ITIL. Experience in stakeholder management, including executive communication, regulatory liaison, and conflict resolution with auditors or vendors. Strong analytical, negotiation, and project management skills in a cross-functional, multicultural telecom environment. Provide security governance leadership tailored to telecom networks, including mobile, 5G, SDN/NFV, and MPLS environments. Lead risk assessment, threat modeling, and management activities for telecom networks and emerging technologies like IoT and cloud. Ensure compliance with global and local telecom regulatory requirements (e.g., TRAI, DoT, GDPR, FCC, ETSI) through audits, reviews, and reporting. Manage and maintain telecom-specific security policies, technical and administrative controls, and compliance frameworks (ISO 27001, NIST, PCI-DSS). Act as the prime security and compliance interface towards customers, internal teams, auditors, subcontractors, and third-party suppliers. Develop and maintain a risk register, tracking treatment plans and mitigation strategies across client environments. Provide proactive consultation and guidance to customers regarding security best practices and compliance requirements. Oversee incident and crisis response activities to minimize business impact and regulatory exposure, ensuring adherence to notification guidelines. Ensure vendor security due diligence, contract compliance, and ongoing third-party risk monitoring within the telecom supply chain.

Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Required education Bachelor's Degree Preferred education Doctorate Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge 10+ years of security compliance audit experience would be important Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Job Role: IT Infrastructure Security Engineer . Location: Bangalore. Notice Period: Immediate to 30 days. Responsible for designing, implementing, and maintaining security measures to protect an organizations IT infrastructure. This role involves securing networks, servers, cloud environments, and other critical IT systems against cyber threats. The engineer works closely with IT, security, and compliance teams to ensure a robust security posture and adherence to industry standards. Key Responsibilities Infrastructure Security & Compliance Design and implement security controls to protect IT infrastructure, including servers, networks, databases, and cloud environments. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses and recommend mitigation strategies. Ensure compliance with industry standards such as ISO 27001, NIST, CIS, GDPR, HIPAA, PCI-DSS, and SOC 2 . Develop and enforce security policies, procedures, and best practices for IT infrastructure. Monitor system logs, network traffic, and security alerts to detect and respond to threats in real-time. Network & Cloud Security Secure on-premises and cloud environments (AWS, Azure, Google Cloud) using security best practices. Implement firewalls, IDS/IPS, VPNs, and Zero Trust architectures to safeguard enterprise networks. Configure and manage endpoint security solutions, SIEM, EDR, XDR , and other security tools. Implement identity and access management (IAM) solutions, including privileged access management (PAM). Incident Response & Threat Management Investigate and respond to security incidents, breaches, and anomalies in coordination with SOC teams. Develop incident response plans (IRP) and lead forensic analysis for security events. Work closely with security operations teams to automate threat detection and response processes. Security Automation & Infrastructure Hardening Use Infrastructure as Code (IaC) to automate security configurations (e.g., Terraform, Ansible). Implement patch management, vulnerability management, and endpoint security policies . Secure containers and Kubernetes environments in DevOps pipelines. Harden operating systems (Windows, Linux) and cloud environments against cyber threats. Collaboration & Continuous Improvement Provide security training and awareness to IT teams. Collaborate with DevOps, IT, and compliance teams to integrate security in CI/CD pipelines. Stay up to date with emerging cyber threats and recommend new security technologies. Qualifications & Skills Technical Skills Strong knowledge of network security, cloud security, and endpoint security . Experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and encryption . Hands-on experience with AWS Security, Azure Security Center, Google Cloud Security, and IAM solutions . Familiarity with scripting and automation (Python, Bash, PowerShell). Expertise in Active Directory (AD), Zero Trust security, and PKI . Knowledge of compliance frameworks like ISO 27001, NIST, CIS, GDPR, PCI-DSS . Soft Skills Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Ability to work under pressure and manage multiple security tasks. Detail-oriented with a proactive security mindset. Certifications (Preferred but Not Mandatory) CEH (Certified Ethical Hacker) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Certifications CISSP (Certified Information Systems Security Professional) Work Environment & Tools Security tools: Wazuh SIEM, Splunk, Palo Alto, Fortinet, CrowdStrike, SentinelOne, Qualys, Tenable, Nessus Cloud platforms: AWS, Azure, Google Cloud . Operating systems: Windows, Linux, macOS . Automation: Python, Terraform, Ansible, PowerShell.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:SailPoint IIQ Development:Design, develop, and configure SailPoint IIQ solutions based on business requirements.Develop and implement custom workflows, rules, and tasks using SailPoint IdentityIQ.Integrate SailPoint IIQ with other enterprise systems such as Active Directory, LDAP, and SAP for seamless identity management.Should be expertise in access reviewIdentity Governance and Compliance:Implement access control policies, role-based access management (RBAC), and entitlement management within SailPoint IIQ.Develop automated provisioning and de-provisioning processes for users across systems.Ensure compliance with relevant regulatory requirements (e.g., SOX, GDPR) and audit policies through the SailPoint IIQ platform.System Integration:Integrate SailPoint IIQ with existing enterprise systems (e.g., directories, databases, and applications) to automate identity lifecycle management.Work with other teams (e.g., systems administrators, security) to ensure integration with Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other IAM technologies.Troubleshooting and Support:Provide ongoing support and troubleshooting for the SailPoint IIQ platform.Address and resolve any technical issues related to identity provisioning, de-provisioning, and access requests.Testing and Deployment:Test and validate SailPoint IIQ configurations, customizations, and integrations.Assist in the deployment of SailPoint IIQ applications and configurations into production environments.Ensure that systems are properly tested for security vulnerabilities, performance, and reliability.Documentation and Reporting:Develop and maintain technical documentation, including design specifications, implementation guides, and troubleshooting procedures.Provide regular status reports on development, implementation progress, and any identified issues to management and stakeholders.Collaboration:Collaborate with business analysts, project managers, and other developers to understand requirements and ensure successful implementation of identity management solutions.Participate in code reviews and ensure adherence to coding best practices and security standards.Continuous Improvement:Stay up to date with the latest SailPoint IIQ features, releases, and best practices.Suggest and implement improvements in processes, workflows, and system designs to improve efficiency and security. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of cloud security architecture Experience with implementing security controls in cloud environments Knowledge of industry security standards and best practices Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-mplement, configure, and manage PAM solutions such as CyberArk or BeyondTrust to ensure privileged access is secure, auditable, and compliant with regulatory standards.Work closely with IT, DevOps, and security teams to design and integrate secure access control systems into existing IT infrastructure.Perform security assessments and identify potential vulnerabilities in privileged accounts, systems, and services.Develop and enforce policies for privileged account management, password rotation, and access control.Monitor the activity of privileged accounts to detect any unusual or unauthorized behavior, escalating issues when necessary.Work with auditing teams to ensure compliance with security regulations and standards (e.g., NIST, PCI-DSS, GDPR).Provide guidance and support to the organization regarding security best practices for privileged access.Develop and maintain detailed documentation on the configuration, deployment, and operational procedures for PAM solutions.Participate in incident response efforts, identifying, containing, and mitigating security incidents involving privileged accounts.Stay current on emerging security threats and PAM technologies, applying this knowledge to enhance the organization's security posture. Professional & Technical Skills: Must To Have Skills: Proficiency in CyberArk Privileged Identity Access Management Strong understanding of cloud security principles Experience in designing and implementing security solutions Knowledge of security compliance standards Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in CyberArk Privileged Identity Access Management This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education