405 Gdpr Jobs - Page 4

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

About the role: The global Identity Access Management team is passionately serving our stakeholders while evolving best practices. As an Identity Access Engineer , you have a pivotal operational role to provide and deprovision system access.You have an equally crucial role to partner collectively with stakeholders to mature, streamline, and automate Identity and Access Management procedures for Blackbaud. What you’ll do Ensure appropriate Control through timely removal of unnecessary or inappropriate system access Expediently provision approved access, often utilizing evolving Role Based Access Controls (RBAC), for Blackbaud systems to prevent excessive permissions and rights. Proactively expand approved RBAC roles through analysis, recommendation and adoption/rollout. Analyze and resolve access issues, coordinating with system owners or technical support resources as necessary. Participate in ongoing audits and assessments, and assist with implementation of audit or compliance recommendations Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support Identify , evaluate and recommend opportunities to eliminate, streamline, and automate access management practices.Partner with colleagues including application owners, cloud engineers, cyber security SMEs, etc. to effectively execute improvements based on expected value. Generate reports to perform in-depth analysis and data collection for issues associated with IAM What you’ll bring 2 years of experience in Identity or Access Management Tireless adherence and attention to appropriate IT general computing controls Ability to understand, work with and where appropriate leverage various technologies including PowerShell , ServiceNow, SailPoint's Identity-Now, Active Directory, EntraID , Salesforce, Workday, etc. Practical experience with SCA, ITIL, COBIT, NIST and/or other security and control frameworks Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Job Purpose (overall high-level summary of the role) Build and lead global relationships for Cybersecurity (sitting within the wider IT organization), representing WPB IT and WPB Cyber interests within the context of transformational and service uplift from central and federated functions. As a senior Cybersecurity SME for WPB, promote the principles of secure development and ensure effective coverage for all Cybersecurity services consumed. The Senior Cyber SME is, among many other things, responsible for the following key activities: Coordinate and manage the relationship between the central Cybersecurity leadership teams, WPB IT leadership and WBP CISO; reporting to WPB IT CISO. Provide specialist technical and process knowledge to influence support and manage the direction of cyber tooling, processes and practices into WPB IT and engineering teams. Lead the Information Security agenda within the central cyber control owners, including driving business/functional stakeholder engagement to ensure delivery of security programmes, tooling, and initiatives. Develop and maintain strong relationships with the cyber control owners and Heads of cybersecurity functions to ensure optimum synergy and collaboration between them WPB IT. Monitor and engage with cyber control owners, heads of cyber practices and central programme managers to shape and represent WPB IT in order to ensure that deliveries align with WPB IT interests and strategic direction. Promote the development and rollout of security tools and processes that aligns with WPB IT engineering strategies and ensure that group security scanning and orchestration tools can be adopted and used within WPB IT s CI/CD pipeline and engineering teams. Work with service line and value stream CIOs and their representatives to ensure that cyber assurance actions, vulnerability remediation and KCI compliance receives the right level of attention and support, and to escalate and highlight blockers if required. Guide the service lines/value streams CIOs and their representatives with respect to compliance with relevant security policies, standards, and governance, including challenging the risk profile, appetite, and control effectiveness, coordinating with embedded WPB Cyber SMEs, Risk Champions, and central Cyber teams required to ensure overall WPB IT operation within appetite. With specific focus ensure that control and risk metrics and related responsibilities for cyber assurance activities, vulnerability, and secure development practices & tooling, third party security reviews are monitored, actioned, and understood by WPB CIOs and their delegates. Ensure that WPB IT and Cyber priorities are communicated to cyber control owners and central cyber functions. Facilitate ongoing cybersecurity awareness within the Service Line to strengthen the responsible culture. Lead Annual Assurance activities (Pen Test & TMA) for WPB and provide oversight responsibility for TPSR Organization structure Reports to the WPB IT CISO Principal Accountabilities: key activities and decision-making areas Typical Targets and Measures Impact on the Business/Function Protect the Bank. Lead Security embedding within WPB IT together with the WPB CISO, owning the relationship with cybersecurity control owners and heads of cyber functions. Uses technical expertise and experience to enable WPB IT and Cybersecurity to develop implementable designs, solutions and operational plans to ensure compliant security is enforced. Leads and drives this change through effective communication, preparation, and implementation. Driving sustainable growth. Drive efficiencies in the SDL through secure from start development, SecDevOps and minimal iterative issue-remediation. Ensure that evolving technologies are embraced with appropriate mitigation controls and contingency planning. Achieving excellence. Promote the understanding of risk in the context of security in order to align WPB security practices with business risk appetite and strategic objectives. Generate an environment in which innovation is supported by security in the working practices. Measures benefits over the short, medium, and long term. Demonstrates a comprehensive WPB IT view when developing solutions. Executes ideas and innovation that are original but remain aligned to business objectives and cybersecurity principles and plans. Customers / Stakeholders Customer focus. Lead a customer-centered culture, championing activities encouraging outstanding customer advocacy. Proactively seek opportunities to utilize strong Cybersecurity principles to improve availability and ensure privacy for customers. Strengthening stakeholder relationships. Enhance key relationships, using rapport-building expertise and appropriate influencing to add value beyond the initial scope, increasing stakeholder advocacy. Maintain key relationships to include technology and business heads across WPB and Cybersecurity along with other GB/GF/R counterparts across the globe. Understanding markets and customers Cultivate strong relationships with organizationally important global and/or high value stakeholders with a tailored approach. Deliver fair outcomes for our customers and ensure own conduct maintains the orderly and transparent operation of financial markets. Promotes the most appropriate security solution even if there are short term additional costs. Demonstrates sensitivity to the realities and concerns of their stakeholders' situation. Analyses and interprets the evolving security threat landscape. Uses innovation to address the needs of customers and stakeholders (building trust). Leadership & Teamwork Drive the development and communication of a clear vision for secure development and maintenance in WPB IT which is aligned to the overall HSBC and Cybersecurity strategy, values and goals in order to inspire and engage people to create an inclusive, high performing, customer-centered culture. Lead, develop and motivate adoption of and compliance with the cybersecurity principles across the lifecycle in the PODs, XFTs, and service Lines / value streams within WPB IT. Lead and encourage constructive teamwork within value streams by demonstrating collaboration and matrix management in action and taking prompt action to address any activities and behaviors that are not consistent with HSBC's diversity policy and/or the best interests of the business and its customers. Monitors complex dependencies and respond accordingly to ensure on-going delivery to local and WPB IT goals. Translates the required course of action into a clear and realistic vision. Develops international solutions that are beneficial for the Service Line across its geographies and its customers. Identifies and builds relationships with key contacts and influencers Effectively translates coaching requirements to WPB IT s overall performance requirements. Operational Effectiveness & Control: Lead the continuing development, implementation and improvement of the security processes, understanding of risk and controls, and capabilities needed to deliver agreed plans and targets. Collaborate with control owners and WPB leadership to maximize end-to-end integration, effectiveness, and efficiency. Establish and maintain a robust and efficient control environment across the lifecycle to ensure good operational, financial and project management and compliance with HSBC policy and procedures, together with early identification and effective resolution or escalation of issues that arise. Lead the implementation and oversight of the Cyber Risk standards and governance frameworks, process and procedures, including adaptation of documentation, to ensure relevance to WPB operations, effective risk management and regulatory compliance. Creates an environment which anticipates risk, ensuring action is taken to quantify and mitigate them. . Coordinate with central cyber teams, 2LOD and control owners to ensure that WPB specific requirements and ways of working are integral to adopted Cyber Policies, Processes, and tooling. Implement IT best practices in risk policies and governance frameworks in areas across WPB IT. Management of Risk (Operational Risk / FIM requirements) The Senior Cyber SME will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation. The Senior Cyber SME will also continually reassess the Cybersecurity and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology. This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department. Observation of Internal Controls (Compliance Policy / FIM requirements) Maintains HSBC internal control standards vis- -vis cybersecurity operations, including coordination and resolution planning of internal and external audit points together with any issues raised by external regulators. The Senior Cyber SME will also manage and coordinate the implementation of new internal control and risk -related metrics relating to cyber and secure development practices (KCIs, KRIs, and GRAS). This will be achieved by service line / value stream adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified Cybersecurity risks. Escalation to CIOs and CISO when required for prompt addressing to relevant risk forum, such as WPB IT Cyber Working Groups, RCMMs to mention some examples. Local Job Requirements (This could include; Job Dimensions, Job Context & Major Challenges) Budget & people. This is a cross-functional and Senior Cyber SME role which supports and represents WPB IT interests against central cyber and group IT initiatives. This is achieved though and with the support of a large number of CIO delegates (risk champions), embedded cyber-SMEs, pod leads and ITSOs within WPB IT. It will secure applications leveraging right tools and processes enabled by Cybersecurity. The indirect headcount which will be supported by this role would be more than 150-200 staff. Relationships. Key relationships include ownership of the relationship with Cybersecurity control owners and Heads of Cybersecurity Functions and extends to peers across other Global Businesses, Global Functions and Regions up to MD levels in HSBC, including relationships with auditors, regulators and external security forums. This may also include external relationships with TPEMs and potentially vendors, focusing on security support to the WPB IT. Regulatory & Risk Management. Working closely with WPB IT Value Streams and governance counterparts (such as 2LOD, RR and CCO), build strong relationships with internal and external stakeholders (risk, audit, government agencies, industry forums etc) to understand the IT/Information Security risk profile, monitor compliance with policies and standards, and identify and address WPB IT specific requirements. Strategic input. Providing influence and input to ensure alignment between Cybersecurity and Central Cyber Functions and Leadership to represent and ensure WPB IT strategic outcomes and business goals. Uses technical knowledge and experience to solve complex problems, and propose implementable solutions, to deliver ongoing improvements in line with business strategy. Certifications, Qualifications & Experience (For the Job not the Job holder. Minimum requirements of the Job) Good understanding of WPB businesses and general understanding of the bank s businesses and differentiating factors between retail, wholesale, and investment banking A fair understanding of laws and regulations with an emphasis on regulations, rules and standards with global or boarder regional impact (e.g. GDPR, PCI DSS, DORA, HIPAA, etc.) Formal education with a post-graduate degree in IT, Information Security, Risk Management, Business Management or other relevant areas 10+ years of experience in Information Security Management and Cybersecurity High level of personal drive and motivation to ensure delivery of a broad range of outputs simultaneously across WPB IT and HSBC Technology Extensive Programme Management experience and analytical skills. Proven ability to articulate complex issues concisely and in simple language to support problem analysis. Strong knowledge of the external environment regulatory, political, competitors etc. Outstanding relationship management, collaboration and influencing skills. Strong attention to detail and business writing skills and to be able to challenge and shape submissions. Outstanding communication and interpersonal skills with the ability to produce clear and concise reports and communications to senior internal and external stakeholders. Excellent stakeholder management skills with a proven ability to build and maintain strong relationships and communicate on complex issues with a wide spectrum of stakeholders. Proven abilities in working across cultures. Familiarity with Information Security Control and Risk Frameworks (e.g., NIST, ISO 27001, COBIT, etc.) Strong familiarity with and competence in application security tools in general and with specific focus on security tooling used in secure development (e.g., SAST, DAST, MAST, FOSS), threat modelling and risk management. Certifications, Qualifications & Experience (For the Job not the Job holder. Minimum requirements of the Job) Familiarity with security controls around technologies such as cloud, mobile, social, open-banking, etc. Familiarity with OWASP, Cloud, and SANS guidelines on application-security. Experience in supporting Agile and DevOps methodologies. Experience in lifecycle management across the CI/CD pipeline Excellent understanding of banking and security in context of wider industry trends and direction

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor

Key Responsibilities: Lead the end-to-end risk management lifecycle from risk identification, assessment, and analysis to mitigation planning and implementation. Experience in GDPR, data privacy and protection and Risk management tools. Design, implement, and regularly update risk management checklists , templates, and reporting mechanisms. Develop and maintain a comprehensive risk register and associated documentation. Align risk management practices with global standards like ISO 31000 and ISO 27005. Required Skills and Qualifications: 5-7 years of proven experience in a risk analyst or similar role. In-depth knowledge of GDPR , data privacy and protection principles, and compliance frameworks. Proficient in using Risk Management tools (e.g., RSA Archer, LogicManager, RiskWatch, or similar platforms). Familiarity with international risk management standards (ISO 31000, ISO 27005 preferred). Exceptional communication and interpersonal skills to work with diverse teams across regions. NOTE- Prior work experience in Compliance standards for UK financial industry would be added advantage.

A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001. 1. Regulatory Compliance Monitoring: o Ensure the technology department complies with relevant laws and regulations, such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. o Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement: o Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. o Regularly review and update policies to ensure they remain aligned with changing regulations and industry best practices. 3. Risk Management: o Assess risks related to technology operations, particularly data privacy and cybersecurity risks. o Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. o Conduct regular audits and reviews of IT systems to ensure they meet compliance standards. 4. Training & Awareness: o Educate and train technology teams and other employees on compliance-related matters, such as data security, privacy policies, and risk mitigation strategies. o Promote awareness of compliance issues, helping staff understand their responsibilities in maintaining compliance. 5. Audit & Reporting: o Prepare reports for management, regulators, or auditors, demonstrating compliance with relevant regulations and policies. o Coordinate internal and external audits related to technology compliance. o Implement corrective actions where necessary to address non-compliance findings. 6. Data Privacy Management: o Oversee data protection strategies and ensure proper handling of sensitive information, including encryption, access control, and data retention policies. o Manage consent collection and user privacy preferences in accordance with privacy regulations. 7. Incident Management: o Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. o Coordinate with relevant authorities if there is a need to disclose any breaches or security incidents.

The Apex Group was established in Bermuda in 2003 and is now one of the worlds largest fund administration and middle office solutions providers. Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.Your career with us should reflect your energy and passion. Thats why, at Apex Group, we will do more than simply empower you. We will work to supercharge your unique skills and experience. Take the lead and well give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities. For our business, for clients, and for you Role purpose Part of a team of Sales Technology specialists, the role is fundamental to supporting and advancing the usage of our Sales Compensation solution. The role will involve configuration and support of Xactly Incent and Connect. Role Responsibilities: Develop and support Xactly Incent and Connect Design, develop and test reports & dashboards Trace unexpected results back to their source and diagnose underlying issues. If unable to resolve directly, own coordination and resolution with appropriate resources Coordinate with the Xactly Data Warehouse and ETL teams to implement commission data changes, and output data for consumption by other business teams Document system configuration and payment administrative processes Provide guidance to the business, building domain knowledge, gathering requirements, providing solutions and impact analysis Remain current with Xactly products and modules through regular engagement with and training through Xactly resources Be mindful of changes to the business that may impact the current solution - new products and business lines, acquisitions, reorganizations, system changes, etc. Work with SOX auditors in providing necessary changes and documentation Perform ad-hoc reporting and analysis to provide business insight Serve as an escalation resource for Tier 2 & 3 issues Provide input and knowledge sharing with Technology teams Drive technology, business and Xactly adoption best practices Participate in scheduled and ad-hoc training in order to improve policy and process acumen Perform other duties as assigned Skills Required: Provent experience supporting Sales compensations (commissions, bonuses) Advanced SQL and ETL skills Experience with Salesforce 3 years experience with Xactly Incent and Connect (preferred) Experience with the implementation process of Xactly Incent and Connect Strong verbal and written communication skills to interact with users, cross-functional colleagues and IT Ability to accurately collect information in order to understand and assess the needs and situation Strong attention to detail Familiarity with GDPR and data security Familiarity with reporting/data mining methodologies Ability to prioritise workload and provide timely follow-up and resolution Ability to work effectively in a fast-paced environment and handle multiple projects Strong problem solving, troubleshooting and analytical skills Strong verbal and written communication skills to interact with team members Qualifications: Bachelors Degree or equivalent experience Xactly Admin qualified (preferred) ITIL qualification is a plus What you will get in return: A genuinely unique opportunity to be part of an expanding large global business Working with a strong and dynamic team Training and development opportunities Exposure to all aspects of the business, cross-jurisdiction and to working with senior management directly

Role Overview: We are seeking an experienced Data Protection and Privacy Manager, who will be responsible for overseeing the organization's data protection strategy and ensuring compliance with Indian laws such as the Information Technology Act, 2000, and the Personal Data Protection Bill.The DPPM will work closely with DPO and regulatory authorities to ensure that sensitive data is processed securely and ethically. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards and law. Key Responsibilities: Legal ComplianceEnsure adherence to data protection laws, including local DPDPA, IT Act and international regulations like GDPR. Policy DevelopmentFormulate and implement data protection policies and guidelines across the organization. Data Breach ManagementInvestigate and report data breaches to relevant authorities within the stipulated timeframe. Training & AwarenessConduct training sessions for employees on data protection practices and raise awareness about privacy policies. Impact AssessmentsPerform Data Protection Impact Assessments (DPIA) to identify risks and recommend mitigation strategies. Grievance RedressalAct as the point of contact for data principals (individuals) for grievances related to data handling or privacy violations. RecordkeepingMaintain records of all data processing activities and policies for audit and regulatory purposes. Liaison:With regulatory agencies and stakeholders regarding data protection matters. Qualifications and Experience: 1. Bachelor's degree in Information Security, Computer Science, and Law. 2. Certification in Data Protection or Privacy Management is mandatory, like - CIPM, CDPSE, DCPLA, DCPP and DCDPO 3. 8-10 years of experience in security management. 4. Strong understanding of IT infrastructure , data security best practices, and frameworks. 5. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 6. Excellent communication, interpersonal, analytical and leadership skills. 7. Knowledge of emerging technologies, their impact on data protection and ability to handle sensitive information discreetly.

Job Title: Data Engineer (Mid-Level) Experience: 3 to 5 Years Location: Bangalore Department: Data Engineering / Analytics / IT Summary: entomo is an Equal Opportunity Employer. The company promotes and supports a diverse workforce at all levels across the Company. The Company ensures that its associates or potential hires, third-party support staff and suppliers are not discriminated against, directly or indirectly, as a result of their colour, creed, cast, race, nationality, ethnicity or national origin, marital status, pregnancy, age, disability, religion or similar philosophical belief, sexual orientation, gender or gender reassignment, etc We are looking for a skilled and experienced Data Engineer with 3 to 5 years of experience to design, build, and optimize scalable data pipelines and infrastructure. The ideal candidate will work closely with data scientists, analysts, and software engineers to ensure reliable and efficient data delivery throughout our data ecosystem. Key Responsibilities: Design, implement, and maintain robust data pipelines using ETL/ELT frameworks. Build and manage data warehousing solutions (e.g., Snowflake, Redshift, BigQuery). Optimize data systems for performance, scalability, and cost-efficiency. Ensure data quality, consistency, and integrity across various sources. Collaborate with cross-functional teams to integrate data from multiple business systems. Implement data governance, privacy, and security best practices. Monitor and troubleshoot data workflows and conduct root cause analysis on data-related issues. Automate data integration and validation processes using scripting languages (e.g., Python, SQL). Work with DevOps teams to deploy data solutions using CI/CD pipelines. Required Skills & Qualifications: Bachelor's or Masters degree in Computer Science, Engineering, Data Science, or a related field. 3 to 5 years of experience in data engineering or a similar role. Strong proficiency in SQL and at least one programming language (Python, Java, or Scala). Experience with cloud platforms (AWS, Azure, or GCP). Hands-on experience with data pipeline tools is added bonus(e.g., Apache Airflow, Luigi, DBT). Proficient in working with relational and NoSQL databases. Familiarity with big data tools (e.g., Spark, Hadoop) is a plus. Good understanding of data architecture, modeling, and warehousing principles. Excellent problem-solving and communication skills. Preferred Qualifications: Certifications in cloud platforms or data engineering tools. Experience with containerization (Docker, Kubernetes). Knowledge of real-time data processing tools (Kafka, Flink). Exposure to data privacy regulations (GDPR, HIPAA)

Role & responsibilities The Legal Manager for the Legal Desk will oversee and manage a team of legal professionals dedicated to providing efficient and high-quality contract administration and legal support across the organization. This role will manage contract review processes, support intercompany agreements and maintain the administration of legal documentation and workflows to ensure compliance and risk mitigation. i) Team Management i. Lead and mentor the team of legal counsels and contract administrators ensuring performance aligns with service standards and organizational objectives for the SGS Group. ii. Act as a key point of contact for internal stakeholders on contractual issues and global legal processes. iii. Develop team capacity through training, knowledge-sharing, and development programs. iv. Set individual and team performance targets and conduct regular evaluations. ii) Contract Administration Support i. Monitor, maintain, and review contract management trackers and databases, ensuring all agreements are up-to-date, compliant, and accessible. ii. Collaborate effectively with the members of the different legal teams and other stakeholders across multiple countries to ensure consistency in legal standards, compliance, and contract execution. iii. Oversee the administration and management of contracts across the group, ensuring timely updates, renewals, and compliance. iv. Implement efficient workflows and tools for contract tracking, data management, and record-keeping. v. Act as the main point of contact for all contract administration inquiries and issues, supporting internal teams with guidance and expertise. iii) Functional Responsibilities i. Provide legal advice and support to various departments on contractual matters, risk assessments, master service agreements (sales and purchase), confidentiality agreements, intercompany agreements, tenders and other standardized agreements of the group etc. ii. Ensure all agreements comply with relevant data privacy regulations (e.g., GDPR, CCPA) and company policies, and assist in the review of data privacy agreements. iii. Identify potential legal risks in contract negotiations and propose solutions that protect the companys interests while meeting business objectives. iv. Develop and implement standardized templates, processes, and best practices for contract management and review. Preferred candidate profile ** Qualified lawyer (L.L.B. or higher) from a recognized Indian university a. Strong contract drafting and negotiation skills. b. Excellent organizational and multitasking abilities. c. Familiarity with corporate, commercial, and contract law. d. Ability to analyze complex legal documents and provide concise recommendations. e. Strong written and verbal communication skills with an ability to present complex information clearly and effectively. Additional Comments a. Proven experience with outsourced legal services or centralized legal support functions is advantageous. Proficiency in contract management software and legal research tools is beneficial

Information Security Assistant Manager Location: Remote. Apply at: ravi.kumar1@akmglobal.in | +91-7838872468 Seeking a highly skilled and experienced Information Security Assistant Manager to join our team. This role requires proficient experience in ISO 27001 and SOC 2 implementation and compliance , along with a strong understanding of global security standards. If you are passionate about information security and looking to advance your career in a dynamic, professional environment, we encourage you to apply. Total Experience: Relevant Experience in ISO 27001 Implementation: Relevant Experience in SOC 2: Current CTC: Expected CTC: Notice Period: Key Responsibilities Collaborate with the CISO to design, implement, and enhance the organizations cybersecurity framework. Maintain, update, and ensure adherence to information security policies in alignment with ISMS standards. Ensure compliance with ISO 27001, SOC 2, HIPAA, and related security and privacy regulations. Serve as the primary point of contact for internal and external audits related to information security. Work closely with technical teams and external clients to uphold robust security practices in all products and services. Develop and maintain comprehensive security documentation and reports. Monitor emerging threats, legal and regulatory changes, and adapt security practices accordingly. Lead and support company-wide security training, awareness initiatives, and best practice promotion. Play an active role in the end-to-end implementation and management of ISO 27001 controls and frameworks. Required Qualifications & Skills Hands-on experience in ISO 27001 implementation (mandatory). Strong familiarity with SOC 2 controls and reporting frameworks (mandatory). Working knowledge of HIPAA, GDPR (EU & UK), and U.S. data privacy laws. Prior experience in managing audits and ensuring regulatory compliance. Excellent written and verbal communication skills, with the ability to convey complex security concepts to diverse audiences. Ability to manage multiple projects and priorities under pressure. Proven leadership in executing information security projects. Experience working with international clients or in multicultural environments. Fluency in English (spoken and written) is essential.

We are seeking a talented and dynamic Assistant Manager to join our team who has a good exposure towards managing the projects relating to Information security domain and privacy protection from scratch Experience: 3+ years Key Objective And Responsibilities As an Assistant Manager, you will be entrusted with the following key responsibilities: Experience in leveraging industry standards and frameworks such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc , to assist clients in compliance and governance Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws Data Audits and Assessments: Conducting regular data protection impact assessments (DPIAs) and audits to identify and mitigate privacy risks associated with data processing activities Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701 Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality Requirements To be considered for this role, the candidate must meet the following requirements: Hold relevant qualifications such as CIPP/E, CIPM, FIP, DCPLA, CDPO/IN, CDPO/P, ISO 27001 LA/LI, ISO 27701 LApreferred Minimum 3 years of related work experience; or a masters or MBA degree in business, computer science, information systems, engineering and/or data protection Possess a sound knowledge of fundamentals of information security systems Exhibit a good understanding of GDPR, CCPA, or other privacy laws Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks Showcase excellent communication skills, both written and verbal Proficiency in Microsoft Office Suite (Word, Excel, Power point)

>> JOB DESCRIPTION ROLE & RESPONSIBILTY: • Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. • Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. • Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. • Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. • Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. • Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. • Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. REQUIREMENTS: • Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. • A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. • Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. • Profound knowledge of cybersecurity frameworks, industry standards, and best practices. • Proficiency in using various security assessment and techniques. • Strong analytical and problem-solving skills, with the ability to think critically and strategically. • Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. • Demonstrated experience in project management and handling multiple assessments simultaneously. • A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. • Network Security, infrastructure assessment and network architecture design review. • Conceptual knowledge of OT Security/ISA 62443 standard is preferable.

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Security Data Privacy Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be involved in designing, building, and configuring applications to meet business process and application requirements. Your typical day will revolve around creating innovative solutions to address various business needs and ensuring seamless application functionality. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the team in implementing cutting-edge security and data privacy measures- Conduct regular security audits and assessments to identify vulnerabilities- Develop and implement data protection strategies to safeguard sensitive information Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Data Privacy- Strong understanding of data encryption techniques- Experience in implementing access control mechanisms- Knowledge of regulatory compliance standards such as GDPR and HIPAA- Familiarity with security assessment tools and methodologies Additional Information:- The candidate should have a minimum of 5 years of experience in Security Data Privacy- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Position Description Role Title: Senior Information Security Officer Current Reporting Manager: Head of Information Security Assurance Current Location: Gurgaon Position Purpose The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. Main Activities The position is within the Information Security team. Main activities will include but are not limited to: Responsibility Area Internal Audit & Assurance: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Information Security Risk Management Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience Bachelor'S degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred.

Candidate should have key understanding on technology, IT and governance aspects from Cyber Security perspective Candidate should have understanding on performing gap assessment on organizations Cyber security landscape primarily to prevent them from cyber security threats Candidate should have exposure to design, development, implementation, and maintenance information security framework aligned to framework like ISO 27001:2013 Candidate should have managed end-to-end Information security, cyber security for its organizations Experience in performing the risk assessment from Cyber Security, Business Continuity and Privacy perspective Experience on Data Privacy including design/development and review of privacy framework aligned with GDPR requirements and GAPP framework Performing maturity assessment for cyber setup; Developing cyber strategy roadmap, helping in implementation Consulting knowledge in overall cybersecurity domain with specific experience in engagements, such as NIST, BCP, ISO 27001, SSAE 18, ISAE3402, SOC 2 and regulatory compliances (RBI, SEBI, IRDA), data privacy audits. Manage / Lead engagement for data privacy, regulatory compliance, cyber strategy, ISO 27001 BCP (ISO22301) & third-party risk management (TPRM) Determine client needs, expectations & participate to develop, lead, and execute the overall client service plan Work on proposals, thought leaderships, POVs as required Demonstrate leadership, team management, problem solving and strong verbal and written communication skills Consulting experience (preferred) Immediate joiners (preferred) Certifications - ISO 27001, ISO22301, ISO 27701, CISSP, CISA (advantage)

An Information Security Consultant is responsible for ensuring an organization's data and systems are secure and compliant with industry standards. They assess vulnerabilities, develop security policies, and implement solutions to protect digital

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let’s do this. Let’s change the world. In this vital role you will as an expert IS Architect lead the design and implementation of integration frameworks for pharmacovigilance (PV) systems spanning both SaaS and internally hosted. This role focuses on building secure, compliant, and scalable architectures to ensure seamless data flow between safety databases, external systems, and analytics platforms, without direct access to backend databases. The ideal candidate will work closely with PV system collaborators, SaaS vendors, and internal IT teams to deliver robust and efficient solutions. Roles & Responsibilities: Design hybrid integration architectures to manage data flows between SaaS-based PV systems, internally hosted systems and platforms. Implement middleware solutions to bridge on-premise and cloud environments, applying Application Programming Interface API-first integration design pattern and establishing secure data exchange mechanisms to ensure data consistency and compliance. Work with SaaS providers and internal IT teams to define integration approach for Extract Transform Load (ETL), event-driven architecture, and batch processing. Design and maintain end-to-end data flow diagrams and blueprints that consider the unique challenges of hybrid environments. Define and enforce data governance frameworks to maintain data quality, integrity, and traceability across integrated systems. Lead all aspects of data lifecycle management for both cloud and internally hosted systems to ensure consistency and compliance. Act as the main point of contact between pharmacovigilance teams, SaaS vendors, internal IT staff, and other parties to align technical solutions with business goals. Ensure alignment with the delivery and platform teams to safeguard that the applications follow approved Amgen’s architectural and development guidelines as well as data/software standards. Collaborate with analytics teams to ensure timely access to PV data for signal detection, trending, and regulatory reporting. Continuously evaluate and improve integration frameworks to adapt to evolving PV requirements, data volumes, and business needs. Provide technical guidance and mentorship to junior developers. Basic Qualifications Master’s degree with 4 to 6 years of experience in Computer Science, software development or related field Bachelor’s degree with 6 to 8 years of experience in Computer Science, software development or related field Diploma with 10 to 12 years of experience in Computer Science, software development or related field Must-Have Skills: Demonstrable experience in architecting data pipeline and/or integration cross technology landscape (SaaS, Data lake, internally hosted systems) Experience with Application Programming Interface (API integrations) such as MuleSoft and Extract Transform Load (ETL tools) as Informatica platform, Snowflake, or Databricks. Strong problem-solving skills, particularly in hybrid system integrations. Superb communication and collaborator leadership skills, ability to explain technical concepts to non-technical clients Ability to balance technical solutions with business priorities and compliance needs. Passion for using technology to improve pharmacovigilance and patient safety. Experience with data transfer processes and taking on stuck or delayed data files. Knowledge of testing methodologies and quality assurance standard processes. Proficiency in working with data analysis and QA tools. Understanding data flows related to regulations such as GDPR and HIPAA. Experience in SQL/NOSQL database, database programming languages, data modelling concepts. Good-to-Have Skills: Knowledgeable in SDLC, including requirements, design, testing, data analysis, change control Knowledgeable in reporting tools (e.g. Tableau, Power BI) Professional Certifications: SAFe for Architect certification (preferred) Soft Skills: Excellent analytical skills to gather options to deal with ambiguity scenarios. Excellent leadership and progressive thinking abilities Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to balance multiple priorities Team-oriented, with a focus on achieving team goals Strong presentation and public speaking skills Ability to influence and strive to an intended outcome Ability to hold team members accountable to commitments Shift Information: This position requires you to work a later shift and may be assigned a second or third shift schedule. Candidates must be willing and able to work during evening or night shifts, as required based on business requirements EQUAL OPPORTUNITY STATEMENT Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation .

Job Title: Senior Security Engineer Medical Device Cybersecurity & Compliance Experience Level: 5 to 10 years Location- Ahmedabad/Pune Key Responsibilities: Drive end-to-end cybersecurity integration across the medical device product development life cycle, ensuring security is embedded from concept to release. Develop and maintain cybersecurity for medical products, including security requirements specifications, risk assessments, threat models, and product security architecture documentation. Conduct thorough gap assessments to evaluate compliance with IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97 standards, and implement remediation measures. Perform hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, IoMT (Internet of Medical Things) components, and connected systems. Collaborate closely with development, compliance, and regulatory teams to ensure product security measures meet both internal security policies and external regulatory expectations. Support SBOM management, software supply chain risk evaluations, and third-party component analysis to maintain software transparency and mitigate risks. Provide expert input on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems. Assist in developing incident response strategies and bring working knowledge of HIPAA, GDPR, and HL7 to address data privacy and healthcare-specific regulatory concerns. Contribute to the continuous enhancement of internal secure development processes, tools, and methodologies, while championing security best practices within product teams. We are inviting applications from candidates who can join 15 to 30 days notice. Interested candidates please email your latest updated resume to: ravindra.m@creenosolutions.com For more details please free to reach out to RAVINDRA @ 6305363701

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cyber Threat Intelligence Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide insights that enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cyber Threat Intelligence.- Strong understanding of cloud security principles and frameworks.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze and respond to security incidents effectively. Additional Information:- The candidate should have minimum 3 years of experience in Cyber Threat Intelligence.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify areas for improvement.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services and minimum 2 years of experience in Wiz.IO.- Experience on Microsoft Defender for Cloud, Microsoft Defender.- Strong understanding of cloud security frameworks and best practices on Cloud Security Posture Management (CSPM) and Cloud Access Security Broker (CASB), Container Security- Knowledge on CIS benchmarks - Experience with risk assessment and management in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to design and implement security controls tailored to cloud architectures. Additional Information:- The candidate should have minimum 3 years of experience in Managed Cloud Security Services.- Must be willing to work in 24x7 including rotational night shifts.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat management.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team understanding of cloud security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Knowledge of compliance frameworks such as ISO 27001, NIST, or GDPR.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 15 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : ForgeRock Access Management Good to have skills : Java Standard EditionMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, Provide expert knowledge and function as a subject matter expert on key principles of Identity and Access Management (IAM) Provide scripting support in PowerShell, JavaScript, and PythonIdentity and Access Management technologiesExperience in NIST and/or SOC2Understanding of modern authentication solutions using SAML/OAuth/OIDCIdentity security best practicesCapable in all information security domains including regulatory compliance, risk assessments, controls implementations, governance frameworks and audit processes.Able to integrate with cloud based IAM vendorsAbility to collaborate with high-performance teams and individuals to drive results Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Good To Have Skills: Experience with Java Standard Edition.- Strong understanding of identity and access management principles.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR.- Familiarity with security incident response and management processes. Additional Information:- The candidate should have minimum 7.5 years of experience in ForgeRock Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education