587 Gdpr Jobs - Page 8

KEY ACCOUNTABILITIES/DELIVERABLES Develop and maintain a deep understanding of GGB/GRe business activities, as directed by the CPO Build and maintain strong working relationships with key stakeholders within GGB/GRe and Gallagher more broadly to gain insights to GGB/GRe and Gallaghers business and control environment Assist the CPO to implement the Global Data Privacy Framework (Tier 1) across GGB/GRe Assist the CPO to develop and implement any required GGB/GRe local Data Privacy Frameworks (Tier 2) to minimize privacy risks and drive risk reduction initiatives, including the creation and roll out of policies, standards, processes, playbooks and associated training Train GGB/GRe colleagues in the identification and management of privacy risks and provide coaching to Privacy Champions Complete and maintain GGB/GRe Privacy Risk Registers, with specific focus on inherent and residual risk Provide clear and concise privacy advice in an impactful manner using a wide range of communication channels. Perform privacy horizon scanning Conduct privacy risk assessments, AI impact assessments and personal data transfer impact assessments in respect of new or amended proposed processing activities Develop playbooks for managing and manage complex data subject rights requests including application of applicable exemptions and redactions where required Handle internal and third-party requests for access to GGB/GRe data Assess GGB/GRe personal and commercial data incidents using our playbooks and provide advice and guidance for their containment, mitigation and regulatory reporting obligations Assess privacy risks in relation to GGB/GRes supply chain, working closely with colleagues in security, IT, legal and procurement. Handle GGB/GRe privacy related complaints Provide privacy practitioner advice in relation to GGB/GRe related data protection contractual terms Prepare regular GGB/GRe reports and management information as required. Support the GGB/GRe M&A Privacy Lead(s) in respect of mergers and acquisitions and their future integration or divestiture Assist in the maintenance of GGB/GRes Records of Processing activities Monitor privacy compliance across GGB/GRe as directed by the CPO Carry out duties following internal policies and procedures in accordance with applicable laws, rules, regulations, good governance and Gallaghers shared values putting clients at the heart of our business. Qualifications Min 3+ years demonstrable experience in an operational / consultative privacy role providing hands on privacy advice and support in the identification, assessment, management and monitoring of privacy risks including independently conducting privacy risk assessments and transfer impact assessments as well as advising on complex data subject rights requests Privacy qualifications / certificates e.g. CIPP/E/Asia, CIPM, data protection practitioner certifications (preferred) Technical Knowledge Good practical knowledge of APAC, UK and European data protection laws and regulations such as Singapores Personal Data Protection Act, the UK Data Protection Act 2018, the General Data Protection Regulations 2016. Proven track record of providing hands on privacy advice in line with Data Protection Laws Knowledge of the insurance broking or insurance sector a significant advantage but not essential Knowledge of IT and/or Security an advantage but not essential Experience Experienced in: Working with a broad range of local and global stakeholders Working in a fast-paced environment, to challenging deadlines Being a strong team player with evidenced skills in supporting colleagues and supporting a strong team culture The assessment of and provision of advice and guidance in respect of data incidents Managing and handling data subject rights requests and third-party requests for data including redaction and application of exemptions Conducting privacy risk assessments and transfer impact assessments Assessment of supply chain privacy risks Handling privacy related complaints Creation of data protection policies, standards, procedures, playbooks and training material Working effectively with multi-national teams and stakeholders Working effectively in shared mailboxes Skills/other Strong communicator (oral and written) and capable of robust dialogue Confidence to challenge views and opinions in a sensitive way

Information Security Compliance Manager Location: Embassy Tech Village, Bangalore, India Experience: 5 – 7 Years Work Mode: Full-time, Work from Office About the Role: As an Information Security Compliance Manager at Swiggy, you will be a key driver in ensuring that our security, privacy, and regulatory compliance posture remains robust and aligned with industry standards. This role requires a hands-on candidate who can deliver compliance frameworks, manage compliance reviews and risk assessments, and collaborate across teams to embed security best practices in everyday business operations. You will work closely with internal stakeholders and external auditors to safeguard our environment and keep Swiggy compliant with applicable regulations and standards. What You’ll Do: Compliance Leadership & Program Management Lead and manage the organization’s information security and privacy compliance programs, including data protection, regulatory risk management, and compliance testing. Own remediation efforts, providing clear guidance and tracking to ensure timely closure of compliance gaps. Continuously assess and improve existing compliance policies, controls, and processes. Compliance Reporting & Risk Assessments Plan, coordinate, and execute internal compliance reviews and risk assessments aligned with ISO 27001, ISO 27701, PCI-DSS, and other relevant frameworks. Develop and maintain framework and tools that enable effective measurement of compliance maturity. Conduct security risk assessments and compliance checks across IT systems and business processes. Governance & Reporting Collect, analyze, and deliver detailed compliance reports to senior management and relevant stakeholders. Investigate and document compliance issues, security incidents, and audit findings. Facilitate cross-functional communication to ensure compliance risks are understood and mitigated. Training & Awareness Design and deliver information security and privacy training sessions for new employees and ongoing awareness campaigns for existing staff. Develop materials that clearly articulate compliance requirements and promote a culture of security. Operational Controls & Reviews Conduct periodic reviews of critical systems including Active Directory, HRMS, privileged access, firewall rules, and patch management controls. Collaborate with IT and business teams to ensure compliance-related controls are implemented and effective. Org Certifications & Audits Collaborate with external auditors and stakeholders to maintain org certifications and facilitate external audits What We’re Looking For: Qualifications & Experience: Graduate with 5 to 7 years in information security compliance, governance, risk management, or related roles. Hands-on experience with compliance standards and frameworks including ISO 27001, ISO 27701, PCI-DSS, and data privacy regulations. Proven track record of managing audit processes, compliance testing, and remediation programs. Experience collaborating across technical and business functions to embed compliance in organizational culture. Technical & Professional Skills: Strong knowledge of security frameworks and best practices (NIST, ISO, PCI-DSS, GDPR, etc.). Ability to interpret and apply regulatory requirements and industry standards. Excellent communication skills to present complex compliance topics clearly to diverse audiences. Strong project management skills with the ability to prioritize and drive multiple initiatives. Demonstrated leadership and negotiation skills to influence stakeholders and build consensus. Preferred Certifications: ISO 27001 Lead Auditor or Lead Implementer ISO 27701 Lead Auditor or Lead Implementer Certified Information Security Auditor (CISA) Certified Information Security Manager (CISM) CompTIA Security+ Nice to Have: Knowledge of ITIL processes, PCI-DSS specifics, and Personal Data Protection regulations. Familiarity with cloud security compliance (AWS, Azure, GCP). Experience with governance, risk, and compliance (GRC) tools and exposure to using AI. Visit our tech blogs to learn more about some the challenges we deal with: https://bytes.swiggy.com/the-swiggy-delivery-challenge-part-one-6a2abb4f82f6 https://bytes.swiggy.com/swiggy-distance-service-9868dcf613f4 https://bytes.swiggy.com/the-tech-that-brings-you-your-food-1a7926229886 We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, disability status, or any other characteristic protected by the law.

A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001. 1. Regulatory Compliance Monitoring: o Ensure the technology department complies with relevant laws and regulations, such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. o Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement: o Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. o Regularly review and update policies to ensure they remain aligned with changing regulations and industry best practices. 3. Risk Management: o Assess risks related to technology operations, particularly data privacy and cybersecurity risks. o Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. o Conduct regular audits and reviews of IT systems to ensure they meet compliance standards. 4. Training & Awareness: o Educate and train technology teams and other employees on compliance-related matters, such as data security, privacy policies, and risk mitigation strategies. o Promote awareness of compliance issues, helping staff understand their responsibilities in maintaining compliance. 5. Audit & Reporting: o Prepare reports for management, regulators, or auditors, demonstrating compliance with relevant regulations and policies. o Coordinate internal and external audits related to technology compliance. o Implement corrective actions where necessary to address non-compliance findings. 6. Data Privacy Management: o Oversee data protection strategies and ensure proper handling of sensitive information, including encryption, access control, and data retention policies. o Manage consent collection and user privacy preferences in accordance with privacy regulations. 7. Incident Management: o Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. o Coordinate with relevant authorities if there is a need to disclose any breaches or security incidents.

Associate Manager - Data Privacy : We are seeking a highly motivated and detail-oriented Associate Manager to join our DataPrivacy team. This role involves assisting in the development, implementation, and maintenanceof our data privacy program. As an Associate Manager - Data Privacy, you will help driveprivacy initiatives and ensure organizational compliance with applicable data protectionregulations, including Indias Digital Personal Data Protection Act (DPDPA). The ideal candidatewill have a strong understanding of data privacy laws, regulations and best practices, coupledwith excellent communication, critical thinking, and analytical skills. On a day-to-day basis, youwill be expected to leverage your expertise in privacy laws, concepts, and industry standards tounderstand and navigate complex environments and ensure robust privacy practices. LocationBangalore, HQ, full-time Reports toSenior Manager - Data Privacy FunctionData Privacy, Data Governance, and Data Ethics | Compliance Key Responsibilities: Assist in the development and implementation of privacy program components, includingdrafting and refining policies, procedures, and templates; assist in DPDPAimplementation efforts Collaborate with business and product teams to assess and understand theorganizations use of personal data; serve as the key privacy advisor and point ofcontact for internal stakeholders, guiding privacy-related decisions. Research and monitor evolving privacy laws, regulations, and industry practices / trends,and analyse their impact on our business. Conduct Data Protection Impact Assessments (DPIAs) and risk assessments toproactively address and mitigate privacy risks. Enhance the organizations existing consent management framework in alignment withlegal and regulatory requirements, ensuring seamless integration across functions. Review privacy clauses in vendor contracts and ensure compliance with data protectionrequirements; provide assistance on the third party risk management process to mitigateprivacy risks. Help investigate and manage privacy incidents, including support with reporting andresolution. Support in handling data principle requests and ensure timely responses; assist inaddressing queries related to data privacy rights and data protection practices. Assist with continuous monitoring and testing of existing privacy controls implementedacross businesses, identify gaps, and initiate corrective measures. Assist data discovery activities across the enterprise; ensure maintenance of personaldata inventory. Assist design and delivery of mandatory privacy training and role-specific awarenessprograms to increase privacy awareness. Qualifications and : Bachelors / Masters Degree in Computer Science, Law, Information Security, Privacy,or related fields 4-6 years of overall experience working in the Privacy domain In-depth knowledge of global privacy laws and frameworks, including GDPR, DPDPA,CCPA, Information Technology Act, and regulations from RBI, SEBI, IRDAI and otherregulators Strong documentation and communication skills and proficiency with frameworkdevelopment, assessments, and policy and procedure documentation; advancedworking knowledge of MS Office applications Team player; ability to interface and build relationships with stakeholders Strong bias for action with exceptional problem solving skills Good to have: Professional certifications such as DCPP, DCPLA, CIPP/E, CIPM, CIPT, or equivalentare desirable Experience working in the FinTech industry and understanding of various products andservices PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

1. SFMC Solution Architect (Zeta Experience Preferred) Key Skills & Experience: 7+ years of SFMC architecture experience Hands-on with Email Studio, Journey Builder, Automation Studio Prior experience with Zeta platform preferred Proven background in large-scale migration projects (SFMC to Zeta/other ESPs) Expertise in AMPscript, SSJS, SQL, APIs (REST/SOAP) , ETL, and email compliance (CAN-SPAM, GDPR) Solid experience in IP warming , domain auth (SPF, DKIM, DMARC) Strong documentation and cross-functional collaboration skills Nice to Have: SFMC Architect/Consultant Certification Zeta Certification CDP & CRM integration knowledge 2. SFMC Developers (2 Positions | Zeta Experience Preferred) Key Skills & Experience: 4+ years of SFMC development experience Strong in AMPscript, SSJS, SQL , APIs, template development Experience or familiarity with Zeta platform Involvement in migration projects (especially ESP transitions) Understanding of IP warming , authentication protocols, compliance, ETL/data sync Nice to Have: SFMC Developer/Consultant Certs Zeta Certification Knowledge of CDP, CRM, or multi-channel marketing

Job Summary GRC Consultant Responsibilities Job Summary We are seeking an experienced IT GRC Manager to lead our Governance Risk and Compliance initiatives The candidate will be responsible for developing and implementing IT GRC strategies ensuring compliance with regulatory requirements and managing risk across the organization This role requires a deep understanding of IT governance frameworks risk management practices and compliance standards Key Responsibilities Governance Develop and maintain IT governance frameworks policies and procedures Ensure alignment of IT strategies with business objectives Oversee the implementation of IT governance initiatives and monitor their effectiveness Risk Management Identify assess and manage IT risks across the organization Develop and implement risk mitigation strategies Conduct regular risk assessments in according with NIST standard and audits to ensure compliance with internal and external standards Compliance Ensure compliance with relevant regulatory requirements eg GDPR HIPAA SOX Develop and maintain compliance documentation and reports Coordinate with internal and external auditors to facilitate compliance audits Leadership Lead and mentor a team of IT GRC professionals Collaborate with crossfunctional teams to promote a culture of risk awareness and compliance Provide regular updates to senior management on IT GRC activities and initiatives Qualifications Strong knowledge of IT governance frameworks eg COBIT ITIL Experience with regulatory compliance standards eg GDPR HIPAA SOX Excellent analytical problemsolving and communication skills Relevant certifications eg CISA CRISC CISM are a plus Skills Strong leadership and team management skills Ability to work collaboratively with crossfunctional teams Proficiency in risk assessment and management tools Excellent organizational and project management skills Strong attention to detail and ability to manage multiple priorities

Responsibilities: * Design enterprise architectures for AI deployments, data lakes & warehouses. * Lead legacy system modernization initiatives. * Ensure compliance with NIST, ISO & GDPR standard * Align AI, cloud, and security with business goals.

Job Title: Data Protection Officer (Contract-Based | Hourly | On-Call) Location: Remote / India (with availability for EU/UK time zone coordination) Type: Contractual | Hourly Basis | As-needed Engagement Experience: 4 - 5 years of relevant experience Job Summary: We are looking for an experienced and independent Data Protection Officer (DPO) to support our organization in ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data privacy laws. This is a contract-based, hourly paid position , and the DPO will be engaged on an as-needed basis . The role requires flexibility to provide consultation, conduct reviews, and respond to data protection matters when required. Key Responsibilities: Serve as the point of contact for UK/EU residents , supervisory authorities, and internal teams regarding data protection issues. Identify and evaluate the companys data processing activities . Provide expert advice on conducting Data Protection Impact Assessments (DPIA) . Monitor compliance with GDPR and applicable local data protection laws . Review and advise on data management procedures and internal policies. Offer consultation on incident response and handling of privacy breaches . Track regulatory changes and provide recommendations to maintain compliance. Maintain and update a register of processing operations , including risk-prone processes for prior checks. Support internal awareness and training initiatives regarding data protection obligations. Requirements- Work experience in data protection and legal compliance is a must. Solid knowledge of GDPR and data protection laws. Ability to handle confidential information. Ensure that controllers and data subjects are informed about their data protection rights, obligations and responsibilities and raise awareness about them; Create a register of processing operations within the institution and notify the EDPS those that present specific risks (so-called prior checks); Ethical, with the ability to remain impartial and report all non-compliances Organizational skills with attention to details. Experience: 4-5 years expertise in managing international data protection compliance programs and implementing data governance policies, technology compliance standards and programs, and privacy-by-design frameworks. To be successful in this role, you should have in-depth knowledge of GDPR and local data protection laws and be familiar with our industry and the nature of its data processing activities.

The Cyber Crisis Manager is responsible for handling cybersecurity crisis operations, developing strategies to improve resilience and directing responses during cyber crises. This role includes designing defences, leading response efforts, and ensuring alignment with business goals. Key Responsibilities Crisis OperationLead and coordinate the response to cyber crisis situations, including data breaches, malware attacks, and other major security incidents. Serve as a strategic advisor and operational leader during live cyber crises, directing decisions on resource allocation, internal and external communications, and multi-stakeholder engagement to mitigate impact and safeguard reputation. Actively track and interpret attacker behaviours, and emerging cyber risks, embedding these insights into proactive strategies, response playbooks, and operational plans. Develop, maintain, and regularly update detailed cyber crisis management plans and protocols. Lead and organize simulations, live-fire exercises, and drills to improve cyber defence teams' skills in handling cyber crises. Evaluate the scale, impact, and severity of cyber incidents promptly, offering real-time operational guidance on containment, mitigation, recovery actions, and business continuity. Facilitate post-crisis reviews, lessons-learned sessions, and after-action analyses with senior stakeholders, providing actionable insights to enhance future resilience and operational preparedness. Regulatory Compliance.Perform in-depth research into regulatory mandates, risk frameworks, industry standards and security policies. Translate these complex requirements into clear operational strategies to advance organizations resilience and crisis-readiness goals. Familiarity with industry leading SIEM/SOC platforms (e.g. Palo Alto XSIAM, Splunk, QRadar) and service management tools (e.g. ServiceNow) is required. Qualifications EducationBachelor's degree in Engineering in Cybersecurity, Information Technology, or a related field. Advanced degrees or certifications (e.g., CISSP, CISM) are preferred. Experience 12+years of experience in information security, incident response, or a related field. Skills: Strong leadership, communication, and problem-solving skills. Ability to work under pressure and handle multiple tasks simultaneously. KnowledgeIn-depth understanding of cyber threats, vulnerabilities, and mitigation techniques, Familiarity with regulatory requirements (GDPR, HIPAA, and PCI-DSS) and industry best practices, MITRE, NIST framework. Technical ProficiencyProficient in using cybersecurity tools and technologies for monitoring, detecting, and responding to incidents. Willingness to manage incident response actions 24x7 as needed. Applications from people with disabilities are explicitly welcome.

New requirement - JD for Cybersecurity risk manager: Key responsibilities As a Cyber Risk & compliance Professional in our Group CISO office, you will be occupied in the following domainsa) Risk management b) Compliance.This role is responsible for planning, managing and coordinating various cybersecurity risk management activities focused on identifying, assessing, and mitigating risks for the enterprise from a business perspective. Skill requirement: Degree, or equivalent, in Information Security or Cyber Security or Computer science or similar course Self-motivation to continuously develop in the areas of cybersecurity Ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience Cyber / technology risk assessments & management methodologies Hands on with assessment report preparation and presenting to senior technical and business stakeholders Articulative and confident in presentation to senior stakeholders Knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Advanced knowledge and understanding of ITGC, NIST 800-53, NIST CSF controls and Risk management frameworks Expertise in complex business processes and technological risks Deep understanding of security technologies including firewalls, proxies, SIEM, XDR, CSPM, IGA, PAM, Data protection Experience8 12 years. Applications from people with disabilities are explicitly welcome.

Be responsible for maintaining, and uplifting IAM PAM control Collaborate with business units and IT teams, to gather requirements and ensure smooth project execution. Experience of working in a regulated environment with exposure to global regulatory requirements, including GDPR, SOX, PCI DSS, and ISO 27001. Lead cross-functional teams, work alongside project managers, control owners, business analysts, and technical specialists. Foster collaboration and resolve conflicts to maintain project momentum. Continuously evaluate processes and propose enhancements to improve efficiency, scalability, and security.. Identify, assess, and mitigate risks throughout the project lifecycle. Project initiation, planning, execution, monitoring, and closure documentation including but not limit project charter, project plan, various status report, performance report and project closeout report. Mandatory Skills: Privilege Password Management CyberArk. Experience5-8 Years.

We are seeking a forward-thinking AI Architect to design, lead, and scale enterprise-grade AI systems and solutions across domains. This role demands deep expertise in machine learning, generative AI, data engineering, cloud-native architecture, and orchestration frameworks. You will collaborate with cross-functional teams to translate business requirements into intelligent, production-ready AI solutions. Key Responsibilities: Architecture & Strategy Design end-to-end AI architectures that include data pipelines, model development, MLOps, and inference serving. Create scalable, reusable, and modular AI components for different use cases (vision, NLP, time series, etc.). Drive architecture decisions across AI solutions, including multi-modal models, LLMs, and agentic workflows. Ensure interoperability of AI systems across cloud (AWS/GCP/Azure), edge, and hybrid environments. Technical Leadership Guide teams in selecting appropriate models (traditional ML, deep learning, transformers, etc.) and technologies. Lead architectural reviews and ensure compliance with security, performance, and governance policies. Mentor engineering and data science teams in best practices for AI/ML, GenAI, and MLOps. Model Lifecycle & Engineering Oversee implementation of model lifecycle using CI/CD for ML (MLOps) and/or LLMOps workflows. Define architecture for Retrieval Augmented Generation (RAG), vector databases, embeddings, prompt engineering, etc. Design pipelines for fine-tuning, evaluation, monitoring, and retraining of models. Data & Infrastructure Collaborate with data engineers to ensure data quality, feature pipelines, and scalable data stores. Architect systems for synthetic data generation, augmentation, and real-time streaming inputs. Define solutions leveraging data lakes, data warehouses, and graph databases. Client Engagement / Product Integration Interface with business/product stakeholders to align AI strategy with KPIs. Collaborate with DevOps teams to integrate models into products via APIs/microservices. Required Skills & Experience: Core Skills Strong foundation in AI/ML/DL (Scikit-learn, TensorFlow, PyTorch, Transformers, Langchain, etc.) Advanced knowledge of Generative AI (LLMs, diffusion models, multimodal models, etc.) Proficiency in cloud-native architectures (AWS/GCP/Azure) and containerization (Docker, Kubernetes) Experience with orchestration frameworks (Airflow, Ray, LangGraph, or similar) Familiarity with vector databases (Weaviate, Pinecone, FAISS), LLMOps platforms, and RAG design Architecture & Programming Solid experience in architectural patterns (microservices, event-driven, serverless) Proficient in Python and optionally Java/Go Knowledge of APIs (REST, GraphQL), streaming (Kafka), and observability tooling (Prometheus, ELK, Grafana) Tools & Platforms ML lifecycle tools: MLflow, Kubeflow, Vertex AI, Sagemaker, Hugging Face, etc. Prompt orchestration tools: LangChain, CrewAI, Semantic Kernel, DSPy (nice to have) Knowledge of security, privacy, and compliance (GDPR, SOC2, HIPAA, etc.)

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team understanding of cloud security practices.- Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Knowledge of compliance frameworks such as ISO 27001, NIST, or GDPR.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 15 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and maintain comprehensive documentation of cloud security policies and procedures.- Conduct regular assessments of cloud security controls to ensure effectiveness and compliance. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to design and implement security solutions tailored to cloud architectures. Additional Information:- The candidate should have minimum 3 years of experience in Managed Cloud Security Services.- This position is based at our Nagpur office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure and efficient cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments of cloud security controls to ensure effectiveness and compliance. Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Ability to analyze security incidents and implement corrective actions. Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security protocols.- Evaluate and recommend new security technologies to improve the existing framework. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Strong understanding of cloud security principles and practices.- Experience with risk assessment methodologies and frameworks.- Ability to design and implement security controls in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. Additional Information:- The candidate should have minimum 7.5 years of experience in Integrated Security Risk Management.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills.- Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with compliance standards such as GDPR, HIPAA, and ISO 27001.- Ability to conduct risk assessments and vulnerability assessments. Additional Information:- The candidate should have minimum 7.5 years of experience in Saviynt Identity Platform.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Governance Risk Compliance (GRC) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a GRC the individual is responsible for shaping and leading the enterprise GRC strategy, ensuring alignment with business goals and regulatory expectations. This role provides oversight across cybersecurity governance, enterprise risk, compliance, and audit readiness functions. Acts as a strategic partner to business units, drives risk-informed decisions, and leads large-scale compliance and risk initiatives. Also mentors junior team members and ensures consistent delivery and maturity of GRC capabilities. Roles & Responsibilities- Lead the implementation and continuous improvement of the GRC framework aligned to standards like ISO 27001, NIST CSF, and industry-specific regulations.- Serve as the primary point of contact for internal and external audits, regulatory assessments, and executive risk reporting.- Define and govern cybersecurity policies, risk acceptance frameworks, and control standards across the organization.- Own the risk management lifecycle from risk identification and assessment to treatment and monitoring across IT and business functions.- Oversee third-party risk management processes, including onboarding assessments and ongoing monitoring.- Drive compliance initiatives such as SOX, GDPR, HIPAA, PCI-DSS, etc., ensuring adherence and risk mitigation.- Guide the selection, configuration, and optimization of GRC platforms like ServiceNow GRC, RSA Archer, MetricStream- Present risk posture and compliance status to leadership and steer decision-making through executive dashboards and reports.- Lead and mentor a team of GRC analysts and specialists; ensure delivery quality and continuous knowledge development.- Act as a trusted advisor to CISO, CIO, and business leadership on risk implications of strategic initiatives. Professional & Technical Skills: -Strong leadership in risk, compliance, and audit management.- Deep understanding of cybersecurity controls and enterprise risk principles.- Extensive knowledge of regulatory frameworks (SOX, GDPR, HIPAA, etc.) and standards (NIST, ISO, COBIT).- Hands-on experience with GRC tools and enterprise risk reporting.- Excellent communication, influencing, and stakeholder engagement skills.- Proven ability to translate complex risks into actionable and strategic decisions.- Experience leading cross-functional teams and managing multiple stakeholder expectations. Additional Information:- The candidate should have minimum 7.5 years of experience in Governance Risk Compliance (GRC).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Governance Risk Compliance (GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :The GRC Analyst plays a pivotal role in driving the execution of cybersecurity governance, risk, and compliance programs. The individual is responsible for managing risk assessments, supporting audits, maintaining policy frameworks, and tracking regulatory adherence. Acts as the liaison between technical teams and risk/compliance stakeholders to ensure proper security and compliance hygiene is maintained across the enterprise. Roles & Responsibilities:- Conduct periodic risk assessments and control reviews across business units and IT systems.- Maintain and enhance cybersecurity policy and standards framework aligned to industry standards NIST, ISO 27001, etc.- Facilitate internal and external audits (e.g., ISO, SOC2, SOX), coordinate evidence collection, and track remediation plans.- Monitor regulatory changes and assess their impact on business operations.- Support third-party/vendor risk assessments and due diligence.- Ensure risk exceptions and findings are documented and tracked to closure.- Collaborate with IT and business stakeholders to implement control improvements and reduce risk.- Manage GRC tools (e.g., Archer, ServiceNow GRC) for risk and compliance workflows.- Assist in metrics reporting and executive dashboards for leadership reviews. Professional & Technical Skills: - Strong understanding of cybersecurity controls, frameworks (NIST, ISO, CIS).- Hands-on experience with risk management lifecycle and control assurance.- Good knowledge of regulatory requirements:SOX, GDPR, HIPAA, etc.- Exposure to GRC platforms likeArcher, ServiceNow, OneTrust, etc. Strong documentation and communication skills for audit and stakeholder engagement.- Ability to interpret technical risk into business language. Additional Information:- The candidate should have minimum 3 years of experience in Governance Risk Compliance (GRC).- A 15 years full time education is required.-This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary As a Security Team Lead, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of cloud security policies and procedures.- Conduct regular security assessments and audits to ensure compliance with established security standards.- Configuration, management and monitoring of Azure Firewall to control and monitor network traffic effectively.- Monitoring of Azure WAF to protect web applications.- Working on Microsoft Sentinel to effectively perform triaging for security incidents from an L3 perspective.- Manage secure score and compliance score in Microsoft Defender for Cloud to ensure the security and compliance of cloud resources.- Provide application teams with insights for remediation on the basis of agreed measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management in cloud environments.- Knowledge of compliance standards such as ISO 27001, NIST, and GDPR.- Familiarity with security tools and technologies for cloud environments.- Knowledge of Azure Sentinel, Azure Firewall, Azure WAF, Microsoft Defender. Additional Information:- The candidate should have minimum 5 years of experience in Managed Cloud Security Services.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies, procedures, and guidelines to ensure compliance with regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and practices.- Experience with risk assessment methodologies and frameworks.- Familiarity with security compliance standards such as ISO 27001, NIST, and GDPR. Additional Information:- The candidate should have minimum 5 years of experience in Integrated Security Risk Management.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture DesignMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while maintaining a focus on compliance and risk management. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development of security policies and procedures to enhance organizational security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and practices.- Experience in risk assessment and management methodologies.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 3 years of experience in Integrated Security Risk Management.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Develop and maintain comprehensive documentation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management methodologies.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to analyze security incidents and implement corrective actions. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based in Hyderabad.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Data Privacy Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Maintaining the integrity of data and processes in OneTrust or Securiti.ai.- Hands-on support using OneTrust or securiti.ai in data discovery, classification & data governance.- Hands-on support using OneTrust or securiti.ai in performing data security posture management.- Supporting the team with OneTrust or securiti,ai privacy assessments.- Hands-on support using OneTrust or securiti.ai for Policy & Notice Management and DPIA.- Hands-on support using OneTrust or securiti,ai for Cookie compliance, including scanning and banner.- Hands-on support using OneTrust or securiti.ai for Consent compliance and maintain records of consent.- Hands-on support using OneTrust or securiti.ai for Data Subject Requests to automate request to fulfilment to meet regulatory deadlines.- Hands-on Data retention & deletion - Manage and enforce retention policies and data deletion.- Evaluating PIA/DPIA assessments for Risk Management, including Vendors.Professional and Technical Skills: - 3-4 years of hands-on experience as an OneTrust or Securiti.ai administrator.- 3 years of work experience with data privacy regulations such as GDPR, CCPA,DPDP (mandatory).- 2 years of work experience in defining & managing DSAR, DPIA's, Consent, Cookie, TPRM & RoPA lifecycles. 2 years of work experience in performing Data Discovery , Classification, Data Governance, Data Mapping & Cataloging and Data Security Posture Management. Excellent communication skills in English - both written and verbal.- OneTrust or Securiti.ai certified Professional (required). Additional Information:- The candidate should have minimum 12 years of experience in Security Data Privacy.- A 15 year full time education is required.- This will be a work from office on all 5 days, and the resource needs to work from client location only. Qualification 15 years full time education