790 Grc Jobs - Page 4

Role Overview: The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities: • Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. • Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. • Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. • Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. • Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). • Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. • Collaborate with OT security engineers and external vendors to escalate and remediate incidents. • Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. • Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. • Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. • Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge: • Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. • Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). • Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. • Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. • Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. • Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. • Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice to Have: • Exposure to Red Team/Blue Team exercises focused on OT/ICS. • Familiarity with GRC platforms and risk assessment tools tailored to OT.

Role & RESPONSIBILTY Conduct threat modeling and risk assessments to evaluate potential security risks associated with the organization. Provide guidance on risk remediation strategies and the implementation of countermeasures to address identified security risks. Ensure GDPR & PCI-DSS compliance across all areas of the organization. Work with the development team to ensure compliance with SDLC lifecycle and secure coding practices. Lead encryption efforts and disable deprecated protocols to maintain data security while in transit or at rest. Incorporate NIST framework into the organization's security practices and stay up-to-date with the latest controls. Review penetration testing reports, static and dynamic application security testing results, SaaS platforms, Azure Defender reports, and third-party application integration risks to identify vulnerabilities and evaluate overall security posture. Provide expertise in security and network architecture and design. Create comprehensive data flow diagrams to identify potential threats and identify areas for improvement. Evaluate cloud security posture and provide recommendations to enhance overall security. Continuously identify potential flaws in the entire architecture and implement security controls and practices to prevent future breaches. REQUIREMENTS: Bachelor's degree in Computer Science, Information Technology, or related fields 8+ years of experience in information security or related fields Strong understanding of GDPR & PCI-DSS requirements Experience with threat modeling, risk assessment, and remediation Familiarity with secure application development principles and secure coding practices Experience with identity and access management (IAM) solutions and authentication protocols such as SAML, OAuth, and OpenID Connect Understanding of network security protocols such as TCP/IP, DNSSEC, SSL/TLS, IPSec, and firewalls Experience in encryption technologies and protocols for data security Knowledgeable in NIST framework controls Strong analytical and problem-solving skills Expertise in security architecture and network design Proficiency with creating detailed data flow diagrams Familiarity with cloud security trends and best practices Experience with DevOps and CI/CD pipelines and creating a DevSecOps culture Excellent communication and interpersonal skills Professional Certifications: CISSP, CCSP, CCSK, CEH

ROLE & RESPONSIBILTY: Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. Risk Consulting IT Advisory Cyber Security: Cyber Risk Assessments The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. 2020 KPMG, an Indian Registered Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International. REQUIREMENTS: Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments.•Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices.•Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. >>CRITERIA oEducation 60% above throughout academicsoOne 3 years (at least) regular course is must either Diploma or GraduationoCourse: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalentoCertification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA (At least one)oCCNA (Mandatory), CCNP or equivalent(optional).

4-6 Years experience on creating Design documents, Implementation/ Change Management Plans or Optimization of reports (beyond day-to-day routine operations) is a must. Expertise in Implement &/or design (design is must for CE3) of one of the following - Priority is Firewall and Cisco ISE and good if candidates have hands on exp on Identity solutions, Email Security, Web Security/Proxy, Cloud Security. 3rd Party Firewall is a Plus

.Candidate should have 8-10 years of experience in SAP S/4 HANA ,GRC,BOBJ,BW/4HANA,HANA security and IBP security. 2.Experience in S/4 HANA Fiori role administration and troubleshooting Fiori access issues. 3.Working experience on SAP HANA Database security user administration and role administration. 4.Design, Develop and maintain BW row level security (Analysis Authorizations) and roles. 5.Experience in design and development of HANA analytical/SQL privileges based on BW models. 6.Design and create HANA roles for access to analytical and object privileges 7.Develop and maintain SAP Business Objects security (BO ) and integration with BW 8.Transportation of Security Objects/Roles within HANA Landscape Design. 9.Experience in user administration and roles administration of IBP application. 10.Experience in Permission and attribute filters for IBP roles. 11.Experience in SAP GRC Access Controls is preferred. Roles and Responsibilities .Candidate should have 8-10 years of experience in SAP S/4 HANA ,GRC,BOBJ,BW/4HANA,HANA security and IBP security. 2.Experience in S/4 HANA Fiori role administration and troubleshooting Fiori access issues. 3.Working experience on SAP HANA Database security user administration and role administration. 4.Design, Develop and maintain BW row level security (Analysis Authorizations) and roles. 5.Experience in design and development of HANA analytical/SQL privileges based on BW models. 6.Design and create HANA roles for access to analytical and object privileges 7.Develop and maintain SAP Business Objects security (BO ) and integration with BW 8.Transportation of Security Objects/Roles within HANA Landscape Design. 9.Experience in user administration and roles administration of IBP application. 10.Experience in Permission and attribute filters for IBP roles. 11.Experience in SAP GRC Access Controls is preferred.

Hiring a Senior Cybersecurity GRC Consultant, you will play a pivotal role in helping organizations manage and improve their Governance, Risk, and Compliance (GRC) frameworks. You will be responsible for setting up and leading assessments, implementing strategies, and advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements. 8+ Years of Experience in cybersecurity, risk management, and governance, with a proven track record of leading GRC initiatives. Educational Background: Bachelors or Masters degree in Information Technology, Cybersecurity, Computer Science, Business Administration, or a related field. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or similar. Must have experience in customer facing projects (onsite / offsite); Should be able to lead the junior team members. In-depth Knowledge of Cybersecurity Frameworks: Expertise in implementing and advising on security frameworks such as Unified Cybersecurity Framework, NIST/RBI/IRDAI/SEBI Cybersecurity Frameworks, ISO 27001/2, CIS Controls etc. Project Management: Proven ability to manage and lead multiple GRC projects simultaneously, with strong organizational and time-management skills. Client-Focused: Demonstrated ability to build and maintain relationships with clients, providing expert advice and ensuring customer satisfaction. Cloud Security: Knowledge of cloud environments (AWS, Azure, Google Cloud) and their associated risks and compliance requirements. Penetration Testing & Vulnerability Management: Familiarity with vulnerability assessment, penetration testing, and ethical hacking practices. Incident Management: Experience in developing or improving incident response plans, business continuity plans, and disaster recovery strategies.

Assist in the execution of statutory, tax, and internal audits for clients in various sectors. Prepare and analyze financial statements in accordance with applicable accounting stads. Conduct vouching, verification & reconciliation of financial data. Required Candidate profile Perform review and preparation of GST workings, returns (GSTR-1, GSTR-3B, GSTR-9, etc) & reconciliation. Ensure timely deduction and deposit of TDS and filing of related returns (Form 26Q, 24Q, etc.).

Good to have : (CSA) Certified ServiceNow Admin. Mandatory : Real-time working experience on ServiceNow Products IRM/GRC/SecOps/TPRM, Integrations knowledge & Advanced Service Portal. Experience on (ITSM, SPM, HRSD will be an added advantage). Advanced ServiceNow technical skill - UI Policies, UI Macros, UI Pages, Client Scripts, Script Includes, Business Rules, Mid Server Configuration & Architecture, ACLs, Import Sets, Transform Maps and Update sets. • Advanced Knowledge and experience with JavaScript, HTML, CSS, Bootstrap, JSON, REST and SOAP. • Exposure on latest versions of ServiceNow including GenAI, Agentic AI, Now Assist is expected. • Should be an Subject matter expertise, who will act as Technical Product Advocate by designing / developing / supporting various ServiceNow Products; with a blend of expertise in IRM-GRC family & ITSM, HRSD, CSM, CMDB within ServiceNow platform. • Researches and evaluates alternative solutions and recommends the most efficient and cost-effective solutions. • Leads & guides Team / Manage major project deliverables. • Proficient in Agile development and all phases of the Application Development Lifecycle. • Must be professional, well-spoken and able to interact with onsite teams and customers. • Must be self-directed and able to manage competing priorities and proactively communicate when conflicts arise. • Strong problem solving and analytical skills.

SAP GRC Consultant The security team architects and builds the controls and this team is responsible for compliance, operations and owns the controls the security team build. This person maintains GRC solutions and managing access controls Requirement- End-to-end ownership of SAP GRC Access Control supporting over 300+ applications Responsible for production access management, audit readiness, and automation of GRC processes Involvement from the build phase through support Expertise areas: SAP GRC Access Control SAP Security SAP Role Design Tools/Technologies: SAP GRC SAP HANA SAP FIORI

Role Overview: We are seeking a highly experienced and visionary ServiceNow Architect with a strong focus on ServiceNow App Engine implementation . The ideal candidate will possess over 10 years of progressive experience in IT, with a significant portion dedicated to architecting and delivering robust solutions on the ServiceNow platform. This role requires deep technical expertise, strategic thinking, and the ability to lead the design and implementation of custom applications using ServiceNow's low-code/no-code capabilities, particularly within the App Engine ecosystem. Key Responsibilities: Lead the architectural design, development, and implementation of custom applications and workflows using the ServiceNow App Engine. Translate complex business requirements into scalable, efficient, and secure technical solutions on the ServiceNow platform. Provide expert guidance and best practices for leveraging ServiceNow App Engine Studio (AES), Flow Designer, Process Automation Designer, UI Builder, and other App Engine components. Oversee and contribute to advanced ServiceNow scripting (Business Rules, Script Includes, Client Scripts, UI Policies, UI Actions, etc.) to extend platform functionality. Design and implement integrations between ServiceNow and external systems using Integration Hub, REST, SOAP, and other relevant technologies. Ensure adherence to ServiceNow best practices, architectural standards, security guidelines, and performance optimization principles. Collaborate closely with business stakeholders, product owners, developers, and other IT teams to ensure successful project delivery. Conduct technical reviews, provide mentorship to development teams, and foster a culture of innovation and continuous improvement. Stay abreast of the latest ServiceNow features, releases, and industry trends, particularly concerning the App Engine and low-code/no-code development. Technical Skills Required Skills (Must to Have): Overall Experience: 12+ years of progressive experience in IT, with a strong focus on enterprise application development and architecture. ServiceNow Architecture Experience: Proven experience (at least 3-5 years) specifically as a ServiceNow Architect, leading solution design and implementation. ServiceNow App Engine Expertise: Demonstrable, hands-on experience in implementing and architecting solutions using ServiceNow App Engine . Expertise with App Engine Studio (AES) for custom application development. Deep proficiency in Flow Designer for workflow automation. Strong experience with UI Builder for creating engaging user experiences. ServiceNow Development: Expert-level proficiency in ServiceNow scripting including Server-side (Business Rules, Script Includes, GlideRecord, Scripted REST APIs) and Client-side (Client Scripts, UI Policies, UI Actions). Integrations: Solid experience designing and implementing integrations using ServiceNow Integration Hub, REST APIs, SOAP, and other integration patterns. Platform Knowledge: In-depth understanding of the ServiceNow data model, security framework (ACLs, roles), and platform capabilities. Problem-Solving: Exceptional analytical and problem-solving skills with the ability to troubleshoot complex technical issues. Communication: Excellent verbal and written communication skills, with the ability to articulate complex technical concepts to both technical and non-technical stakeholders. Location: Ability to work from our Gurugram office. Nice-to-have skills Preferred Skills (Good to Have): Experience with Process Automation Designer for orchestrating multi-departmental workflows. Familiarity with the ServiceNow Now Experience UI Framework and component development. Experience with other core ServiceNow modules (e.g., ITSM, CSM, HRSD, ITOM, GRC) and how they integrate with custom applications. Knowledge of Agile/Scrum methodologies and experience working in an Agile development environment. Understanding of ServiceNow DevOps and CI/CD practices . Additional ServiceNow certifications (e.g., Certified Implementation Specialist in relevant modules, or Certified Technical Architect - CTA). Experience with cloud platforms (AWS, Azure, GCP) from an integration or hosting perspective. Prior experience in a technical leadership or mentorship role, guiding junior developers. Certifications: ServiceNow Certified System Administrator (CSA). ServiceNow Certified Application Developer (CAD).

You are looking for a highly skilled and knowledgeable professional to join our team as a Windows OS/HW New Product Introduction (NPI) engineer specialist. In this role, you will be responsible for integrating Microsoft's extensive Windows OS knowledge into our product development lifecycle, strategically aligning it with our internal products. The ideal candidate will possess a deep understanding of Windows OS, CPU, RAM, and endpoint communication, and will be adept at troubleshooting and resolving various technical issues related to Windows OS and hardware. This includes managing different versions of Windows, addressing hardware and software integration issues, providing technical support, and ensuring security and compliance. You should stay ahead of both the OS and hardware vendors" roadmap and anticipate and address both software and hardware implications in an enterprise environment. Additionally, a preference is given to candidates with expertise in GRC (Governance, Risk, and Compliance) within the medical device industry. Key Responsibilities: Windows OS Integration: - Leverage in-depth knowledge of Microsoft Windows OS to guide and integrate it effectively within the organization's product development lifecycle. - Stay abreast of the Windows OS roadmap, anticipating upcoming changes and features that can be leveraged for product enhancement. - Provide technical support for various Windows OS and hardware-related issues. - Troubleshoot and resolve issues related to software and hardware integration. Hardware Expertise: - Possess a strong understanding of CPU, memory, and Windows OS endpoint communication. - Evaluate and communicate the impact of hardware decisions on software functionality and vice versa during the NPI process. Enterprise Environment: - Apply experience working in an enterprise environment to tailor Windows OS integration strategies that meet the specific needs and challenges of large-scale deployments. - Manage and investigate technical issues and ensure successful installation and configuration of Windows OS in various environments. Bridge the gap between software and hardware teams, providing insights into the implications and requirements on both fronts. Regulatory Compliance: - Preferably, have familiarity with Governance, Risk, and Compliance (GRC) frameworks, especially within the medical device industry. - Ensure that NPI processes adhere to relevant compliance standards and regulations. - Assist with understanding and implementing security measures and processes. Project Management: - Oversee the implementation of new features and updates. - Assist with the preparation and execution of pen tests on devices. Education Qualification & Skills Required: - 4+ years of experience as an NPI, OS/HW/SW, or Sr. IT Endpoint Engineer, with a strong focus on Windows OS integration and hardware management. - A bachelor's degree in computer science, Information Technology, Mechanical Engineering, or a related field. - Proven experience with Microsoft Windows OS, including in-depth knowledge of its architecture, features, and integration within product development lifecycles. - A strong background in hardware components, including CPU, memory, and endpoint communication, with the ability to evaluate and communicate the impact of hardware decisions on software functionality. - Experience in troubleshooting and resolving various technical issues related to Windows OS and hardware integration. - Previous experience working in an enterprise environment, understanding the complexities of large-scale deployments, and tailoring Windows OS integration strategies to meet specific needs and challenges. - Excellent communication and collaboration skills, with the ability to bridge the gap between technical and non-technical stakeholders. - Proven ability to work closely with internal product teams, software, and hardware teams to ensure seamless integration of Windows OS features and updates. - Experience in overseeing the implementation of new features and updates, managing technical issues, and ensuring successful installation and configuration of Windows OS in various environments. About the Company: Transforming smiles. Transforming lives. Transforming an industry. At Align Technology, we believe a great smile can transform a person's life, so we create technology that gives people the confidence to take on whatever's next. We revolutionized the orthodontic industry with the introduction of the Invisalign system, and we have never lost sight of that spirit of innovation. Our teams are constantly pushing the boundaries of what's possible. What We Offer: - Competitive salary and benefits package. - Opportunity to work with a dynamic and innovative team. - Professional growth and development opportunities.,

As a potential candidate for this permanent position, you should possess at least 3-7 years of experience in IT service, Information Security, or GRC. It is essential to have experience in a minimum of two management system transformation cycles. An MBA or a Bachelor of Engineering degree is required for this role. The ideal candidate should be high energy, possess excellent problem-solving capabilities, and have strong communication skills.,

You will be responsible for implementing and configuring software as per project requirements and best practices. This includes installation and technical setup either on client sites or through remote connections. You will deliver functional, technical, and project information to sales for commercial proposals. Your role will involve participating in customer workshops to define detailed product requirements. You will work on software configuration and customization within project boundaries and agreed functional requirements to ensure smooth application and full implementation. Additionally, you will prepare and conduct product-related training for end-users and administrators to ensure proficient product usage. Keeping knowledge and skills up-to-date is crucial for performing effectively. Administrative tasks should be completed accurately and in compliance with regulations. Sharing knowledge and experiences with colleagues through training sessions is an essential part of the role. You will actively contribute to providing information to sales for commercial proposals. Being supportive of individual and team success is a key aspect of the position. Requirements: - Education: Degree in Computer Science, Business/Finance, or related field, or equivalent work experience. - Special Qualifications: Preference for knowledge of SQL language. - Experience and a strong interest in software implementation and process management. - Experience in GRC, application functionality, technical IT subjects, and related products is advantageous. As an inclusive employer, we provide reasonable accommodations for individuals with disabilities during the job application, interview process, and while performing essential job functions. Please reach out to request any necessary accommodations.,

We are hiring for- Role: Technical product Manager Experience: 5-10 Years Location: Bangalore Work Mode: Hybrid Key Responsibilities Product Roadmap & Execution: Lead the product vision and execution for AI features in our GRC suite, bringing insight into leveraging AI for threat detection, vulnerability management, and risk quantification. Cross-functional Collaboration: Partner with engineering, data science, design, and QA teams to ensure the delivery of secure, scalable, and cyber risk-aligned product capabilities. User Research: Conduct deep-dive interviews and research with cyber stakeholders to pinpoint pain points, regulatory requirements, and opportunities for improvement across threat and control landscapes. Requirements Management: Translate complex business and user needs into clear product requirements, user stories, and acceptance criteria informed by real-world risk scenarios and industry standards. Prioritization & Backlog Management: Prioritize product enhancements to maximize value for cyber risk professionals, strengthen risk posture, and aid in incident response and resilience. Client Feedback Loop: Work with sales and customer success teams to integrate actionable client feedback into the product lifecycle, focusing on user experience for cyber risk stakeholders. Metrics & Analysis: Monitor adoption and effectiveness of AI-powered features, using product data to inform ongoing risk mitigation and reporting enhancements. Product Evangelism: Advocate for the product through presentations, documentation, and customer engagements, articulating its value for cyber risk and security teams. Subject Matter Expertise: Contribute your deep expertise in cyber risk management, threat modeling, NIST CSF, ISO 27005, and regulatory frameworks such as GDPR, PCI DSS, and DORA. Skills and Experience Experience : 510 years in Cyber Risk, Compliance, or Security Risk Management roles, preferably within high-impact or regulated environments. Domain Expertise : Advanced understanding of cyber risk methodologies—threat identification, impact analysis, vulnerability management, and risk treatment. Technical Acumen : Familiarity with AI/ML applications in cybersecurity (e.g., anomaly detection, behavioral analytics, automated risk prioritization). Product Mindset : Experience with design thinking and product development lifecycle (PDLC). Compliance Frameworks : Working knowledge of data protection laws and cybersecurity standards (e.g., NIST, ISO 27001, SOC 2). Certifications : Professional credentials such as CISSP, CRISC, CISM, or CEH. Security Product Development: Proven experience in security product creation or as a subject matter expert in GRC initiatives. Education Bachelor's or Master's degree in Cybersecurity, Information Technology, Risk Management, or related discipline. -- Muugddha Vanjarii 7822804824 mugdha.vanjari@sunbrilotechnologies.com

GDS Consulting SAP GRC IAM/IAG Consultant Experience - 2-12 years Location - Bangalore. Hyderabad, Chennai, Pune, Kerala, Coimbatore, Kolkata Skills - GRC with IAG/IAM Apply here for (1-3 years) - https://careers.ey.com/job-invite/1622365/ Apply here for (4-7 years) - https://careers.ey.com/job-invite/1622296/ Apply here for (8-12 years) - https://careers.ey.com/job-invite/1622283/ Your key responsibilities Drive high-quality work products within expected timeframes and on budget. Develop and maintain long-term relationships and networks with clients and internal EY stakeholders Demonstrate deep technical capabilities and professional knowledge within different phases of the project including problem definition, diagnosis, technical design, and deployment of SAP GRC AC, IAM, IAG, Cloud security solutions Assist in the selection and tailoring of approaches, methods and tools to support service offering. Demonstrate a general knowledge of market trends, competitor activities, EY products and service lines. Build and nurture positive working relationships with clients with the intention to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Develop and maintain productive working relationships with client/onsite personnel Assist leadership to drive business development initiatives and account management. Support managers in performance reviews for team members and recruitment activities as required. Should cross skill and cross train the team members as per the business requirements. Maintain an educational program to continually develop personal skills of self and team members Understand and follow workplace policies and procedures To qualify for the role, you must have working experience on SAP IAM/IAG projects and experience in more than one of SAP GRC Access Controls, IAG, IPS, IAS, Cloud security in addition to SAP security solutions Strong working knowledge of business processes, controls framework, compliance, regulations, and segregation of duty concepts in an SAP ERP Environment Experience in requirements gathering, workshops, system configuration, testing, cutover, Go-live and operations. Experience in delivering end to end identity lifecycle solutions (from JLM, access certifications and identity management) Stronghold on the basic SAP landscape, transports system and version compatibility concepts Experience in automation in GRC access controls space to increase productivity and reduce manual tasks wherever applicable Good to have experience in Service Now, SailPoint or Other Identity Management products integration with SAP GRC Good to have knowledge of Cloud solutions like Success Factors, ARIBA, IBP, CALM etc. Experience in DevOps delivery models and agile ways of working Independently carry out workshops/drive engagements on SOD remediation, access clean up Independently carry out SOD ruleset review/assessments and suggest remediation aligned with leading practices Good to have knowledge and familiarity with ITGC and logical access review/assessments, understand the configuration and settings of change management and logical access controls, assess current ITGC controls against the leading practice and suggest remediation steps

As an experienced Head of Risk & Compliance, you will play a crucial role in leading and enhancing governance, risk management, and compliance strategies within our organization. Your responsibilities will involve developing and implementing robust frameworks that adhere to industry standards and regulations. Your expertise will help streamline processes and ensure alignment with best practices. You will be tasked with developing and refining IT governance frameworks that align with ISO standards and regulatory requirements. Your role will also involve overseeing the implementation and maintenance of compliance programs such as ISO 27001, SOC 2, PCI DSS, GDPR, and HIPAA. Additionally, you will lead enterprise-wide risk assessments to identify and mitigate risks across various aspects of the organization. Your leadership will extend to managing internal audits, third-party assessments, and risk management activities. You will define and monitor the organization's risk tolerance, integrating it into strategic decision-making processes. Furthermore, you will lead the Business Continuity and Disaster Recovery governance in alignment with ISO 22301 standards. Creating a culture of accountability, compliance, and risk awareness will be a key aspect of your role. You will serve as the primary point of contact for regulators, auditors, clients, and internal teams, ensuring effective communication and collaboration. To excel in this position, you should possess 10-15 years of leadership experience in risk, compliance, and audit. Additionally, you should have at least 5 years of experience in senior GRC roles, managing cross-functional programs. Relevant certifications such as CISA, CRISC, CISM, and expertise in ISO, NIST, data protection laws, and cloud security compliance are essential. Strong leadership, collaboration, and stakeholder management skills are also required. Your performance will be measured based on key performance indicators (KPIs) such as zero major findings in audits, timely closure of identified risks, improvement in organizational risk maturity, high employee training completion rates, and positive client feedback on compliance practices. If you possess the necessary expertise and vision to lead our risk and compliance strategy at an executive level, we encourage you to apply for this challenging opportunity. Join us at Infogain, a Silicon Valley-based company with a global presence, and be part of a dynamic team that values innovation and excellence. Kindly share your resume with us at Priya1.sharma@Infogain.com to take the next step in your career. #RiskManagement #Compliance #Governance #Leadership #ISO #CyberSecurity,

Job Title: ServiceNow IRM Developer Experience: 3 to 8 Years Location: Bangalore Employment Type: Full-Time Job Summary: We are looking for an experienced ServiceNow IRM Developer to design, implement, and enhance Integrated Risk Management (IRM) solutions on the ServiceNow platform. The ideal candidate will have strong hands-on experience in IRM, VRM, BCM, and SecOps modules, along with deep technical knowledge of scripting, APIs, and integration workflows. This role requires the ability to work in an Agile environment, collaborate with stakeholders, and deliver scalable, compliant solutions in the risk and compliance domain. Key Responsibilities: Develop and customize ServiceNow IRM applications including: Risk Management Policy and Compliance Audit Management Vendor Risk Management (VRM) Business Continuity Management (BCM) Security Operations (SecOps) Configure workflows, forms, UI policies, notifications, and ACLs Build and manage Flow Designer flows, automated tasks, and approval chains Create custom solutions using JavaScript, Glide scripting, and ServiceNow APIs Integrate IRM with other ServiceNow modules like CMDB, and third-party systems using REST/SOAP APIs Contribute to architecture decisions, data modeling, and reusable development practices Participate in Agile/Scrum teams to deliver features in sprints Collaborate with business stakeholders, analysts, and QA teams to ensure requirements are met Required Technical Skills: 4+ years of hands-on experience in ServiceNow development, with at least 3+ years in IRM/GRC modules Proficiency in: JavaScript, Glide scripting, AngularJS Web technologies: REST, SOAP, XML, JSON, HTML, CSS Relational databases and SQL Git or other version control systems Experience with: ServiceNow Flow Designer, Workflows GlideRecord, GlideForm, Scoped Applications Familiarity with CMDB and CSDM in context of risk/compliance workflows Domain Knowledge (Highly Desirable): Strong understanding of: IRM methodologies and frameworks such as COSO, COBIT, NIST, ISO 31000 Risk assessment, control testing, and audit processes Certifications (Preferred): ServiceNow Certified System Administrator (CSA) Mandatory Certified Application Developer (CAD) Certified Implementation Specialist IRM/GRC If yes you can send me your updated CV to yaswanth.bollu@eximietas.design

Designation - SAP GRC Location - NCR 5 days Work from Office Work mode - (Onsite, Gurgaon) Experience - 6 - 8 years Positions - 2 Job Description- Developer / Sr. developer with 6 - 8 years of Technical Experience with the following skills. - ABAP, OData, CDS - ABAP OO - Fiori / webdynpro, Added Advantage: Functional Knowledge - SAP GRC Grc, Sap

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SAP GRC Process Control.: Experience: 5-8 Years.

Role Purpose The purpose of this role is to provide solutions and bridge the gap between technology and business know-how to deliver any client solution Do 1. Bridging the gap between project and support teams through techno-functional expertise For a new business implementation project, drive the end to end process from business requirement management to integration & configuration and production deployment Check the feasibility of the new change requirements and provide optimal solution to the client with clear timelines Provide techno-functional solution support for all the new business implementations while building the entire system from the scratch Support the solutioning team from architectural design, coding, testing and implementation Understand the functional design as well as technical design and architecture to be implemented on the ERP system Customize, extend, modify, localize or integrate to the existing product by virtue of coding, testing & production Implement the business processes, requirements and the underlying ERP technology to translate them into ERP solutions Write code as per the developmental standards to decide upon the implementation methodology Provide product support and maintenance to the clients for a specific ERP solution and resolve the day to day queries/ technical problems which may arise Create and deploy automation tools/ solutions to ensure process optimization and increase in efficiency Sink between technical and functional requirements of the project and provide solutioning/ advise to the client or internal teams accordingly Support on-site manager with the necessary details wrt any change and off-site support 2. Skill upgradation and competency building Clear wipro exams and internal certifications from time to time to upgrade the skills Attend trainings, seminars to sharpen the knowledge in functional/ technical domain Write papers, articles, case studies and publish them on the intranet Mandatory Skills: ServiceNow - GRC. Experience: 5-8 Years.

Proficiency in IT systems, IT Risk management tools - ITGC, GRC Develop and maintain a comprehensive IT control testing plan. Execute control testing activities Document the results of control testing activities, including any identified deficiencies or issues Excellent analytical, problem-solving, and communication skills. Ability to work independently and collaboratively in a fast-paced environment.

Role Purpose The purpose of this role is to provide solutions and bridge the gap between technology and business know-how to deliver any client solution Do 1. Bridging the gap between project and support teams through techno-functional expertise For a new business implementation project, drive the end to end process from business requirement management to integration & configuration and production deployment Check the feasibility of the new change requirements and provide optimal solution to the client with clear timelines Provide techno-functional solution support for all the new business implementations while building the entire system from the scratch Support the solutioning team from architectural design, coding, testing and implementation Understand the functional design as well as technical design and architecture to be implemented on the ERP system Customize, extend, modify, localize or integrate to the existing product by virtue of coding, testing & production Implement the business processes, requirements and the underlying ERP technology to translate them into ERP solutions Write code as per the developmental standards to decide upon the implementation methodology Provide product support and maintenance to the clients for a specific ERP solution and resolve the day to day queries/ technical problems which may arise Create and deploy automation tools/ solutions to ensure process optimization and increase in efficiency Sink between technical and functional requirements of the project and provide solutioning/ advise to the client or internal teams accordingly Support on-site manager with the necessary details wrt any change and off-site support 2. Skill upgradation and competency building Clear wipro exams and internal certifications from time to time to upgrade the skills Attend trainings, seminars to sharpen the knowledge in functional/ technical domain Write papers, articles, case studies and publish them on the intranet Mandatory Skills: GRC Process. Experience: 5-8 Years. >

Job Title: Product Manager, Elevated Access Management Department: Product Management Reports To: VP of Product Management --- The Role As the Product Manager for Elevated Access Management (EAM) within Pathlock Cloud, you will be instrumental in defining, building, and evolving our capabilities for securing and governing privileged access. You will shape the features that enable organizations to implement just-in-time access, session management, and granular control over critical system access. This highly cross-functional role blends deep security expertise with product strategy and hands-on execution, ensuring our EAM module is robust, scalable, and seamlessly integrated within the broader identity governance platform. --- Key Responsibilities Elevated Access Module Strategy & Roadmap Define the requirements, specifications, and product strategy for Pathlock Cloud's Elevated Access Management module, including just-in-time access, privileged session management, and credential vaulting. Partner with Engineering and Architecture to design and evolve the EAM architecture, ensuring it is secure, performant, and scalable within our multi-tenant, cloud-native platform. Ensure EAM capabilities are modular, reusable, and designed for extensibility, facilitating integration with various target systems and other Pathlock Cloud modules. Core EAM Capabilities & Workflows Lead the definition and delivery of core EAM components, such as dynamic access provisioning, approval workflows for elevation requests, session recording, and privileged command control. Serve as the product owner for EAM-specific services, including policy engines for privileged access, real-time monitoring, and granular reporting on elevated activities. Ensure new EAM features are developed with clear functional specifications, stringent security requirements, performance goals, and well-defined integration paths. Extensibility & Ecosystem Integration Create detailed product documentation and guides specifically for EAM, facilitating its adoption and integration by internal teams, partners, and customers. Act as the voice of EAM consumers, gathering feedback and requirements from security teams, IT operations, and compliance stakeholders. Compliance & Audit Support for Privileged Access Collaborate closely with security and compliance teams to ensure EAM services meet stringent regulatory and audit requirements for privileged access (e.g., SOX, GDPR, HIPAA, NIST). Drive the development of comprehensive audit logging, access tracking, and forensic capabilities specific to elevated sessions and privileged operations. Cross-functional Collaboration Work closely with Core Platform Product Managers, Connector Engineering, and Infrastructure teams to align EAM services with overall roadmap priorities and platform capabilities. Drive clarity across stakeholders by creating clear product specifications, user stories, and functional documentation for EAM features. Prioritize EAM investments based on security impact, business value, reusability, and engineering efficiency. --- Qualifications 5+ years of product management experience, with at least 2-3 years specifically in Privileged Access Management (PAM), Identity Governance and Administration (IGA), or related enterprise security SaaS products. Proven track record defining specifications and requirements for complex security products or extensible systems. Strong technical fluency; able to effectively communicate with Engineering, Architecture, and other technical stakeholders regarding security protocols and system design. Deep understanding of IAM concepts, with a specific focus on RBAC, ABAC, provisioning, governance, and privileged access principles (e.g., JIT, least privilege, session management, credential vaulting). Familiarity with cloud-native platforms (AWS, Azure, GCP), API-first design, and integration frameworks. Experience working in fast-paced, cross-functional environments. --- Preferred Experience Background with PAM/IGA/IAM platforms like CyberArk, Delinea, BeyondTrust, SailPoint, or Saviynt. Experience delivering security-focused modules or infrastructure components for SaaS platforms. Exposure to event-driven architectures or extensibility frameworks for real-time security monitoring. Passion for building robust, secure solutions that protect critical enterprise assets and enable secure innovation.

> Role Summary: This role is responsible for building and executing automated tests using ServiceNow Automated Test Framework (ATF). The tester ensures application stability, regression testing for ServiceNow upgrades and customizations. Required Certifications: ServiceNow Certified System Administrator (CSA) ServiceNow Certified Application Developer (CAD) Optional ATF Micro-Certification (Automated Test Framework) Key Responsibilities: 1. Configure and customize GRC or TPRM module components and workflows. 2. Design and implement automated tests using ATF. 3. Develop reusable ATF templates for core modules. 4. Validate form configurations, catalog items, and workflows. 5. Integrate ATF tests in CI/CD pipelines. 6. Maintain test suites for regression and upgrade testing. 7. Document test plans, scenarios, and results. 8. Coordinate with developers for defect resolution. 9. Support testing for major upgrades and patch releases. 10. Collaborate with QA and Dev teams in Agile sprints. 11. Monitor test execution logs and performance metrics. Mandatory Skills: ServiceNow SecOps. Experience: 3-5 Years. >

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SAP GRC - Governance-Risk-Compliance. Experience: 5-8 Years. >