locationsBangalore, Indiaposted onPosted 11 Days Ago job requisition id30648 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". Cyber Security - Director What Youll Contribute A pplicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What Were Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflectingourcore valuesAct Like an Owner, DelightOurCustomers and Earn the Respect of Others. The opportunitytomake an impact and develop professionally by leveraging yourunique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourageyoutobring yourbest every day and be recognized for doing so. An engaging, people-first work environmentoffering work/life balance, employee resource groups, and social eventstopromote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

Seeking a Security Engineer to lead GRC initiatives, manage compliance, conduct risk assessments, and support audits. Must have strong knowledge of security frameworks, controls, and regulatory standards.

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : SAP Security Roles & Auth Design for SoD Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements in Hyderabad. You will play a crucial role in the development and implementation of software solutions. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead and mentor junior professionals- Conduct regular team meetings to ensure project progress- Stay updated on industry trends and best practices Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Security Roles & Auth Design for SoD- Strong understanding of SAP security concepts- Experience in designing and implementing security roles- Knowledge of Segregation of Duties (SoD) principles- Hands-on experience with SAP GRC (Governance, Risk, and Compliance)- Good To Have Skills: Experience with SAP Security Administration Additional Information:- The candidate should have a minimum of 5 years of experience in SAP Security Roles & Auth Design for SoD- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

About the Role An experienced Cybersecurity Risk & Compliance Analyst to proactively address and manage the risks of the increasingly sophisticated cyber threats. This role aims to strengthen our overall security posture, ensure we meet compliance obligations (like SOC2, HITRUST, PCI DSS), and reduce our risk exposure by shifting towards more proactive measures. Your Area of Focus Threat & Vulnerability Management: l Systematically scan our systems/applications for vulnerabilities. l Analyze findings, prioritize risks based on impact. l Maintain crucial asset inventories (including SBOM/HBOM). l Collaborate closely with IT/DevOps to track and ensure timely remediation of vulnerabilities (patching, configuration changes). Manage Third-Party Penetration Testing Partners: l Develop and maintain a process for ensuring testing coverage for inscope systems. l Collaborate with internal engineering and product teams to define the scope for each penetration test. l Once a vulnerability has been remediated, coordinate with the penetration testing partner to perform retesting and validate the effectiveness of the fix. Governance, Risk & Compliance (GRC) Support: l Manage evidence gathering and preparation for audits (SOC2, HITRUST, PCI DSS, etc.). Reduce audit burden on technical teams. l Assist in developing and maintaining security policies and standards relevant to our operations. l Track compliance status and identify gaps. Risk Management: l Conduct regular risk assessments to find potential security weaknesses and control gaps. l Maintain a risk register and track mitigation efforts. l Monitor emerging technology risks (e.g., GenAI) and assess their potential impact on our environment. Ensure we stay ahead of new threat vectors. Security Support & Guidance: l Serve as a point of contact for security-related questions and provide guidance on best practices. l Support incident investigations and customer security inquiries/audits. Your Professional Qualifications l Solid experience 3 years in cybersecurity, specifically focusing on risk management and compliance. l Strong understanding of vulnerability management, risk assessment methodologies (NIST RMF, ISO 27001). l Experience with compliance frameworks (SOC2, HITRUST, PCI DSS mandatory). l Excellent analytical skills and ability to collaborate effectively across teams (especially IT/DevOps). Perks & Benefits Healimpilo offers best in market perks and benefits to its Employees. Healimpilo is an equal opportunity employer. All applicants will be considered for employment without attention to age, race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Job Title: Process, Risk & Control Specialist Location: Pan-India (Hybrid Work Mode) Expected Start Date: Immediate Experience Required: 3+ Years Work Mode: Hybrid Qualification Requirements: Chartered Accountant (CA), or CPA (US), or ACCA (UK) MBA degree is a plus Key Experience Areas (must have): 3+ years of experience with a large global corporate Process, Risk, and Control department or similar role Strong understanding and hands-on experience in: Governance, Controls, and Regulations Governance, Risk & Compliance (GRC) Process and Control frameworks Conducting Process Reviews Drafting and implementing Standard Operating Procedures (SOPs) Enterprise Risk Management (ERM) Revenue Assurance activities SOX Compliance Internal Control over Financial Reporting (ICFR) Design and implementation testing of controls Process walkthroughs and testing the effectiveness of controls Skills & Competencies: Strong problem-solving and analytical skills Excellent listening and communication skills Inquisitive nature and intellectual curiosity Self-starter with the ability to work independently High attention to detail Strong organizational and time management abilities Additional Notes: Candidates must be ready for immediate joining. Role offers a hybrid work setup with flexibility across India. Candidates will be working on EY client projects with exposure to global corporate processes and risk management frameworks.

Candidate should have key understanding on technology, IT and governance aspects from Cyber Security perspective Candidate should have understanding on performing gap assessment on organizations Cyber security landscape primarily to prevent them from cyber security threats Candidate should have exposure to design, development, implementation, and maintenance information security framework aligned to framework like ISO 27001:2013 Candidate should have managed end-to-end Information security, cyber security for its organizations Experience in performing the risk assessment from Cyber Security, Business Continuity and Privacy perspective Experience on Data Privacy including design/development and review of privacy framework aligned with GDPR requirements and GAPP framework Performing maturity assessment for cyber setup; Developing cyber strategy roadmap, helping in implementation Consulting knowledge in overall cybersecurity domain with specific experience in engagements, such as NIST, BCP, ISO 27001, SSAE 18, ISAE3402, SOC 2 and regulatory compliances (RBI, SEBI, IRDA), data privacy audits. Manage / Lead engagement for data privacy, regulatory compliance, cyber strategy, ISO 27001 BCP (ISO22301) & third-party risk management (TPRM) Determine client needs, expectations & participate to develop, lead, and execute the overall client service plan Work on proposals, thought leaderships, POVs as required Demonstrate leadership, team management, problem solving and strong verbal and written communication skills Consulting experience (preferred) Immediate joiners (preferred) Certifications - ISO 27001, ISO22301, ISO 27701, CISSP, CISA (advantage)

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : SAP Governance Risk and Compliance (SAP GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. You will play a crucial role in developing solutions that align with organizational goals and enhance operational efficiency. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Collaborate with cross-functional teams to analyze business requirements and translate them into technical solutions.- Develop and implement custom enhancements, interfaces, and reports in SAP GRC.- Conduct system testing and support user acceptance testing.- Provide technical support and troubleshooting for SAP GRC applications.- Stay updated on industry trends and best practices to enhance application development processes. Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Governance Risk and Compliance (SAP GRC).- Strong understanding of SAP security concepts and authorization management.- Experience in SAP GRC Access Control, Process Control, and Risk Management modules.- Knowledge of SAP GRC configuration and customization.- Hands-on experience in SAP GRC implementation and support. Additional Information:- The candidate should have a minimum of 3 years of experience in SAP Governance Risk and Compliance (SAP GRC).- This position is based at our Pune office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : SAP Governance Risk and Compliance (SAP GRC) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will design, build, and configure applications to meet business process and application requirements. You will collaborate with teams to ensure seamless integration and functionality of applications. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead and mentor junior professionals- Drive innovation and continuous improvement Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Governance Risk and Compliance (SAP GRC)- Strong understanding of risk management principles- Experience in configuring and customizing SAP GRC solutions- Knowledge of SAP security and authorization concepts- Hands-on experience in implementing GRC Access Control and Process Control modules Additional Information:- The candidate should have a minimum of 5 years of experience in SAP Governance Risk and Compliance (SAP GRC)- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : SAP Governance Risk and Compliance (SAP GRC), SAP S/4HANA Security Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. You will collaborate with teams to ensure successful project delivery and implementation. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead and mentor junior professionals- Conduct regular knowledge sharing sessions- Stay updated on industry trends and best practices Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Governance Risk and Compliance (SAP GRC), SAP S/4HANA Security- Strong understanding of SAP security concepts- Experience in implementing security controls in SAP environments- Knowledge of SAP authorization concepts- Hands-on experience in SAP security administration Additional Information:- The candidate should have a minimum of 7.5 years of experience in SAP Governance Risk and Compliance (SAP GRC)- This position is based at our Pune office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 7 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Pune office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at Pune office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Mumbai office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Jaipur office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at Bengaluru office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Hyderabad office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the implemented solutions align with organizational objectives, all while maintaining a focus on continuous improvement and risk management. Roles & Responsibilities:-Remediation of vulnerabilities-Exp in Tenable,Wiz.IO, Checkmarx and Burpsuite-Defining Scan schedule-Reporting and Dashboard-Metrics driven dashboards Professional & Technical Skills: -Establish and operationalize an enterprise vulnerability management program, including:- Scanner deployment and configuration- VM operating procedures- Remediation working group- Attack surface management procedures- Vulnerability intelligence integration- Exception handling procures- vulnerability risk standard-To integrate VM program operations with existing Cloud security, GRC and IT capabilities/processes.-Scanning of Scout's entire IP space (internal and external) using Tenable. Scanning technology will be provided by Scout.-End-to-end centralized operations of the vulnerability management program encompassing all identified vulnerabilities resulting from penetrating testing, infrastructure scanning, DAST, and OT security assessments, and including risk analysis, remediation support, exception handling, mitigation, and reporting. Additional Information:- The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Qualys Platform Ownership & Optimization:Act as the Qualys SME, leading the end-to-end lifecycle of vulnerability management using Qualys, including scanner appliance deployment, asset tagging, scan scheduling, and template creation.Configure and manage Qualys Global AssetView, Cloud Agents, and Scanner Appliances (physical and virtual) for internal, external, and authenticated scans.Develop and fine-tune custom scan templates to reduce false positives/negatives, tailored to OS, application stack, and business unit needs.Leverage Qualys Tagging, Dynamic Asset Groups, and Query Language (QQL) to segment, track, and report on assets across on-prem, cloud, and hybrid environments.Vulnerability Lifecycle Management:Analyze vulnerability data, correlate with threat intelligence, and provide risk-prioritized remediation plans to infrastructure, cloud, and devops teams.Build automated ticketing workflows with platforms like ServiceNow, integrating Qualys findings directly into change management processes.Design and deliver actionable dashboards and reports for different audiences (CISO, IT Ops, Audit, DevSecOps).Policy Compliance & Governance:Implement and manage Qualys Policy Compliance (PC) for baseline configuration and hardening checks aligned with CIS, NIST, ISO, and custom policies.Collaborate with GRC teams to support audits, compliance initiatives, and regulatory mandates (e.g., PCI-DSS, HIPAA, SOX).Strategic & Technical Leadership:Work cross-functionally to evangelize vulnerability management best practices, educate stakeholders, and shift security left in development and operations lifecycles.Identify opportunities to automate manual processes through APIs, scripting (Python, Bash, PowerShell), and integrations with DevOps tools.Stay ahead of new Qualys features/releases and coordinate their controlled rollout across environments.________________________________________ Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations- Strong understanding of cloud security principles- Experience with security architecture design- Knowledge of security compliance standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : SAP Governance Risk and Compliance (SAP GRC) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Lead, you will lead the effort to design, build, and configure applications, acting as the primary point of contact. Your day will involve overseeing the application development process and ensuring effective communication with stakeholders. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the application development process effectively- Ensure timely delivery of projects- Provide guidance and mentorship to team members Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Governance Risk and Compliance (SAP GRC)- Strong understanding of risk management principles- Experience in configuring and implementing SAP GRC solutions- Knowledge of compliance and security standards- Hands-on experience in leading application development projects Additional Information:- The candidate should have a minimum of 7.5 years of experience in SAP Governance Risk and Compliance (SAP GRC)- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Bengaluru office.- A BTECH degree is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 3 year(s) of experience is required Educational Qualification : BTECH Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Collaborate with cross-functional teams to ensure security best practices are implemented.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of industry standards and regulations related to cloud security.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 3 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Gurugram office.- A BTECH degree is required. Qualification BTECH

Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : SAP Governance Risk and Compliance (SAP GRC) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Lead, you will lead the effort to design, build, and configure applications, acting as the primary point of contact. You will be responsible for managing the team and ensuring successful project delivery. Your typical day will involve collaborating with multiple teams, making key decisions, and providing solutions to problems for your immediate team and across multiple teams. Roles & Responsibilities:- Responsible for designing and Implementation of process controls for all organizational processes including Finance, Commercial, procurement, Supply Chain etc having Controls and Compliance knowhow for pharmaceutical industries through SAP S/4HANA and SAP GRC - PC.- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the effort to design, build, and configure applications- Act as the primary point of contact- Manage the team and ensure successful project delivery Professional & Technical Skills: - Must To Have Skills: Proficiency in SAP Governance Risk and Compliance (SAP GRC)- Strong understanding of software engineering principles and practices- Experience in designing and implementing SAP GRC solutions- Knowledge of SAP security and authorization concepts- Experience with SAP GRC Access Control, Process Control, and Risk Management modules Additional Information:- The candidate should have a minimum of 5 years of experience in SAP Governance Risk and Compliance (SAP GRC)- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

About Us Tsaaro Consulting's prime focus is on Data Privacy and Security Our team of specialist Data Privacy Consultants, Information Security Consultants, and penetration testers help and advise our Clients to make running a secure business easier with high efficiency Everything We do is tailored to the individual, and organisational requirements, aligned with their budget and resource challenges We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support That helps them to deal with a wide range of security and privacy-related challenges At Tsaaro, we adopt a pragmatic, risk-based strategy to deliver practical and effective advice By providing real-world guidance, support, and actionable recommendations, we confidently equip our clients to address a broad spectrum of security and privacy challenges Looking to take your career in a new, high-impact directionTsaaro Consulting is seeking for a highly skilled and experienced GRC Analyst, this role is for those eager to transition into data privacy and information security, with hands-on experience and mentorship from industry experts Responsibilities Assist in the development, implementation, and continuous improvement of the Information Security Management System (ISMS) in accordance with ISO 27001 standards Monitor and ensure compliance with ISO 27001, making sure controls are in place and effectively operating across the organization Conduct regular assessments to ensure adherence to regulatory, contractual, and internal security requirements Coordinate internal audits and provide support for external ISO 27001 audits Prepare documentation, assist with gathering evidence, and address findings to ensure timely closure of audit actions Maintain and update ISMS documentation, policies, and procedures Ensure that security controls, risk assessments, and audit records are accurately documented and up to date Support the delivery of security awareness and training programs related to ISO 27001 standards Foster a culture of security awareness across the organization Support incident response processes and prepare crisis management plans, ensuring incidents are logged, analysed, and resolved Participate in root cause analysis and implement corrective actions to prevent recurrence Collaborate with cross-functional teams to identify, assess, and prioritise security risks Assist in developing risk mitigation strategies and track the progress of risk treatment plans Proactively identify opportunities to enhance the ISMS framework, suggesting improvements to policies, processes, and tools to ensure they are efficient and effective Requirements Minimum of 2 years in Governance, Risk, and Compliance (GRC) roles, with a focus on ISMS and ISO 27001 Bachelors degree in Information Security, Computer Science, Business Administration, or a related field (preferred) Excellent analytical and problem-solving skills Strong understanding of regulatory requirements and industry standards related to information security Proficiency in risk assessment methodologies and risk management practices Strong communication and interpersonal skills Ability to work effectively both independently and as part of a team Experience with security incident response and crisis management Familiarity with data protection regulations and privacy laws Certification in ISO 27001 Lead Auditor or Lead Implementer (preferred) Experience in developing and delivering security awareness training programs Benefits Competitive salary and performance-based bonuses Professional development opportunities, including training and certifications Flexible working hours Collaborative and inclusive work environment Opportunity to work with a passionate team dedicated to making a difference in data privacy and security check(event) ; career-website-detail-template-2 => apply(record id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

About Us Tsaaro Consulting's prime focus is on Data Privacy and Security Our team of specialist Data Privacy Consultants, Information Security Consultants, and penetration testers help and advise our Clients to make running a secure business easier with high efficiency Everything We do is tailored to the individual, and organisational requirements, aligned with their budget and resource challenges We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support That helps them to deal with a wide range of security and privacy-related challenges At Tsaaro, we adopt a pragmatic, risk-based strategy to deliver practical and effective advice By providing real-world guidance, support, and actionable recommendations, we confidently equip our clients to address a broad spectrum of security and privacy challenges Looking to take your career in a new, high-impact directionTsaaro Consulting is seeking for a highly skilled and experienced GRC Analyst, this role is for those eager to transition into data privacy and information security, with hands-on experience and mentorship from industry experts Responsibilities Assist in the development, implementation, and continuous improvement of the Information Security Management System (ISMS) in accordance with ISO 27001 standards Monitor and ensure compliance with ISO 27001, making sure controls are in place and effectively operating across the organization Conduct regular assessments to ensure adherence to regulatory, contractual, and internal security requirements Coordinate internal audits and provide support for external ISO 27001 audits Prepare documentation, assist with gathering evidence, and address findings to ensure timely closure of audit actions Maintain and update ISMS documentation, policies, and procedures Ensure that security controls, risk assessments, and audit records are accurately documented and up to date Support the delivery of security awareness and training programs related to ISO 27001 standards Foster a culture of security awareness across the organization Support incident response processes and prepare crisis management plans, ensuring incidents are logged, analysed, and resolved Participate in root cause analysis and implement corrective actions to prevent recurrence Collaborate with cross-functional teams to identify, assess, and prioritise security risks Assist in developing risk mitigation strategies and track the progress of risk treatment plans Proactively identify opportunities to enhance the ISMS framework, suggesting improvements to policies, processes, and tools to ensure they are efficient and effective Requirements Minimum of 2 years in Governance, Risk, and Compliance (GRC) roles, with a focus on ISMS and ISO 27001 Bachelors degree in Information Security, Computer Science, Business Administration, or a related field (preferred) Excellent analytical and problem-solving skills Strong understanding of regulatory requirements and industry standards related to information security Proficiency in risk assessment methodologies and risk management practices Strong communication and interpersonal skills Ability to work effectively both independently and as part of a team Experience with security incident response and crisis management Familiarity with data protection regulations and privacy laws Certification in ISO 27001 Lead Auditor or Lead Implementer (preferred) Experience in developing and delivering security awareness training programs Benefits Competitive salary and performance-based bonuses Professional development opportunities, including training and certifications Flexible working hours Collaborative and inclusive work environment Opportunity to work with a passionate team dedicated to making a difference in data privacy and security check(event) ; career-website-detail-template-2 => apply(record id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Job Title: ServiceNow Architect Department: IT / Enterprise Applications Reports To: IT Director / Head of Digital Transformation Location: Hyderabad, India Role Summary The ServiceNow Architect is responsible for designing, developing, and leading scalable and secure ServiceNow solutions that align with business goals. The role involves application development, system integration, automation, and mentoring development teams while ensuring the platform's performance, reliability, and compliance. Key Responsibilities Architecture & Design Design scalable and high-performance ServiceNow solutions tailored to business needs and growth. Application Development Develop and customize applications, workflows, modules, and user interfaces on the ServiceNow platform. Process Automation Analyze existing business processes and implement automation to improve efficiency and reduce manual effort. Systems Integration Manage integrations with both cloud-based and on-premise legacy systems using SOAP/REST APIs. Quality Assurance Ensure high-quality solution delivery through rigorous testing, performance tuning, and documentation. Leadership & Collaboration Lead development teams, mentor junior developers, and collaborate with key stakeholders across business units. Required Qualifications & Skills Education: Bachelor’s or Master’s degree in Computer Science, Software Engineering, or a related field. Experience: 5+ years of hands-on experience in ServiceNow development and architecture. Certifications: ServiceNow Certified Application Developer (CAD) ServiceNow Certified Implementation Specialist (CIS) – preferred Technical Proficiency: Strong command of JavaScript, HTML, and CSS Experience with web servicesSOAP and REST Familiarity with Agile/Scrum development methodologies Proven ability to develop robust, reusable solutions within the ServiceNow ecosystem Soft Skills Strong problem-solving and analytical capabilities Effective leadership and team mentoring skills Excellent communication and interpersonal abilities Adaptability in fast-paced, evolving environments Stakeholder engagement and business acumen Preferred Qualifications Experience with ITSM, ITOM, HRSD, or other ServiceNow modules Exposure to ServiceNow Governance, Risk, and Compliance (GRC) or Security Operations Experience with integration tools (e.g., MuleSoft, Dell Boomi) Key Relationships Internal: IT Operations, Business Process Owners, Development Teams, Security and Compliance Teams External: ServiceNow Partners, Third-party vendors, Consultants Role Dimensions Strategic ownership of ServiceNow architecture Lead complex development initiatives and cross-functional platform implementations Responsible for technical leadership, code quality, and architectural governance Success Measures (KPIs) Timely delivery of ServiceNow projects and enhancements User adoption and satisfaction metrics post-implementation Reduction in manual processes through automation System uptime, performance, and reliability Number of successful integrations and streamlined workflows Competency Framework Alignment Technical Expertise: Deep understanding of ServiceNow architecture, scripting, and integrations Strategic Thinking: Ability to align platform capabilities with business strategy Execution & Delivery: Ownership of end-to-end implementation and release management Leadership: Mentoring team members, driving best practices, and stakeholder alignment Continuous Improvement: Identifying opportunities for optimization and platform expansion

Job Location: Bangalore Experience: 4+ Years Job Type: FTE Job Timing: 12:30 PM to 9:30 PM Note: Looking only for Immediate to 1 week joiners. Must be comfortable for Video discussion. Keyskills: Archer JD Responsibilities Design and develop Archer applications based on technical requirements using SDLC concepts and agile methodology. Design and develop RSA Archer GRC data integration feed to / from other systems as required. Design and develop modules within RSA Archer platform including: layout, workflow, reporting, notifications, questionnaires, access control, packaging, etc. Perform analysis and provide recommendation for solution analysis, design and implementation. Use SDLC concepts for designing, coding, testing, implementing and supporting application software that is delivered on time and within budget. Responsible for platform level configuration changes, including incorporation of new modules, platform level upgrades, as well as other ancillary services, e.g. reporting, etc. Liaise with development, architecture and infrastructure teams to enhance and expand the RSA Archer Platform, utilizing other SG-specific digital capabilities (e.g. Dashboarding, Workflow, APIs, etc.) Work with project manager in planning and estimating throughout the complete development life cycle. Identify and evaluate alternatives and present the most efficient and cost effective solution. Provide effort estimates based on the business requirements. Work with business teams to strengthen the organizations IT GRC capabilities through development of the RSA Archer solution using RSA Archer. Facilitate user acceptance testing of new modules or modifications made to existing ones in the Archer environment. Provide user training for core RSA Archer functionality. Follow SG policies and procedures like change management, project governance and software configuration management. Provide functional production support for the Archer GRC platform. Debug complex Archer configuration issues. Technical Skills: Must have: Hands on configuration and customization of recent RSA Archer platform, ideally version 6.9 or above. Solid understanding of configuring access control, record permissions, events and notifications in Archer Strong knowledge of Archer On-Demand Application development Strong understanding of the system design and architecture concepts including service-oriented architecture. Ability to define technical specifications based on client business requirements or functional specifications from business analysts. Strong analytical and debugging skills Strong data analysis skills Experience with Archer API and Custom Objects development Contact Person - Amrita Please share your updated profile to amrita.anandita@htcinc.com with the below mentioned details: Full Name (As per Aadhar card) - Total Exp. - Rel. Exp. (RSA Archer) - Rel. Exp. (Archer GRC platfor) - Highest Education (if has done B.Tech/ B.E, then specify) - Notice Period - If serving Notice or not working, then mention your last working day as per your relieving letter - CCTC - ECTC - Current Location - Preferred Location -