9 Gsec Jobs

What you bring Education and Qualifications/Skills and Competencies Bachelors or Master s degree in: Information Systems, Engineering, Computer Science or similar degree. Must be able to work as a team player, yet can work independently. Analytical, results-driven and have a solution oriented approach. Possess exceptional interpersonal and communication skills including verbal, written presentation and listening. Must be open to travel. Must be willing to relocate to Bangalore / Gurgaon. Certifications in SAP (Security Professional, GRC or a combination of either of them) Vendor Neutral Security certifications (Like ISO 27001/31000,CISSP, CISM, CISA, GSEC, CEH, Security+) will be a big plus Technical Skills Strong foundation on S/4HANA Security is a prerequisite. Should be able to identify and build portfolios in S/4HANA Security implementation and Conversion topics Strong in Technology security fundamentals and hands on experience on SAP specific products and solutions like SAP GRC suite of products including Access Control, Process Control, Risk Management, Audit Management, Business Integrity Screening, SAP Single Sign-On, SAP Identity Management Technical Knowledge and experience in SAP Business Technology Platform and related solutions like SAP Business Technology Platform Identity Authentication, Identity Access Governance, m Identity Provisioning is a big plus Technical Knowledge and Experience in working with SAP Application security including SAP SaaS and On-premise products Working knowledge of Operating Systems security and Database Security Secure Coding practices and Security Testing knowledge and experience in any capacity will be a big plus Technical coding skills in SQL, JavaScript and any one of programming language like JAVA or Python

Title: Infrastructure and Cloud Specialist Experience: 5+ Years and above Position Type : Full-time Timing: Willing to work in US Time zone and extended shift hours. Location : Preferred Mumbai & Pune Location Only. Roles and Responsibilities: Having extensive knowledge and experience in Infrastructure deployments. Architect, implement, and manage cloud environments across Azure, GCP, and AWS. Design multi-cloud strategies, including workload migration, resource optimization, and cost management. Configure and manage identity & access management (IAM) across different cloud providers. Manage Microsoft Azure access and authentication. Create conditional access rules and configure MFA in Microsoft Azure. Configure and manage external and guest access for O365. Monitor O365 alerts and take corrective actions. Create and monitor data loss prevention policies. Create reports capturing user adoption, team usage, app usage, active users, and meeting metrics. Configure Information Rights Management for O365 workloads Configure and monitor data sensitivity labels. Assist with O365 eDiscovery searches and investigations. Manage and optimize Microsoft Azure cloud environments, ensuring security and compliance. Implement and maintain Microsoft Defender for Cloud to protect workloads and improve security posture. Configure and manage Entra ID Enterprise Applications, including authentication, access policies, and API integrations. Conduct risk assessments and security audits to identify vulnerabilities and mitigation strategies. Develop and enforce identity and access management (IAM) policies using Entra ID. Monitor security alerts, investigate incidents, and implement proactive threat mitigation strategies. Collaborate with IT and security teams to enhance cloud security frameworks and best practices. Mentor and provide knowledge transfer of M365 technologies and administration tasks. Independently manage individual work schedule with minimal oversight and proactively communicate status, progress, and risks to management and project leadership. Strong working knowledge of Active Directory, Exchange 2016-2019 installation, configuration, and support, Office 365 configuration and support, Exchange Online Protection, External DNS record configuration (SPF, DKIM, and DMARC), and PowerShell for automation, maintenance, and reporting Strong knowledge of Microsofts Advanced Threat Services and Compliance Providing technical expertise on Office 365 applications: Teams, SharePoint Online, Azure, OneDrive, and PowerBI Experience with PowerShell Scripting for automation. Installing and configuring load balances like Zeus, KEMP, etc Design and implementation of the virtual environment with VMware ESX 4. x and later on HP, DELL, etc with local SCSI and centralized Fiber Channel storage. Deploying the New VM from the template and cloning an existing VM as per the client's request through the change management process. Experience with configuring Cisco, DELL Switches, and Routers. Experience with Fiber Channel switch configuration. Worked on VoIP technologies. Manages servers, including Office365 e-mail, Active Directory, VMWare, SAN storage, print, domain, application, and backup servers and their associated operating systems and software Knowledge of distributed file services and replication and Configuring alarms, managing tasks, events, and alarms, root cause & system log analysis, and reporting. Moving VMs from one LUN to another LUN using Storage VMotion. Adding new virtual disks and extending existing volumes, disk, and hardware monitoring. Installing, configuring, and managing virtual infrastructure and virtual center. Installation OS and configuration of virtual machines in an enterprise SAN environment. Creating raw partitions and iSCSI storage partitions. Moving physical machine to virtual machine using P2V converter. Troubleshooting problems with the help of Event Logs, troubleshooting virtual machine issues. Managing VMs through web access, Configurations of Virtual switches, and network connections. Knowledge of Microsoft System Center Configuration Manager. Experience with Cisco IronPort email gateway configuration. Worked on cloud infrastructures like Amazon, and Azure with VPC network configuration. Adding and deleting users. Kernel compiling. FTP, SSH, SCP Protocols, Software & patch addition, modification & removal. Planning and Implementation of SAN storage solution Allocation of storage to blade servers (Creation of LUNs) Mirrors and RAID 0, 1, and 5 levels. Experience with configuring and managing Virtual disks. Planning and Implementation Virtual Desktop Infrastructure. Support for configuration of thin clients to connect to local servers. IP tables. Identifying project needs and planning an Implementation solution for the Desktop needs, Manage users, groups, permissions, and roles. Planning Implementing and MPLS Network. Installation and configuration of Data Center Router and Branch routers Switches Managing Leased Line Network, Servers Installation OS & MySQL and Oracle enterprise servers in virtual Farm. Worked with command-line editors to create automation jobs and monitoring. Planning and Implementing Apache Web Server, Samba, solutions (In-house) Migration and configuration of CRM, ERP, LMS, Database, and Corporate Website Servers in Virtual farm at DC. Security hardening and Monitoring of VMs & ESX servers (CPU, Memory, Disk, Network Utilization) for Security Compliance. Develops, implements and maintains policies, procedures and associated training plans for network resource administration, appropriate use, business continuity and disaster recovery Experience with Amazon S3, VPN, EC2, CloudFront, CodeBuild, CloudWatch, Load Balancer, etc Required Skills: Worked on Production, DEV, and TEST environments. Worked on Datacenter Implementation. Worked on several Infrastructure and application migrations. Worked on Cloud Migration services. Supported International clients. Ability to work independently and handle crisis management. Managed 100+ servers with multiple technologies like Windows, VMware, Hyper-V, etc. Ability to perform multiple, technical, highly complex tasks with the need to regularly upgrade skills to meet dynamic job conditions Strong knowledge of centralized and automated systems and application deployment via scripting. Strong knowledge of routing, VLAN, and firewall configuration. Industry-standard certifications such as Security+, CISSP, GSEC, ITIL, Microsoft, and Cisco certifications added value. Designing and implementing on-site, off-site, and international server infrastructure. Assessing and administering all equipment, hardware, and enterprise software upgrades. Practice in network asset management, including maintenance of network component inventory, life cycle management, and documentation. Experience with cloud platforms (e.g., AWS, Azure, or GCP) is preferred. Strong expertise in Microsoft Azure, Google Cloud Platform (GCP), and AWS cloud services. Knowledge of cloud networking, hybrid cloud architectures, and performance tuning. Strong background in VMware, Windows and networking. Strong expertise in Microsoft Azure, Microsoft Defender for Cloud, and Entra ID Enterprise Applications. Experience with cloud security posture management (CSPM) and cloud workload protection (CWP). Knowledge of identity and access management (IAM), OAuth 2.0, SAML, and OpenID Connect. Familiarity with Azure API Management, Azure Logic Apps, and automation workflows. Understanding of compliance frameworks, including ISO 27001, NIST, and the Digital Operational Resilience Act (DORA). Technologies: Operating System: Windows, VMware ESX, Citrix, etc Virtualization: KVM, OpenStack, VMware, Hyper-V, Citrix, RedHat Networking: Cisco Nexus, ASA Firewall, SonicWALL, VPN, etc Software: Nginx, Python, Apache, Docker, cPanel, PHPmyAdmin, WordPress, Jira, Confluence, SpiceWorks, etc Monitoring: Ossec, Nagios, Cacti, MRTG, LibreNMS, Observium, etc Database: MySQL, SQL, Sybase ASE, Oracle, DB2, etc Mail Server: Microsoft Exchange, Office 365, Zimbra, Qmail, Cisco IronPort, etc Source Control and Continuous Integration: CVS, Docker, Visual Source, CCNet, Slack, etc VoIP: Trixbox, Asterisk, Elastix, Skype for Business, etc Backup Software: Veeam, Symantec, Linux custom scripting. Load Balancer: F5, Citrix Netscaler, KEMP, Loadbalancer, Zeus (Zenoss), etc Storage: EMC, Nimble, Compellent, HP, etc Cloud Services: Microsoft Azure, AWS, etc Regards, Stella Mary HR Stella.mary@mlogica.com

Title: Infrastructure and Cloud Specialist Experience: 5+ Years and above Position Type : Full-time Timing: Willing to work in US Time zone and extended shift hours. Location : Preferred Mumbai & Pune Location Only. Roles and Responsibilities: Having extensive knowledge and experience in Infrastructure deployments. Architect, implement, and manage cloud environments across Azure, GCP, and AWS. Design multi-cloud strategies, including workload migration, resource optimization, and cost management. Configure and manage identity & access management (IAM) across different cloud providers. Manage Microsoft Azure access and authentication. Create conditional access rules and configure MFA in Microsoft Azure. Configure and manage external and guest access for O365. Monitor O365 alerts and take corrective actions. Create and monitor data loss prevention policies. Create reports capturing user adoption, team usage, app usage, active users, and meeting metrics. Configure Information Rights Management for O365 workloads Configure and monitor data sensitivity labels. Assist with O365 eDiscovery searches and investigations. Manage and optimize Microsoft Azure cloud environments, ensuring security and compliance. Implement and maintain Microsoft Defender for Cloud to protect workloads and improve security posture. Configure and manage Entra ID Enterprise Applications, including authentication, access policies, and API integrations. Conduct risk assessments and security audits to identify vulnerabilities and mitigation strategies. Develop and enforce identity and access management (IAM) policies using Entra ID. Monitor security alerts, investigate incidents, and implement proactive threat mitigation strategies. Collaborate with IT and security teams to enhance cloud security frameworks and best practices. Mentor and provide knowledge transfer of M365 technologies and administration tasks. Independently manage individual work schedule with minimal oversight and proactively communicate status, progress, and risks to management and project leadership. Strong working knowledge of Active Directory, Exchange 2016-2019 installation, configuration, and support, Office 365 configuration and support, Exchange Online Protection, External DNS record configuration (SPF, DKIM, and DMARC), and PowerShell for automation, maintenance, and reporting Strong knowledge of Microsofts Advanced Threat Services and Compliance Providing technical expertise on Office 365 applications: Teams, SharePoint Online, Azure, OneDrive, and PowerBI Experience with PowerShell Scripting for automation. Installing and configuring load balances like Zeus, KEMP, etc Design and implementation of the virtual environment with VMware ESX 4. x and later on HP, DELL, etc with local SCSI and centralized Fiber Channel storage. Deploying the New VM from the template and cloning an existing VM as per the client's request through the change management process. Experience with configuring Cisco, DELL Switches, and Routers. Experience with Fiber Channel switch configuration. Worked on VoIP technologies. Manages servers, including Office365 e-mail, Active Directory, VMWare, SAN storage, print, domain, application, and backup servers and their associated operating systems and software Knowledge of distributed file services and replication and Configuring alarms, managing tasks, events, and alarms, root cause & system log analysis, and reporting. Moving VMs from one LUN to another LUN using Storage VMotion. Adding new virtual disks and extending existing volumes, disk, and hardware monitoring. Installing, configuring, and managing virtual infrastructure and virtual center. Installation OS and configuration of virtual machines in an enterprise SAN environment. Creating raw partitions and iSCSI storage partitions. Moving physical machine to virtual machine using P2V converter. Troubleshooting problems with the help of Event Logs, troubleshooting virtual machine issues. Managing VMs through web access, Configurations of Virtual switches, and network connections. Knowledge of Microsoft System Center Configuration Manager. Experience with Cisco IronPort email gateway configuration. Worked on cloud infrastructures like Amazon, and Azure with VPC network configuration. Adding and deleting users. Kernel compiling. FTP, SSH, SCP Protocols, Software & patch addition, modification & removal. Planning and Implementation of SAN storage solution Allocation of storage to blade servers (Creation of LUNs) Mirrors and RAID 0, 1, and 5 levels. Experience with configuring and managing Virtual disks. Planning and Implementation Virtual Desktop Infrastructure. Support for configuration of thin clients to connect to local servers. IP tables. Identifying project needs and planning an Implementation solution for the Desktop needs, Manage users, groups, permissions, and roles. Planning Implementing and MPLS Network. Installation and configuration of Data Center Router and Branch routers Switches Managing Leased Line Network, Servers Installation OS & MySQL and Oracle enterprise servers in virtual Farm. Worked with command-line editors to create automation jobs and monitoring. Planning and Implementing Apache Web Server, Samba, solutions (In-house) Migration and configuration of CRM, ERP, LMS, Database, and Corporate Website Servers in Virtual farm at DC. Security hardening and Monitoring of VMs & ESX servers (CPU, Memory, Disk, Network Utilization) for Security Compliance. Develops, implements and maintains policies, procedures and associated training plans for network resource administration, appropriate use, business continuity and disaster recovery Experience with Amazon S3, VPN, EC2, CloudFront, CodeBuild, CloudWatch, Load Balancer, etc Required Skills: Worked on Production, DEV, and TEST environments. Worked on Datacenter Implementation. Worked on several Infrastructure and application migrations. Worked on Cloud Migration services. Supported International clients. Ability to work independently and handle crisis management. Managed 100+ servers with multiple technologies like Windows, VMware, Hyper-V, etc. Ability to perform multiple, technical, highly complex tasks with the need to regularly upgrade skills to meet dynamic job conditions Strong knowledge of centralized and automated systems and application deployment via scripting. Strong knowledge of routing, VLAN, and firewall configuration. Industry-standard certifications such as Security+, CISSP, GSEC, ITIL, Microsoft, and Cisco certifications added value. Designing and implementing on-site, off-site, and international server infrastructure. Assessing and administering all equipment, hardware, and enterprise software upgrades. Practice in network asset management, including maintenance of network component inventory, life cycle management, and documentation. Experience with cloud platforms (e.g., AWS, Azure, or GCP) is preferred. Strong expertise in Microsoft Azure, Google Cloud Platform (GCP), and AWS cloud services. Knowledge of cloud networking, hybrid cloud architectures, and performance tuning. Strong background in VMware, Windows and networking. Strong expertise in Microsoft Azure, Microsoft Defender for Cloud, and Entra ID Enterprise Applications. Experience with cloud security posture management (CSPM) and cloud workload protection (CWP). Knowledge of identity and access management (IAM), OAuth 2.0, SAML, and OpenID Connect. Familiarity with Azure API Management, Azure Logic Apps, and automation workflows. Understanding of compliance frameworks, including ISO 27001, NIST, and the Digital Operational Resilience Act (DORA). Technologies: Operating System: Windows, VMware ESX, Citrix, etc Virtualization: KVM, OpenStack, VMware, Hyper-V, Citrix, RedHat Networking: Cisco Nexus, ASA Firewall, SonicWALL, VPN, etc Software: Nginx, Python, Apache, Docker, cPanel, PHPmyAdmin, WordPress, Jira, Confluence, SpiceWorks, etc Monitoring: Ossec, Nagios, Cacti, MRTG, LibreNMS, Observium, etc Database: MySQL, SQL, Sybase ASE, Oracle, DB2, etc Mail Server: Microsoft Exchange, Office 365, Zimbra, Qmail, Cisco IronPort, etc Source Control and Continuous Integration: CVS, Docker, Visual Source, CCNet, Slack, etc VoIP: Trixbox, Asterisk, Elastix, Skype for Business, etc Backup Software: Veeam, Symantec, Linux custom scripting. Load Balancer: F5, Citrix Netscaler, KEMP, Loadbalancer, Zeus (Zenoss), etc Storage: EMC, Nimble, Compellent, HP, etc Cloud Services: Microsoft Azure, AWS, etc Regards, Stella Mary HR Stella.mary@mlogica.com

Role & responsibilities Manage fixed income portfolios, ensuring alignment with investment objectives and risk tolerance. Conduct fundamental credit research and analysis of fixed income securities including G-secs, corporate bonds and other debt securities. Monitor and analyze macroeconomic indicators, interest rate trends, credit spreads and demand-supply dynamics of bonds to identify investment opportunities. Prepare investment notes, memos, and provide investment recommendations. Execute purchase and sale transactions for the portfolio. Manage and monitor performance, duration, credit exposures and other risks while ensuring compliance with limits and regulations. Prepare portfolio factsheets, presentations, client reports and performance commentaries. Regularly communicate with internal teams, clients and other stakeholders, providing updates on portfolio performance, market outlook and strategies. Preferred candidate profile Education: CA / CFA / MBA (Finance) / Postgraduate in Economics / Finance Experience: 37 years of experience in debt markets, credit research, or fixed income portfolio management Preference for candidates with prior exposure in PMS, mutual funds or wealth firms Strong understanding of fixed income products: G-Secs, SDLs, corporate bonds, money market instruments Sound knowledge of credit and interest rate risk Analytical mindset with financial modelling and valuation skills Proficiency in Excel, Bloomberg, and financial databases Attention to detail, strong communication, and ability to work under tight timelines

Role & responsibilities Job Title: Senior Lead Engineer - Product Cyber Security Years Of Experience: 8-12 Years Role Overview: The Security Sr Lead Engineer/Tech Specialist works with product development teams across all regions globally to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You will be a strong technical expert in matters related to pentesting and cyber controls and will report to a team manager responsible for product architecture review and testing. This role is part of the Product Cyber team (under the Global DT Cyber team) which focuses on continuously improving the cyber posture of products that are often installed in customer's environments. On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification. Interface with global teams and share best practices and lessons learned Refine and support the standard work associated with product cyber security incident response management Work closely with the product testing teams to validate recommended security controls Continually enhance the capabilities of the Cyber security team: Identification of technology and methodology gaps Participation and leading technical and industry committees Creation of discipline health score card. Work in an environment of continuous improvement and lean process and product development. good to have knowledge in Agile methodologies. Stay updated on latest cyber security hacking news, technologies and methodologies including: The latest attack methodologies include penetration testing and red-team methodologies. Latest forensic and incident response methodologies. Attend security or hacker conferences and stay on the cutting edge What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment Preferred candidate profile

Responsibilities Involved in process P2P, R2R, O2C ect . Analyze accounting documentation, SOPs, and business process flowcharts. Experience in internal audits, control assessments, and GRC (Governance, Risk & Compliance) Deliver control testing and compliance assessments for global clients Participate in consulting/testing projects related to Governance, Risk & Compliance Create and develop collaterals for Financial Risk & Compliance engagements Preferred candidate profile: CA/CPA/CIA/CISA/MBA in Finance Minimum 5 years of experience in risk consulting/internal audits/control testin g Deep understanding of GRC practices and internal control methodologies Hands-on experience with Financial internal audit and compliance frameworks Strong interpersonal and communication skills, with a consulting mindset Reach Us- If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at rimjhim.sharma@crescendogroup.in.

AM Enterprise is hiring a remote Red Team Security Specialist to simulate cyberattacks, perform penetration tests, and collaborate with Blue Team members to enhance cybersecurity defenses. Requires expertise in penetration testing tools, scripting. Health insurance Annual bonus Office cab/shuttle

A successful candidate in this role will be responsible for protecting computing infrastructure including workstations, servers, and in the cloud. A candidate for this job enjoys a challenge and will work with the security, development Required Candidate profile CISSP (Certified Information System Security Professional) from ISC2, GSEC (GIAC Security Essentials Certification) from the SANS Institute or CEH (Certified Ethical Hacker)

Your future role Take on a new challenge and apply your comprehensive cybersecurity expertise in a new cutting-edge field. You'll work alongside dedicated, innovative, and forward-thinking teammates. You'll lead the charge in safeguarding our products and solutions, ensuring they meet the highest cybersecurity standards. Day-to-day, you'll work closely with teams across the business (Engineering, Product Development, Legal), strategize cybersecurity approaches, and much more. You'll specifically take care of developing the Cybersecurity Management Plan, conducting Threat Modelling, and defining Cybersecurity Architecture and Requirements. Additionally, you will manage the evaluation of our Program's cybersecurity level and provide pivotal support during cybersecurity audits. We'll look to you for: Analysis of security needs and formulation of security objectives and strategies Planning and integration of security activities within the development lifecycle Expert guidance to teams on implementing cybersecurity features Management of cybersecurity deliverables including quality, cost, and timeliness Handling of vulnerabilities, cybersecurity issues, and action plans Effective communication and reporting on cybersecurity status within the Program All about you We value passion and attitude over experience. That's why we don't expect you to have every single skill. Instead, we've listed some that we think will help you succeed and grow in this role: Degree in Engineering or a related field Experience or understanding of information technology and security Knowledge of product security areas such as cryptography, network protection, and identity management Familiarity with cybersecurity standards like ISO 2700X, IEC 62443, NIST A cybersecurity certification such as GICSP, CISSP, GSEC, or CISM is desirable Proven ability to manage quality, cost, and delivery of cybersecurity initiatives Strong interdisciplinary collaboration skills Things you'll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. You'll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with cutting-edge security standards for rail signalling Collaborate with cross-functional teams and supportive colleagues Contribute to projects that redefine industry standards Utilise our dynamic and innovative working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning programs Progress towards senior cybersecurity roles Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension)