354 Hitrust Jobs - Page 2

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY- Cyber Risk Compliance and Resilience – Senior Manager As part of our EY-Cyber Security Risk and Compliance Consulting team, you’ll contribute technically to Cyber Security client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. The opportunity We’re looking for Senior Manager who should have Deep technical understanding of risk and compliance solutioning for enterprise including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your Key Responsibilities Reporting to the competency leader for Cyber Risk, Compliance, Resilience and Emerging Technology and will be responsible for: Defining, developing, and implementing strategic go-to-market plans in collaboration with local EY member firms in region. Own end-to-end sales opportunity qualification and pursuit, including drafting RFP responses, proposal defence during Orals, drafting State of Work (SoW) leveraging expertise in scoping, solutioning and costing for Enterprise and Cloud security solutions. Support and drive the overall growth strategy for the Cybersecurity practice as part of the leadership team. Identify and drive development of market differentiators including new products, solutions, automation etc. Support refinement of service approach and service delivery methodology for Enterprise and Cloud security solutions. Identify and pursue strategic opportunities for partnerships and acquisitions. Develop and rollout branding and marketing strategy including items such as solution brochures, sales videos, thought leadership, community engagement etc. Inspire and motivate direct and in-direct reporting professionals while fostering an environment of collaboration and participation. Manage engagements across the client and ensure teams delivers value to the customers and ensure horizontal growth in the accounts. Skills And Attributes For Success Deep knowledge of services and service delivery approach and methodology for Cyber Risk, Compliance and resilience including governance and operating models. Proven track record and success in collaborative sales bringing together internal and external stakeholders across Cyber competencies, Digital & Technology practices (Engineering, Analytics, Automation etc.) and business functions (Branding & Marketing, Legal, HR etc.). Proven track record in building and maintaining trusted relationships with key internal and external stakeholders. Deep technical understanding of architecture and solutioning of risk and compliance including products and capabilities, service competitor landscape, pricing methodologies, brand positioning and management, etc. Willingness to travel and flex work timings as and when required. Ability to change and adapt in a hyper-growth environment. Self-starter and strategic thinker. Cyber Strategy & Governance, Cyber Transformation and co-sourcing, Cyber Cost Optimization, Cyber Operating Model Compliance Management - Regulations/standards such as ISO 27001, PCI DSS, HITRUST, CCPA, FISMA/FEDRAMP, COBIT, OWASP Top 10, NIST 800-53, NIST- CSF, HIPPA, GDPR Cyber Risk management Cyber Resilience, Business Continuity & Disaster Recovery Application security and Threat Modelling Vendor Risk Management/Supplier Security To qualify for the role, you must have At least 15 years of overall experience At least 10 years architecture and solutioning for enterprise and cloud security Bachelor or college degree in related field or equivalent work experience MBA (Good to have) Ideally, you’ll also have Project management skills CISSP/CISA/CISM ITIL of Equivalent What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Company Description Securis360 provides comprehensive Data Privacy and Governance services to protect your organization’s data and systems. Their offerings include vulnerability assessments, penetration testing, and employee awareness training to prepare businesses for cyber threats. Additionally, Securis360 offers end-to-end services such as SOC2 Type 2 audits, ISO27001:2022 readiness, and compliance with GDPR, HIPAA, and HITRUST regulations. They tailor their solutions to meet specific needs, ensuring maximum defense and minimized vulnerabilities. Partner with Securis360 for expert guidance in securing your network and maintaining regulatory compliance. Role Description This is a full-time, on-site role located in Ahmedabad for a SOC L2 Engineer FortiSIEM. The SOC L2 Engineer will be responsible for monitoring and analyzing security incidents, managing and resolving security alerts, and coordinating with other teams to investigate security breaches. They will also configure and maintain FortiSIEM systems, perform vulnerability assessments, and recommend improvements to enhance security posture. Additionally, the SOC L2 Engineer will provide detailed reports and documentation of security incidents and assist in the development of security policies and procedures. Qualifications Experience with FortiSIEM, security incident monitoring, and analysis Skills in managing and resolving security alerts and incidents Proficiency in vulnerability assessments and penetration testing Knowledge of regulatory compliance standards such as GDPR, HIPAA, and ISO27001 Ability to configure and maintain SIEM systems Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to work collaboratively with cross-functional teams on-site Bachelor's degree in Cybersecurity, Information Technology, or related field Certifications such as CISSP, CEH, or CISM are a plus

Our technology services client is seeking multiple DevSecOps Security Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: DevSecOps Security Engineer Experience: 5- 7 Years Location: Mumbai, Pune, Hyderabad, Bangalore, Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: Devops Support, GitHub Actions, CI/CD Pipelines, Argocd , Snyk, multicloud (AWS/AZure/GCP) GIT, MS Tools, Docker, Kubernetes, Jfrog, SCA & SAST Job Description: A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming. Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. Strong passion and technical expertise to automate security functions via code. Strong technical expertise with Application, Cloud, Data, and Network Security best practices. Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. Strong technical expertise with SDLC, CI/CD tools, and Deployment Automation. Strong technical expertise with operating security for Windows Server and Linux Server systems. Strong technical expertise with configuration management, version control, and DevOps operational support. Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies such as Snowflake. Role Responsibilities Development & Enforcement Develop and enforce engineering security policies and standards. Develop and enforce data security policies and standards. Drive security awareness across the organization. Collaboration & Expertise Collaborate with Engineering and Business teams to develop secure engineering practices. Serve as the Subject Matter Expert for Application Security. Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Analysis & Configuration Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. Lead security testing, vulnerability analysis, and documentation. Operational Support Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). Develop incident response and recovery strategies. Qualifications Basic Qualifications 5+ years of experience in developing and deploying security technologies. A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. Experience with modern Software Development Lifecycles and CI/CD practices Experience for the remediation of vulnerabilities sourced from Static Analysis (SAST), Open Source Scanning (SCA), Mobile Scanning (MAST) and API Scanning Proficiency in Public Clo\ud (AWS/Azure/GCP) & Network Security. Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). Preferred Qualifications Strong technical expertise with Architecting Public Cloud solutions and processes. Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. Familiarity with OWASP Application Security Verification Standard Experience with direct, remote, and virtual teams. Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, CodeQL, Checkmarx, and Snyk. Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. Education A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. If you are interested, share the updated resume to madhuri.p@s3staff.com

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years

Governance & Compliance Lead TRIARQ Health is a Physician Practice Services company that partners with doctors to run modern patient-centered practices so they can be rewarded for delivering high-value care. TRIARQ’s Physician-led partnerships simplify practices transition to value-based care by combining our proprietary, cloud-based practice, care management platform and patient engagement services to help doctors focus on better outcomes. Industry Type: US Healthcare Technology Location: Pune / Nashik / Navi Mumbai Division: IT/Governance Job description for a Governance & Compliance Lead position at TRIARQ Health, responsibilities covering Pune, Nashik, and Navi Mumbai offices: Job Title : Governance & Compliance Lead Company Overview : TRIARQ Health is a leading healthcare technology company dedicated to providing innovative solutions that enhance patient care and streamline healthcare operations. We are committed to maintaining the highest standards of governance, compliance, and ethical conduct in everything we do. Job Summary : We are seeking a seasoned Governance & Compliance Lead to oversee and coordinate compliance activities across our Pune, Nashik, and Navi Mumbai locations. The successful candidate will play a crucial role in ensuring adherence to internal policies, industry regulations, HITRUST, and ISO 27001 guidelines while leading initiatives to strengthen our governance framework and culture of compliance within the organization. Key Responsibilities : Governance Framework: Develop, implement, and maintain a comprehensive governance framework that aligns with Triarq’ s strategic objectives and meets all regulatory requirements, particularly HITRUST and ISO 27001 Policy Development and Monitoring: Create, review, and update governance policies, procedures, and guidelines to ensure compliance with applicable laws and regulations, ensuring that they are effectively communicated and disseminated within the organization. Compliance Management: Lead compliance initiatives and programs, conducting regular assessments to identify compliance gaps and areas for improvement across all locations (Pune, Nashik, and Navi Mumbai). Risk Assessment: Conduct risk assessments to identify potential areas of compliance vulnerability and risk, recommending mitigation strategies and monitoring their implementation. Training and Awareness: Develop and deliver compliance training programs for employees at all levels to foster awareness and understanding of governance and compliance issues, policies, and procedures. Audit Coordination: Coordinate internal and external audits regarding governance and compliance matters, ensuring timely responses to audit findings and implementation of corrective actions. Reporting: Prepare regular reports on compliance status, issues, and initiatives for senior management and the board of directors, summarizing key risk areas and recommendations for action. Cross-Functional Collaboration: Work closely with other departments (IT, Legal, HR, Operations) to ensure alignment of governance and compliance efforts with business objectives and operational practices. Stakeholder Engagement: Serve as the primary point of contact for regulatory bodies and external stakeholders regarding governance and compliance matters. Qualifications : Relevant certifications ISO 27001 (e.g., Certified in Healthcare Compliance, Certified Compliance & Ethics Professional) are preferred. For Eg. Certifications like CISA, CIA, and HITRUST CSF Practitioner Experience: 6+ years of experience in governance, risk management, and compliance, specifically with a focus on ISO 27001 and other relevant regulations. Experience in Audits: Experienced in conducting internal audits across People Operations, Support Functions, and Core Operations, with strong presentation and stakeholder management capabilities Knowledge: Added advantage if understanding healthcare regulations, compliance frameworks, and industry best practices related to governance and risk management. Analytical Skills: Strong analytical and problem-solving skills with the ability to navigate complex regulatory environments and assess potential risks. Communication Skills: Excellent verbal and written communication skills, capable of effectively conveying complex compliance concepts to diverse audiences, from staff to senior management. Leadership Skills: Demonstrated leadership abilities with experience in managing cross-functional teams and influencing organizational culture towards compliance. Preferred Qualifications : Proven experience in a compliance field in IT organization. Familiarity with data protection regulations and security practices, especially related to personal health information. Why Join Us? At TRIARQ Health, we value innovation, teamwork, and dedication to improving healthcare for our clients. We offer competitive compensation packages, comprehensive benefits, and opportunities for professional development in a dynamic and supportive environment. Application Process : Interested candidates are encouraged to submit their resume and a cover letter detailing their experience and qualifications to jobs@triarqhealth.com with the subject line "Governance & Compliance Lead Application."

Role & responsibilities : Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. Preferred candidate profile : Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review.•Conceptual knowledge of OT Security/ISA 62443 standard is preferable.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Responsibilities: Hunt, develop, and close new business opportunities CNAPP selling experience will be useful Delivery high-level and detailed sales presentations Respond to functional and technical elements of RFIs/RFPs Provide functional and technical support to prospects and customers Responsible for attending conferences, seminars virtually, in-region and nationally Ability to manage a realistic sales funnel, follow up on inbound leads quickly, and cold call into large Fortune 500 / S&P 500 size organizations Qualifications: Ideal candidate must be self-motivated with strong knowledge in security and compliance space: CNAPP, Container Security, Vulnerability Management, Policy Compliance, Web Application Scanning, Threat Hunting / EDR, File Integrity Monitoring, and other enterprise security solutions. Strong track record of hunting, consulting, and closing new business Experience with Qualys is a plus, but not required Familiarity with compliance benchmarks such as CIS level 1 & 2, PCI, HIPAA, HITRUST, NERC, CIP, NIST, etc. Must possess strong presentation skills and be able to communicate professionally in response to emails, RFPs and when submitting reports 10+ years relevant experience Excellent written and oral communication skills Able to travel throughout sales territory Able to comfortably present to prospects and clients using video conferencing solutions in a work-from-home environment

Join our India Tech Hub – Be among the first hires! Kobie, a 35-year veteran of the loyalty industry, a multi-year Forrester Leader, and USA Top Workplace is expanding its global footprint by establishing a Tech Hub in India. Kobie partners with global brands to build deep connections with their customers through personalized, data-driven loyalty experiences and has a mission of growing enterprise value through loyalty. The Tech Hub will serve as a Global Capabilities Center for a broad range of technology roles, and this is your chance to play a pivotal role in shaping our presence in India. Join us as we continue to lead in loyalty, delivering innovative customer experiences for some of the world’s most recognized brands while working alongside some of the best and brightest in loyalty. About The Team And What We Will Build Together We are a team of software developers building the next-generation customer loyalty platform. Our software delivers surprise and delight every day for millions of customers for some of the best-loved brands in the world. As part of this team you’ll help us deliver software more predictably, more reliably, and with higher quality than we ever have before. How You Will Make An Impact This is both an enablement and an execution role. You’ll enable teams by providing them with the environment and knowledge to run a robust quality program. You’ll execute by performing tests where appropriate. You are a software engineer first, a quality practitioner second. You’ll change the way we develop and ship reliable software by “shifting left” on quality, automating our tests, and moving the needle on our key quality metrics You’ll guide our world-class software engineering team on our continuous improvement journey You’ll enable our engineering teams to thoroughly test their own code through tooling, piloting, advocacy, and education Over time you’ll show continual, meaningful software quality progress, leading to high confidence among business stakeholders, partners, and clients What You Need To Be Successful 5+ years experience as a software developer, Software Developer in Test, or a similar role BS in Computer Science or equivalent, or analogous work experience Fluency in software testing methodologies: white box, black box, unit, integration, functional, performance, etc.) Bias toward automation over manual testing. Proven track record automating complex software testing in real-world enterprise environments Expertise in proven testing frameworks, mocking frameworks, and curiosity to explore state of the art Production software coding experience is a must Strong programming skills in languages such as Java, Python, C#, or JavaScript Experience with test automation tools and frameworks (e.g., Selenium, JUnit, TestNG, Cypress, Playwright, Cucumber, Karate) Familiarity with CI/CD tools and practices (e.g., Jenkins, GitLab, Azure DevOps) Solid understanding of software development lifecycle (SDLC) and agile methodologies Excellent problem-solving skills and attention to detail Strong communication and collaboration skills Ability to work independently and as part of a team Experience with performance testing tools (e.g., JMeter, LoadRunner), a plus Knowledge of containerization and orchestration technologies (e.g., Docker, Kubernetes), a plus Familiarity with cloud platforms (e.g., AWS, Azure, Google Cloud, OCI), a plus Understanding of RESTful APIs and microservices architecture, a plus ISTQB or other relevant certifications, a plus Experience with compliance (SOC, HITRUST, etc.) a plus About Kobie Named a Top Workplace in the USA and Top Remote Workplace, Kobie is where the best minds in loyalty come together, driven by passion and innovation. We’re always looking for talented individuals ready to join a collaborative, growth-focused culture. As a trusted partner to some of the world’s most recognized brands, we are loyalty leaders, helping brands build lasting emotional connections with their consumers. We do this with a strategy-led technology approach that uncovers the truth behind what drives consumers on an emotional level.As we launch our India Tech Hub, we are excited to bring our award-winning culture to a new region - creating an environment where collaboration, flexibility, and career growth come together to build something truly special. We are proud to be the only loyalty provider to be externally recognized for their culture. We believe people thrive when they feel valued, supported, and empowered to be their authentic selves. Our commitment to diversity, equity, and inclusion ensures every teammate has a voice and the opportunity to be heard. Giving back is in our DNA at Kobie,through an annual fundraiser, charitable partnerships, and volunteer opportunities, we encourage our teammates to make a difference in their communities. To support our teammates beyond just their careers, we offer highly competitive benefits, comprehensive health coverage, and well-being perks that support our teammates and their dependents. We understand the importance of time for life outside of work - recognizing public holidays,offering flexible time off, and prioritizing work-life balance. As we expand into India, our new teammates will be fully integrated with our U.S. teams, working on global projects and gaining exposure to top industry leaders. With continued growth, we will establish a physical office in Bengaluru, India, giving teammates aspace for collaboration and fostering connection. Now is the perfect time to join Kobie. Be part of something big and help shape the future of our global capabilities center, the Kobie India Tech Hub.

About The Role We are seeking a Security Analyst with an experience of 6 to 8 years. The ideal candidate should have a strong background as a Technical IT Auditor. The incumbent will be responsible for evaluating and assessing the effectiveness of the organization’s information systems, security protocols, internal controls and compliance with relevant regulations. This role involves conducting in-depth technical reviews of IT infrastructure, applications, databases and networks to ensure the confidentiality, integrity, and availability of data and systems. Requirements Plan and execute end-to-end IT audits, including risk assessments, scoping, testing, and reporting. Evaluate IT general controls, application controls and system development lifecycle processes. Assess network infrastructure, databases and cloud environments for vulnerabilities and compliance. Conduct audits on cybersecurity controls, data privacy mechanisms and incident response preparedness. Review and assess controls related to identity and access management, change management, and backup/recovery. Utilize automated tools and scripts for vulnerability scans and data analysis. Ensure compliance with frameworks such as ISO 27001, HITRUST, GDPR, HIPPA, SOC and SOX. Collaborate with IT, security, and business stakeholders to identify risks and recommend mitigation strategies. Develop corporate Information Security policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape. Providing ISMS awareness trainings. Responding to the Client SIG questionnaires.

Our technology services client is seeking multiple DevSecOps Security Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: DevSecOps Security Engineer Experience: 5- 7 Years Location: Mumbai, Pune, Hyderabad, Bangalore, Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: Devops Support, GitHub Actions, CI/CD Pipelines, Argocd , Snyk, multicloud (AWS/AZure/GCP) GIT, MS Tools, Docker, Kubernetes, Jfrog, SCA & SAST Job Description: A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming. Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. Strong passion and technical expertise to automate security functions via code. Strong technical expertise with Application, Cloud, Data, and Network Security best practices. Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. Strong technical expertise with SDLC, CI/CD tools, and Deployment Automation. Strong technical expertise with operating security for Windows Server and Linux Server systems. Strong technical expertise with configuration management, version control, and DevOps operational support. Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies such as Snowflake. Role Responsibilities Development & Enforcement Develop and enforce engineering security policies and standards. Develop and enforce data security policies and standards. Drive security awareness across the organization. Collaboration & Expertise Collaborate with Engineering and Business teams to develop secure engineering practices. Serve as the Subject Matter Expert for Application Security. Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Analysis & Configuration Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. Lead security testing, vulnerability analysis, and documentation. Operational Support Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). Develop incident response and recovery strategies. Qualifications Basic Qualifications 5+ years of experience in developing and deploying security technologies. A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. Experience with modern Software Development Lifecycles and CI/CD practices Experience for the remediation of vulnerabilities sourced from Static Analysis (SAST), Open Source Scanning (SCA), Mobile Scanning (MAST) and API Scanning Proficiency in Public Clo\ud (AWS/Azure/GCP) & Network Security. Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). Preferred Qualifications Strong technical expertise with Architecting Public Cloud solutions and processes. Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. Familiarity with OWASP Application Security Verification Standard Experience with direct, remote, and virtual teams. Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, CodeQL, Checkmarx, and Snyk. Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. Education A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. If you are interested, share the updated resume to hema.g@s3staff.com

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. In regulatory risk compliance at PwC, you will focus on confirming adherence to regulatory requirements and mitigating risks for clients. You will provide guidance on compliance strategies and help clients navigate complex regulatory landscapes. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. As an Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 1 - 3 years

Responsibilities include but are not limited to the following: Proactively troubleshoot and resolve complex Azure service-related issues to maintain optimal performance and uptime. Expertise in deploying, managing, and configuring Azure Virtual Machine Scale Sets (VMSS) ,App services for scalable compute resources. Deploy and ptimizae Azure Storage resources including Blob Storage and Cosmos DB, to ensure efficient and secure data management. Implement robust Azure vulnerability management processes, identifying and addressing security risks promptly. Configure and manage network components such as Application Gateways, NAT Gateways, and Azure Traffic Manager to optimize network routing and application delivery. Extensive experience with Azure PaaS solutions like Azure Functions and Web Services, driving cloud-native development and efficient scaling of applications. Analyze Penetration Testing reports to identify vulnerabilities and implement mitigation strategies to enhance security posture. Perform in-depth troubleshooting, root cause analysis, and performance benchmarking to resolve operational issues and optimize performance. Demonstrated expertise in scripting with Devops,PowerShell and Bash to automate tasks and streamline infrastructure management. Good to Have: 1.Good knowledge on Healthcare compliance frameworks like SOC2 and HITRUST 2. Experience migrating code from TFS to Azure Devops Must-Have: -Minimum 2 years of experience in Azure cloud infrastructure. -Azure Core Platform: Compute, Storage, Networking required -Experience in one or more automation languages (PowerShell, Terraform) desired.

About The Role Hinge Health software engineers work on small interdisciplinary teams focused on different parts of the user journey. Fullstack engineers contribute to their team’s success by building and extending secure, scalable services and exposing clear, well-tested APIs that power beautiful client applications. Fullstack engineers design and implement end-to-end solutions, profile their systems to stay out ahead of scaling bottlenecks, and help maintain a high bar with thoughtful and constructive code reviews. In addition to contributing to valuable new features, software engineers pay down tech debt, spike on novel solutions, and share responsibility for healthy live site operation. We expect team members to use clear, concise language to navigate abstract solutions, provide constructive PR feedback, and actively participate in planning sessions and team meetings. We are a hybrid team working across a handful of timezones with Pacific time core hours. The team uses remote pairing tools and collaborates frequently across all levels of seniority with an emphasis on empowering one another and leveling up as a team. We enjoy a continuous deployment DevOps culture, and take owner-operator pride in supporting our code in production. Our production systems rely on React Native, React, Node.js, TypeScript, Nestjs, GraphQL, Docker, Rails, AWS, Postgres, Redis, Apollo, and Redux. Our workflow is trunk-based CI/CD, and our security/compliance posture is at the highest standards of healthcare, including HIPAA, HITRUST, SOC 2, and CCPA. What You'll Accomplish Complex Problem Solving: Solves problems that have minimal visible risks or roadblocks but a multitude of possible states, execution paths, asynchronous control flow, or late-binding dependencies Code Reviews and Direction: Able to review code and provide constructive direction. Gives consistently clear and constructive PR feedback Debugging: Able to debug familiar code or systems easily and can debug unfamiliar code with some effort. Prepares to work on new tasks by planning an approach ahead of time and confirming it's well thought out AI Tools: Utilizes AI tools for team-level efficiency and quality. Understands the technical concepts necessary to do the job effectively and is aware of industry trends in their domain Planning and Estimation: Participates in the team's planning and is learning to estimate how long work will take. Utilizes new technologies and patterns to supplement their own skills Post-Release Ownership: Takes ownership of their work after it's released and quickly addresses issues as they arise. Solves problems with multiple states and execution paths Observability: Demonstrates a good understanding of tools like New Relic, DataDog, or Sentry to monitor errors and performance Operational Excellence: Demonstrates operational excellence by planning approaches ahead of time, utilizing new technologies, and participating in team planning and estimation Hinge Health Hybrid Model We believe that remote work and in-person work have their own advantages and disadvantages, and we want to be able to leverage the best of both worlds. Employees in hybrid roles are required to be in the office 3 days/week. Basic Qualifications Bachelor’s Degree in Computer Science or related technical degree 2+ years of non-internship full time professional software development experience 2+ years of experience with React JS framework on UI and Node JS/ Typescript on the backend 2+ years of experience in the full software development life cycle Experience with AI/ML technologies such as LLMs, RAG, or agentic AI Experience with using AI tools such as Github copolit or Cursor Preferred Qualifications Experience building user facing features Experience working on a development team of 5+ engineers Experience on hosting the solution on Cloud like AWS Familiarity with Generative AI technologies Good understanding of database systems and data processing technologies About Hinge Health Hinge Health leverages software, including AI, to largely automate care for joint and muscle health, delivering an outstanding member experience, improved member outcomes, and cost reductions for its clients. The company has designed its platform to address a broad spectrum of MSK care—from acute injury, to chronic pain, to post-surgical rehabilitation—and the platform can help to ease members’ pain, improve their function, and reduce their need for surgeries, all while driving health equity by allowing members to engage in their exercise therapy sessions from anywhere. The company is headquartered in San Francisco, California. Learn more at http://www.hingehealth.com What You'll Love About Us Inclusive healthcare and benefits: On top of comprehensive medical, dental, and vision coverage, we offer employees and their family members help with gender-affirming care, tools for family and fertility planning, and travel reimbursements if healthcare isn’t available where you live. Planning for the future: Start saving for the future with our traditional or Roth 401k retirement plan options which include a 2% company match. Modern life stipends: Manage your own learning and development Diversity and Inclusion Hinge Health is an equal opportunity employer and prohibits discrimination and harassment of any kind. We make employment decisions without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, pregnancy, or any other basis protected by federal, state or local law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. We provide reasonable accommodations for candidates with disabilities. If you feel you need assistance or an accommodation due to a disability, let us know by reaching out to your recruiter. By submitting your application you are acknowledging we are using your personal data as outlined in the personnel and candidate privacy policy. Workday ID JR1583

Job Information Date Opened 04/29/2025 Job Type Full time Industry Consulting Work Experience 4-5 years City Noida State/Province Uttar Pradesh Country India Zip/Postal Code 201301 Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. Responsibilities: As a Senior Data Protection Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 4+ years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. Join and hustle with the India's fastest privacy and information security consulting company.

Job Information Date Opened 02/24/2025 Job Type Full time Industry Consulting Work Experience 1-3 years City Noida State/Province Uttar Pradesh Country India Zip/Postal Code 201301 Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. Responsibilities As a Senior Data Privacy Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements Possess a sound knowledge of fundamentals of information security systems. Have 2-3 years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Opportunity to work with a dynamic and innovative team. Career growth and development opportunities. Competitive salary and benefits package. A supportive work environment that values creativity and initiative.

Job Information Date Opened 02/24/2025 Job Type Full time Industry Consulting City Noida State/Province Uttar Pradesh Country India Zip/Postal Code 201305 Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. We are seeking a talented and dynamic Senior Infosec Consultant to join our team who has a good exposure towards managing the projects relating to Information security domain and privacy protection from scratch. Experience: 2+ years Location: Noida Key Objective and Responsibilities: As an Assistant Manager, you will be entrusted with the following key responsibilities: Experience in leveraging industry standards and frameworks such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Data Audits and Assessments: Conducting regular data protection impact assessments (DPIAs) and audits to identify and mitigate privacy risks associated with data processing activities. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Requirements To be considered for this role, the candidate must meet the following requirements: Hold relevant qualifications such as CIPP/E, CIPM, FIP, DCPLA, CDPO/IN, CDPO/P, ISO 27001 LA/LI, ISO 27701 LA- preferred. Minimum 2 years of related work experience; or a master’s or MBA degree in business, computer science, information systems, engineering and/or data protection. Possess a sound knowledge of fundamentals of information security systems. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Showcase excellent communication skills, both written and verbal. Proficiency in Microsoft Office Suite (Word, Excel, Power point). Benefits Opportunity to work with a dynamic and innovative team. Career growth and development opportunities. Competitive salary and benefits package. A supportive work environment that values creativity and initiative. Join and hustle with the India's fastest privacy and information security consulting company.

At Securonix, we’re on a mission to secure the world by staying ahead of cyber threats, reinforcing all layers of our platform with AI capabilities. Our Securonix Unified Defense SIEM provides organizations with the first and only AI-Reinforced solution built with a cybersecurity mesh architecture on a highly scalable data cloud. Enhanced by Securonix EON ’s AI capabilities, our innovative cloud-native solution delivers a seamless CyberOps experience, empowering organizations to scale their security operations and keep up with evolving threats. Recognized as a five-time leader in the Gartner Magic Quadrant for SIEM and highly rated on Gartner Peer Insights , our award-winning Unified Defense SIEM provides organizations with 365 days of ‘hot’ data for rapid search and investigation, threat content-as-a-service, proactive defense through continuous peer and partner collaboration, and a fully integrated Threat Detection, Investigation, and Response (TDIR) experience—all within a single platform. Built on a cloud-native architecture, the platform leverages the Snowflake Data Cloud for unparalleled scalability and performance. Securonix is proud to be a cybersecurity unicorn and featured in CRN's 2024 Security 100 list. Backed by Vista Equity Partners , one of the largest private equity firms with over $100 billion in assets under management, we have a unique advantage in driving innovation and growth. With a global footprint, we serve more than 1,000 customers worldwide , including 10% of the Fortune 100. Our network of 150+ partners and Managed Security Service Providers (MSSPs) enables us to deliver unmatched security solutions on a global scale. At Securonix, we are driven by our core values and place our people at the heart of everything we do: Winning as One Team: We work together with universal respect to achieve aligned outcomes Customer Driven Innovation: We innovate to stay ahead of the market and create value for our customers Agility in Action: We embrace change and are unified in our purpose and objectives amidst change Join us as we redefine cybersecurity, innovate fearlessly, and grow together as one team. Summary: The Security Risk and Compliance Analyst I will be responsible for executing control assessments and ensuring that compliance with regulatory and industry mandates that include SOC1, SOC2, PCI, GDPR, ISO 27001, HIPAA, HITRUST, FEDRAMP and others are maintained. Reporting to the Manager of Information Security Compliance, this role will be responsible for executing control self-assessments, creating and maintaining policy documentation, assisting in maintaining the risk register and overall maintenance of the organization’s compliance posture. Essential Functions of the Job: Conduct controls assessments to identify and assess Information Security risks within the Securonix IT environment. Securonix IT General Controls to ensure our continued compliance with our regulatory and industry mandates. Ensure that control self-assessments are conducted in a timely manner ensuring completeness and accuracy Maintain documentation of control assessments and risks in the GRC tool. Ensure that appropriate documentation in the form of policies, standards and procedures is created and managed to support the various security, compliance and audit requirements. Co-ordinate execution of Pen Tests, Vulnerability scans and reporting. Work on remediation actions for identified findings and track them to closure. Work with other teams in the IT org to establish standards and process for maintaining and improving the organization’s security posture Assist in continuous improvement and maturing the Information Security GRC program Additional Job Functions: Maintain the risk register with up-to-date risk details, and track risk response plans(remediation/exceptions) to closure Perform audits and assessments of third parties such as vendors, service providers, consulting organizations etc. as required. Work closely with Technology and Security teams to develop appropriate remediation action plans for identified risks. Knowledge and Skill Requirements: Demonstrated experience in performing risk/control assessments against compliance frameworks such as COSO, COBIT, NIST, ISO 27001, etc. Understanding of IT General Controls in relation to SOC1, SOC2, HIPAA,HITRUST, GDPR, FEDRAMP and other compliance initiatives. Familiarity with IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security is desirable. Familiarity with cloud and SaaS-based environments and technologies with associated auditing methodologies is desirable Bachelor’s / Master’s degree in a computer or information management field or similar work experience. Relevant certifications like CISSP, CISA, CRISC, ISO 27001 – Lead Auditor/Lead Implementer desirable, but not mandatory Strong attention to detail, influencing and problem resolution skills. 2+years’ experience in Information Security - IT audit and/or IT Risk & Compliance roles Benefits: As a full-time employee with Securonix, you will be eligible for the following employee benefits: Health Insurance with a total sum insured is INR 7,50,000 Coverage: Self, Spouse, 2 kids, Dependent parents, or parents-in-law Personal Accident with total sum insured is INR 10,00,000 Term Life Insurance with a sum assured for employees is 5 times fixed base pay is covered. Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training. Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.

About Milliman MedInsight Leading with our core values of Quality, Integrity, and Opportunity, MedInsight is one of the healthcare industry’s most trusted solutions for healthcare intelligence. Our company aims to empower easy, data-driven decision-making on important healthcare questions. Through our products, education, and services, MedInsight is impacting healthcare by helping to drive better patient outcomes while reducing waste. Over 300 leading healthcare organizations have come to rely on MedInsight analytic solutions for healthcare cost and care management. MedInsight is a subsidiary of Milliman, a global, employee-owned consultancy that provides actuarial consulting, retirement funding, healthcare financing, enterprise risk management and regulatory compliance, data analytics, business transformation, and a range of other consulting and technology solutions. Role Overview As an Azure Cloud Support Specialist, this professional will provide first-line triage and service desk support to internal users and clients, focusing on Azure cloud services. The right candidate will be highly motivated, a self-starter, and capable of working independently. Strong written and verbal communication, attention to detail, and troubleshooting skills are necessary to be successful in this position. Key responsibilities will include the following: Primary Responsibilities Respond to and resolve help desk requests on ServiceDesk Plus ticketing tool related to Azure services. Assist in monitoring Azure systems daily and respond immediately to security or usability concerns as they relate to cloud operations. Manage Azure resources, including virtual machines, Azure Entra ID, Azure Data Factory (ADF), Azure DevOps, and Azure Databricks. Identify, research, and resolve Azure-related technical problems in a timely manner. Apply updates, patches, and configuration changes to VMs as required. Manage and maintain in-house IT operations applications. Follow and enforce security compliance standards and company policies, with a focus on Azure security best practices. Ensure compliance with SOC2 and HITRUST audits through Azure governance and monitoring tools. The timing for this position is 9 PM-5AM IST but should be flexible for changes in the shift timings. This is a work from home opportunity with frequent office visits as required. Skills And Requirements Candidates must be team players with strong interpersonal skills and proven experience in a cloud support or help desk role. This position requires the following minimum requirements: 1-3 years’ experience in a help desk or cloud support role. Experience managing users, groups, and roles in Azure Entra ID. Knowledge and hands-on experience with Azure Data Factory (ADF), Azure DevOps, and Azure Databricks. Microsoft Azure Fundamentals (AZ-900) certification. Excellent troubleshooting skills for Azure services and resources. Experience managing Azure virtual machines and related services. Experience working with Azure monitoring tools (e.g., Azure Monitor, Log Analytics). Ability to communicate clearly, verbally and in writing. Reliable high-speed internet connection for remote work. Preferred Skills Microsoft Azure Administrator Associate (AZ-104) certification. Experience working in a regulated environment (e.g., HIPAA). Knowledge of PowerShell scripting for Azure automation. Familiarity with Azure governance and cost management tools.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities: Work in a team environment, which includes being involved in an on-call rotation Provide essential communication skills while working with vendors and clients Participate in weekly/monthly infrastructure maintenance exercises Lead IT and Security projects in various scales Handle new Security findings and work with appropriate teams to resolve findings Demonstrate the need for security fundamentals and ensure policies and procedures are being executed across the environment Configure, update, and maintain various software as required Utilize various Security software to drive future work and projects with other teams Utilize security best practices to remediate findings in security audits (PCI, SOC, HIPAA, HITRUST, etc.) Coordinate with EIS and other teams on corporate security practices and guidelines Install, configure, troubleshoot, maintain, patch, and upgrade server operating systems (Windows Server 2012–2025, Linux) Assist and support with designing and implementing public cloud infrastructure for future scalability and reliability (OCI, Azure, AWS, etc.) Identify technical threat mitigation best practices in the software and financial services industries. Propose new technologies and adapt strategies to evolving threat information Perform daily, weekly, and monthly tasks and duties as needed to ensure a secure environment Have an "automate first" mindset to reduce workload and speed the ability to deliver An individual in this position must be able to successfully perform the essential duties and responsibilities listed above. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: 5+ years of systems administration with Windows Server infrastructure in a large enterprise 5+ years of systems administration with Linux OS infrastructure in a large enterprise 3+ years of working in and securing a cloud environment (O365, Azure, OCI) 3+ years of experience working with various security tools (SIEM, FIM, vulnerability scanners, AV, patch management) 3+ years of experience with configuration and implementation of Security Protocols and IT Infrastructure Experience assisting with security audits (PCI, HITRUST, HIPAA, and SOC) General IT Security knowledge and applying best security practices Proven solid interpersonal skills, ability to mentor/train staff and bring awareness to current and emerging threats Proven ability to work efficiently and self-motivate with little to no supervision Proven ability to script or automate processes leveraging tools like Terraform Proven ability to leverage AI to speed the ability to deliver solutions Demonstrate subject matter expertise on enterprise system administration At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

Designation- Security and Compliance Analyst Key expectations- Quickly understand requirements and translate them into actionable tasks. Coordinate with business teams and vendors for compliance-related activities. Analyze security risks, conduct research, and implement compliance measures. Identify and resolve security and compliance-related issues effectively. Work collaboratively with teams to meet security and compliance goals. Monitor and report the status of IT audit recommendations and compliance gaps. Maintain and track risk assessments as per regulatory requirements. Assist in developing security frameworks to meet compliance standards. Develop and maintain security baselines for different platforms and tools. Support the implementation of security and compliance strategies. Manage internal and external audits, due diligence checks, and regulatory reviews. Well versed with local regulatory and international standards like ISO27001-2022 , HiTrust, HIPAA, SOC1, SOC2, GDPR, US Privacy Law, Indian Privacy Law, India IT Act, NIST800-53, NIST Supply Chain Security framework, NIST framework to address Vendor and Supplier Security management etc. Experience- BE/BTech/B.Sc Comp/BCA/MCS/M.Sc Comp/IT 4-5 Yrs Experience in Security Compliance Hands on Experience in Internal Audit and Risk Assessment Hands-on experience in risk assessment, compliance gap analysis, and security policy enforcement. Strong understanding of IT security policies, access controls, and regulatory compliance requirements. Experience in Business Impact Analysis (BIA), risk mitigation strategies, and compliance tracking. Experience in preparing reports, risk registers, and compliance tracking sheets. Strong communication skills for reporting and policy documentation. Collaboration with IT, legal, and audit teams to ensure a smooth compliance process. Strong analytical and problem-solving skills to assess security risks and compliance gaps.

About the client : Our Client is a global technology company, home to more than 220,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Mode of working: Hybrid (3 Days from Office) Experience : 6 - 12 years Location: Noida /Bengaluru/ Pune Roles and Responsibilities: Lead and Manage Secure Design review and Thread modelling for Applications (On premise and SaaS based Applications) Develop and implement comprehensive security strategies to safeguard application systems. Define security best practices and standards and Lead Secure Software Development Lifecycle best practices and standards. Oversee security incident response and mitigation efforts, ensuring quick and efficient handling of security breaches or threats. Conduct regular penetration testing, Red team exercise, security assessments and audits to identify vulnerabilities and implement corrective measures. Collaborate with application stakeholders to develop security roadmaps and participate in daily standups to align security initiatives with organizational goals. Foster a culture of continuous improvement in Application security including Development,Supply chain security and AI/ML Experience in managing Business Continuity and Crisis management Staying up-to-date on the latest Application security technologies, trends, and best practices. A strong understanding of cloud computing technologies, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Knowledge of security frameworks such as SANS,OWASP, NIST and ISO Framework. Certifications such as Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP), or Certified Cloud Architect (CCA) are preferred. Extensive knowledge and experience with developing Cloud Security Frameworks using industry best practices such as those from the Cloud Security Alliance (CSA) and NIST CSF and regulatory requirements such as HIPAA, HITrust and PCI or closely related. Understanding of industry regulatory and compliance requirements (i.e., FedRAMP, PCI-DSS, NIST, HIPAA) and skilled at interpreting the compliance and security requirements into implementable and repeatable controls. Skills and Qualification: Threat Modelling - STRIDE Proficiency in reading, writing, and auditing code and the ability to learn new languages/technologies including but not limited to - C#,.Net,.Net Core, Python,NodeJS,Javascript,VueJS. Experience with OWASP Top10 or SANS Top 25 Knowledge of OAuth 2.0/OpenID Connect/ Cryptography Knowledge of Responsible AI and ML Security. Knowledge of Supply chain, Secure build and Container platform security. Knowledge of Pen Testing and Vulnerability assessment platform Knowledge of SAST/DAST/Open Source/Code quality/Code Smell management tools AWS,Azure and GCP Native Security service awareness