2693 Information Security Jobs - Page 10

The FLD team is looking for a Senior Software Development Engineer who can develop Enterprise applications using Java J2EE stack. Also, development of Portals which would be either used by customer care, end user, customer representatives etc. The ideal candidate is the one who is passionate about designing & developing high quality code which is highly scalable, operable & highly available Role: Develop (code) Enterprise Application with quality, within schedule and within estimated efforts. Assist Lead Engineer in low level design Provide estimate for the assigned task Write and execute Unit, Integration test cases Provide accurate status of the tasks Perform peer review and mentor junior team members Must have the ability to work in a team, with collaboration providing more cross-functionality with other internal/external team. Must have the ability to confidently and quickly make a decision is the hustle-bustle environment in order to maintain the ability of rapid development and deployment of new coding changes. Must have an experience in building and maintaining an efficient, cost-effective, fault-tolerant server-side infrastructure. Most importantly, we are looking for a technically strong, hands-on engineer, who has desire to: 1) constantly learn more about new Java technologies work within a Mastercard technology stack (PCF, NiFi, NATS, Kafka, Splunk, Redis, Oracle and simplify the usage of these new tools by creating common libraries, interfaces to use the new toolstack efficiently 2) maintain and extend existing infrastructure and perform the tuning activities based on the need of the application, 3) take pride in overall product quality, 4) work with others, including software engineers and product managers to build the best products in the industry. 5)Must have soft skills as we'll as technical in order to Communicate, collaborate and work effectively in a global environment. Public speaking as a technology evangelist for Mastercard 6)Comply with organizations processes. Policies and protects organization s Intellectual property. Also, participate in organization level process improvement and knowledge sharing Essential knowledge, skills & attributes Hands on experience with core Java, Spring Boot, Spring (MVC, IOC, AOP, Security), SQL, RDBMS (Oracle), Web-services (JSON and SOAP), Kafka, Zookeeper Hands on experience of using Intellij/Eclipse/My Eclipse IDE Hands on experience of writing Junit test cases, working with Maven/Ant/Gradle, GIT Knowledge of Design Patterns Experience of working with Agile methodologies. Personal attributes are strong logical and Analytical Skills, design skills, strong communication written and verbal skills Knowledge of Security concepts (eg authentication, authorization, confidentiality etc) and protocols, their usage in enterprise application Hands on experience of working with tools like Mockito, JBehave, Jenkins, Bamboo, Confluence, Rally Additional/Desirable capabilities: Experience of working in Payments application Domain Hands on experience of working with tools like Mockito, JBehave, Jenkins, Bamboo, Confluence, Rally Expert in using atleast one of the industry leading Cloud Technologies like Amazon Web Services (AWS), Microsoft Azure or Google Cloud. Expert in using atleast one of the industry leading SQL/NoSQL Databases like Oracle, Cassandra, MongoDB and Distributed caching like Redis, Hazelcast, Memcached etc

We are currently seeking a Software Development Engineer-II for Business Intelligence platforms within the Data & Services group. You will own end-to-end delivery of engineering projects for some of our analytics and BI solutions that leverage Mastercard dataset combined with proprietary analytics techniques, to help businesses around the world solve multi-million dollar business problems. Roles and Responsibilities: Work as a member of an agile team to design, build, test, and deploy new products and features. Produce high quality code while employing Mastercard accepted Development & Testing principles, best practices, and tooling. Independently apply problem solving skills to identify symptoms and root causes of issues. Make effective and efficient decisions even when data is ambiguous. Provide technical guidance, support and mentoring to more junior team members. Make active contributions to architectural decisions and make technology recommendations that balance business needs and technical requirements. Proactively understand stakeholder needs, goals, expectations and viewpoints, to deliver results. Ensure design thinking accounts for long term maintainability of code. Thrive in a highly collaborative company environment where agility is paramount. Stay up to date with latest technologies and technical advancements through self-study, blogs, meetups, conferences, etc Perform system maintenance, production incident problem management, identification of root cause & issue remediation. All About You: bachelors degree in information technology, Computer Science or Engineering or equivalent work experience, with a proven track-record of successfully delivering on complex technical assignments. A solid foundation in Computer Science fundamentals, Front End Dev, web applications and microservices-based software architecture. Full-stack development experience, including .NET Framework/.NET Core, .NET MVC, Angular/React/VUE, Databases (SQL Server), HTML/JavaScript/ jQuery, Web API, CI , CD ( Build and release management) , GIT Commands. Excellent ReactJs, Redux and Type script knowledge with we'll verse with front end troubleshooting skills, Front end Unit testing (Cypress) Handson. Excellent SQL skills, with experience working with large and complex data sources and capability of comprehending and writing complex queries. Experience working in Agile teams and conversant with Agile/SAFe tenets and ceremonies. Strong analytical and problem-solving abilities, with quick adaptation to new technologies, methodologies, and systems. Excellent English communication skills (both written and verbal) to effectively interact with multiple technical teams and other stakeholders. High-energy, detail-oriented and proactive, with ability to function under pressure in an independent environment along with a high degree of initiative and self-motivation to drive results.

The Senior Product Manager - Technical role is an important member of our software development teams here at Mastercard. The PM-T works closely in partnership with Product Managers, Solution Architects, and development teams to identify & elaborate technical requirements that meet product business requirements. The PM-T will need to develop strong working knowledge of all relevant Mastercard applications and systems to be effective. Key Responsibilities Work with internal / external stakeholders to clarify, understand, gather and document detailed product requirements which should be implemented Produce written documentation of the client s business, functional and non-functional requirements Prepare system analysis of business requirements (use cases, activity diagrams, interface specifications) Technical analysis of product or application to ensure that business and functional requirements can be met. Actively participate in solution design discussions for small to medium complexity initiatives Prioritize and identify cross domain / application / system enhancements Identify key dependencies and knock-on impacts of new development work Collaborate with development team on software designs Act as a liaison and key communication bridge between the development and business teams Act as a technical consultant for Product team during design, development & implementation of new products/services Lead review sessions of functional & technical requirements & maintain relevant documentation including internal knowledge base All about you Experience in product, program, or service management with a technology focus. Skilled in organizing and aligning customer activities with product development roadmaps. Proficient in defining and structuring customer objectives, goals, strategies, and success metrics. Experienced in facilitating both technical and non-technical virtual workshops, trainings, and problem-solving sessions to identify product requirements & convert them in system requirements. Adept at translating customer use cases into actionable, testable backlog items and managing their prioritization. Strong understanding of technologies, architectural design, and product features that support customer needs; able to contribute meaningfully to technical discussions and strategy. Proven track record of delivering end-to-end software changes or customer onboarding experiences with a focus on learning outcomes and continuous improvement. Hands-on experience in API development. High-energy, detail-oriented, and proactive, with the ability to manage competing demands independently. Demonstrates strong initiative and self-motivation, with a readiness to embrace challenging opportunities. Excellent verbal and written communication skills, with strong collaboration, relationship-building, and organizational abilities. Solid technical knowledge and capability Comfortable working at a detailed level with interface specifications & doing related data mappings to and from APIs Collaboration & thoughtful risk-taking mindset Willingness to learn and get stuck in

The Open Banking Business Intelligence (OB BI) team plays a pivotal role in shaping the future of Open Banking by delivering data-driven insights, automation, and analytics solutions. Our mission is to democratize access to data and enhance the user experience (UX) across all Open Banking products and services. As an Associate Analyst, you will work alongside seasoned analysts to analyze consumer journeys, funnel performance, and API-driven data to optimize user interactions within our Open Banking ecosystem. This role provides an excellent opportunity for those eager to build a career in data analytics, UX, and fintech. Key Responsibilities: - Support UX and funnel analytics by examining user interactions, conversion rates, and behavioral trends. - Assist in collecting and synthesizing data from multiple sources, including API data and Open Banking platforms. - Apply data visualization techniques to convey insights clearly using tools such as Tableau and Power BI. - Work closely with product managers and developers to identify opportunities for optimizing customer experiences. - Conduct data cleaning, exploration, and validation to ensure high-quality analysis. - Collaborate with cross-functional teams to standardize and automate reporting processes. - Participate in data-driven storytelling to make complex findings actionable. About You: - Bachelors degree in Computer Science, Data Analytics, Economics, Statistics, or a related field. - Strong analytical skills with an interest in user behavior and Open Banking trends. - Familiarity with SQL, Python, or R for data analysis is a plus. - Experience with data visualization tools like Tableau, Power BI, or Excel. - Understanding of fintech, payments, or banking ecosystems (preferred but not required). - Strong communication skills with a willingness to learn and collaborate. - Ability to work in a fast-paced environment and manage multiple projects effectively.

Apply Experience in privacy compliance and management. Understanding of data protection laws and regulations such as GDPR, CCPA, DPDPA, PDPL etc. Drafting general corporate and commercial contracts experience is must. Strong interpersonal skills & high degree of attention to detail. Certifications in Privacy would be an added advantage.

Job Description Summary The Identity & Access Management Program Manager is responsible leading efforts to provide system users, system owners, and business leaders with identity & access management processes and procedures that adhere to regulatory requirements and uphold business governance in a compliant, reliable & user friendly method Job Description Roles and Responsibilities In this role, you will be responsible for supporting the development, implementation, and monitoring of identity compliance initiatives within the organization. This role involves ensuring that all identity-related processes, policies, and systems comply with relevant regulations and standards. The ideal candidate will have a strong understanding of identity management, regulatory compliance, risk management, knowledge and expertise in SOX and awareness of data privacy regulations. This role requires a strong technical background, with the ability to translate compliance requirements into actionable tasks. Project management skills will be advantageous. Key Responsibilities: Compliance Analysis: Analyze identity management processes to ensure compliance with relevant regulations, standards, and internal policies. Policy Support: Assist in the development, implementation, and maintenance of identity compliance policies and procedures. Data Collection: Collect and analyze data related to identity management to identify compliance gaps and areas for improvement. Audit Preparation: Support internal and external audits related to identity compliance by preparing necessary documentation and reports. Incident Response: Assist in investigating and responding to identity-related incidents, ensuring timely resolution and documentation. Training and Awareness: Support the development and delivery of training programs to educate employees on identity compliance requirements and best practices. Reporting: Generate regular reports on identity compliance status, issues, and improvements for review by senior management. Collaboration: Work closely with IT, Legal, HR, and other departments to ensure a cohesive approach to identity compliance. Continuous Improvement: Stay updated on industry trends, regulatory changes, and best practices in identity management and compliance. Qualifications: Education: Bachelor s degree in Information Security, Computer Science, Business Administration, or a related field. Experience: Minimum of 2-4 years of experience in identity management, compliance, or a related field. Certifications: Relevant certifications such as Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) are preferred. Knowledge: Strong understanding of identity management frameworks, regulatory requirements (e.g., SOX, GDPR), and industry standards (e.g., ISO 27001). Skills: Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team. Attention to Detail: High level of accuracy and attention to detail in all aspects of work. Relocation Assistance Provided: No

HackIT Technology & Advisory Services is looking for Security Analyst - Red Team to join our dynamic team and embark on a rewarding career journey Gather, interpret, and analyze data to identify trends, patterns, and opportunities that support strategic decision-making Prepare clear, actionable reports, dashboards, and visualizations using tools like Excel, SQL, Power BI, or Tableau Collaborate with stakeholders to define business problems and recommend data-driven solutions Ensure data integrity, validate findings, and document methodologies Present insights to management and cross-functional teams in a concise and impactful manner Stay updated on industry best practices, tools, and emerging trends to enhance analysis quality and business outcomes

Provides administrative support to call centre processes. Job title: Executive - Finance Operations Job Description: Undertakes basic administrative tasks Ensures that complete documentation is maintained either in electronic or hard copy form. Transmits information or documents to customers, using computer, or mail Accurately captures data and enters it on to the relevant systems Works within the requirements of data privacy legislation. Location: Pune , India Time Type: Full time Contract Type: Permanent

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About Team : The Internal Audit team at Paytm comprises seasoned professionals with diverse skill sets and experience across different verticals like process audits, technology audits and forensics. The team focuses on implementing the approved audit plan, ensuring delivery of qualitative audits and conducting internal / special reviews while leveraging technology & data analytics and gauging key risks across business processes. About the role: We are seeking an experienced and detail-oriented Information Security and Cloud Security Auditor to join our team. The ideal candidate will have 3-7 years of expertise in data security and privacy control implementation, internal auditing, third-party risk management, cybersecurity governance, and cloud security (banking sector preferred). This role will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing our information security policies and procedures. Key Responsibilities: Conduct IT and cloud security audits across various domains, including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. Follow up on and ensure closure of non-compliance issues identified during audits. Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions. Conduct risk-based security assessments on internal, vendor, and third-party hosted environments, focusing on both traditional IT and cloud infrastructure. Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions. Experience/ Skills Required: Minimum 5 years of experience in information security and auditing, with a strong background in cloud security, and the banking and IT industries. Proven experience in performing IT and cloud security audits, validating ITGC and cloud application controls, and maintaining audit documentation. Hands-on experience with vulnerability management, risk management, physical security, identity & access management, encryption, secure development, incident management, security infrastructure, and security policy for both on-premises and cloud environments. Expertise in third-party risk management, regulatory compliance, and managing IT audit findings in both traditional and cloud-based contexts. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Qualifications & Certification: Bachelor's / Master’s degree in Information Technology, Cyber Security, or a related field. ISO 27001/CNSS/CCNA/CISA/CISM/CISSP Preferred Detailed knowledge of security tools, PCI-DSS, general ITGC controls, compliance testing, cloud risk assessment, GRC, OWASP, MITRE ATT&CK, change management, and policies and procedures. Proficiency in various security and cloud technologies including AWS, Azure, Google Cloud Platform, Palo Alto, Fortinet & Checkpoint Firewalls, SOAR (Cortex), Force scout Why join us 1. A collaborative output driven program that brings cohesiveness across businesses through technology 2. Improve the average revenue per use by increasing the cross-sell opportunities 3. A solid 360 feedback from your peer teams on your support of their goals 4. Compensation: If you are the right fit, we believe in creating wealth for you With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it. India’s largest digital lending story is brewing here. It’s your opportunity to be a part of the story!

: Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About the role: As a Vendor Risk Operations team member, you will play a critical role in safeguarding Paytm from potential risks associated with our vendor ecosystem. You will be responsible for conducting comprehensive vendor risk assessments, ensuring compliance with internal policies and regulatory requirements, and actively contributing to the continuous improvement of our vendor risk management framework. This role requires a keen eye for detail, strong analytical skills, and the ability to collaborate effectively with various stakeholders. Conduct end-to-end vendor risk assessments across various risk domains (e.g., Vendor deduplication, information security, financial stability, business continuity, regulatory compliance, data privacy). Collaborate with business units to understand their vendor requirements and associated risks. Review vendor-provided documentation, certifications, and audit reports to identify potential vulnerabilities. Conduct Mystery-shopping wherever required Track and monitor vendor remediation efforts to ensure timely closure of identified risks. Maintain accurate and up-to-date vendor risk profiles and assessment records. Assist in the development and enhancement of vendor risk assessment methodologies, tools, and processes. Contribute to the ongoing development and implementation of Paytm's vendor risk management framework. Generate regular reports on vendor risk posture and assessment progress for internal stakeholders. Participate in ad-hoc projects and initiatives related to vendor risk management as required. Expectations/: Educational QualificationBachelor's degree in Business Administration, Finance, IT, Risk Management, or a related field. Experience2-5 years of experience in vendor risk management, third-party risk management, internal audit, compliance, or a similar risk-focused role. Domain KnowledgeStrong understanding of various risk domains, including information security, data privacy (e.g., GDPR, local data protection laws), financial risk, operational risk, and regulatory compliance. Understanding of Technology and User ExperienceAn appreciation for how technology solutions are built and how they impact user experience will be valuable in assessing vendor capabilities and potential risks. Analytical & Problem-Solving Skills: Excellent analytical and problem-solving skills with the ability to conduct deep dives, identify, assess, and mitigate risks effectively. Advanced Knowledge of Excel is required for data analysis and reporting. Basic knowledge of MySQL would be an added advantage for data retrieval and manipulation. Communication & Interpersonal Skills: Good communication and interpersonal skills, with the ability to present complex information clearly and concisely to diverse audiences. Strong written communication for documentation and reporting. High level of drive, initiative, and self-motivation. Ability to work independently, prioritize tasks, and manage multiple assessments simultaneously in a fast-paced environment. A willingness to experiment, learn quickly, and continuously improve processes and personal skills. Certifications (Preferred but not mandatory)CISA, CRISC, CISM, or other relevant certifications in risk management or information security. Why join us: A collaborative output driven program that brings cohesiveness across businesses through technology Improve the average revenue per use by increasing the cross-sell opportunities A solid 360 feedbacks from your peer teams on your support of their goals CompensationIf you are the right fit, we believe in creating wealth for you with enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it

6 -8 Years experience on creating Design documents, Implementation/ Change Management Plans or Optimization of reports (beyond day-to-day routine operations) is a must. Expertise in Implement &/or design (design is must) of one of the following - Priority is Firewall and good if candidates have hands on exp on Identity solutions, Email Security, Web Security/Proxy, Cloud Security. Cisco ISE is a plus

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. About The Team/Project The Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will support security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the analysts will enable security controls aligning with client contractual obligations, regulatory requirements, and industry best practices. The analyst will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges What You’ll Do The position is within the Information Security team. Main activities will include but are not limited to: Internal Audit & Assurance: Support the implementation and operations of the ISMS within the region. Support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Support continuous assessment and improvement of security controls and processes. Information Security Risk Management Support, identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Support the delivery of security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Support the assessment and management of security risks associated with third-party vendors and suppliers. Support security requirements are included in vendor contracts and SLAs. Enable regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). • 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. • Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. • Experience in security risk management, audits, compliance, and client security assurance. • Knowledge of security operations, incident response, and managed security services. • Familiarity with supply chain security and third-party risk management. • Good communication and stakeholder management skills, with experience working with clients on security matters. • Ideally security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme. Flexible working hours, we value work-life balance. Maternity/ Parental (including secondary) leave policy. Cab facility available in Delhi/NCR. Meal facility available Free Medical Insurance So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. Position Overview The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. The position is within the Information Security team. Main activities will include but are not limited to: Responsibility Internal Audit & Assurance: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Information Security Risk Management Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so. Qualifications and Experience Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme 2 paid volunteering days and a range of community-based initiatives to get involved in Parental (including secondary) leave policy Free meals and transport So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 PolesRISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network. Under the authority of the Poles Manager, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities). The below requirement is for Operational Risk Officer- ICT Controls Testing role which part of the Common ICT LoD2 Controls Execution Platform (CICEP) under Group RISK ORM Network team. The candidate will be part of The Banks 2nd line of defense function, and they will be responsible for testing the deployment, and effectiveness of the IT and Cyber controls globally. The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports to the Head of CICEP (India CoE), plus functionally to Group Head of ICT Controls Testing. Key success of the CICEP relies on building trusted partnerships with stakeholders and particularly with the ORM Network community and globally, with all entities of the Group. Responsibilities Direct Responsibilities Perform the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness, and operating effectiveness of IT and Cyber controls. Contribute to the industrialization and automation of RISK ORM ICT control testing services by development of methodologies / tools for the achievement of assignments. Draft high-quality reports containing the assessors opinion on the ICT control gaps, and recommendations for improvement, post completion of an assignment. Review and assist with the evaluation of control deficiencies and provide practical recommendations for remediation. Identify areas of improvement for ICT control testing and assist with the enhancement of the methodologies / tools for carrying out the ICT controls testing assignments. Ensure completion of the testing and adherence to the internal timelines. Provide IT and cyber risk management consultancy (specific to ICT controls) to business and IT stakeholders. Work in collaboration with other stakeholders from business and RISK ORM teams to contribute towards influencing the ICT risk culture of The Bank. Improve the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities Contributing Responsibilities Collaboration at the India CoE level with Head of India CoE, including but not limited to the CoE level reporting requirements Effectively contribute to the CoE, RISK India Hub and ISPL on Group mandates, Objectives and priorities Help and contribute to build the CoE as a positive place to work Technical & Behavioral Competencies S, EXPERIENCE AND COMPETENCIES Skills Required 3-6 years of experience in IT audit / ITGC controls testing / technical assessments, preferably in the areas of Cyber and Technology domains in a financial institution. Must be able to interface and coordinate work efficiently, and effectively with business partners. Excellent analytical skills being able to come to a thoughtful and business focused conclusion quickly. Good communication, listening and influencing skills, including ability to articulate complex issues and incorporate feedback. Ability to manage their workload independently to meet their targets, and priorities set in conjunction with management. Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done. Being rigorous and thorough especially when logging and tracking issues through to conclusion. Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business. Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate. Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework. Team player focus on the success of the whole team. Working well both with others, as well as individually. Ability to work under strict timelines and at pressure situations to manage the delivery. Open to work under global time zones as required for workshops or stakeholder discussions. Skills Preferred Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements. Is self-aware, anticipates problems, adapts and meets them head on. Strong stakeholder management, relationship building, influencing, facilitating and presenting skills. Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success. Competencies: University degree (technical), and/or certification such as ISO27001, CISA. Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security etc.). Conduct: Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure. Specific Qualifications (if required) University degree (technical), and/or certification on Risk Management Skills Referential Behavioural Skills(Please select up to 4 skills) Attention to detail / rigor Ability to deliver / Results driven Ability to synthetize / simplify Ability to collaborate / Teamwork Transversal Skills: (Please select up to 5 skills)Ability to anticipate business / strategic evolutionAbility to develop and adapt a processAbility to set up relevant performance indicatorsAnalytical AbilityAbility to develop and leverage networksEducation Level:Bachelor Degree or equivalentExperience LevelAt least 3 years Other/Specific Qualifications (if required) Professional qualifications/trainings relevant to Information Security, Risk Management (ISO 27001, ISO 3100, CISA) preferred

Job Family : Coding OP (India) Travel Required : None Clearance Required : None Responsibility Accurately transforms medical diagnoses and procedures into designated alphanumerical codes in ICD-10-CM , CPT and HCPCS codes. Ensure that the daily coding volumes for the team are turned around accurately within the specified Turnaround Time. Checking input volumes allotted by TL Coding reports as per client guidelines and coding guidelines by maintaining operational quality and productivity. Regular interaction with TL and getting feedbacks. This position requires that one performs well independently and in a collaborative manner with their entire coding team. Understands in detail the workflow, procedures and specific criteria for the assigned client. Ensures he/she meets the monthly target with above 95% accuracy consistently Attend the Weekly QA / Team meetings without fail and respond in two way communication with the Quality analyst/Team Lead. Shall understand and abide by the organizations information security policy and protect the confidentiality, integrity and availability of all information assets. Shall report incidents related to security of information to concerned authorities. What You will do: Accurately transforms medical diagnoses and procedures into designated alphanumerical codes in ICD-10-CM , CPT and HCPCS codes. Ensure that the daily coding volumes for the team are turned around accurately within the specified Turnaround Time. Checking input volumes allotted by TL Coding reports as per client guidelines and coding guidelines by maintaining operational quality and productivity. Regular interaction with TL and getting feedbacks. This position requires that one performs well independently and in a collaborative manner with their entire coding team. Understands in detail the workflow, procedures and specific criteria for the assigned client. What You will need Minimum Qualification Any Life science, Paramedical Graduates and Postgraduates Minimum Experience and skills Minimum Experience: 1-2 years experience. A valid certification from AAPC or AHIMA Basic Skill set: Strong ability to interpret medical records of the patients in different specialties. What Would be Nice to Have Ability to communicate, have excellent interpersonal, listening skills and organizational skills. Ability to work with speed and accuracy. Good analytic skills and expertise to be proficient in accurately coding medical records utilizing ICD-10-CM and CPT conventions especially emergency room coding, exposure to radiology , ancillary work types, Denial work types.

Job Family : Coding OP (India) Travel Required : None Clearance Required : None Responsibility Accurately transforms medical diagnoses and procedures into designated alphanumerical codes in ICD-10-CM , CPT and HCPCS codes. Ensure that the daily coding volumes for the team are turned around accurately within the specified Turnaround Time. Checking input volumes allotted by TL Coding reports as per client guidelines and coding guidelines by maintaining operational quality and productivity. Regular interaction with TL and getting feedbacks. This position requires that one performs well independently and in a collaborative manner with their entire coding team. Understands in detail the workflow, procedures and specific criteria for the assigned client. Ensures he/she meets the monthly target with above 95% accuracy consistently Attend the Weekly QA / Team meetings without fail and respond in two way communication with the Quality analyst/Team Lead. Shall understand and abide by the organizations information security policy and protect the confidentiality, integrity and availability of all information assets. Shall report incidents related to security of information to concerned authorities. What You will do: Accurately transforms medical diagnoses and procedures into designated alphanumerical codes in ICD-10-CM , CPT and HCPCS codes. Ensure that the daily coding volumes for the team are turned around accurately within the specified Turnaround Time. Checking input volumes allotted by TL Coding reports as per client guidelines and coding guidelines by maintaining operational quality and productivity. Regular interaction with TL and getting feedbacks. This position requires that one performs well independently and in a collaborative manner with their entire coding team. Understands in detail the workflow, procedures and specific criteria for the assigned client. What You will need Minimum Qualification Any Life science, Paramedical Graduates and Postgraduates Minimum Experience and skills Minimum Experience: 3-7 years experience. A valid certification from AAPC or AHIMA Basic Skill set: Strong ability to interpret medical records of the patients in different specialties. What Would be Nice to Have Ability to communicate, have excellent interpersonal, listening skills and organizational skills. Ability to work with speed and accuracy. Good analytic skills and expertise to be proficient in accurately coding medical records utilizing ICD-10-CM and CPT conventions especially emergency room coding, exposure to radiology , ancillary work types, Denial work types.

Job Family : Coding OP (India) Travel Required : None Clearance Required : None Responsibility Accurately transforms medical diagnoses and procedures into designated alphanumerical codes in ICD-10-CM , CPT and HCPCS codes. Ensure that the daily coding volumes for the team are turned around accurately within the specified Turnaround Time. Checking input volumes allotted by TL Coding reports as per client guidelines and coding guidelines by maintaining operational quality and productivity. Regular interaction with TL and getting feedbacks. This position requires that one performs well independently and in a collaborative manner with their entire coding team. Understands in detail the workflow, procedures and specific criteria for the assigned client. Ensures he/she meets the monthly target with above 95% accuracy consistently Attend the Weekly QA / Team meetings without fail and respond in two way communication with the Quality analyst/Team Lead. Shall understand and abide by the organizations information security policy and protect the confidentiality, integrity and availability of all information assets. Shall report incidents related to security of information to concerned authorities. What You will do: Accurately transforms medical diagnoses and procedures into designated alphanumerical codes in ICD-10-CM , CPT and HCPCS codes. Ensure that the daily coding volumes for the team are turned around accurately within the specified Turnaround Time. Checking input volumes allotted by TL Coding reports as per client guidelines and coding guidelines by maintaining operational quality and productivity. Regular interaction with TL and getting feedbacks. This position requires that one performs well independently and in a collaborative manner with their entire coding team. Understands in detail the workflow, procedures and specific criteria for the assigned client. What You will need Minimum Qualification Any Life science, Paramedical Graduates and Postgraduates Minimum Experience and skills Minimum Experience: 3-6 years experience. A valid certification from AAPC or AHIMA Basic Skill set: Strong ability to interpret medical records of the patients in different specialties.

Grade H - Office/ CoreResponsible for supporting software / platform engineering activities (depending on specialism), working with users to capture requirements, using sound technical capabilities to lead the design, development and maintenance of the relevant systems and ensuring compliance with the relevant standards. Specialisms: Software Engineering; Platform Engineering. Entity: Technology IT&S Group Job Description: Work location Pune Experience- 8- 10 years (excluding internship), Required 4-5 years of experience in Azure You will work with A multi-disciplinary squad, engaging enterprise platform teams, data platform teams, vendors, third party resources in resilient and optimal operations of one or more business critical platform. Let me tell you about the role As a site reliability engineers, we will be responsible for building, maintaining and operating the software solutions, infrastructure and services that powers technology platforms. In this role, we work with a team of engineers and team members to ensure that the digital solutions are highly available, scalable, and secure and will be responsible for automating routine tasks, improving the solutions performance, and providing technical support to other teams. What you will deliver Ensure the reliability, performance, and scalability of large-scale, cloud-based applications and infrastructure. Creating automated solutions to improve operational aspects of the site. Ensure that applications and websites run smoothly and efficiently. Detect issues and automatically managing failures to keep systems up and running. Work with software developers, engineers, and operations teams to improve system performance. Analyse incidents to prevent future disruptions. What you will need to be successful (experience and qualifications) Technical skills A bachelors degree in computer science, engineering, or a related field or equivalent work experience. Relevant certifications (e.g., Azure cloud engineering, fundamentals, DevOps, architect certifications) can be helpful. Knowledge of networking concepts, protocols, and tools, willingness to learn new technologies and adapt to changing environments. Skilled in managing configuration, deployments, observability, handling and resolving incidents, including root cause analysis, managing and operating complex systems for scalability, availability and performance. Proficient in communication and collaboration skills to work effectively with development and operations teams. Software skills Skilled in languages like Python, Go, Java, or Ruby, and scripting skills in Bash or PowerShell. Skilled in software engineering practices for full SDLC, including coding standards, code reviews, source control management, continuous deployments (e.g., Jenkins, GitLab CI, or CircleCI), testing, and operations. Skilled in building complex software systems end-to-end which have been optimally delivered and operated in production, should understand security and privacy standard methodologies as well as how to properly monitor, log, and alarm production systems. Infrastructure skills Skilled knowledge of Linux/Unix systems, including system configuration, networking, and debugging. Expert in building and scaling infrastructure services using Microsoft Azure Skilled with infrastructure tools like Ansible, Puppet, Chef, or Terraform for infrastructure as code, monitoring tools (e.g., Prometheus, Grafana) and logging systems (e.g., ELK stack). Skilled in the understanding of using core cloud application infrastructure services including identity platforms, networking, storage, databases, containers, and serverless Skillful knowledge of databases, such as relational, graph, document, and key-value, including performance tuning and improvement Skills that set you apart Possess a passion for mentoring and coaching engineers in both technical and soft skills About bp Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Additional Information We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. Even though the job is advertised as full time, please contact the hiring manager or the recruiter as flexible working arrangements may be considered. Travel Requirement Negligible travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Agility core practices, Agility core practices, Analytics, API and platform design, Business Analysis, Cloud Platforms, Coaching, Communication, Configuration management and release, Continuous deployment and release, Data Structures and Algorithms (Inactive), Digital Project Management, Documentation and knowledge sharing, Facilitation, Information Security, iOS and Android development, Mentoring, Metrics definition and instrumentation, NoSql data modelling, Relational Data Modelling, Risk Management, Scripting, Service operations and resiliency, Software Design and Development, Source control and code management {+ 4 more}

Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 PolesRISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network. Under the authority of the Poles Manager, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities). In this context, theCommon Outsourcing Controls Execution Platform (COCEP),whose missions are presented below, reports hierarchically to theGroup Head of ICT Controls Testing. He/she: Contributes to protect the Bank by securing the oversight of the completeness and quality of the outsourcing register (360 RiskOp Arrangement module) to guarantee an accurate oversight of outsourcing arrangements and their characteristics, Assures the accuracy and data quality of regulatory reporting (e.g., CASPER) and notifications (e.g., IMAS), Ensures the homogeneity, the robustness and effectiveness of the outsourcing controls executed by the LoD1 by implementing LoD2 controls execution platform across Poles and Functions, Facilitate and pilot outsourcing operational risk management framework.Key success of the COCEP relies on building trusted partnerships with stakeholders and particularly with the RISK ORM Framework, TPRM and Network community and globally all entities of the Group. Responsibilities Direct Responsibilities The COCEP Outsourcing Risk Officer contributes to identify and reduce risks on activities delegated to third-party service providers and thus improves the efficiency of the overall activities for the Bank. Key missions of role - Outsourcing Risk (COCEP) Oversee the process of the outsourcing register data quality of regulatory reporting:o Define the process to remediate data quality anomalies for CASPER regulatory reporting,o Perform cross-business consistency analysis to identify inconsistencies or incorrect qualifications in the register,o Identify any inconsistencies between the outsourcing register critical outsourcing arrangements data and IMAS portal,o Build a process to ensure consistency between the outsourcing register and the exit strategy standard documentation (e.g., alignment between the exit plan and the outcome of assessment of the service providers substitutability, the substitutability modality, and the time-of-service providers substitutability). Verify the compliance of outsourcing regulatory documentation:o Build a process and perform the verification, with the related OROs, of the alignment between the draft record in IMAS portal and the content of the notification template submitted at the Validation Committee,o Build a process and perform the verification, with the related OROs, that the exit strategy documentation is available and compliant with the Group format. Execute LoD2 controls on outsourcingGCL (RISK0418):o Define a process to industrialise the LOD2 control reviews on outsourcing.o Perform the defined LoD2 controls plan, share the results with the related OROs and ensure that the related potential permanent control actions plans are recorded in 360 RiskOp. Facilitate and pilot outsourcing operational risk management framework:o Define a process to industrialise the periodic report analysing the outsourcing operational risk management including the data quality indicators improvements and the LoD2 controls results analysis,o Monitor indicators results, and cascade as appropriate to ORO Poles and Functions,o Define and produce operational reporting (link with RISK ORM COE ISPL reporting stream).TheCOCEP Outsourcing Risk Officer reports totheGroup Head of ICT Controls Testing, and locally to the Head of RISK ORM India CoE. He/she actively collaborates with RISK ORM Framework and Technology & Transversal risks teams and works with the operational risk officers (ORO), outsourcing coordinators, operational permanent controllers (OPC), and subject matter experts (SME). Scope covered and organisation. The scope applies to all entities for which RISK ORM acts as a second line of defence.In addition to the elements of this document, the outsourcing framework, generic control libraries (GCL) and the operational role of the OROs, are notably described in the procedures, "Second line of defences roles and responsibilities on the operational risk management framework (RISK0401), LoD2 control activities on the LoD1 control framework (RISK 0414), Group Policy pertaining to Outsourcing Risk Management Framework (RISK0417), Generic Control Library relating to outsourcing risks (RISK0418) and ORO Role and Responsibilitiesin the outsourcing process(ORM0005).Lastly, the legal and regulatory requirements of third-party risk management are notably, EBA guidelines on Outsourcing Arrangements, EU DORA, UK PS7/21, UK SS2/21, Solvency II, US FDIC-OCC guidance on third party relationship risk management. Contributing Responsibilities Collaboration at the India CoE level with Head of India CoE, including but not limited to the CoE level reporting requirements Effectively contribute to the CoE, RISK India Hub and ISPL on Group mandates, Objectives and priorities Help and contribute to build the CoE a positive place to work Technical & Behavioral Competencies S, EXPERIENCE AND COMPETENCIES To meet the requirements of this position, theCOCEP Outsourcing Risk Officerwill be expected to have a good fluency in risk analysis and monitoring, acquired through professional experience in a team in charge of operational processes or executing operational risk activities in the first or second line of defence.oreover, general knowledge of LoD2 control management, third-party risk management, analysis and monitoring will be sought given the importance of technology in Group's business processes.We expect theCOCEP Outsourcing Risk Officerto have good relationship skills to efficiently work in a group / a team / a community, qualities of communication to be able to bring his/her interlocutors to decision-making and relay key messages, the ability to mobilise his/her direct and indirect network, and a good sense of responsibility and commitment.Last, a good analytical skills, a solid critical mind, the capacity to synthesize / simplify, to communicate orally and in writing, to animate meetings and committees, to challenge the existing and propose solutions (change management), to be pragmatic in analysis and action, to work in collaborative mode in a changing environment with respect of the deadlines, to be rigorous, will allow the newcomers in the COCEP team to take on his/her new appointment in the best conditions.Skills Preferred Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements. Is self-aware, anticipates problems, adapts and meets them head on. Strong stakeholder management, relationship building, influencing, facilitating and presenting skills. Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success. Conduct: Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure. Specific Qualifications (if required) University degree (technical), and/or certification on Risk Management Skills Referential Behavioural Skills(Please select up to 4 skills) Attention to detail / rigor Ability to deliver / Results driven Ability to synthetize / simplify Ability to collaborate / Teamwork Transversal Skills: (Please select up to 5 skills)Ability to anticipate business / strategic evolutionAbility to develop and adapt a processAbility to set up relevant performance indicatorsAnalytical AbilityAbility to develop and leverage networksEducation Level:Bachelor Degree or equivalentExperience LevelAt least 3 years Other/Specific Qualifications (if required) Professional qualifications/trainings relevant to technology and/or Outsourcing Risk, Risk Management ,Information Security, Operational Risk, Cloud Security)

Vice President (VP1) - Head of Common ICT LOD2 Controls Execution Platform - CICEP Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology Transversal Risks and RISK ORM Network. Under the authority of the Poles Managers, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the Groups operational entities (Poles, Business Lines, Functions, Transversal Activities). In this context, the Common ICT LOD2 Controls Execution Platform (CICEP), reports hierarchically to the Group Head of ICT Controls Testing. The Head of CICEP, India CoE, ensures the homogeneity, the robustness and effectiveness of the ICT controls executed by the LoD1 by implementing LoD2 controls execution platform across Poles and Functions. The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports to Head of RISK ORM Network, India CoE, plus functionally to Group Head of ICT Controls Testing. Responsibilities Lead the delivery of the COE CICEP India team (including his/her missions) dedicated to: o Performing the LOD2 check and challenge on the execution of ICT controls (verification, re-performance, direct controls testing) requiring technical and business expertise. o Determining the design effectiveness, and operating effectiveness of IT and Cyber controls. o Review and assist the team with the evaluation of control deficiencies and provide practical recommendations for remediation. o Drafting high-quality reports containing the risk assessors opinion on the ICT control gaps, and recommendations for improvement, post completion of an assignment. o Ensuring completion of the testing LOD2 reviews and adherence to the validated internal timelines. Contribute to the maturity of the services provided by the CICEP platform by: o Enhancing the CICEP methodology and tools required to perform the ICT control reviews. o Identifying the areas of improvement (lessons learned) for ICT control reviews and proactively working with the relevant stakeholders to implement these enhancements. o Proactively supporting the standardisation of practises (workpapers, reports, templates etc.) across the CICEP platform (India and Portugal). Proactively contributes to the usage and enhancement of Group methodologies and tools for LOD2 control testing reviews. Provides upon request of business or the Operational Risk Officer(s), provides advice on ICT controls related to IT and cyber risk management. Actively participates in the monitoring of the LOD2 ICT control results, and their reporting to senior management. Works in collaboration with other stakeholders from business and RISK ORM teams to contribute towards influencing the ICT risk culture of The Bank. Improves the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities. Deliver quarterly CICEP KPI report in a timely and accurate manner, working in conjunction with the functional and the CoE managers. Manage the growth, productivity and efficiency of the CICEP platform and ensure a good continuity of its services. Provide, at least once a year for the European Supervisor, a regular and complete analysis and of the ICT Lod2 control highlighting key messages for the General Management. Contributing Responsibilities Collaborates at the India CoE level with Head of India CoE, including but not limited to the CoE level reporting requirements. Effectively contributes to the CoE, RISK India Hub and ISPL on Group mandates, objectives and priorities. Lead by example, demonstrating effective Leadership in the CICEP team leading to CoE as a positive place to work in conjunction with the Head of India CoE. Participates to the recruitment for the CoE. Technical Behavioral Competencies SKILLS, EXPERIENCE AND COMPETENCIES Skills Required 7+ years of experience in IT audit / ITGC controls testing / technical assessments, preferably in the areas of Cyber and Technology domains in a financial institution. Ability to manage the team and its workload independently to meet their targets, and priorities set in conjunction with management. Must be able to interface and coordinate work efficiently, and effectively with business partners. Excellent analytical skills being able to come to a thoughtful and business focused conclusion quickly. Good communication, listening and influencing skills, including ability to articulate complex issues and incorporate feedback. Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done. Being rigorous and thorough especially when logging and tracking issues through to conclusion. Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business. Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate. Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework. Team player focus on the success of the whole team. Working well both with others, as well as individually. Ability to work under strict timelines and at pressure situations to manage the delivery. Open to work under global time zones as required for workshops or stakeholder discussions. Skills Preferred Team management capabilities. Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements. Is self-aware, anticipates problems, adapts and meets them head on. Strong stakeholder management, relationship building, influencing, facilitating and presenting skills. Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success. Competencies: University degree (technical), and/or certification such as ISO27001, CISA. Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security, etc.). Conduct: Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure. Specific Qualifications (if required) Bachelors degree, and certification in Information Systems Skills Referential Behavioural Skills : (Please select up to 4 skills) Attention to detail / rigor Ability to deliver / Results driven Ability to deliver / Results driven Ability to collaborate / Teamwork Transversal Skills: (Please select up to 5 skills) Ability to develop others improve their skills Ability to inspire others generate people's commitment Ability to set up relevant performance indicators Analytical Ability Ability to develop and leverage networks Education Level: Bachelor Degree or equivalent Experience Level At least 12 years Other/Specific Qualifications (if required) Professional qualifications/trainings relevant to Information Security, Risk Management is a strong plus (ISO 27001, ISO 31000, CISSP, CRISC, CISM, CISA, CCSP) preferred.

Position Purpose The BNP Paribas Fortis IT department is working in Agile mode, which offers a challenging and motivating environment where teams and employees are empowered to manage their own technical domain. You will work in the IT Security Production Tribe, within the squad Responsibilities Direct Responsibilities The candidate will guarantee the respect of asset information security and ensure correct implementation of the security model. The mission of the IAM Asset Security Consultant is to define and promote the Asset Modeling (AM) frameworks for coordinating and planning a service oriented approach: Taking ownership about the AM process and keeping it updated/improved. Ensuring that the necessary AM procedures exist, are communicated and used by the security community Provide guidance, training and support to the security community in the implementation and operation of the security modelling; Assist and advice the Asset Business responsible and IT developers in defining logical & technical permission management inside the assets (applications, packages, systems, file shares, ). Assess, challenge and validate request to change security on assets according the Information Security Policy Execute daily checks to keep the overall asset models under control Technical & Behavioral Competencies Mandatory: + 2 years experience in security technology and processes (Identity & Access Management aspects, Segregation of Duties, Role Based Access Control) Knowledge of the Information Security Standards & Frameworks Preferable: Expertise in MS Active Directory OR Websphere OR Mainframe OR Linux/Unix OR Oracle OR Cloud computing + experience with MS Excel and SQL requests. Specific Qualifications (if required) Agile environment Follows the Customer processes for projects, incident and change management. Being standalone and team worker, analytical minded, meet commitment, ability to work in a dynamic and multi-cultural environment, flexible, customer-oriented, understand risk awareness. Motivated self-starter, process-oriented with high attention to detail Quick self-starter, pro-active attitude. Good communication skills, Good analytical and synthesis skills. Autonomy, commitment, and perseverance. Ability to work in a dynamic and multicultural environment. Flexibility (in peak periods extra efforts may be required). Open minded and show flexibility in self-learning new technologies/tools. You are customer minded and can translate technical issues into non-technical explanations. You are always conscious about continuity of services. You have a very good team spirit and share your knowledge and experience with other members of the team. Working in collaboration with team. Client-oriented, analytical, initiative oriented and able to work independently. Be flexible and ready to provide support outside of Business hours (on-call). Able to take additional responsibility. Able to work from base location Chennai/Mumbai (Whichever is your base location) during hybrid model. You are flexible and ready to provide support outside of Business hours (on-call). Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral & written Organizational skills Client focused Transversal Skills: (Please select up to 5 skills) Ability to understand, explain and support change Ability to develop and adapt a process Ability to anticipate business / strategic evolution Analytical Ability Ability to manage a project Education Level: Bachelor Degree or equivalent

Position Purpose This position would be responsible to serve as technical subject matter expert and provide consulting support to architects and engineers on application integration. Also they work with L2 support resources when they need technical help on major issues. Responsibilities Direct Responsibilities Defining technical architecture, process solutions. Providing consultation services for IT risk. Understanding of end to end process of Account/Session/Password management on various platforms such as windows, Unix, database, applications, appliances. Checks to be performed on CPM password failures, plugin Creation/Modification, New Connectors/Dispatchers(Webform/AutoIT/Tool Based) Knowledge on Audit & Monitoring , Backup Restoration User Management, Auto Provisioning/ Deprovisioning Vault and Component Servers Health, Configuration Management, DR Switch/Drill CyberArk Upgrade/Enhancement and Migration Notification Settings, SMTP Management API/Ansible/Automations, Scripts/Jobs/Calls Assisting & Developing the Delivery of complete CyberArk Infrastructure & the corresponding functionalities. Stay Up-to-date with the latest CyberArk features , updates and industry best practices. Document SOP , System configurations and Incident report management. Regular applying of the CyberArk patches as per bulletin. Owning the P1 incidents applying the right RCA approach. Implement Change request with proper ticketing mechanism and stake holder communications. Implement enhancement in monitoring/alerting solutions, develop scripts for house keeping. Contributing Responsibilities Perform trending & root cause analysis of issues Support and management of system outages via the published major incident management process. Analyse automation failures, identify root cause of failure and work internally/with Vendor to fix the issue. Attend Major Incident Management calls related to outages and complex technical issues needing interaction with multiple teams. Attend conference calls opened by applications team for complex technical issues. Understand the urgency, priority and gravity of the situation and accordingly maintain two-way communication. Should be able to take decisions during major incidents, outages on matters related to service degradation and managing communications to impacted stakeholders. Be able to supplement with a rationale for decisions taken. Create and support policies, standards and processes. Technical & Behavioral Competencies a) Should have strong understanding on Plugin and PSM Connector development to manage the password for different applications. b) Integrating various platforms with CyberArk, such as different LDAP providers, Windows Servers, UNIX Servers, Databases and networking Devices; Experience in LDAP directory structures preferably CA Directory c) Experience with Windows/ UNIX platforms in large heterogeneous environment. d) Should also has a strong background in Information Security principles and controls. e) Fluent in English language (verbal, reading and writing) Specific Qualifications (if required) B.E. (Comp/ECE/EEE) / MCA/ MSc IT Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Attention to detail / rigor Client focused Communication skills - oral & written Transversal Skills: (Please select up to 5 skills) Ability to understand, explain and support change Analytical Ability Ability to manage / facilitate a meeting, seminar, committee, training Choose an item. Choose an item. Education Level: Bachelor Degree or equivalent Experience Level At least 10 years

Role & responsibilities Maintain web application security scanning and mitigation/remediation practices Secure Coding practise expertise, dashboarding , Static and dynamic code scanning tools and methodologies Preferred candidate profile Data Analysis, plus basic SOC understanding

About Toast Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. Because our technology is purpose-built for restaurants, our customers trust that we will deliver on their needs today while investing in innovative experiences that will power the future of the industry. About this roll*: We are seeking a strategic and experienced leader to manage our Corporate Security and Governance, Risk, and Compliance functions in India. You will lead and grow both teams, strengthen our security posture, drive compliance with industry frameworks, and support enterprise risk efforts, while partnering closely with global stakeholders on key initiatives. What you will do: Corporate Security: Provide leadership and oversight to the CorpSec team, ensuring the implementation of best practices across endpoint protection, vulnerability management, and threat mitigation. Guide the design and management of a secure enterprise endpoint strategy, ensuring the CorpSec team aligns with policy and compliance requirements. Supervise the CorpSec team in conducting vendor risk assessments and coordinate with global stakeholders to drive remediation activities. Oversee the management of secure email gateway and Data Loss Prevention (DLP) systems, ensuring the CorpSec team enforces data protection and policy compliance across all endpoints (Windows, macOS, Linux). Manage endpoint investigations and root cause analysis, directing the CorpSec team to collaborate with the SOC for integrating telemetry into SIEM platforms (e.g., Splunk, Datadog). Ensure the CorpSec team maintains documentation, SOPs, and training resources, and oversees the delivery of awareness sessions to improve endpoint hygiene. Stay informed on emerging threats to provide strategic guidance to the CorpSec team for enhancing threat detection and response capabilities. Governance, Risk, and Compliance (GRC): Oversee the development and maintenance of GRC frameworks (SOC 2, PCI DSS, ISO 27001), ensuring the Technical GRC team aligns with global standards and maintains ongoing compliance. Manage the review process for third-party security attestations (e.g., SOC 2, ISO 27001) and guide the Technical GRC team in assessing vendors in collaboration with Legal, Procurement, and IT. Supervise periodic vendor risk reviews, ensuring the Technical GRC team identifies gaps and drives remediation plans effectively. Partner with internal audit and external assessors to support security evaluations and regulatory alignment. Provide oversight for regular reporting on compliance posture, risk trends, and incident metrics to senior stakeholders, ensuring the Technical GRC team delivers accurate and timely updates. Team Leadership and Development: Provide leadership and mentorship to the Corporate Security and GRC teams in India, fostering a high-trust, collaborative environment. Recruit, train, and grow security talent to build a resilient, high-performing organization. Set performance goals, conduct evaluations, and support team members' ongoing development. Do you have the right ingredients*? Bachelor’s in Computer Science, InfoSec, or related field (Master’s preferred). Industry certifications like CISSP, CISM, or CEH are strongly preferred. 10+ years in cybersecurity, with hands-on experience in vulnerability management, compliance automation, and GRC. Strong understanding of SOC operations, incident response, and security tooling (SIEM, IDS/IPS, WAF). Proven leadership experience managing distributed security teams in dynamic environments. Skilled in communication, collaboration, and team development. Deep knowledge of compliance frameworks (e.g., SOC 2, PCI DSS, ISO 27001) and regulatory expectations.

Role & responsibilities Job Description: Reporting to the Sr. Manager Insider Risk, the Investigations Analyst is a member of a team responsible for the ongoing assessment, triage and investigation of Insider Risk events within the UEBA platform. The Investigations Analyst is responsible for the identification of events involving training integrity matters, Data Loss, misuse of network access or breaches of the Acceptable Use Policy. The Investigations Analyst will work directly with the Sr. Manager of Insider Risk to assess and escalate incidents identified and collaborate with stakeholder to remediate the issues identified. The Investigation Analyst will also support ethics investigations by identifying and collecting digital forensic evidence within various platforms as required. Accountabilities Identify, assess, and escalate findings relating to insider risk events involving misuse of PwC assets, data exfiltration, mass deletion or aggregation of data. A key area of focus will be on training integrity alerting within the risk tool, which looks at behaviours consistent with answer sharing as well as technical investigation support. Work with the Sr. Manager, Insider Risk to escalate and remediate positive findings, recommend strategic security solutions and security control improvements specific to enhancing the identification of data security events. Major Responsibilities Provide 3 -5 major responsibilities of the role and identify key activities within each area. Indicate the percentage (%) of time normally spent on each major responsibility with the total equaling 100%. Investigation Management (70%) Review, triage and investigation system alerts for Training Integrity matters Review, triage and investigation endpoint alerts in the Insider Risk platform Monitor and assess potential Data Loss incidents as they arise Assess, summarize, and escalate potential breaches to management Assisting with related queries into high-risk employees for potential data loss, nefarious activities Assist with the development of other operational/project documentation Provide support to other teams within the broader Risk Management, as needed Document incidents in PwCs case management system Participate in annual audit and compliance testing Generate monthly/quarterly reports and create dashboards for leadership Support Ethics investigations related to monitoring and evidence collection Project Management (20%) Manage Insider Risk platform and write Jira script for correlation rules as required Develop and improve processes and procedures for data protection activities Provide support on ad-hoc project work Other Tasks and Responsibilities as assigned (10%) Assist with special projects for the team as required