2755 Information Security Jobs - Page 19

Project description As a Senior Workday Security Analyst, you'll primarily focus on configuring and optimizing the security module within Workday. This crucial role ensures the Workday system remains secure, compliant, and correctly configured to manage access to sensitive HR, payroll, and other vital business data. Responsibilities Resolve ServiceNow (SNOW) tickets for all Workday security-related issues, system enhancements, and process improvement initiatives, making sure all tickets are properly documented, prioritized, and resolved promptly. Manage employee and configuration data, including gathering, transformation, mapping, and cleansing. You'll also perform and monitor mass data loads using tools like EIB, ensuring data accuracy, handling errors, and providing post-load validation and support. Serve as a Subject Matter Expert (SME) for Workday security and map the security approval matrix. Implement and manage testing efforts within P&C Systems, ensuring smooth User Acceptance Testing (UAT) and integrated testing. Stay current with Workday updates, releases, and industry best practices to continuously enhance system capabilities. Mentor and guide junior colleagues in their roles related to configuration and testing. Skills Must have Bachelor's degree in computer science, Business Administration, or a related field, or equivalent work experience. Minimum of 5 to 7 years of Workday experience, with specific expertise in Workday Security. Experience with other Workday modules such as HCM, Compensation, Benefits, Recruiting, and Absence. Workday Certified in Security. Strong problem-solving skills and the ability to troubleshoot Workday technical issues. Excellent verbal and written communication skills, including experience with escalation and conflict resolution. Ability to work independently under general direction. Nice to have Proven experience with ServiceNow (SNOW) for ticket resolution. Familiarity with Enterprise Interface Builder (EIB) for data loads. Experience in mentoring and guiding junior team members. Other Languages EnglishB2 Upper Intermediate Seniority Senior

Were hiring on the Blackbaud Application Security team! As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud.You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What you will be doing: Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, andnotification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of theSDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What we'll want you to have: You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for DASTBurp Suite, OWASP Zap, Invicti, AppScan SAST/SCAFortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface ManagementOWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful securityinitiatives. Understanding of software development; how applications and systems are designed, built, and break is critical. UnderstandDevSecOpscultural mindsets, and an engineering-focused approach to solvingcomplexsecurity problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes. The Application Security team at Blackbaud is committed to ensuring security issues are prevented, discovered, and remediated in collaboration with our engineering partners across the business. Stay up to date on everything Blackbaud, follow us on Linkedin, X, Instagram, Facebook and YouTube Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Job Role / Responsibilities Perform internal audits and process reviews for functions to assess the adequacy, effectiveness and efficiency of the established internal controls and procedures Lead and perform control design assessments; Lead walkthroughs, identifying controls in the processes/ functions/ products/services, etc. Identify key areas of risk within processes and propose appropriate controls with the objective of mitigating the risks and increasing efficiency Responsible for operational testing of the controls (test scripts), including validation procedures. Evaluate the testing scripts on a regular basis to ensure changes are incorporated Evaluate the corrective action plans received from reviewee for appropriateness and/or Sufficiency. Collaborate with relevant functions to ensure timely closure of corrective action plans. Report on status of implementation of management action plans Work with 2nd line of defence Compliance functions to align audit activity Demonstrate skills to lead auditors, remain flexible, prioritize and maintain a strong attention to detail in a fast-paced environment. Strong collaboration and project management skills to complete quality work on the time with budgeted resources. Essential Skills & Qualification Bachelor’s degree with focus on Information Systems required Sound understanding of control environment, compliance and risk frameworks such as CoBIT; COSO; ISO standards, etc. Minimum 4+ years of experience in relevant field Working knowledge and experience in SOX programs / IT systems/ General Computer controls / Cybersecurity. Etc Experience in performing Technology Audits / IT Operations reviews / Integrated Audits Effective Verbal and Written Communication Skills Be able to work in a fast-paced role with competing priorities. Adaptable to project requirements and does what is required to get the job done Demonstrate ability for seamless execution, continuous improvement and problem solving Preferred Skills & Qualification Experience in BFSI / FinTech companies Experience integrating data analytics in audits Big 4 experience Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

Role Profile Senior Application Security Engineer Department Information Security/ Cybersecurity Reports ToManager / Lead Security Engineer Location :Hyderabad (WFO) Role Summary: The Security Engineer will play a critical role in strengthening the security posture of applications and infrastructure by implementing secure development practices, performing vulnerability assessments, and integrating security into the SDLC. The ideal candidate will have hands-on experience with OWASP ASVS, security testing tools like ZAP, and a solid understanding of Python-based backend systems. Key Responsibilities: Implement and enforce security policies aligned with OWASP ASVS 4.0.3. Conduct Static and Dynamic Application Security Testing (SAST/DAST) using tools such as ZAP, Fortify, Burp Suite, and GitHub security. Collaborate with DevOps teams to embed security in CI/CD pipelines. Perform threat modelling and risk assessments for applications and APIs. Identify and remediate security vulnerabilities in Python-based services. Prepare and support documentation for STQC audits and other compliance processes. Create and maintain secure coding guidelines for developers. Track and manage vulnerabilities using centralized dashboards or ticketing systems. Collaborate with developers and QA teams during SDLC to ensure secure code deployment. Required Qualifications & Skills: 810 years of Overall experience in IT . 56 years of hands-on experience in Application Security. Strong knowledge of OWASP Top 10 and OWASP ASVS frameworks. Practical experience with ZAP, Fortify, Burp Suite, or similar tools. Good understanding of Python backend services and typical security flaws. Knowledge of CI/CD security integration tools and methodologies. Familiarity with STQC security processes and regulatory compliance documentation. Knowledge of SAST/DAST/IAST methodologies and modern DevSecOps practices. Bachelors degree in computer science, Cybersecurity, or related discipline. Soft Skills: Strong analytical and problem-solving abilities. Excellent written and verbal communication skills. Collaboration and team orientation. High attention to detail and documentation. Strong stakeholder management across development, DevOps, and compliance teams. Preferred Qualifications: Certifications such as OSCP, CISSP, CEH, or GWAPT. Exposure to cloud security (AWS/GCP/Azure). Scripting knowledge for automation using Python or Bash. Experience with container and Kubernetes security tools. Key Relationships: InternalDevelopment Teams, DevOps Teams, QA Teams, Compliance Team, Product Owners ExternalAuditors, Regulatory Authorities (e.g., for STQC), Security Vendors Role Dimensions: Team Size: Individual contributor or small security team lead Scope: Application security coverage across all internal and external apps Impact: High directly impacts risk mitigation, compliance, and secure software delivery Success Measures (KPIs): % of vulnerabilities resolved within SLA Number of applications onboarded to security tools Security issues found in pre-production vs post-deployment Developer adoption rate of secure coding practices STQC and other audit clearance rates Mean time to detect and remediate vulnerabilities Competency Framework Alignment: Technical Expertise Deep understanding of of AppSec tools and practices Results Orientation Works cross-functionally with technical teams Problem Solving Strong in analysing and resolving security issues Communication Explains complex security concepts to non-tech teams Adaptability Takes ownership of vulnerabilities and resolutions

Analyst, Privacy & Cybersecurity Law , Enabling Functions General Counsel We are looking for a Privacy Analyst to join our growing team of privacy experts, who will be a key component in ensuring our global privacy program is improved and implemented in the Asian region. In this role, you will play a critical part in ensuring that our data privacy practices meet regulatory requirements and reflect best practices. You will be a part of the global privacy team, but work with local business to support privacy initiatives, conduct risk assessments, assess local legislation and implement privacy compliance programs. To succeed, we think you have a good balance between being a team player who can support and improve the roadmap and program set by the global team, while still be able to work autonomously to implement and maintain the privacy program locally. About the Role In this opportunity as Analyst, Privacy & Cybersecurity Law , you will Monitor and inform about the latest developments in privacy laws and technologies. Help develop and strengthen the global privacy program by providing input and feedback related to local privacy laws. Implement and maintain global privacy policies and procedures locally. Collaborate with legal, IT, and business teams to integrate privacy controls into systems and processes. Monitor and respond to privacy-related inquiries and requests. Provide training and guidance to employees on data privacy best practices. About You You're a fit for the role of Analyst, Privacy & Cybersecurity Law if your background includes Bachelors degree in Information Technology, Law, Business, or a related field. 2-5 years of experience in data privacy, data protection, or a related role. Strong understanding of asian privacy laws and regulations, such as for example PIPL, DPDPA, PDPA and others. Excellent analytical and problem-solving skills. Effective communication and interpersonal skills. Relevant certifications are a plus. #LI-KG1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

The role is within the Information Security Risk Management (ISRM) Cyber Fusion Engineering team responsible for the support of Thomson Reuters Cyber Defense Engineering Tools. The successful candidate will have the opportunity to learn - and provide skilled technical support - for our current infrastructure security toolset as well as our future security services within the technical operations environment. About the role: Support the development and maintenance of security tools and infrastructure such as Confluence, MISP Threat Intelligence Platform, and ServiceNow Security Incident Response. Help build and maintain cloud infrastructure in support of our technologies Collaborate with Cyber Defense teams such as the SOC, Threat Detection, Threat Intel, and Incident Response teams to understand feature and support needs. Act as an interface with other IT disciplines inside the larger organization to develop deployment pipelines for AWS infrastructure to meet Enterprise standards. About You: Bachelor's Degree with 3+ years IT or Information Security experience Scripting experience with Python and bash Foundational knowledge of AWS Application/Infrastructure administration experience in an Enterprise environment. Excellent customer service and communication (oral / written) skills required. Strong critical thinking, analytical, and troubleshooting skills. Must be able to accept delegated work on assigned projects and initiatives and complete them successfully with minimum supervision. Preferred Qualifications: Knowledge of/and experience with a Linux OS distribution. Hands on experience deploying and managing infrastructure in AWS Knowledge of/or experience with Infrastructure as Code technologies (e.g. Terraform, CloudFormation) and/or CI/CD pipeline technologies (e.g. AWS CodeBuild, CodePipeline, etc) Understanding of the principles of IaaS, PaaS, SaaS cloud environments Knowledge of/and experience in Cyber Security or Security+ certification Knowledge of/or experience with security orchestration, automation, and response (SOAR) tools. Understanding of network transport protocols and services (TCP/IP, syslog, DNS, ODBC, SFTP, SSH, PKI, etc.) Experience working in a large enterprise environment #LI-HS1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Privacy Analyst , Enabling Functions General Counsel We are looking for a Privacy Analyst to join our growing team of privacy experts, who will be a key component in ensuring our global privacy program is improved and implemented across the organization. In this role, you will focus on ensuring that our data privacy practices meet regulatory requirements and reflect best practices, with a primary emphasis on managing data subject rights requests and improving the associated processes. If you are a detail-oriented and organized individual with a passion for data privacy and a strong understanding of regulatory requirements, we encourage you to apply for this exciting opportunity. About the Role In this opportunity as Privacy Analyst , you will Managing and responding to data subject rights requests, such as access, correction, and deletion requests Improving and streamlining the data subject rights request process to ensure efficiency and compliance with regulatory requirements Supporting the development and implementation of global privacy policies and procedures Assisting with day-to-day matters of the privacy office, including: Conducting privacy risk assessments and impact assessments Monitoring and informing about the latest developments in privacy laws and regulations Coordinating with internal stakeholders to ensure compliance with privacy regulations and policies Maintaining records and documentation related to data subject rights requests and other privacy-related activities About You You're a fit for the role of Privacy Analyst if your background includes Bachelors degree in Law, Information Technology, Business, or a related field. 2-5 years of experience in data privacy, data protection, or a related role. Excellent analytical and problem-solving skills. Effective communication and interpersonal skills. Relevant certifications are a plus. #LI-KG1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to develop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Coordinate with key stakeholders to define risk metrics - KRIs/ KPIs/ KCIs Coordinate with key stakeholders to define thresholds for key risk metrics Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to create and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications Experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred, but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 09 The Role This position is an individual contributor within the Internal Audit team responsible for performing audit engagements including U.S. Sarbanes-Oxley (SOX) Compliance testing. This position will contribute significantly to SOX testing efforts and evaluating compliance with corporate policies, assessing risks over the IT operating environment and identifying operational efficiencies. The Impact The IT SOX Specialist will work closely with your direct manager and the process owners to gain an understanding of key processes, key controls, identify control gaps by strengthening and monitoring the internal control environment to provide assurance in the accuracy of reported financial information for a leading data provider worldwide. Whats in it for you You will interact with key process owners and colleagues across the Company. You will also be responsible for completing the audits and projects as outlined in the Internal Audit Plan and play a critical role in assessing the effectiveness of the control environment and providing value added recommendations across the organization. You will gain a robust understanding of the operations of all divisions and functions within the company. Ability to collaborate with a global team of seasoned financial services/audit professionals and access to the latest technological and data analytic tools Competitive compensation package with excellent benefits, including generous paid time off, tuition reimbursement, parental leave and more Advancement opportunities in a global company with presence in 30+ geographies The Team / The Business We have teams made up of people that work effectively together, while working with the larger group of auditors. Opportunities are presented every day to work with people from a wide variety of backgrounds and to develop a close team dynamic with coworkers from around the globe. The Internal Audit function is a global team with presence in all regions (Americas, EMEA and Asia Pacific). The function is independent and reports functioning to the Audit Committee. Responsibilities Lead and perform IT audits focused on compliance with Sarbanes-Oxley (SOX) regulations, ensuring that IT general controls and IT automated controls are effectively designed and operating. Develop, document, and execute test plans for IT controls, ensuring that they meet SOX requirements and are functioning as intended. Utilize GenAI, data analytics and automation tools to enhance audit processes, identify trends, and uncover anomalies in IT systems. Evaluate the SDLC processes to ensure proper controls are in place during system development, implementation, and maintenance. Stay updated on emerging IT risks and controls, including cloud computing, cybersecurity threats, and data privacy regulations. Participate in projects across the internal audit department, including risk-based audits and project assurance initiatives, to enhance overall audit effectiveness and efficiency. What Were Looking For You will be an effective communicator, in both verbal and written form, and an analytical thinker who employs logic and persuasion to influence with diplomacy and tact. You will be a proactive, innovative, collegial team player who can be accountable and absorb/integrate ideas from diverse views, create partnerships and collaborate with others. You will be nimble in learning and support the implementation of agile techniques. You will be responsible for balancing stakeholders and building/fostering relationships with stakeholders. You have a strong interest to learn, embrace agile auditing techniques, adoption of data analytics and emerging tools to strengthen quality of audit execution and SOX controls testing. Basic Qualifications: The ideal candidate must be an experienced audit professional with skills in IT SOX, internal audit, or related roles in control function organizations. Experience/exposure with different data analytics tools (such as Tableau, Alteryx, Power BI, etc.). Agility to support different Internal Audit capabilities such as business/data/IT auditing and SOX compliance. Minimum 3-5 years of relevant experience of IT controls-based testing through planning audits, conducting audit procedures, and preparing audit reports. Understanding and operational application of Sarbanes-Oxley Section 404 Public Accounting experience. Knowledge of or experience with providing audit support during integrated financial and operational audits. Knowledge or experience with information security controls. Experience with electronic work papers and standard productivity tools Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field. Willing to travel (domestic and international), limited to 10 - 15% Professional certifications preferred but not required (CISA, CIA, CPA, etc.). #L1-RS2 Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 203 - Entry Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), FINANC202.1 - Middle Professional Tier I (EEO Job Group)

About the Role: Grade Level (for internal use): 12 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the first line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities This role belongs to First Line of Defense. Lead efforts to build APIs between various governance tools to streamline data integration. Lead efforts to d evelop APIs for automated risk reporting to enhance data accuracy and timeliness. Drive automation in controls, including testing and monitoring, to improve efficiency and effectiveness. Design and implement a Digital Solutions scorecard to track key performance metrics. Lead efforts to c reate and maintain a comprehensive controls/risks dashboard for real-time insights and decision-making Prepare presentations for Management reporting. What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 10+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 12+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

About the Role: Grade Level (for internal use): 09 The Team: The Customer & Growth Office, a new shared capability within Market Intelligence, partners closely with the Sales organization to deliver a differentiated customer experience. This group enables our sales team and businesses by overseeing customer success, sales operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowers accelerated growth and delivery by putting the customer at the core of everything we do driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team is part of the broader commercial operations. An enabling function to assist with due diligence questionnaires, risk assessments, audits, and other customer inquiries. Our goal is to enable new revenue generation via RFX & deliver superior customer satisfaction by providing high-quality proposals & relevant information during pre/post-sales. We serve a vast array of clients across geographies and are committed to the client-first mindset. The Due Diligence/Audit Specialist will focus on the inquiries received for Market Intelligence. The Role: Project manager for complex customer audits and due diligence initiated by clients. Coordinate preparation, execution, and delivery of formal responses.Foster positive relationships with customers, maintain open and transparent communication with the customer throughout the process, acknowledge receipt of the due diligence request or audit initiation, and provide regular updates on progress. Develop a deep understanding of product solutions and platforms for effective communication. Maintains awareness of internal controls and audit/Due Diligence trends to ensure the process remains effective.Ensuring that responses are accurate, timely, and comply with company standards. Tracking to completion of action items raised during assessments and audits. Maintain thorough documentation of the entire due diligence or audit response process, including correspondence with the customer, supporting documentation provided, and any actions taken to address issues or concerns.Coordinating with internal stakeholders such as sales, product, legal, and information security to respond to customer requests and create accurate, persuasive, and cogent response documents.Assist with our centralized database processes, policies, and procedures to drive improvement in tools and content. Assist in continually updating due diligence content. Identify opportunities to optimize processes, leveraging automation, technology, and data analytics where possible. What we are looking for Overall 3 7 years of relevant experience Possessing a robust comprehension of Information/Cyber Security, Risk Management, BIA/BCP, Application Security, Network Security, Incident Response, and Cloud Security Demonstrating a solid foundation in audit and control review, particularly in SOC audit, business processes, and controls Proficient in addressing Third Party Risk Assessments, Information Security Assessments, and Audits Exhibiting strong Decision-making and Critical Thinking skills, adept at conducting thorough analysis leading to informed decision-making outcomes Personal competencies Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization Strong analytical and problem-solving skills, with the ability to assess complex information and develop actionable insights Self-motivated with an outstanding attention to detail Capable of managing multiple concurrent projects efficiently Demonstrates creativity and consistently employs initiative in all tasks and projects Ability to cultivate strong working relationships with internal colleagues is imperative for the role About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, andmake decisions with conviction.For more information, visit www.spglobal.com/marketintelligence . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 20 - Professional (EEO-2 Job Categories-United States of America), SLSGRP202.1 - Middle Professional Tier I (EEO Job Group)

About the Role: Grade Level (for internal use): 11 The Team Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact This role reports to the Head of Technology Risk and Governance, in the Global Digital Technology Organization. The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact Lead efforts in defining and documenting a comprehensive Issue Management Process document/ methodology Lead efforts to centralize control gaps/ issues in GRC tool Lead efforts in logging, tracking, monitoring and remediation of control gaps/ issues Coordinate with key stakeholders to ensure the issues are clearly articulated, mapped to appropriate risk category, mitigating controls are identified through proper risk assessment Lead efforts in periodic reporting of issues to senior Management Conduct data analysis to demonstrate trends of progress made in issue remediation by various technology processes Conduct meetings to discuss issues and risk remediation plan Lead efforts in risk exception and risk acceptance process Monitor risk acceptance scenarios and bring it to appropriate committees for reporting Prepare PowerPoint presentations to provide comprehensive and holistic issue management process What Were Looking For Basic Required Qualifications Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications 5+ years of experience in a large global organization leading the technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.2 - Middle Professional Tier II (EEO Job Group)

Date 31 May 2025 Location: Bangalore, IN Company Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Could you be the full-time Security into Project Specialist in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. Youll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, youll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. Youll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. Well look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with cutting-edge security standards for rail signalling Collaborate with transverse teams and supportive colleagues Contribute to innovative projects that shape the future of transportation Utilise our dynamic working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards leadership roles within the cybersecurity domain Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Date 7 Jun 2025 Location: Bangalore, KA, IN Company Alstom Req ID:478631 Could you be the full-time Cybersecurity Engineer Cyber Applications in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and system/network administration expertise in a new cutting-edge field. Youll work alongside innovative, dedicated, and supportive teammates. You'll maintain and enhance the security of Alstoms products and solutions, ensuring the integrity and resilience of our transport networks. Day-to-day, youll work closely with teams across the business (such as V&V, platform validation, and regional cybersecurity), execute design and deployment activities, and much more. Youll specifically take care of the maintenance of cybersecurity tools and applications, but also prepare and execute design & deployment activities for various projects and programs. Well look to you for: Maintaining cybersecurity tools and applications Preparing and executing design & deployment activities Executing specific testing activities and preparing reports Supporting validation and verification teams Acting as the administrator for cybersecurity applications Identifying cybersecurity tools and practices and providing guidance All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Computer Science, Information Technology, or equivalent Experience or understanding of cybersecurity in the context of industrial control systems or network administration Knowledge of design & deployment of NIDS such as Fortinet, Nozomi, Dragos, etc. Familiarity with system administration of Windows or Linux servers/systems A certification like MCSE, RHCE, LPIC, CCNA, or Network+ Preferably a cybersecurity certification like ECSA, Security+ Strong communication skills and the ability to work in a matrix organization Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with new security standards for rail signalling Collaborate with transverse teams and helpful colleagues Contribute to innovative projects Utilise our flexible working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards roles of greater responsibility and leadership Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Roles & Responsibilities : Primary contact to Worldwide customer department users on process inquiries and day to day operations Technical Support and consulting on the integration of the customers IT Applications to the central gateways Support towards Security and Risk compliance controls with respect to various Bosch regulations Request handing on all the support queries from the customers and Escalation handling on need basis Responsible for maintaining process documentation up to date Consult stakeholders on Access Management related topics Mailbox handling and query handling Ensure the customer KPIs, quality and deliverables are met

The opportunity: We are seeking a highly skilled and experienced professional who will be developing and implementing new products, processes, standards or operational plans that will have impact on the achievement of functional results. How you ll make an impact: Acts as Network Security Subject Matter Expert for Network Security infrastructure and related technologies. Maintain a clear vision for the product, ensuring it aligns with the overall business strategy and customer needs. Responsible for the product roadmap including Service Description, Service Catalog, and End-to-End responsibility for the owned product. Collaborates with IT suppliers regarding the operational implementation of outsourced activities consistent with existing agreements. Consults users to identify and learn about current procedures and to clarify further requirements. Supports the installation, management, maintenance, and optimization of all Enterprise Network processes related to the area of responsibility, including automation. Conveys network architecture, standards, policies, norms, and guidelines to IT Supply. Responsible for assessing and providing recommendations relating to trend analyses of incidents, in collaboration with relevant IT Functions. Performs day-to-day tasks associated with operating and maintaining networking infrastructure. Engages in major outages and works towards quicker resolution, followed by proposing long-term follow-up actions. Collaborates with Solution Architects, Integration Architect, and Information Security to ensure compliance with Enterprise Network solutions and services related standards. Responsible to ensure compliance with applicable external and internal regulations, procedures, and guidelines. Living Hitachi Energy s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business. Your background: Bachelor s or Master s degree in engineering, information technology. Minimum of 10+ years of comprehensive hands-on experience in Network Security. Demonstrated technical expertise with Next-Gen Firewall technologies (Checkpoint, Palo Alto). Proficient in Secure Internet and Private Access solutions (Zscaler). Advanced certifications related to Palo Alto (PCNSA, PCNSE) and Zscaler (ZTCA, ZIA, ZPA) Proven experience with Zscaler Zero Trust deployment, user and application migration to Zscaler Private Access, including the design and implementation of ZTNA solutions. Competence in explaining scenarios and troubleshooting firewall functions such as Packet Flow, Captures, NAT, Routing, and ACLs). Programming, automation, and API experience (Python, Go, Ansible, Puppet, Docker, CI/CD with Azure Gitlab, Shell scripting) is considered an additional asset. Experience with ServiceNow integration. Proven ability to cooperate with internal and external stakeholders, along with service/vendor management skills. Possess deep analytical skills and the capability to identify connections across various layers of business operations. Proficiency in both spoken & written English language is required. Qualified individuals with a disability may request a reasonable accommodation if you are unable or limited in your ability to use or access the Hitachi Energy career site as a result of your disability. You may request reasonable accommodations by completing a general inquiry form on our website. Please include your contact information and specific details about your required accommodation to support you during the job application process. .

Company Description Vialto Partners is a market leader in global mobility services. Our purpose is to Connect the world . We are unique and the only stand-alone global mobility business. This presents a rare opportunity for our clients, stakeholders and colleagues. Working at Vialto Partners is about getting the chance to be part of a global and dynamic team. Globally, Vialto Partners has over 6, 500 staff in over 50 countries around the world, and continues to grow. You will work with clients from a range of industries and different geographical locations. We believe in connecting the world and supporting our colleagues to do the same in their careers by undertaking assignments and opportunities globally that broaden their skills and ultimately benefit our clients. To learn more about what we do, tune in to our podcast On the Move to hear expert insights on issues affecting global mobility, and read about the latest news in the industry. You can also follow us on Linkedin and Instagram. Job Description The Senior Associate - Client Security Analyst role is responsible for assisting in supporting client due diligence requests including: completing client security questionnaires, responding to engagement team and client inquiries, updating and validating artifacts, maintaining the Trust Center portal, managing the appropriate client security inboxes, and liaising with other team members on tasks. The position has an active role in most client engagements at Vialto Partners, including RFP requests and other pre and post-sales activities. As a Senior Associate, you ll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. A successful candidate will need a combination of technical and communication skills, as well as the ability to handle a mix of disparate tasks which may include collaborating with other teams to gather information and/or artifacts. This role will provide career growth opportunities as you will be working with fellow world-class technologists. Skills and responsibilities for this level include but are not limited to: Contribute to the development, implementation, and maintenance of security assurance functions, which includes client Perform assessments against organizational policy controls and regulatory control frameworks Partner with engagement teams to translate Vialto Partners global information security expectations and work towards technical security solutions as appropriate. Support client and engagement team security assessment inquiries about Vialto Partners global information security program. Provide security training and outreach to internal development teams as necessary. Develop security documentation as necessary. Provide security metrics on delivery and improvements, where applicable. Work independently and be self-driven to assist internal and external stakeholders. Uphold Vialto Partners code of ethics and business conduct. Use feedback and reflection to develop self-awareness, personal strengths and address development areas. Qualifications Minimum Degree Required: Bachelor s or Master s degree. Required Fields of Study: Any Engineering graduate Minimum Years of Experience: 5-10 years of total experience, 2+ years experience in IT/Security roles Location: Hyderabad (In-office) Additional Information We are an equal opportunity employer that does not discriminate on the basis of any legally protected status. Please note, AI is used as part of the application process.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist In this role, you will : Oversee end-to-end health of the IWPB IT control environment, encompassing Cyber, Cloud, Architecture & Data, Systems Engineering, and IT Infrastructure globally. Instigate and manage initiatives to drive improvements to the Technology control environment including the effective design of key controls Partner with the CIO management team and other IT control owners to create effective design, monitoring, and remediation of control measures. Ensure the appropriate application of policies control standards and procedures. Support IWPB IT internal / external audit activity and internal assurance reviews. Work with Technology to monitor key control effectiveness, key control indicators, and control uplift plans. Validate control measures include RCA, KRIs, KCIs, control operation, test approaches, reviews, audits, judgment-based attestations, supplier audits, sampling of supplier procedures. Influencing, explaining and managing effective design, analysis and remediation of control measures. Work with Technology to create an effective design and efficient operation of IT controls. Accountable for the deployment of the IWPB IT s Non-Financial Risk Management Framework. Responsible for identifying emerging risks and threats and deficiencies with deployed key controls. Opine on control environment, form risk assessments, provide advice on remediation plans Requirements To be successful in this role, you should meet the following requirements: Strong knowledge of Non-Financial Risk and Information, Technology & Cyber controls. Interest or proven experience in Operational Resilience. Persistent, resilient, and resourceful; able to adapt to a complex and dynamic organisational environment. Open personality with effective communication skills. Lead and coordinate with colleagues and key stakeholders in an international team. Effective use of collaboration tools such as Sharepoint, Confluence, JIRA, and OneNote. Knowledge of HSBC corporate systems used by IT risk management, e. g. HELIOS, ARAMIS, EIM, PLADA COMET, SCOTT would be plus. Planning and project management skills. Ability to work independently with limited supervision. Communication - Ability to present complex issues confidently and concisely to Technology and DBS Senior Executives and other key stakeholders using non-technical easily understood language. Make considered decisions that protect and enhance HSBC values, reputation and business. Degree in information security, computer science or computer engineering qualifications desirable.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Software Engineer. In this role, you will: Implement RESTful APIs as per the design specifications. Analyze and develop code as per specifications. Prepare unit test plans and conduct unit testing. Review of design/code/Unit test results and provide inputs. Troubleshoot issues and bug fixing. Support production deployment and post development implementation activities. Participate in end to end impact analysis, creating low level design and able to provide estimates for changes and new development requirements and E2E testing for different projects Review the deliverables and ensure the quality of the product. Follow quality process and quality improvement initiatives Requirements To be successful in this role, you should meet the following requirements Relevant work experience of 4-6 years in Java, J2EE, Spring, Spring Boot, AWS and GCP. Very strong working experience and expertise of Java, Spring Boot, AWS, GCP, Micro Services. Hands-on in-depth experience in designing and implementing micro services using the Spring Boot framework. Hands-on experience in using and developing Continuous Integration pipeline using Jenkins, Maven, GitHub and other CI tools used in DevOps ecosystem. Deep Understanding of various protocols SOAP, REST, HTTP & JSON. Fair knowledge and experience of DevOps & Agile discipline. Knowledge on Cloud Technologies like PaaS & IaaS. Awareness of Kubernetes and Dockers is appreciated. Awareness of information security and common security frameworks. Working experience in APIs and Microservices. You ll achieve more when you join HSBC. HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working, and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Divisional Control Office (DCO) team ensures that the division operates with high levels of integrity. It is responsible for supporting the business by developing, implementing and maintaining a risk culture to ensure a strong and sustainable business control environment whilst minimizing risk arising from non-financial risk factors. DCO strategy includes improving the risk management information and strengthening the governance and risk culture. The Corporate Bank (CB) DCO has functional responsibility for providing a central point of oversight over the CB Risk & Control Assessments (RCA). This includes supporting the business by driving Risk & Control Assessment specifically focusing on Information Security (IS) / Information Technology (IT) risks in line with NFRM guidelines. RCA is a key component of the bank's non-financial risk management toolkit, to enable the effective profiling, monitoring and management of operational risks. Your Key Responsibilities Collaborate with businesses and support them in conducting Risk & Control Assessments as per NFRM guidelines specifically focusing on Information Security (IS) / Information Technology (IT) risks Analyze contextual data and relevant data triggers and determine or update risk profile, inherent risk, control environment and residual risk ratings along with supporting rationale, liaising with Risk Types SMEs in their business Participate in 1LoD-led RCA meetings for business to drive the risk discussions, focusing on key or emerging risks that may impact the business Coordinate with businesses/2LoD and assist in 2LoD challenges Prepare RCA reports and obtain business sign-offs Document risk mitigation decisions, if required, with consideration of risk appetite Deliver high quality Global Governance decks and reporting trends to support senior management Your Skills & Qualifications: CISA/CRISC or relevant security qualifications with experience of Risk & Controls and/or Internal Audit in banking industry covering Information Security (IS) / Information Technology (IT) risks Experience in SOX/ ISO27001 control framework Knowledge related to risk management (including conducting Risk & Control Assessments) and corporate banking products, processes and systems preferred, specifically focusing on Information Security (IS) / Information Technology (IT) risks Ability to assess impact of control environment on inherent risk along with documentation of qualitative assessment Strong quantitative and analytical skills required to critically evaluate information for key risk assessments Familiarity with DB organization a plus, but not mandatory Strong project management skills and a proactive team partner Influencing, negotiation skills and stakeholder management expertise Strong verbal and written communication skills Proficiency with automating tasks in Excel to improve efficiency a plus, but not mandatory.

Vice President - Cyber security Delivery Job Summary: The Security Delivery Head is responsible for overseeing and managing the delivery of security services within an organization. This role involves developing and implementing security strategies, managing security teams, and ensuring the protection of the organization's assets, employees, and information. Key Responsibilities: Develop and Implement Security Strategies : Create and execute comprehensive security strategies that align with organizational goals and industry best practices. Manage Security Teams : Lead and manage a team of security professionals, including recruitment, training, and performance evaluation. Oversee Security Operations : Ensure the effective operation of security systems and protocols, including monitoring, incident response, and investigations. Risk Management : Identify, assess, and mitigate security risks to the organization. Develop and implement risk management plans. Compliance and Governance : Ensure compliance with relevant laws, regulations, and industry standards. Maintain up-to-date knowledge of security trends and regulatory changes. Stakeholder Collaboration : Work closely with other departments, such as IT, HR, and legal, to integrate security measures into overall business operations. Budget Management : Develop and manage the security budget, ensuring cost-effective use of resources. Crisis Management : Lead the organizations response to security incidents and emergencies, including crisis communication and recovery efforts. Continuous Improvement : Continuously evaluate and improve security policies, procedures, and technologies. Qualifications: Education : Bachelors degree in Security Management, Information Technology, or a related field. A Masters degree is preferred. Experience : Minimum of 20 years of experience in security management, with at least 5 years in a leadership role. Certifications : Relevant certifications such as CISSP, CISM, or PMP are highly desirable. Skills : Strong leadership, communication, and problem-solving skills. Proficiency in security technologies and risk management. Key Competencies: Strategic Thinking Leadership and Team Management Risk Assessment and Mitigation Regulatory Compliance Crisis Management Stakeholder Collaboration This role is crucial for ensuring the security and resilience of the organization. If you have any specific requirements or need more details, feel free to ask!

Hiring for Application Security role at Mumbai location !!! Job Title: Senior Manager Third Party Technology Risk Management Location: Mumbai Experience Required: 7 - 9 Years Industry: Financial Services / BFSI Job Type: Full-Time Work Mode: Hybrid Note: 2 levels of interview with client - 1st round - Virtual / 2nd round - F2F is Must . Job Overview: We are looking for a seasoned and driven Senior Manager to lead our Third-Party Technology Risk Management efforts. If you have strong experience in managing vendor risks, IT security frameworks, and global compliance standards in a financial services environment this opportunity is for you! Key Responsibilities: Conduct and lead Third-Party Risk Assessments for new and existing vendors. Evaluate IT security controls using industry frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.). Develop and manage vendor risk dashboards and reports for senior stakeholders. Collaborate with cross-functional teams across regions to ensure compliance and risk mitigation. Ensure vendors meet our cybersecurity, network, and cloud security expectations. Coordinate vendor audits, risk reviews, and maintain detailed documentation. Work effectively with multicultural, cross-time-zone teams. Communicate risk findings and remediation plans to senior management. Maintain high standards of confidentiality, integrity, and professionalism. Required Skills & Qualifications: Bachelor's degree in IT, Information Security, or related field. Certifications such as CISSP, CISA, CISM, CRISC, or ISO 27001 Lead Auditor. 1012+ years in Technology Risk, with strong focus on Third-Party Risk Management. In-depth knowledge of NIST, ISO 27001, PCI DSS, SOC 2, COBIT, GDPR. Strong grasp of cybersecurity, network, and cloud security principles. Experience working with compliance, procurement, and legal teams. Excellent verbal and written communication skills for senior stakeholder engagement. Proficient in Microsoft Word, PowerPoint, and Project. Proven ability to manage conflict, build strong vendor/client relationships, and influence decision-making. Preferred Skills (Nice to Have): Familiarity with GRC tools (e.g., Archer, ServiceNow, OneTrust). Experience working with cloud service providers (AWS, Azure, GCP). Knowledge of outsourced IT risk, data privacy, and regulatory trends.

DWS Group operates in a business environment with an almost complete dependence on information, which is processed and transmitted by information systems and interconnected computer networks and stored physically and electronically. Information security risk and threat landscape are dynamic and requirements for security are constantly growing. It is essential for DWS that confidentiality, integrity (authenticity) and availability of information are protected, and risk is managed according to DWS Risk Appetite and in accordance with legal and regulatory requirements. The role of the DWS Information Security Officer (ISO) is aligned to the DWS COO divisional unit and will report into the Divisional Information Security Officer (D-ISO). DWS ISO assumes ownership for the assigned IT Assets from an information security (IS) perspective. Your Key responsibilities To assume ownership and responsibility for assigned IT assets, in line with the Group Information Security management processes and the DWS ISMS To execute IS Risk assessments and compliance evaluations for assigned IT assets To assign accurate information classification to assigned IT assets based on confidentiality of Information To maintain the Information Security related documentation of assigned IT assets in the Groups asset inventory To establish a good working relationship with Business Application Owners (BAO) and other Subject Matter Experts (SME) of the divisions and functions of the assigned assets and develop profound knowledge of the supported processes and data To support key role holders such as ITAOs and TISOs to develop a secure environment by evaluating the Information Security requirements as early as possible in the system development life cycle to select the applicable Information Security Controls for implementation To give guidance to ITAOs and TISOs on the implementation of compensating Controls in case of deviations from the applicable Information Security Controls To execute and document periodical recertification of user access rights in their area of responsibility in compliance with the Groups identity and access processes To support implementation of Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach To deliver all items requested during regulatory and internal Information Security related audits To remain fully trained and skilled by completing the required Information Security trainings provided by CSO or as requested by the Divisional CISO or the Divisional ISO. Your skills and experience Essential Candidate should have proven experience of working in Information Security and/ or Information Technology, ideally in a regulated financial institute Strong communication (written and verbal) skills with the ability to effectively communicate with different stakeholders within IT and business functions with excellent command of the English language. Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within a financial organization Positive attitude and a team player Proactive and ability to work independently in a global team Open to learn, adapt and work with new technologies Outstanding problem solving, analytical and project management skills Proficiency with Microsoft Office programs Fluent English and communication skills Education / Certification Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security General understanding of current security industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, OWASP

Job Summary Join our team as an Infra. Technology Specialist where you will leverage your expertise in vulnerability management to enhance our IT infrastructure. With a hybrid work model and day shifts you will collaborate with cross-functional teams to ensure robust security measures. Your contributions will directly impact our companys mission to provide secure and reliable technology solutions. Responsibilities Oversee the implementation of vulnerability management processes to ensure the security of IT infrastructure. Collaborate with cross-functional teams to identify and mitigate potential security threats. Provide expert guidance on best practices for vulnerability assessment and remediation. Develop and maintain documentation for vulnerability management procedures and protocols. Conduct regular security audits and assessments to identify areas for improvement. Implement automated tools and technologies to streamline vulnerability management processes. Monitor and analyze security alerts to proactively address potential risks. Coordinate with IT teams to ensure timely patch management and system updates. Evaluate and recommend security solutions to enhance infrastructure resilience. Train and mentor team members on vulnerability management techniques and tools. Report on security metrics and trends to inform strategic decision-making. Ensure compliance with industry standards and regulations related to IT security. Contribute to the development of security policies and procedures to safeguard company assets. Qualifications Possess a strong background in vulnerability management with at least 8 years of experience. Demonstrate proficiency in using vulnerability assessment tools and technologies. Exhibit excellent problem-solving skills and attention to detail. Have a solid understanding of IT infrastructure and security principles. Show ability to work collaboratively in a hybrid work environment. Display strong communication skills to effectively convey technical information. Hold a relevant certification such as Certified Information Systems Security Professional (CISSP). Certifications Required Certified Information Systems Security Professional (CISSP)

Job Summary The Cyber Security Architect will play a crucial role in designing and implementing security solutions to protect the companys digital assets. With a focus on Fortigate Next Gen Firewalls the candidate will ensure robust security measures are in place. The role involves collaborating with various teams including Sales & Marketing to align security strategies with business objectives. This hybrid position offers a dynamic work environment with a day shift schedule. Responsibilities Develop comprehensive security architecture strategies to safeguard digital assets and ensure compliance with industry standards. Implement Fortigate Next Gen Firewalls to enhance network security and protect against cyber threats. Collaborate with cross-functional teams to integrate security measures into business processes ensuring seamless operations. Analyze security systems and identify areas for improvement to optimize protection and efficiency. Conduct regular security assessments and audits to maintain the integrity of the companys digital infrastructure. Provide expert guidance on security best practices to internal teams fostering a culture of security awareness. Monitor emerging cyber threats and develop proactive strategies to mitigate risks effectively. Design and deploy security solutions that align with the companys objectives and enhance overall resilience. Oversee incident response activities ensuring swift resolution and minimal impact on business operations. Evaluate new security technologies and recommend implementations that enhance the companys security posture. Collaborate with Sales & Marketing teams to ensure security measures support business goals and customer trust. Lead training sessions to educate employees on security protocols and the importance of data protection. Maintain documentation of security policies and procedures ensuring accessibility and compliance. Qualifications Possess extensive experience in Fortigate Next Gen Firewalls demonstrating expertise in configuration and management. Have a strong understanding of cybersecurity principles and practices with a focus on network security. Experience in Sales & Marketing domain is advantageous providing insight into aligning security with business strategies. Demonstrate excellent analytical skills with the ability to identify vulnerabilities and propose effective solutions. Exhibit strong communication skills capable of conveying complex security concepts to non-technical stakeholders. Show proficiency in conducting security audits and assessments ensuring compliance with industry standards. Display a proactive approach to threat detection and mitigation staying ahead of potential risks.