2755 Information Security Jobs - Page 20

Role Description The IT Application Owner (ITAO) has sound IT risk management skills. They follow one of several possible service delivery approaches, acknowledge interference with the IT applications life cycle and assist with incorporating the adopted approach into best practice. The ITAO is aware of the gap in the current infrastructure solutions and where industry innovations are along the maturity lifecycle.They work with application stakeholders to improve the infrastructure, ensuring compliance with the technical roadmap. The ITAO has a sound knowledge of development methodologies and the IT policies necessary to perform effectively in the organization, aligned to the banks appetite for risk. The ITAO acts to improve safety and security of the application, compliance with regulations, policies, and standards,enhance operational readiness, and ease maintenance of the environment for delivering change into production. The ITAO supports the banks audit function in the remediation of audit points and self-identified issues to reduce risk. The ITAO is responsible for producing and maintaining accurate documentation on compliance with methodologies, IT policies and IT security requirements. The ITAO interacts with and influences colleagues on the governance of IT platform reliability and resilience. You will work as part of a cross-functional agile delivery team. You will bring an innovative approach to software development, focusing on using the latest technologies and practices, as part of a relentless focus on business value. You will be someone who sees engineering as team activity, with a predisposition to open code, open discussion and creating a supportive, collaborative environment. You will be ready to contribute to all stages of software delivery, from initial analysis right through to production support. What well offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Your key responsibilities Strategy & Architecture Enterprise IT governance: Reviews current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy. Provides specialist advice to those accountable for governance to correct compliance issues. Information security: Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing: Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Specialist advice: Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organisation's planning and operations. Recognises and identifies the boundaries of their own specialist knowledge. Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organisation. Knowledge management: Maintains knowledge management systems and content to meet business needs. Supports others to enable them to complete knowledge management activities and form knowledge management habits. Reports on progress of knowledge management activities. Configures and develops knowledge management systems and standards. Supports changes to work practices to support capture and use of knowledge. Business risk management: Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management: Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management: Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools: Provides support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools. Change and Transformation Requirements definition and management: Assists in the definition and management of requirements. Uses standard techniques to elicit, specify, and document requirements for simple subject areas with clearly-defined boundaries. Assists in the creation of a requirements baseline and in investigating and applying authorised requests for changes to base-lined requirements, in line with change management policy. Delivery and operation Availability management: Contributes to the availability management process and its operation and performs defined availability management tasks. Analyses service and component availability, reliability, maintainability and serviceability. Ensures that services and components meet and continue to meet all of their agreed performance targets and service levels. Implements arrangements for disaster recovery and documents recovery procedures. Conducts testing of recovery procedures. Service acceptance: Engages with project management to confirm that products developed meet the service acceptance criteria and are to the required standard. Feeds into change management processes. Configuration management: Applies tools, techniques and processes to track, log and correct information related to configuration items. Verifies and approves changes ensuring protection of assets and components from unauthorised change, diversion and inappropriate use. Ensures that users comply with identification standards for object types, environments, processes, lifecycles, documentation, versions, formats, baselines, releases and templates. Performs audits to check the accuracy of information and undertakes any necessary corrective action under direction. Asset management: Applies tools, techniques and processes to create and maintain an accurate asset register. Produces reports and analysis to support asset management activities and aid decision making. Change management: Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change. Security administration: Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges. Performs non-standard security administration tasks and resolves security administration issues. Application support: Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures. Problem management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Enables development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Analyses patterns and trends. Incident management: Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process. Skills and quality Quality assurance: Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organisational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences. Conformance review: Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services. Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences. Digital forensics: Contributes to digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports. Relationships and engagement Relationship management: Identifies the communications and relationship needs of stakeholder groups. Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining, and working to stakeholder engagement strategies and plans. Provides informed feedback to assess and promote understanding. Facilitates business decision-making processes. Captures and disseminates technical and business information. Your skills and experience Autonomy: Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance, and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level. Influence : Interacts with and influences colleagues. Has working level contact with customers, suppliers, and partners. May supervise others or make decisions whichimpactthe work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work. Complexity: Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution. Knowledge: Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organization typically gained from recognized bodies of knowledge and organizational information. Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge. Business skills: Demonstrates effective communication skills. Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures. Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client. Demonstrates an analytical and systematic approach to issue resolution. Takes the initiative in identifying and negotiating appropriate personal development opportunities. Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work. Expectations There are several common expectations that all experts should demonstrate over and above their technical/specialist contribution. These are also important for reinforcing our Deutsche Bank Values and Beliefs: Acts as role model for individuals aspiring to follow an expert career path by passionately promoting the merits of expert roles and the contribution of their Profession. Challenges the status quo and influences key stakeholders to ensure industry best practice is adhered to within their area of expertise. Mentors individuals across the Bank who wish to follow an expert career path through sharing their experience, expertise, and insight. Acts as training faculty on key internal technical/specialist development programmes (NB Annual number of hours/days to be agreed at start of year with Manager in consultation with the Profession Owner). Designs innovative, sustainable solutions which are congruent with the strategic direction of the Bank. Challenges colleagues to do the same, pushing the boundaries of what is possible to deliver potential for higher levels of organizational performance. Builds, captures, and manages the transfers of knowledge across the Professional community. Provides Profession Owners with input that shapes the curriculum. Defines and implements best practices, solutions and standards related to their area of expertise. Demonstrates thought leadership through seeking out opportunities to shape the agenda with Regulators, Government Departments and Professional bodies. Cultivates and maintains effective working relationships with stakeholders and clients by articulating the contribution, commercial impact, and benefits of expert roles.

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply

Dear Candidate, Greetings. We are hiring for the role of Biso Helius Technologies Hyderabad. Work mode – Work from office Project – Singlife Exp – 10 to 15 years Please find the below JD for your reference. Role: BISO Work Location: Hyderabad (ODC) Key Responsibilities Focuses on Core BISO activities: Conduct Information Security Business Impact Assessments (ISBIA) for Projects, Applications, and Third-Party Outsourcing arrangements, aligning with Singlife Standards. Collaborate with Technology and Business units to evaluate the impact of control deficiencies. Lead the implementation of IS standards at the business level, ensuring alignment of procedures and practices with established standards. Collaborate in creating Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) using appropriate tools. Engage with Security Incident Response Teams to guide the resolution and closure of incidents, offering proactive recommendations. Generate periodic IS risk management reports, highlighting critical issues and proposing corrective action plans. Ensure adherence to IS standards and best practices across diverse disciplines. Support the business during audit reviews and regulatory inspections related to IS matters. Maintain vigilant oversight of IS programs, encompassing programs, policies, and associated reporting within the business landscape. Collaborate with business units to rectify non-compliance in processes, applications, and outsourcing activities. 1. 2. Act as a Business Partner Regularly communicate and interact with Management and Employees, enhancing understanding of IS-related programs, policies, and standards. Leverage the ISO network to share resources, extract best practices, and enhance operational efficiency. Validate compliance with security controls within business contracts. Evaluate the alignment of IS processes with business needs, particularly concerning software and internet usage. Conduct Information and Cyber Security Awareness training to fortify organizational preparedness. Partner with application managers or the Technology Information Security Officer (TISO) to address specific technical requirements. Stay relevant to evolving cybersecurity regulations (MAS, CSA, GIA, LIA) to provide subject matter expert feedback. Assess the impact of new and updated regulations promptly by partnering with the ISO, Technology & Operations community. 3. Other Requirements Demonstrate skill in delivering compelling presentations and managing complex programs. Display exceptional aptitude in consulting, problem-solving, and analytical capabilities. Exhibit a proactive, assertive, service-oriented demeanour while effectively functioning as a cohesive team player. Demonstrate the ability to manage concurrent tasks and prioritize effectively, even in conflicting timelines. Key Decisions within the Role Be the gatekeeper of the IS business impact assessments (ISBIA) processes and ensure applications within Singlife adhere to IS standards. Team Direct and indirect accountability for Information Security Officers Requirements Experience Minimum 10 years of experience in Information security. In areas such as security governance, risk management, application security design, security project management or security operation. • Professional Certifications CISSP, CISM, CISA, SANS, Cloud would be preferred. Education Bachelor’s degree in IT, Engineering or equivalent Skill Matirx- Skill Candidate's self- assessment (Score 1-5) Primary: InfoSec experience Secondary: Risk/Governance/Assurance framework Experience in conducting Infosec Training Excellent Communication/Presentation skills Infosec Certifications Primary: Cybersecurity regulations Secondary: Creation of Risk Acceptance/Risk Exceptions/CAPs Monetary Authority of Singapore (MAS) regulations Awareness of Security Control . Compliance Security Audits . Please revert with update profile if you find it interesting. Feel free to reach out for any queries. Role & responsibilities Preferred candidate profile

Role & responsibilities Analysis of external vendor questionnaire s to assess the security posture and security controls of a vendor Drafting risk reports which summarize the information security assessment including any risks to the organization. Following up with internal and external (vendor) stakeholders to clarify and validate information related to initiatives Review legal agreements w ith vendors from an information security perspective. Provide security consulting services to Enterprise Services and Business Units. Once the required experience and aptitude has been shown, expectation will be that the Information Security Analyst will start to perform these tasks independently with minimal supervision. Competencies: Bachelor's Degree preferably in Computer Science or related streams Strong verbal communication - able to communicate complex and technical issues in plain English. Advanced writing skills with emphasis on report writing. Strong analytical/problem solving abilities. Strong understanding of existing and emerging Information Security technologies. Strong consulting skills and ability to influence a win - win outcome. Self-starter, strategic thinker, negotiator, and consensus builder. Ability to understand Sun Life's diverse business units and ability to work with diverse groups. Nice to have - Sound knowledge of technologies related to Information Security: encryption, firewalls, intrusion detection/prevention, anti-virus, DDoS, behavioral analysis/advanced malware detection.

About The Role Minimum 2-4 years of experience in Security Operations Centre Experience across SOC domains use case creation, incident management, threat hunting, threat intelligence etc. Solid understanding of cyber security, network security, end point security concepts Good understanding of recent cyber threats, latest attack vectors Must have experience in any one SIEM (Splunk), EDR and SOAR solution Must have experience in leading/managing SOC shifts Experience in shift roster creation, resource management etc. Will be responsible for critical incident investigation, use case review, mentoring Shift Leads, SLA management etc.

About The Role Role Person will be responsible for BAU of DR Operations Ready to work in a Shifts as per requirement. Coordinate and participate in all IT DR testing to ensure timely recovery capability in the event of a disaster and sanity testing Preparing IT DR Plan testing schedule and oversee the coordination of testing processes and resources also ensure the IT DR Plan is being followed up for mentioned RPO/RTO. Audit handling and data collection, report preparation for different audits (Internal, External and RBI). Preparing and updating documentation for DR Operations role on periodic basis Coordinating and Root Cause Analysis for all DR Incident during recovery exercises. Job Requirements Skills/Knowledge prerequisites Knowledge of IT DR processes and RPO and RTO strategies DR capability preparedness for application server, network and database systems within Recovery Time Objective RTO. Experience in Testing DR environment for datacentre failover and failback Drill execution co-ordination, incident / issues tracking during drills. Ensure to work along with identified DR vendors for integrating all the identified set of applications in DR Tool. Align automation to meet the defined RTO/RPO by the management committee on the best effort basis Work closely with Application, Network and Infrastructure teams to ensure our infra/network capacity is always up to the mark to cater to our growing DR requirements. If we are falling short of capacity, then raise a flag with relevant and management teams to get the issue addressed Knowledge of current best practices and technologies and their DR applications Excellent oral and written communication skills. Resources should possess good Interpersonal skills Profile Should have knowledge of DR Automation tool and Handling Domain knowledge of managing DR Operations for reputed organization/Financial Institutes. ISO-27001, ITIL process certification will be an added advantage. Minimum 3+ Years"™ experience in relevant role, IT. Companies Financial Institutes Banks having DR Operations

Primary Responsibilities: Position Overview: We are seeking a highly skilled and motivated Senior Technical Project Manager to join our Information Security team. This role is pivotal in supporting numerous application development teams, with a primary focus on enhancing the security posture of the applications they create and maintain. Key Responsibilities: • Project Management: Lead and manage security-related projects, including security compliance initiatives, vulnerability remediation, and the rollout of security tools and configurations. • Reporting: Prepare and deliver monthly and weekly reports to leadership and application teams, ensuring transparency and accountability. • Tool Proficiency: Utilize project management and reporting tools such as Rally Agile, Smartsheet, and Office 365 to track progress and manage tasks effectively. • Executive Presentations: Develop and present comprehensive reports and presentations for executive stakeholders, highlighting project status, risks, and achievements. • Communication: Maintain clear and effective communication with all stakeholders, ensuring alignment and understanding of project goals and progress. • Follow-Up and Completion: Emphasize follow-up, task completion, and regular status updates to ensure projects stay on track and meet deadlines. Qualifications - External Required Qualifications: Must be a graduate Experience: Proven experience in managing technical projects within an information security context. Skills: Proficiency with Rally Agile, Smartsheet, (or similar tools), and Office 365. Solid ability to create executive-level reports. Communication: Excellent verbal and written communication skills, with a high emphasis on clarity and follow-up. Detail-Oriented: Solid attention to detail and commitment to task completion and regular status reporting. Preferred Qualifications: • Experience: Proven experience in managing technical projects within an information security context. • Skills: Proficiency with data exports, analysis, and presentation. Rally Agile, Smartsheet, and Office 365. Strong ability to create executive-level presentations. • Communication: Excellent verbal and written communication skills, with a high emphasis on clarity and follow-up. • Detail-Oriented: Strong attention to detail and commitment to task completion and regular status reporting. Why Join Us? • Impact: Play a crucial role in improving the security posture of our applications, directly contributing to the safety and integrity of our systems. • Growth: Opportunity to work on challenging projects and grow your career within a dynamic and supportive team environment. • Collaboration: Work closely with various application development teams, fostering a collaborative a

Our current primary tools for Automation: Automation Anywhere 360 C# .NET Core database environments: Oracle, MS SQL Server The selected candidate will play a critical role in - Collaborate with stakeholders to understand business process and identify automation opportunities. - Design, develop, and implement RPA solutions using Automation Anywhere 360. - Partnering with Scrum Master and Product Owners to lead day to day software development efforts. - Ensuring adherence to established software development process. - Effectively communicating to management, business owners, and other stake holders. - Develop and maintain documentation for RPA eg PDD, SDD test plans other use guides. - Develop RPA solutions to ensure accuracy, reliability scalability. All About You Experience with Robotic Process Automation (Automation Anywhere 360) Ability to communicate complex quantitative analysis in a clear, precise, and actionable manner with both technical and non-technical customers. Strong problem solving and troubleshooting skills with the ability to exercise mature judgment. Interest and ability to work with new emerging technologies to be able to present POCs as required. Degree in Computer Science or related field Desirable or additional capabilities: Knowledge in statistics and machine learning are highly beneficial: The candidate should have a strong developed mentality with a focus on measuring and metrics. General knowledge of Corporate Finance functions Advanced SQL experience preferred. Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard s guidelines.

The Sr. Professional -procure to pay will work in a cross functional team environment comprised of technical staff, application end-users, business owners and external vendors throughout MasterCard Worldwide to provide to provide functional application support for Oracle applications and other procure to pay applications globally. The ideal candidate will demonstrate functional knowledge of General administration Invoicing payments. Specifically related to functions in Oracle Applications preferably R12 version. Candidate will also support corporate objectives such as compliance, stewardship, governance, risk management and business continuity as they relate to our global procure to pay applications. Role: Liaison with business owners and technical teams. Perform and own functions like understanding business requirements, formulating technical solutions, mapping business requirements to system functionality, designing and documenting functional requirements. Additionally performing hands-on system configuration and data loads where needed. Strong functional understanding of ERP application either Oracle Applications (R12) or similar, with good awareness of all functional configurations related to modules Invoicing, purchasing, supplier maintenance, accounts payable, payments etc Expected to have prior experience on integrating data between on premise to/from Cloud applications (vice versa) Provide ongoing Production Support - including problem management. Will include logging tickets, status communication escalation (as needed). Apply newer technologies like bots, predictive analytics, mobile tools etc to ensure automation, analytical reporting and digitized usage of applications. Support and lead efforts on application training and change management specifically for Oracle application and associated processes. Perform activities like creating/modifying reports, dashboards, implementing/updating workflows, purchasing setups, etc in Oracle applications. Participate in efforts related to testing and documentation of business processes, configuration changes and application updates. All About You : Bachelors or higher degree in Information Systems, Procurement, Sourcing, Finance - or equivalent work experience Knowledge on Oracle application (R12), primarily with modules like iExpense, purchasing, supplier maintenance, accounts payable, payments etc is preferred Working knowledge on any ERP application is preferred. Proficiency with MS Office applications Excellent written verbal communication skills required - with the ability to effectively communicate develop strong relationships Solid active listening and good customer service skills Excellent time management and prioritization skills with the ability to independently prioritize and manage assigned projects

We are seeking an enthusiastic Sales Support Coordinator who will co-operate with the Global Sales Support Team to lead technical and non-technical team members, managing BAU activities such as ensuring the completion of bids technical information security questionnaires within the required time scales, ensuring internal and external questions are assigned appropriately and taking responsibility for ensuring departmental reporting is completed on time. Additionally, the role will ensure the Ideagen bid support tool is used correctly, tasks are processed correctly, any supporting documents are kept up to date with audits and reporting on a weekly basis. This is a busy team supporting 200+ global sales colleagues with a variety of response types to various verticals across multiple products. Often working to tight timeframes, strong management and organizational skills are necessary. The role will require an organized and commercially orientated individual who is proven to grasp new concepts quickly, can support sales team and sales support team activities alike. This is an exciting opportunity for the right individual. Reporting directly to the Technical Support Manager in a fast-paced growing operation, the successful candidate needs to be a dynamic player who has a risk-based approach to decision making, the ability to work autonomously within the scope of the role and is an excellent communicator and natural problem solver. The Sales Support Team are based in the UK, so being able to work autonomously is essential, though line management of this role will be from Dubai. Responsibilities Be the point of escalation within the sales bids/Infosec process, delivering accurate work on efficiently and liaising with other team members to enhance team learning. Build strong relationships with sales teams and functions across the business, establish and deliver common goals with the Global Sales Support Team. Act as an escalation point for the local team for any arising issues, ensure that appropriate actions are taken and only important issues are escalated to senior management. Promote a supportive, can-do attitude, approach situations with a how can we make it work culture and present possible solutions. Contribute to a high-performance culture in the team with a focus on teamwork, service excellence and ownership. Skills and Experience Essential Highly organised in a fast-paced dynamic environment Comfortable managing situations and liaising with teams of technical and non-technical personnel Proven ability to work with all levels of a business Great interpersonal skills, the candidate must demonstrate the ability to communicate in an appropriate way where there are conflicting viewpoints, be a natural persuader and will hold the respect of their team, colleagues, and customers Experience working in a similar role and advantage, delivering technical information to a sometime non-technical audience. Inspire the confidence of senior technical stake holders who want to understand the controls and measures protecting their sensitive and confidential data. Be highly articulate, demonstrate a good standard of the English language through the written word and verbally Be able to work tactically and sometimes strategically within the vision of the department s evolution Analytical skills understanding the true intention behind the question being asked vs the literal comprehension of the question. Comfortable working at pace but with a focus on appropriate quality Experience in leading and supporting a local team to deliver excellence at all levels Desirable Experience with proposals and tenders Experience with bid tools and their maintenance Familiarity with regulated industries Understanding of Risk and Compliance

Managing the response to and/or escalating data loss events with local/regional/global stakeholders, to assist with risk assessment and remediation processes. Triaging and responding to potential Data Breach events. Adhering to any defined SLAs Managing a highly skilled, efficient, and effective team of Incident handlers in achieving their responsibilities, which include: Following detailed processes and procedures in security incident response lifecycle and its phases to respond to alerts from DLP monitoring/detection systems within defined OLAs and, where appropriate, escalate data breach events. Ensuring compliance with Cybersecurity policies and standards. Managing the completion of post-incident reviews, assessing the effectiveness of controls, detection, and response capability, and supporting the required improvements with the responsible owners. Collaborating with other teams and industry groups on information security related issues and concerns. Coordinating the actions of multiple business units during the response to Data Breach events and incidents. Developing, defining, validating, and maintaining detailed processes and procedures to allow the consistent management of the response to information protection incidents. Ensuring a comprehensive and smooth hand-over between the global teams as shifts end and begin. Leading the continued evolution of incident management and response capabilities and processes, including automation and orchestration. Ensuring compliance with internal audit and external regulators that organisational changes are fit-for-purpose and meet expectations. Data Breach Review, Monitoring, Dlp Compliance: Microsoft Purview, Detection

Conduct security assessments, vulnerability assessments, and penetration tests on systems and applications to identify weaknesses and recommend remediation actions. • Monitor and analyze security alerts, events, and incidents to promptly detect. Required Candidate profile Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems.

SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Preferred technical and professional experience Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures

SOC Analyst must have skills in email security, system event, network event, log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques is important. Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting. Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats, calls, and face to face settings. Constantly contribute to SOC runbooks/playbooks Recommend improvements to automations, alert fidelity, and security controls. Preferred Experience: Experience / Knowledge in CyberArk, Azure SSO. Knowledge of enterprise web technologies, security, and cutting-edge infrastructures Preferred technical and professional experience SOC Analyst works within the 24/7 Cyber Fusion Center (CFC). The role is responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment. This SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations. Individuals in this role are proactive and well-versed in log, identity, cloud, network, and root cause analysis

As a Cyber Security Analyst you will be responsible for the administration, endpoint protection, vulnerability management, intrusion detection system, security information & event management, Active Directory, Domain Controller and Email Security.

Lead & focus: Demonstrate clear & calm leadership, setting the tone for each response Command and coordinate a response to security incidents, relevant threats, and high profile security events Scope a response to the next best actions Ensure response is sustainable for all resources involved Support beyond normal shift hours in an emergency or during times of staff shortage Coordinate & communicate: Delegate tasks in a timely manner and manage them to closure Facilitate incident / threat resolution through prompt communication across multiple teams Document status and regularly communicate updates to stakeholders and senior management Develop and track key metrics and reporting related to incident management Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Incident Response, Soc Management Preferred technical and professional experience Threat Hunting

Saviynt s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. Our platform unifies identity governance (IGA), privileged access management PAM,granular application access, and cloud security to deliver secure and compliant digital transformation for global enterprises. We re building a world-class RD organization. Our Request Platform Team ensures the reliability, flexibility, and scalability of the Access Request lifecycle one of the most customer-visible parts of the product. If you re a hands-on engineer and technical leader who thrives in solving complex identity scenarios while building modern applications end-to-end, we want to talk to you. Were building a world-class RD organization, and our Request Team plays a critical role in ensuring a seamless, resilient access experience across the enterprise. If you re passionate about debugging complex identity flows, architecting scalable access request systems, and mentoring a high-impact engineering team We encourage you to apply and bring your expertise if you re a: You are a hands-on problem solver and technical builder who thrives in writing production-grade code every day, leading architecture reviews by example, and delivering high-impact features from concept to deployment. Youre a deep expert in Identity Governance, especially in Access Requests, Dynamic Attributes, Workflow Engines, and Application Access Flows. You love getting your hands dirty in code while mentoring others and driving product quality. Collaborative Partner: You excel at collaborating with colleagues in engineering, product, and across functions throughout the organization. You communicate clearly and work effectively as a team to solve complex problems. Exceptional Problem Solver: Youre highly skilled at solving complex technical challenges with innovative, out-of-the-box solutions, while working collaboratively with your team and across functions. Forward Thinker: You excel in software design and architecture to address complex problems, maintaining a high standard for quality while proactively identifying opportunities to enhance performance, quality, and efficiency. Customer Centric Builder: You re experienced and excellent at interacting with customers, understanding their technical concerns, addressing their challenges and effectively communicating solutions. You understand who we re here to serve and how the products you develop will keep users front and center. Empowering Mentor: You create a supportive and approachable environment, teaching members of your team to be self- sufficient while providing constructive feedback. You help your team think critically, grow, and develop a passion for their progress within the company. What You Will Be Doing Design, build, and own end-to-end features in the Access Request stack from UI to backend, from validation logic to database persistence and workflow execution. Write high-quality code daily in Java, Groovy on Grails, SQL/HQL, and React to deliver real, scalable solutions to complex problems. Debug and resolve complex, production-critical issues including broken request forms, dynamic attribute failures, workflow misrouting, or large-scale request submission performance. Work directly with Product Managers, Support, QA, and other engineering teams to triage live customer issues, identify root causes, and deliver permanent fixes. Act as the go-to expert for the Request Framework, ARS tasks, dynamic field logic, entitlement selection, and access request lifecycle across Saviynt. Champion test automation, performance tuning, and observability improvements to strengthen the reliability of request flows. Proactively identify architectural gaps and lead design and implementation of enhancements, focusing on scalability, modularity, and maintainability. Collaborate with DevOps to improve build pipelines, deployment strategies, and service resilience. Mentor engineers by example through code reviews, design sessions, and hands-on pairing. Drive adoption of engineering best practices, including CI/CD, secure coding, design reviews, and sprint ceremonies. What You Bring 10+ years of full-stack, hands-on software development experience, with a proven ability to architect, build, and maintain complex enterprise-grade applications end-to-end Expert-level command of Groovy on Grails, including GSP templating, dynamic form rendering, and controller/service level customization; must be capable of re-architecting legacy Grails codebases for modern quality, scalability, and modularity Strong experience designing and maintaining Access Request Platforms including Dynamic Attribute engines, entitlement resolution, workflow engines, request/approval/task orchestration, and multi-app provisioning logic Deep understanding of Saviynt or similar IGA platforms SailPoint, Oracle, ForgeRock) and the nuances of role-based access control, birthright access, and fine-grained entitlement management Proficiency in: Grails, Groovy, GSP, Spring Boot, Hibernate, Quartz Scheduler React, JavaScript/TypeScript, AJAX-based dynamic form handling SQL, HQL, and advanced query optimization across large datasets and high-transaction tables RESTful API design, consumption, and service layer abstraction for access operations Experience solving real-world issues involving: Complex form validation and rendering failures (e.g., dynamic attribute dependencies) Broken approval flows, entitlement resolution mismatches, and request submission errors High-volume request processing, entitlement exclusions, and data partitioning performance bottlenecks In-depth understanding of frontend-backend coupling in Grails/GSP environments and strategies for modular refactoring Strong familiarity with debugging and monitoring tools: Kibana, Grafana, ElasticSearch, Postman, and in-app telemetry Working knowledge of CI/CD and DevOps practices: Git/GitHub, GitLab CI, Jenkins, Docker, Kubernetes (nice to have) Able to set up pipelines, write deployment scripts, and automate validation steps Track record of delivering clean, maintainable, and testable code quickly with ownership and accountability Prior experience leading re-platforming efforts or architectural migrations in legacy code environments to drive scalability, resiliency, and maintainability Comfortable working closely with QA, Support, Product Management, and Field Engineering to triage and resolve escalations quickly Strong communicator and collaborator who pairs well, mentors others, and thrives in agile, cross-functional teams WHY JOIN US Write code and build systems every day not just guide from afar Own critical modules that impact millions of end-users in global enterprises Join a collaborative team that believes in pairing, mentoring, and pushing code with confidence Help shape the future of Access Requests at Saviynt core to our mission of identity authority at scale Saviynt is proud to be an equal opportunity employer and encourages applicants from all backgrounds. We re building a diverse team that reflects our mission to protect and empower every user, identity, and workload in the enterprise. If required for this role, you will: - Complete security privacy literacy and awareness training during onboarding and annually thereafter - Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to): > Data Classification, Retention Handling Policy > Incident Response Policy/Procedures > Business Continuity/Disaster Recovery Policy/Procedures > Mobile Device Policy > Account Management Policy > Access Control Policy > Personnel Security Policy > Privacy Policy

As one of the world s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If youre looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day! Job Description Please use the template below to create a Job Posting for your Requisition. Review the Career Track / Level Criteria at the bottom of this template and ensure the job posting matches accordingly. Your Team As a part of Global Security s Information Security organization, the Identity Access Management (IAM) team protects Invesco against a dynamic threat landscape and advances Invesco s purpose by empowering and enforcing secure access to drive desired business outcomes and digital experience goals. IAM manages the digital identities and entitlements of people, services, and things, and the relationships and trust among them. We collaborate and partner with Business Units, Technology, and Security to address IAM risks, provide IAM platform/solution services, and standardize IAM processes by onboarding applications to our IAM platform/solutions. Your Role The role of a technical developer is to design, implement, and test a system they have built. You Will Be Responsible For: You will be responsible for designing and implementing SailPoint IIQ integrations with various applications and working with application teams to understand the requirements. You will configure and customize SailPoint IIQ to fulfill the requirements of the applications. Preparing technical and user documentation. Demonstrate strong technical skills. Demonstrate strong Problem-solving skills. Be a strong team player with good communication skills Ability to guide and mentor junior members of the team. The Experience You Bring: Should understand Identity and Access Management and Privileged Access Management concepts well. 5-6 years of relevant experience designing and implementing IAM and/or PAM solutions. Hands-on experience in one or more IAM products such as Oracle, IBM, CA, SailPoint, CyberArk, or others. Implementation experience with SailPoint IIQ 8.0 and above or Identity Now on Onboarding new applications using native and custom APIs, Life Cycle Events, SOD Policies, and Certifications. Experience working with multiple IAM-related technologies such as Active Directory, HRMS, SaaS applications, etc., Good to have exposure to Agile Methodology Good Understanding of OOP s concepts and knowledge of Database transactions. Good to have SailPoint certifications like Identity IQ Engineer, Identity IQ Architect, Identity Now Engineer Production support experience in incident, problem, and change management for issues related to the IAM solution/PAM Solution and its components. Experience using cloud-based identity models in B2B B2C Experience in one or more major scripting languages e.g., Perl, Python, PowerShell **The information below comes from the Job Leveling Guide and is meant to assist you in writing the job description. Please delete once you have completed the job description.** General Role Profile Develops a basic understanding of theories, practices and procedures within a job family Performs limited, narrowly defined assignments using existing procedures Accountable for own contributions, regularly verifies that work quality and timeliness meet Teams objectives Works under established parameters for daily work Receives instruction, guidance and direction on new assignments Entry level to a job family professional career progression Knowledge Requires basic knowledge and awareness of practices and methods within own job family Business Acumen Applies general knowledge of business developed through education or experience Problem Solving Works on narrowly defined assignments of limited scope and complexity Initiative and independent judgment circumscribed by detailed instructions Learns to use the concepts of the skill acquired through formal training or equivalent experience Learns internal policies and procedures Impact Uses basic judgment Has limited impact on quality, timeliness and effectiveness of the Team Works within standardized procedures and practices to achieve objectives and meet deadlines Defers most decisions to immediate supervisor or adheres to detailed instructions Leadership Typically, no supervisory responsibilities Accountable for developing technical capabilities Influence and Partnership Exchanges straightforward information, asks questions and checks for understanding Full Time / Part Time Full time Worker Type Employee Job Exempt (Yes / No) No Workplace Model At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office. Why Invesco In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other s identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and each other by building on different voices and perspectives. We nurture and encourage each other to ensure our meaningful growth, both personally and professionally. We believe in diverse, inclusive, and supportive workplace where everyone feels equally valued, and this starts at the top with our senior leaders having diversity and inclusion goals. Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups (BRGs). What s in it for you As an organization we support personal needs, diverse backgrounds and provide internal networks, as well as opportunities to get involved in the community and in the world. Our benefit policy includes but not limited to: Competitive Compensation Flexible, Hybrid Work 30 days Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day In Invesco, we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth. Our AI enabled learning platform delivers curated content based on your role and interest. We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence. To know more about us About Invesco: https: / / www.invesco.com / corporate / en / home.html About our Culture: https: / / www.invesco.com / corporate / en / about-us / our-culture.html About our DI policy: https: / / www.invesco.com / corporate / en / our-commitments / diversity-and-inclusion.html About our CR program: https: / / www.invesco.com / corporate / en / our-commitments / corporate-responsibility.html Apply for the role @ Invesco Careers : https: / / careers.invesco.com / india /

Job Title Technical Support Analyst (Hybrid) Job Description For more than 80 years, Kaplan has been a trailblazer in education and professional advancement. We are a global company at the intersection of education and technology, focused on collaboration, innovation, and creativity to deliver a best in class educational experience and make Kaplan a great place to work. Our offices in India opened in Bengaluru in 2018. Since then, our team has fueled growth and innovation across the organization, impacting students worldwide. We are eager to grow and expand with skilled professionals like you who use their talent to build solutions, enable effective learning, and improve students lives. The future of education is here and we are eager to work alongside those who want to make a positive impact and inspire change in the world around them. The Technology Support Analyst provides high quality and timely site based Personal Computing Technology, technical support on a variety of technical problems and issues. Persons in this job function proactively and reactively research, troubleshoot, install and resolve technical problems in a timely manner. The position requires an experienced and motivated individual with the ability to utilize their talents, skills, and abilities in a coordinated and consistent team effort. Key Job Responsibilities: Monitor and update the internal ticketing system for assigned tickets and assigned locations and/or projects. Assist the Technology Support Lead in performing report analysis and discussions to address ticketing performance issues and assignments. Install, upgrade and configure workstations to fulfill requests for hardware and software for new and existing users. Manage the breakdown, relocation and set-up of workstations to accommodate user relocations, site relocation, site remodels and new location installations as assigned by supervisor. Disseminate technical knowledge via ticketing system, conferences and written documentation to colleagues. Assist the Technology Lead in team meeting discussions and training sessions. Fulfill project-related tasks as assigned by supervisor. The Analyst will be assigned to co-lead projects to gain skills and knowledge with regard to project management. Manage time efficiently to ensure SLAs are met Follow the Emergency Non-Business Hours policy which may require Emergency site visits to locations after regular business hours. Must be willing and able to alter shift schedule as user support demands change or technical projects require. This may require evening or night shift work for various lengths of time. All Technical Support Technicians will take an on-call shift in a rotation, as required. Promote and adhere to departmental and organizational information security policies, standards and procedures. Perform other related duties incidental to the work described herein. Hybrid Schedule: 3 days remote / 2 days in office 30-day notification period preferred Minimum Qualifications: Bachelors Degree with a focus on Information Technology 3+ years of related experience 4 + years of desk-side technical support experience. Three or more years technical experience building and maintaining HP and Dell work station hardware, peripherals, HP printers and Windows Operating Systems. MCP or MCSE certification Windows OS (Desktop and server) - MAC a plus. Must have a thorough understanding of computers and troubleshooting techniques - quick learner and self-study. System: Symantec Ghost Imaging, LANdesk, SEP Anit-virus software suite, Active Directory, Group Policy, Windows Scripting, Server 2003/2008, Faronics Deep Freeze, Permissions and Security, WSUS, DHCP Proven experience with on-site troubleshooting of work station hardware, software, server and networking issues. Ability to install and configure equipment up to 50 lbs independently and up to 175 lbs with assistance of one or more engineers Strong customer service skills. Proficient in both written and oral communications Proven ability to work under stress and meet deadlines Proven attention to detail and organizational skills Organized, self-directed, customer-service mentality #LI-RS1 Location Bangalore, KA, India Additional Locations Employee Type Employee Job Functional Area Technical Support/Customer Service Business Unit 00091 Kaplan Higher ED At Kaplan, we recognize the importance of attracting and retaining top talent to drive our success in a competitive market. Our salary structure and compensation philosophy reflect the value we place on the experience, education, and skills that our employees bring to the organization, taking into consideration labor market trends and total rewards. All positions with Kaplan are paid at least $15 per hour or $31,200 per year for full-time positions. Additionally, certain positions are bonus or commission-eligible. And we have a comprehensive benefits package, learn more about our benefits here . Diversity Inclusion Statement : Kaplan is committed to cultivating an inclusive workplace that values diversity, promotes equity, and integrates inclusivity into all aspects of our operations. We are an equal opportunity employer and all qualified applicants will receive consideration for employment regardless of age, race, creed, color, national origin, ancestry, marital status, sexual orientation, gender identity or expression, disability, veteran status, nationality, or sex. We believe that diversity strengthens our organization, fuels innovation, and improves our ability to serve our students, customers, and communities. Learn more about our culture here . Kaplan considers qualified applicants for employment even if applicants have an arrest or conviction in their background check records. Kaplan complies with related background check regulations, including but not limited to, the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. There are various positions where certain convictions may disqualify applicants, such as those positions requiring interaction with minors, financial records, or other sensitive and/or confidential information. Kaplan is a drug-free workplace and complies with applicable laws.

We are looking for an IT Security Consultant whose responsibilities include identifying vulnerabilities, implementing security measures and providing advice on security protocols. The ideal candidates should be familiar with IT compliance procedures.

DEPARTMENT Information Security REPORTING POSITION CISO KEY RESPONSIBILITIES Security Engineering: Experience in review and /or implementation of technology components like networks, Infrastructure, security solutions like DLP, AD, end point security tools, Email Security, mobile device Security, proxy, firewall etc. Review effectiveness of IT architecture, Data and User Security Controls, Cloud Security Assessment, Cryptography Controls, and other System Security Practices. Conduct POCs for new Security Solutions, implementation of new Security Practices / Processes / Controls across organization, work closely with security partners and MSS vendors on day to day basis, and communicate updates Should have good knowledge of various platforms / technologies and security controls (e.g. Firewall, proxy, load balancer, database, DLP, DRM, domain controllers, System Hardening, System Security Practices, Access Controls, Secure SDLC, Application Security etc.) Conduct Review of all projects (e.g. new applications, system integration, secure architecture, confidential data requests, risk assessment etc.) Security Operations Center (SOC) and Threat Intel : The role will include complete governance and oversight on SOC processes, overseeing testing Should understand of data protection techniques like encryption, vaulting, security in transit and at rest. Analysing Security Advisories, identifying actionable with stakeholders & tracking closure. Track vulnerabilities in the environment for remediation within timelines and ensure timely management reporting of all information security risks. Involvement in SOC governance, to make sure all reported incident, advisories are actioned as per recommendations, review various reports, alerts generated by SOC Regulatory Compliance : Should have good knowledge of Indian IT laws, global security frameworks & regulatory requirements from IRDAI, RBI, SEBI etc. Engage in Information security strategy and governance, risk and compliance, cyber resilience, information security transformation and co-sourcing, application and network security engagements. Ensure Team is always audit / compliance ready, and support the internal / external audits. REQUIRED QUALIFICATION AND SKILLS Educational Qualifications: Graduate, Post Graduate Work Experience: 7+ Years of relevant experience in IT and Information Security Certifications: CISA, CISSP, CEH, ISO27001, BCMS, any security specific certificate will be added advantage .

The primary purpose of this position is to establish the Public key infrastructure (PKI) service built and provide operational support. This includes operations, maintenance and troubleshooting all components of the PKI infrastructure and its dependencies. It will also require the creation of support operational guidelines, policies, and procedures for incident, problem and change management in adherence with Allianz Technology CPI process. Design, Implement and Oversee the PKI Infrastructure. Develop testing procedures, run tests and approvals, ensure quality, and integrate the system into the. future environment. Setting up technical solutions regarding certificate services. Respond to customer queries and issues. Software development support related to Public Key Infrastructure (Dogtag CA), Identity Provider (SAML, OAUTH). Develop Infrastructure solutions for PKI Service (VMWare, ESXI, AWS, KVM). Regular service monitoring and improvement. Provide hands on engineering support required to build and maintain internal and external PKI systems. Maintain documentation, assist customers through FAQ entries and similar. Create, maintain, and align the companysecurity policies and standards with industry best practices. Represent the company on project teams and ensure adherence to existing security policies and standards and prepare for anticipated needs. Development of technical security strategies related to PKI infrastructure. Development of technical security architectures related to PKI infrastructure. Development of technical security standards related to PKI infrastructure. Your benefits. We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroa. We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location. From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostere. Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teachAbout Allianz Technolog. Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum from one of the industrylargest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. DI statement. Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life. Join us. Let\u00B4s care for tomorrow. You. IT.","

Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Introduction Welcome to Gallagher - a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where youll play a pivotal role in shaping Gallaghers future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. Overview The Business Information Security Officer (BISO) - India is responsible for managing the Gallagher Cyber Information Security (GCIS) program of works for the Indian region. This includes identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India, in a manner that meets compliance and regulatory requirements, as well as aligning with the companys risk appetite. In addition to reporting on a regular basis to the UK - based EMEA BISO, this role will work closely with: IT Directors of India and Local CTO for Gallagher India and Gallagher Centre of Excellence The India Senior Business Leaders for IT and QA Transition GCIS Colleagues globally who have global remits (application security, identity management etc) The India division s ISMS manager in maintaining their ISO27001 certification GCIS Project Managers delivering both new and enhanced capabilities. This is a hybrid role, in office 2-3 days per week, and can be based out of either our Pune or Bangalore offices, with some travel between the two expected. How youll make an impact Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant About you Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Introduction Welcome to Gallagher a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where youll play a pivotal role in shaping Gallaghers future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you re close but not an exact match, we encourage you to apply. Overview The Business Information Security Officer (BISO) India is responsible for managing the Gallagher Cyber Information Security (GCIS) program of works for the Indian region. This includes identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India, in a manner that meets compliance and regulatory requirements, as well as aligning with the companys risk appetite. In addition to reporting on a regular basis to the UK - based EMEA BISO, this role will work closely with: IT Directors of India and Local CTO for Gallagher India and Gallagher Centre of Excellence The India Senior Business Leaders for IT and QA Transition GCIS Colleagues globally who have global remits (application security, identity management etc) The India division s ISMS manager in maintaining their ISO27001 certification GCIS Project Managers delivering both new and enhanced capabilities. This is a hybrid role, in office 2-3 days per week, and can be based out of either our Pune or Bangalore offices, with some travel between the two expected. How youll make an impact Continue to develop and prioritise the information security strategy and roadmap for India that aligns with the GCIS security strategy. Monitor and manage security incidents, vulnerabilities, and threats that affect the various Indian divisions, and work with Gallagher s global security teams to ensure effective response and remediation. Ensure compliance with applicable laws, regulations, and contractual requirements related to information security throughout India. Work with the Global SOC in the co-ordination and escalation of security incidents to the appropriate Indian authorities when appropriate. Develop and maintain relationships with key stakeholders across India, including business leaders, IT teams, and external partners to ensure effective communication and collaboration on information security matters. Conduct periodic security risk assessments and audits of information systems, networks, applications and suppliers in India to identify and mitigate potential security risks. Lead and coordinate the implementation of security policies, standards, and procedures in India. Ensure security awareness and training programs are in place and effective in India. Manage the security budget for India, ensuring efficient and effective use of resources. Represent India in the appropriate security governance forums and ensure alignment with the region security strategy. Brokerage clients will have time-sensitive due diligence security audits and questionnaires that will need to be managed and responded to. Business suppliers and IT supply chain vendors must be managed to ensure they do not introduce risk to Gallagher. Confidential participation in the Merger and Acquisition process with external companies, lawyers and security consultant About you Bachelors degree in computer science, information systems, or a related field. A masters degree is preferred. At least 8-10 years of experience in information security, with a minimum of 5 years in a leadership role. Strong knowledge of security frameworks and standards such as ISO 27001, NIST, PCI-DSS, and GDPR. Demonstrated experience in the management of staff and small teams. Experience in managing security incidents and crises. Excellent communication and stakeholder management skills are required. Familiarity with security technologies such as firewalls, intrusion detection systems, and SIEMs. Knowledge of cloud security and Insurance practices is a plus. Relevant certifications such as CISSP, CISM, or CRISC are preferred. Lead auditor experience in ISO27001 is preferred. #LI-DK3 Additional Information We value inclusion and diversity Inclusion and diversity (ID) is a core part of our business, and it s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the commu nities where we live and work. Gallagher embraces our employees diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out Th e Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color , religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as protected characteristics ) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business. ","

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify