2881 Information Security Jobs - Page 27

Role & responsibilities Key Responsibilities: Plan, execute, and document internal audits for ISO/IEC 27001:2022 and SOC 2 controls across the organization. Conduct risk assessments to identify control weaknesses and areas for improvement. Evaluate effectiveness of existing information security policies, procedures, and controls. Collaborate with process owners to ensure timely implementation of corrective actions. Maintain audit schedules and manage audit evidence for internal and external assessments. Liaise with external auditors for ISO and SOC 2 certification processes. Assist in development, review, and continuous improvement of ISMS and security policies. Maintain up-to-date knowledge of compliance requirements, regulatory changes, and industry trends. Train internal teams on ISO/SOC2 awareness and audit preparedness. Report audit findings and compliance status to senior management with actionable recommendations. Required Qualifications: Bachelors degree in Information Security, Computer Science, Auditing, or related field. At least 2–5 years of experience in auditing information security management systems. Proven experience in conducting internal audits for ISO/IEC 27001:2022 and SOC 2 frameworks. Certifications such as ISO 27001 Lead Auditor is mandatory. PIMS/CISA/BCMS or other relevant Certifications will be a plus Solid understanding of information security principles, risk management, and data privacy. Preferred Skills: Excellent analytical, problem-solving, and documentation skills. Strong interpersonal and communication skills, with the ability to interact with technical and non-technical stakeholders. Self-driven with the ability to manage multiple priorities under minimal supervision Work Environment: May require occasional travel for site audits or assessments. Flexible hours during audit cycles may be required.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ YearsHands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

The Role Hosted in Pune, India, Senior Cyber Security Engineer is a position, part of a global team, reporting into the Cyber Security Engineering Manager with responsibility of assisting in development of Processes, Standards, and Designs of JCI s Cyber Security Infrastructure Working closely with Project Managers, Global Operations and Technology groups, Business Unit IT delivery organizations, the identity management, and other infrastructure architecture members when creating and implementing Cyber Security Infrastructure. Ensures compliance with established architecture direction and standards. Works with Service Management and stakeholders to collect functional requirements and ensure the most effective solution is used. Maintains an understanding of relevant industry standards and directions to ensure key vendors, suppliers and service partners development plans include support for same. Primary Responsibilities The responsibilities of the Information Security Global Architecture Senior Manager include, but are not limited to Provide team support with validating security controls Ensures that third party solutions used within Cyber Security follow all Johnson Controls standards. Acts as an internal consultant to business units and Infrastructure IT. Provides management with accurate and complete status information. Provide technical input into security related standards, technology roadmaps, support requirements and management of infrastructure designs Stay abreast of current and evolving technologies in Cyber Security. Adheres to all current changes and problem management policies and procedures. Candidate Profile The successful candidate will be a passionate information security professional with the ability to communicate to different business and Project managers. The candidate will be able to execute the Cyber Security Engineering management strategy defined by leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven team leader and security strategist. A minimum bachelor s degree in computer engineering, computer security or computer science discipline or equivalent experience 10 years of Cyber Security related experience working with teams in security operations, incident analysis, developing applications, and security applications. Experience with validation security tools . Experience with Security features, assessments, and validation of security controls for both Linux and Windows based systems Familiarity with network security methodologies, tactics, techniques, and procedures. Experience performing security/vulnerability reviews of network environments. Experience of network security architecture, understanding of the TCP/IP protocol, and remote access security techniques/products. Experience with enterprise anti-virus/malware solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns. Candidate must be able to react quickly, decisively, and deliberately in high stress situations. Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, to technical and non-technical audiences at different seniority levels and interact with customers. Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a global team setting. Ability to create and maintain good business relationships with counter parts, customers, and external entities to achieve the security operations management goals Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters Familiarity of regulatory compliance requirements (PCI-DSS, HIPAA, FISMA, SOX, etc. ) Required Certifications 10+ years Certification Information Systems Security Professional (CISSP) At least 5+ years Certification (or similar) in one of Certified Information Security Manager (CISM) Information Systems Security Architecture Professional (ISSAP) Certified Ethical Hacker (CEH) Cisco Certified Network Associate Security (CCNA Security) Certificate of Cloud Security Knowledge (CCSK) Certified Cloud Security Professional (CCSP) This indicates the general nature and level of work expected of the incumbent. It is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities required of the incumbent. Incumbent may be required to perform other related duties.

. "Responsible for contributing towards the build and maintenance of the organizations cyber security systems and infrastructure. Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards. Conducts security assessments and audits to identify cybersecurity risks within the companys networks, applications and operating systems. Helps secure and protect the Network Infrastructure: Routers, Switches, Optical Devices, L2 Datacenter and cabling, Strand Mounted devices, Secure Routing protocols, DOCSIS plant (CMTS/vCMTS/PON), SDN, best practice device configuration, network automation, monitoring and troubleshooting. Tests companys internal systems to validate security and detect any computer and information security weaknesses. Performs a technical analysis of vulnerabilities and determines the impacts to the organization Reports, tracks and records findings in a comprehensive vulnerability assessment report. Identifies and recommends appropriate action to mitigate vulnerabilities and reduce potential impacts on cybersecurity resources. Applies long-term objectives and plans related to the companys technical vision to daily activity. Applies innovative solutions for cyber engineering developmental problems that are competitive with industry and company standards. Has in-depth experience, knowledge and skills in own discipline. Usually determines own work priorities. Acts as a resource for colleagues with less experience. Employees at all levels are expect to: - Understand our Operating Principles; make them the guidelines for how you do your job - Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services - Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences - Win as a team - make big things happen by working together and being open to new ideas - Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers - Drive results and growth - Respect and promote inclusion and diversity - Do whats right for each other, our customers, investors and our communities" Job Description What you will do Review and triage new vulnerability tickets to validate the impact. Assist users by providing security guidance for remediation of Vulnerabilities. Validate remediation efforts from internal customers. Investigate possible security exceptions. Update, maintain and document security controls. Ensure application teams are implementing remediations within SLA Maintain documentation of work performed and remediation actions using ServiceNow ticketing system What you should possess Strong customer focus with the ability to advise and work closely with application teams and vendors on mitigation. Exposure to commercial and open-source tools such as Burpsuite, WebInspect, , Qualys, nmap, etc. Experience cataloguing and risk-scoring vulnerabilities discovered through assessments. Knowledge about public cloud environments Knowledge about basic computer networking and HTTP Good understanding and experience with: Web application security assessment, including hands-on techniques. Hands-on experience in identifying, mitigating, and remediating vulnerabilities based on OWASP Top10 (API, Web) Basic Scripting knowledge with the capability to automate analysis of technical engineering tasks using python, bash, or the use of PowerAutomate CVSS3 scoring and its use in risk rating. Basic experience with Linux Preferable certifications like CEH / ECSA / CompTIA or other equivalent security certifications What success looks like Prompt, effective review and collaboration on remediation of security vulnerabilities. Responsiveness to internal customer requests. Validation of remediated tickets within published service level agreements (SLAs). What You Can Expect A fun, cutting-edge, and collaborative environment A culture of innovation and continuous learning. Training, support, and mentoring to expand and evolve your expertise. Opportunities to impact the security of Comcast products in millions of homes and businesses What We Require: Bachelors Degree in Computer Science, Information Systems, or other related field or equivalent work experience. Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. Thats why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the benefits summary on our careers site for more details. Education Bachelors Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Certifications (if applicable) Relevant Work Experience 5-7 Years Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.

Level 1 engineer (L1) Minimum educational qualification: Graduate or Diploma or equivalent Minimum 2 years of experience in the field of Information Security Should be proficient in Windows Operating Systems Should be proficient in basic troubleshooting of proposed endpoint security solutions Should be proficient in various Enterprise Patch Management solution. Location - Rabale, Navi Mumbai MECM L1 job responsibilities: 1. Monitoring Reporting Monitor MECM dashboard for alerts, failed deployments, or errors. Generate and review daily health reports of MECM infrastructure. Check software deployment status and compliance reports. 2. Basic Troubleshooting Assist with resolving issues related to software distribution, patching, and client health. Troubleshoot client-side issues like MECM agent not reporting, failed installations, or inventory problems. Check logs (e. g. , ClientIDManagerStartup. log, WUAHandler. log, CAS. log) for common issues. 3. Support Tasks Provide end-user support for software installation via Software Center. Guide users on accessing applications or updates pushed through MECM. Handle basic application/package deployment requests. 4. Patch Management Assistance Support monthly patching cycles (e. g. , verifying patch availability and deployment status). Monitor patch compliance and follow up on non-compliant systems. 5. Client Health Monitoring Ensure MECM clients are healthy and communicating properly. Use built-in MECM tools or scripts to re-install or repair SCCM agents. 6. Asset Inventory Support Assist in hardware and software inventory validation. Generate inventory reports as per request. 7. Escalation Escalate unresolved or complex issues to L2/L3 teams. Document all steps taken before escalation.

Job : Network Security Architect Jobs in Banglore, Bangalore, Chennai, Hyderabad, Mumbai, Noida, Pune (J49120)- Job in Banglore, Bangalore, Chennai, Hyderabad, Mumbai, Noida, Pune Network Security Architect (Job Code : J49120) Job Summary 9 - 18 Years Banglore, Bangalore, Chennai, Hyderabad, Mumbai, Noida, Pune Network Security Architect BE-Comp/IT, BE-Other, BTech-Comp/IT, BTech-Other, MBA, MCA IT-Software/Software Services IT Software - Other Key Skills: Network Security Architect Job Post Date: Thursday, June 12, 2025 Company Description Our client is a global leader in Consulting, Technology and Outsourcing Business in the SW Services Product arena. Client has impressive customers list in over 30 countries this includes some of the best known names across globe. With offices in every continent and development centres in practically every developed country, our client is known for their successful Delivery model. Our client is structured into Business Units and caters to the BFSI, Manufacturing, Infrastructure, System Integration, Retail, Engineering Services Industries/domains. Their foray into Banking Software products and Intellectual property has differentiated them from their competitors. Job Description Key Responsibilities: Design and develop secure network architectures for on-premises, cloud, and hybrid environments. Evaluate and recommend security solutions, tools, and technologies. Conduct risk assessments and vulnerability analyses of network infrastructure. Define and enforce security policies, standards, and procedures. Collaborate with IT and DevOps teams to integrate security into system and application design. Monitor network traffic for unusual activity and respond to security incidents. Lead penetration testing and red/blue team exercises. Ensure compliance with regulatory requirements (e. g. , ISO 27001, NIST, GDPR, HIPAA). Provide technical guidance and mentorship to security engineers and analysts. Stay current with emerging threats, vulnerabilities, and security trends. Required Qualifications: Bachelor s or Master s degree in Computer Science, Information Security, or related field. 8+ years of experience in network security or cybersecurity roles. Strong knowledge of firewalls, VPNs, IDS/IPS, SIEM, and endpoint protection. Experience with cloud platforms (AWS, Azure, GCP) and their security models. Familiarity with Zero Trust Architecture and Secure Access Service Edge (SASE). Proficiency in scripting and automation (Python, PowerShell, etc. ). Relevant certifications (e. g. , CISSP, CCSP, CISM, CEH).

Join us as a "CBP Global Regulatory Governance" at Barclays, where youll spearhead the evolution of our digital landscape, driving innovation and excellence. Youll harness cutting-edge technology to revolutionize our digital offerings, ensuring unapparelled customer experiences. To be successful as a "CBP Global Regulatory Governance", you should have experience with: Lead a team that governs regulatory engagements for Technology CSO, supporting leadership where necessary. Delivers against the agreed strategy for Technology and CSO regulatory, external audit and client engagement globally. Experience in managing Technology Cyber Regulatory Engagements and external audits. Excellent knowledge of information technology risks, controls and risk remediation. Collaboration with various stakeholders across the bank and business units to improve overall control effectiveness through detailed documentation of control assessments, procedures, and findings. Some other highly valued skills may include Review of Audit findings, self-identified issues and breaches to align them with operational risk, regulatory requirements and Barclay s Control Framework. Advising IT on pragmatic approaches to meeting regulatory mandated technology controls and risk reduction. Relevant professional certification such as CISA, CISSP, CISM, PMP, CRISC or equivalent. Desirable skills/Preferred Qualifications Experience in playing a lead role in: Review of Audit findings, self-identified issues and breaches to align them with operational risk, regulatory requirements and Barclay s Control Framework. Advising IT on pragmatic approaches to meeting regulatory mandated technology controls and risk reduction. Delivering of risk reduction and operational improvement projects. Managing diverse staff and stakeholders. Relevant professional certification such as CISA, CISSP, CISM, PMP, CRISC or equivalent. . You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. Location-Noida Purpose of the role To assess the integrity and effectiveness of the banks internal control framework to support the mitigation of risk and protection of the banks operational, financial, and reputational risk. Key Accountabilities Lead a team that governs regulatory engagements for Technology CSO, supporting leadership where necessary Delivers against the agreed strategy for Technology and CSO regulatory, external audit and client engagement globally Advisory around developing the Tech CSO response to all regulatory requests for information and meetings, providing governance and internal review/quality assurance Responsible for delivering position papers on regulatory policies and statements, identifying impact to Barclays Technology CSO strategy Supports the conduct of gap assessments and high-level compliance assessments against regulatory standards and preferred governance frameworks. Acts as an escalation point for notification to the regulators of significant events within Barclays Develop an effective working relationship with the Regulatory Relations, Compliance and other key governance stakeholders Tracks progress of all activity associated with commitments made to regulators, ensuring there is a clear plan for delivery and escalating issues as needed Drive the Emerging and Heightened Risk Management Initiative, scan the horizon for external events such as Regulatory actions penalties, regulatory changes/breaches and emerging threats. Carry out proactive risk assessment to analyse Barclays Controls environment preparedness and recommend remediation for identified gaps Ensure appropriate security policies and controls are in place that will safeguard bank s digital information and electronic systems. Promote awareness of applicable technology and security policies, standards and procedures Establish and maintain an effective risk culture Stakeholder Management and Leadership Experience in working with senior stakeholders across businesses functions Ability to engage and influence key stakeholders related to the role both globally and within India and also strong relationship with key partners such as Control office, Compliance and CSO Excellent written and communication skills Ability to work in a highly matrix environment Decision-making and Problem Solving Coordinate Manage priorities and organize work to competing and demanding deadlines Ability to develop a fact based point of view, raise issues and engage in a fact-based discussions and problem solving Risk and Control Objective Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards Person Specification Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment Ability to rapidly assess a situation and identify, isolate and communicate problems and issues. Excellent communication skills (both oral/written) including ability to clearly communicate risks and control issues to technologists and non-technologists. Excellent analytical and methodical approach to respond to internal and external events related to Technology Cyber, emerging threats, identified vulnerabilities, regulatory actions. Detail orientated with excellent time management skills Problem solving - ability to think unconventionally and find solutions to unstructured problems Ability to network and establish rapport with internal colleagues across global teams Strong interpersonal skills with an ability to communicate difficult or complex ideas clearly and constructively Collaborative, able to drive agreement across varying stakeholders Confident in negotiating and influencing colleagues or stakeholders Degree of independent thinking and decision-making authority, and ability to influence upwards Strong assertiveness skills and ability to challenge effectively at all the levels in the organization on the underlying risk management Being a global role, person must be adaptive and flexible to work across various time zones Essential Skills/Basic Qualifications Bachelor s degree in Computer Science and equivalent work experience in relevant industry with strong background in risk management, technology and information security Experience in managing Technology Cyber Regulatory Engagements and external audits Experience of a project environment, in particular planning, testing, and tracking against a plan Experience in leveraging IT risk frameworks such as COBIT5, COSO, NIST Excellent knowledge of information technology risks, controls and risk remediation Key Accountabilities Lead a team that governs regulatory engagements for Technology CSO, supporting leadership where necessary Delivers against the agreed strategy for Technology and CSO regulatory, external audit and client engagement globally Advisory around developing the Tech CSO response to all regulatory requests for information and meetings, providing governance and internal review/quality assurance Responsible for delivering position papers on regulatory policies and statements, identifying impact to Barclays Technology CSO strategy Supports the conduct of gap assessments and high-level compliance assessments against regulatory standards and preferred governance frameworks. Acts as an escalation point for notification to the regulators of significant events within Barclays Develop an effective working relationship with the Regulatory Relations, Compliance and other key governance stakeholders Tracks progress of all activity associated with commitments made to regulators, ensuring there is a clear plan for delivery and escalating issues as needed Drive the Emerging and Heightened Risk Management Initiative, scan the horizon for external events such as Regulatory actions penalties, regulatory changes/breaches and emerging threats. Carry out proactive risk assessment to analyse Barclays Controls environment preparedness and recommend remediation for identified gaps Ensure appropriate security policies and controls are in place that will safeguard bank s digital information and electronic systems. Promote awareness of applicable technology and security policies, standards and procedures Establish and maintain an effective risk culture Stakeholder Management and Leadership Experience in working with senior stakeholders across businesses functions Ability to engage and influence key stakeholders related to the role both globally and within India and also strong relationship with key partners such as Control office, Compliance and CSO Excellent written and communication skills Ability to work in a highly matrix environment Decision-making and Problem Solving Coordinate Manage priorities and organize work to competing and demanding deadlines Ability to develop a fact based point of view, raise issues and engage in a fact-based discussions and problem solving Risk and Control Objective Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards Person Specification Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment Ability to rapidly assess a situation and identify, isolate and communicate problems and issues. Excellent communication skills (both oral/written) including ability to clearly communicate risks and control issues to technologists and non-technologists. Excellent analytical and methodical approach to respond to internal and external events related to Technology Cyber, emerging threats, identified vulnerabilities, regulatory actions. Detail orientated with excellent time management skills Problem solving - ability to think unconventionally and find solutions to unstructured problems Ability to network and establish rapport with internal colleagues across global teams Strong interpersonal skills with an ability to communicate difficult or complex ideas clearly and constructively Collaborative, able to drive agreement across varying stakeholders Confident in negotiating and influencing colleagues or stakeholders Degree of independent thinking and decision-making authority, and ability to influence upwards Strong assertiveness skills and ability to challenge effectively at all the levels in the organization on the underlying risk management Being a global role, person must be adaptive and flexible to work across various time zones Essential Skills/Basic Qualifications Bachelor s degree in Computer Science and equivalent work experience in relevant industry with strong background in risk management, technology and information security Experience in managing Technology Cyber Regulatory Engagements and external audits Experience of a project environment, in particular planning, testing, and tracking against a plan Experience in leveraging IT risk frameworks such as COBIT5, COSO, NIST Excellent knowledge of information technology risks, controls and risk remediation

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

As Security Services Consultant, you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. What will you do * Responsible for implementation partner to see project on track along with providing required reports to management and client Handle the project as well as BAU operations while ensuring high level of systems security compliance Coordinate with and act as an authority to resolve incidents by working with other information security specialists to correlate threat assessment data. Analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 4+ years of experience in IT security with at least 3+ Years in SOC. Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM Working knowledge of industry standard risk, governance and security standard methodologies Proficient in incident response processes - detection, triage, incident analysis, remediation and reporting Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc. Preferred technical and professional experience One or more security certificationsCEH, Security+, GSEC, GCIH, etc., Ability to multitask and work independently with minimal direction and maximum accountability. Intuitive individual with an ability to manage change and proven time management Proven interpersonal skills while contributing to team effort by accomplishing related results as needed Up-to-date technical knowledge by attending educational workshops, reviewing publications

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Supporting Data center audits focussed on Physical Security control assessments Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Preferred technical and professional experience Working in a change-controlled production environment. Diagnosing the root cause of problems and propose solutionsExamples would be failed patches, tooling issues, false positives on system tests, authentication problems. Expertise in system configuration, especially privilege control (for example sudoer configuration), and system level firewall (iptables) An understanding of basic networking conceptsipsec tunnels, firewalls, routers, public and private addressing. Project Management knowledge and experience a strong plus container based architectures and implementations such as kubernetes, docker, etc.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 -year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Solution Architect Project Role Description : Translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. Must have skills : Solution Architecture Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : Minimum BE BTech from a reputed university Summary :As a Solution Architect, you will translate client requirements into differentiated, deliverable solutions using in-depth knowledge of a technology, function, or platform. Collaborate with the Sales Pursuit and Delivery Teams to develop a winnable and deliverable solution that underpins the client value proposition and business case. To design and deploy cyber security solutions in on-premises and public cloud infrastructure for large scale technology projects such as data lake, digital platform, and other core business and supporting applications Cyber Security Architect Roles & Responsibilities:-SPOC for cyber security design and deployment for any designated projects-Take full accountability of design of cyber security domain including network connectivity to various entities such as on-premises data centers and partner networks -Take ownership of design related issues and challenges and drive for solutions working with various internal teams and third-party solution providers such as OEMs and technology partners-Define and develop high level operating procedures for seamless operations of the project-Support transition of projects from deployment to operations-Anchor design and implementation of cyber security components-Be a SPOC for all cyber security initiatives in existing project and able to navigate through the clients landscape to upsell new initiatives in infrastructure space or able to pave ways for upselling value-driven initiatives for the client in other related domains such as application modernization, network transformation, and information security.-Lead the teams across various security solutions and thrive for upskilling and cross skilling to rationalize the resources across the towers and across the clients.-Introduce innovative solutions such as automation to increase productivity and improve service delivery quality -Participate in architecture and design review and approval forums to ensure the design principles are adhered to for any changes in the existing landscape or any new initiatives being rolled out in the existing landscape-Participate in client account planning and discussions to ensure security level initiatives are accounted for and issues are escalated to the right leaders for resolution-Build strong relationships with all client stakeholders and Accenture project teams for effective collaboration and outcomes Professional & Technical Skills: -Must have:-Hands-on Architecture and Design skills for SIEM, SOAR, UEBA, and cyber security-operations in on-premises data centers and public cloud-Strong experience working in Splunk, Palo Alto, and other leading OEMs in security domain-Strong Communication skills-Ability to drive discussions and ideas with clients senior leadership forums-Problem solving skills-Good to have-TOGAF or any equivalent certification in enterprise Security Architecture Additional Information:-Total IT experience of minimum 15 years; and-Minimum 4 years of experience in design and deployment of cyber security solutions in public cloud infrastructure (anyone from AWS, Azure, GCP, and OCI)-Minimum 10 years of experience in design and deployment of cyber security in on-premises infrastructure (SIEM, SOAR, UEBA, and cyber security operations)- This position is based at our Mumbai office.- A Minimum BE BTech from a reputed university is required. Qualification Minimum BE BTech from a reputed university

Role is SAP subject matter expert/architect role for Security. Key responsibilities will involve working with Business Stakeholders, understanding requirements, translating user requirements into SAP IT scope, assessing impact on application & connected systems, estimating high level schedule and efforts to implement solution and ensure successful technical delivery Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Candidate must have min. 6-12 years of solid SAP Security Implementation experience with focus on Role authorizations. Solid implementation and hands-on experience in ECC 6.0 role build. Experience in working with stakeholders and leading SAP security projects. Sound understanding of SOD - segregation of duties. Support technical requirement gathering, develop prototypes/PoCs/recommend solutions with limited information from the business, delivery quality technical specifications and documentation Preferred technical and professional experience SOX/GRC Control experience

Person should be responsible for administration & management of three or more technologies listed Firewall, F5 WAF, F5 SSLO, Ant-DDoS, Packet Broker, Anti-Apt, IPS, etc. Managing complete administration including but not limited of creation, modification of rules and configuration, system upgrades. Handling escalated calls and providing SME support on above technologies. On-boarding of new applications in F5 SSLO, F5 WAF, Packet Broker and handle critical issues for the same. Single point of contact for above mentioned technologies. Incident management & timely escalation of incident. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Overall 4+ years of experience in the field of network security Person should be able to manage the team. Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc. B. E. / B.Tech in Computer Science or Electronics & Telecommunications Preferred technical and professional experience Person should have good understanding on SIEM IR & should be able to guide the team. Require advance level of network security devices troubleshooting knowledge, tcpdump, log analysis etc.

Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. The ability to be a team player, Strong communication collaboration Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Application Security, Threat Modelling, Secure Code Review, Penetration Testing, Vulnerability Testing, SAST (Static Application Security Testing), DAST (Dynamic Application security Testing), DevSecOps Implemented Clean Code principles, JUnit’s * Java development, JavaScript, Python, Ruby, C++/C#, Perl etc Must have strong business acumen with ability to work with application development, QA and security teams. A strong understanding of application security frameworks The ability and skill to train other people in procedural and technical topics As a Security Consultant, you will be a key advisor for IBM’s clients, analysing business requirements to design and implement the best security solutions for their needs Preferred technical and professional experience Must have a solid understanding of application security code reviews and penetration testing & Experience with enterprise java technologiesSpring, JUnit, Hibernate 4+ years' experience in application development and security. Practical understanding and use of commercial application security tools

Role is SAP subject matter expert/architect role for Security. Key responsibilities will involve working with Business Stakeholders, understanding requirements, translating user requirements into SAP IT scope, assessing impact on application & connected systems, estimating high level schedule and efforts to implement solution and ensure successful technical delivery Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Candidate must have min. 2-4 years of solid SAP Security Implementation experience with focus on Role authorizations. Solid implementation and hands-on experience in ECC 6.0 role build. Experience in working with stakeholders and leading SAP security projects. Sound understanding of SOD - segregation of duties. Support technical requirement gathering, develop prototypes/PoCs/recommend solutions with limited information from the business, delivery quality technical specifications and documentation Preferred technical and professional experience SOX/GRC Control experience

The CyberArk Operation Support Team Lead is a pivotal role responsible for overseeing and managing the day-to-day operations of the CyberArk environment. This position involves leading a team of support professionals, ensuring the availability, performance, and security of CyberArk solutions, and collaborating with cross-functional teams to deliver efficient privileged access management. Key Responsibilities * Team LeadershipSupervise and mentor a team of CyberArk support professionals, fostering collaboration and skill development. * Operational ManagementOversee the operational aspects of CyberArk solutions, ensuring 24/7 availability, scalability, and optimal performance. * Incident ManagementLead the resolution of CyberArk-related incidents and problems, coordinating with technical teams and stakeholders to ensure timely and effective solutions. * Security EnhancementCollaborate with the security team to implement and enhance security controls, policies, and procedures for privileged access management. * Performance MonitoringMonitor system performance, conduct regular health checks, and proactively identify and address potential performance bottlenecks. * Patch and Upgrade ManagementPlan and execute system upgrades, patches, and enhancements, ensuring minimal disruption to ongoing operations. * DocumentationMaintain thorough documentation of configurations, processes, and procedures related to CyberArk operations. * Vendor ManagementCoordinate with CyberArk vendors for support, troubleshooting, and escalations to ensure timely issue resolution. * Continuous ImprovementDrive continuous improvement initiatives to enhance the effectiveness and efficiency of CyberArk operations. * ReportingGenerate regular reports on system performance, incident management, and operational metrics for management review. * Willing to work in 24/7 operations and project support activities Required education Bachelor's Degree Preferred education Associate's Degree/College Diploma Required technical and professional expertise Proven experience in CyberArk operations and support, with a minimum of 4+years of hands-on experience. * Professional certifications such as CyberArk Certified Trustee (CCT) or Certified Delivery Engineer (CDE). Strong knowledge of privileged access management concepts and CyberArk technologies. Experience in organizations control, monitor, and secure privileged access across their IT infrastructure. Good Exposure in endpoint Analytics capabilities to identify unusual or suspicious activities related to privileged access. Preferred technical and professional experience * Leadership skills with the ability to guide and mentor a team effectively. * Problem-solving aptitude with a proactive approach to resolving technical challenges. * Strong communication skills for effective collaboration with cross-functional teams. * Detail-oriented mindset with a commitment to maintaining high standards. * Adaptability to changing requirements and a willingness to stay updated on emerging technologies

Key Responsibilities: Design, install, monitor, integrate, and fine-tune cybersecurity tools and systems, including but not limited to, SIEM, SOAR, EDR, E-mail Security Gateways, and network Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur. Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business. Review, investigate, and respond to real-time alerts within the environment. Review real-time and historical reports for security and/or compliance violations. Monitor online security-related resources for new and emerging cyber threats. Assesses new security technologies to determine potential value for the enterprise. Conducts vulnerability assessments of firm systems and networks. Manage systems owned by the Information Security Team. Required Skills and Qualifications: Technical Skills & Experience: At least 5-7 years of experience in Cybersecurity with an emphasis on data and security event correlation, incident response, and the installation, configuration, administration, and management of cybersecurity tools such as SIEM, SOAR, firewalls, and hardening of IT infrastructure in compliance with cybersecurity frameworks. Works in a highly collaborative and fast-paced work environment with other SOC and Network Operations Center (NOC), Technical Support, Telecom, Project Management and Product Development staff. Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff. Working experience with creating, implementing, and managing a threat-hunting program within a corporate environment. Education Bachelors degree in computer science, information systems, Cybersecurity or Cloud Computing UG: B.Sc in Any Specialization, B.Tech/B.E. in Any Specialization

Job Summary We are seeking a seasoned professional to manage and enhance the operations of the Saviynt platform. The ideal candidate will bring strong technical expertise leadership capabilities and a proactive approach to platform stability process improvement and stakeholder engagement. Responsibilities Key Responsibilities Platform Monitoring & Maintenance Oversee the health and performance of the Saviynt Platform including Saviynt Connect Portal and Connectors. Monitor JML (Joiner-Mover-Leaver) processes aggregation tasks and access requests. Hands on with SOD workflows tasks rules forms custom object access reviews and updates of JML configurations access requests and certification workflows. Guide the team to implement best practices for Access Management & RBAC. Play a key role in identifying areas for implementing Automations. Enhancements & Troubleshooting Implement minor enhancements and workflow changes as needed. Coordinate with the Saviynt product team for resolution of critical issues. Documentation & Compliance Maintain up-to-date SOPs runbooks and procedural documentation. Ensure timely patching of the Saviynt platform and its components. Support DR (Disaster Recovery) testing. Integration & Performance Management Manage and resolve integration issues with systems such as Active Directory and ServiceNow and any custom integrations. Periodically tune performance parameters to ensure optimal system efficiency. Operational Oversight Share service health status report to customer on daily basis validate logs and verify backups. Provide Weekly/monthly reports on incidents changes service requests and problem tickets. Attend Weekly/monthly review calls tracking actions and work towards closure. Process & Stakeholder Engagement Identify process gaps and propose remediation aligned with product and security standards. Present changes in CAB meetings participate in major incident bridges and engage with customers for requirement gathering and escalation handling. Additional Skills Strong understanding of ITIL processes. Working knowledge of NetIQ IDM is a plus. Proficiency in Microsoft Office Suite for documentation and presentations. Excellent communication skills to liaise effectively between internal teams and customers. Basic knowledge on scripting using PowerShell AD & Exchange commands. Knowledge on Active Directory Entra AD Entra AD connect for synchronization

Job Overview: We are seeking a skilled and experienced IT Infrastructure and Governance, Risk, and Compliance (GRC) Specialist to join our team. The ideal candidate will have a proven track record in managing and optimizing IT infrastructure, Network while ensuring compliance with industry regulations and best practices. Person will be responsible for maintaining secure and efficient IT systems, as well as ensuring that governance, risk management, and compliance processes are effectively integrated within the organizations operations. Job Title: IT Infrastructure and GRC (Governance, Risk, and Compliance) Specialist Location: Gurgaon Job Type: Full-Time Experience Required: 5+ Years Key Responsibilities: IT Infrastructure Management: o Oversee the design, implementation, and maintenance of the organizations IT infrastructure, including servers, networks, storage, and On-prim systems. o Manage and optimize the performance, scalability, and security of IT systems. o Ensure high availability and disaster recovery plans are in place and tested regularly. o Troubleshoot and resolve infrastructure-related issues, ensuring minimal downtime. o Collaborate with cross-functional teams to assess and implement new infrastructure solutions. Governance, Risk, and Compliance (GRC) Management: Develop and implement GRC policies, processes, and controls to ensure adherence to regulatory requirements and industry standards (e.g., GDPR, HIPAA, ISO 27001). Conduct regular risk assessments and audits to identify potential vulnerabilities in IT systems and infrastructure. ¢ Assist in the creation of risk management frameworks and compliance strategies. ¢ Ensure that the organizations IT infrastructure aligns with compliance requirements and mitigates any risks. ¢ Maintain up-to-date knowledge of evolving GRC regulations and standards. Security & Risk Management: ¢ Work closely with the security team to implement robust security measures, including firewalls, intrusion detection systems, and encryption protocols. ¢ Monitor and report on compliance and risk levels within the IT infrastructure, making recommendations for improvements. ¢ Lead incident response and recovery efforts in case of security breaches or compliance violations. Documentation & Reporting: ¢ Maintain detailed documentation of IT infrastructure configurations, system changes, and GRC compliance activities. ¢ Prepare regular reports on IT infrastructure performance, risk assessments, compliance status, and incident management for senior management. ¢ Assist with audits by providing necessary documentation and evidence of compliance. Collaboration and Training: ¢ Collaborate with IT teams, legal, compliance, and business units to ensure compliance initiatives are integrated into all stages of IT project development. ¢ Provide training and guidance to staff on best practices for IT security, risk management, and compliance. ¢ Work with external auditors and consultants as needed for compliance reviews and assessments. Qualifications: ¢ Bachelors degree in information technology, Computer Science, Cybersecurity, or a related field. ¢ A minimum of 8 years of experience in IT infrastructure management, with a focus on governance, risk management, and compliance (GRC). ¢ Proven experience with GRC tools and frameworks, including risk assessments, audits, and regulatory compliance. ¢ Strong knowledge of IT infrastructure components (e.g., servers, networks, storage, on-prim services). ¢ Familiarity with industry standards and regulations (e.g., ISO 27001 etc). ¢ Solid understanding of security principles, firewalls, VPNs, and encryption technologies. ¢ Excellent problem-solving skills and ability to troubleshoot complex infrastructure issues. ¢ Strong communication and interpersonal skills, with the ability to collaborate effectively with both technical and non-technical teams.

Identifying, assessing, and mitigating potential risks across various areas of the organization, including IT security, business processes, and regulatory compliance. Developing, implementing, and maintaining GRC programs and processes to support compliance and risk management efforts. Assisting with internal and external audits, responding to audit findings, and ensuring corrective actions are implemented. User Access review Creating and maintaining policies and procedures related to governance, risk, and compliance. Conducting gap analysis and implementing frameworks and standards such as ISO 27001, GDPR, NIST, and SOX. Developing and revising policies, standards, processes, and guidelines for the organization. Conducting vendor risk assessments against organizational security requirements. Continually testing and monitoring the effectiveness of security controls. Conducting research to aid threat assessment or risk mitigation activities. Assist the department in responding to inquiries from the business units about ongoing operational compliance Working with various teams and departments to ensure GRC practices are integrated into business operations. Required Skills and Qualifications: Technical Skills & Experience: 5+ years of direct experience in information security, with a main emphasis on risk and compliance 3+ years of expertise conducting ISO 27001 and SOC 2 audits, as well as handling audit responses Thorough understanding of market structures, including relevant regulatory compliance requirements (ISO27001, SOC 2 , NIST, PCI, GDPR, etc.) Preferred Certification : CISA Knowledge of identity management standards, storage, and disaster recovery in the cloud and On-Premise Knowledge of GRC tool techniques and best practices Proven track record of organizing and carrying out several risk and compliance projects Ability to successfully manage third-party audits, compile evidence, and organize audit responses Effective written communication skills to develop & maintain the policies and procedures; the capability to communicate with cross-functional teams. Proven analytical and problem-solving abilities for managing initiatives that advance corporate goals Education Bachelors degree in computer science, information systems, or Cybersecurity

Job Description: IT Infrastructure Chemical Manufacturing Industry: Chemical Manufacturing Location: Medchal , Hyderabad Experience: 7 - 12 years Qualification: B.E./B.Tech in IT/Computer Science or relevant field (preferred), MBA in IT (optional) About the Role: Key Responsibilities: IT Infrastructure Management Lead and oversee the design, implementation, and maintenance of IT infrastructure for the manufacturing plant. Ensure high availability, scalability, and security of IT systems, including servers, storage, and databases. Manage data centers, cloud infrastructure, and disaster recovery solutions for business continuity. Oversee IT asset management, procurement, and vendor coordination. Networking & Security Design and manage network infrastructure including LAN, WAN, VLANs, and Wi-Fi across the plant. Implement and maintain firewalls, VPNs, IDS/IPS systems, and endpoint security for plant IT security. Ensure robust data security policies, cybersecurity risk mitigation, and compliance with IT regulations. Oversee switching, routing, and connectivity between different plant locations and offices. IT Support & Plant-Specific IT Solutions Provide technical support and troubleshooting for plant IT infrastructure, systems, and applications. Manage IT helpdesk operations to ensure timely resolution of issues for manufacturing users. Implement smart factory solutions, IoT, automation systems, and predictive maintenance tools . Develop IT SOPs, backup plans, and IT governance policies for the manufacturing unit. Key Requirements: 8-12 years of experience in IT infrastructure management within a manufacturing setup. Expertise in networking (LAN, WAN, VLANs), switching, firewall management, and cybersecurity. Proven experience in data center operations, disaster recovery, and IT governance. Familiarity with IT security protocols, cloud infrastructure, and compliance standards. Strong vendor and stakeholder management skills. Preferred Qualifications: Experience in chemical manufacturing industries. Certifications in SAP, Cisco (CCNA/CCNP), or IT security (CISSP, CISM) are a plus. Hands-on experience with cloud computing (AWS/Azure), IoT, and Industry 4.0 technologies.

Job Summary As a Cyber Security Specialist you will play a crucial role in safeguarding our organizations digital assets. With a focus on LDAP Ping Directory and a hybrid work model you will ensure the integrity and confidentiality of sensitive information. Your expertise will contribute to maintaining a secure environment supporting our mission to protect data and enhance trust in our services. Responsibilities Develop and implement security measures to protect the organizations digital infrastructure. Monitor and analyze security alerts to identify potential threats and vulnerabilities. Collaborate with IT teams to integrate security protocols into existing systems. Conduct regular security audits and assessments to ensure compliance with industry standards. Provide guidance and support to staff on security best practices and protocols. Investigate security breaches and incidents to determine root causes and implement corrective actions. Maintain and update security policies and procedures to reflect current threats and technologies. Utilize LDAP expertise to manage and secure directory services effectively. Work closely with stakeholders to address security concerns and implement solutions. Ensure the confidentiality integrity and availability of sensitive information. Stay informed about the latest cybersecurity trends and technologies to enhance security measures. Contribute to the development of security awareness programs for employees. Support the organizations mission by ensuring a secure and trustworthy digital environment. Qualifications Possess strong experience in LDAP and its application in cybersecurity. Have a solid understanding of cybersecurity principles and practices. Demonstrate proficiency in conducting security audits and assessments. Exhibit excellent problem-solving skills to address security challenges. Show ability to work collaboratively with cross-functional teams. Display knowledge of industry standards and compliance requirements. Have experience in developing and implementing security policies. Be familiar with security incident response and investigation techniques. Possess strong communication skills to convey security concepts effectively. Have a proactive approach to identifying and mitigating security risks. Show commitment to continuous learning and staying updated on cybersecurity trends. Demonstrate ability to manage and secure directory services using LDAP.

Job Summary IAM Architect Develop the overarching vision principles and architecture for the workload identity and access management system across all environments like Azure GCP hybrid on premises Responsibilities Define the types of workload identities e.g. Managed Identities Service Accounts SPIFFE identities their attributes and their lifecycle management processes. Design the framework and specific policies for controlling workload access to resources based on the principle of least privilege. Define and design secure methods for workloads to authenticate and communicate with each other. Design the integration points and processes for connecting the workload IAM system with Fords current IAM infrastructure e.g. Entra ID Drive the creation of the long-term workload IAM governance framework ensuring alignment with industry best practices and Fords policies. Serve as the subject matter expert on workload identity concepts technologies e.g. Entra Workload Identity SPIFFE-SPIRE and best practices. Assess and recommend appropriate workload identity features and tools available in Azure GCP and other relevant platforms. Design the system to meet relevant security and compliance requirements