2755 Information Security Jobs - Page 35

Job Description Overview of the role: As a Lead Software Engineer, you will focus on building next-generation platform services for Freshworks with your strong background in distributed systems and mentor your team to achieve this. You will have an opportunity to redefine customer experiences by building systems that are milli-second efficient, always available and working at internet scale. If you are the kind of engineer who is passionate about building systems, have a good eye for analysis and a mind that can think outside the box, we want to talk to you. Responsibilities: - Lead teams to deliver scalable, low latency, and cost-efficient solutions to different product teams. - Drive solutions and implementation leveraging different open source distributed systems and deliver a complete product. - Build innovative solutions from scratch and liaise with architects and engineers from other product teams to build solutions and drive adoption. - Elicit quality attributes of the system as well as create criteria metrics for the product to establish the success of achieved metrics - Implement and support compliance of self and team to Freshworks compliance and information security processes. Requirements: - 6-9 years of prior experience - Advanced understanding of OOPS - Knowledge of SDLC (Software Development Lifecycle) - Experience of working in an Agile environment - Ability to design for scale and performance - Ability to do peer code reviews - Solid problem-solving skills - Experience with hands-on programming - Expertise in data structures and algorithms Qualifications - Degree in Computer Science or equivalent practical experience - Experience with large-scale systems - Intermediate knowledge of Ruby on Rails - Prior experience with AWS - Experience with open

The candidate will contribute to IAMO Transformation program by aiding in the configuration and implementation of the new SailPoint LCM product. This individual will provide general SailPoint Product Support with a focus to: Reduced reliance on manual provisioning and a wind-down of application adoptions will enable IAM Operations to concentrate on core functions emphasizing process improvements and risk reduction. This role represents IAMO transforming to more upskilled engineering resources that will support rapid automation via the new SailPoint LCM tool and support of core IAM functions that include continued client application and service adoptions, risk reduction and mitigation, regulatory and audit commitments, incident management, access certifications, and IAM control enforcement. Supports the effectiveness of security-related operations. Provides programming support and assists in project planning for an operational area in information security. Supports the operations of a security sub-component. Executes day-to-day operational security components. Implements new versions of security software for existing technologies and architectures. Reviews and analyzes data and information for business systems security. Assists in ensuring that security concerns are addressed and mitigated. Produces first draft of reports, analyses, findings, etc. Contributes to the achievement of team objectives. Bachelors degree in computer science or a related discipline, or equivalent work experience required. 2-4 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus..

At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. The Information Security Officer is responsible for supporting the implementation and operation of the organisations Information Security Management System (ISMS) within their region. This role will support security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the analysts will enable security controls aligning with client contractual obligations, regulatory requirements, and industry best practices. The analyst will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges The position is within the Information Security team. Main activities will include but are not limited to: Support the implementation and operations of the ISMS within the region. Support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Support continuous assessment and improvement of security controls and processes. Support, identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Support the delivery of security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Support the assessment and management of security risks associated with third-party vendors and suppliers. Support security requirements are included in vendor contracts and SLAs. Enable regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience Bachelor s degree in Information Security, Computer Science, or related field (or equivalent experience). 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Good communication and stakeholder management skills, with experience working with clients on security matters. Ideally security certifications such as CISSP, CISM, or CRISC are preferred. Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme. Flexible working hours, we value work-life balance. Maternity/ Parental (including secondary) leave policy. Cab facility available in Delhi/NCR. Meal facility available Free Medical Insurance We make hiring decisions based on your experience, skills and passion so even if you don t match every listed skill or tick all the boxes, we d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Cloud Senior Information Security Engineer (Subject Matter Expert) - GL28 Position Overview The Cloud Senior Information Security Engineer (Subject Matter Expert) is responsible for architecting, building, supporting, and enhancing the organization's public cloud security strategy. This role serves as a critical partner between the Enterprise Security Risk Organization (ESRO) and the Enterprise Technology Infrastructure and Platform Services (ETIPS) to ensure robust and effective cloud security measures. Primary Responsibilities Security StrategyCollaborate with ESRO and ETIPS to develop and implement a comprehensive public cloud security strategy Security ArchitectureDesign and maintain secure cloud architectures, ensuring compliance with industry standards and best practices Risk ManagementIdentify, assess, and mitigate security risks associated with public cloud environments Incident ResponseLead incident response efforts for cloud security breaches, including investigation, containment, and remediation ComplianceEnsure compliance with relevant regulations and standards specific to public cloud environments Security MonitoringImplement and manage security monitoring tools to detect and respond to threats in real-time CollaborationPartner with ESRO and ETIPS teams to integrate security measures into cloud services and applications Policy DevelopmentDevelop and enforce security policies and procedures specific to public cloud environments Audit and AssessmentConduct regular security audits and assessments to ensure the effectiveness of security measures Vulnerability ManagementTest and identify network and system vulnerabilities, developing strategies to mitigate them DocumentationPrepare and document standard operating procedures and protocols for security operations Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Experience in conducting security audits and assessments Public Cloud Security ExperienceDemonstrated experience with public cloud security in AWS, Azure, or both Proven experience in cloud security strategy and architecture Solid knowledge of risk management and incident response Familiarity with compliance regulations and security monitoring tools Proven excellent collaboration and communication skills, with experience partnering between security and IT organizations Demonstrated ability to conduct training and develop security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Cloud Segment Information Security Officer (SISO- GL28) Location - Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organization's cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Primary Responsibilities: Cloud Security StrategyDevelop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure Risk ManagementIdentify, assess, and mitigate security risks associated with cloud operations and technologies Incident ResponseLead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation ComplianceEnsure compliance with relevant cloud-specific regulations and standards CollaborationWork closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications Training and AwarenessSupport security training and awareness programs for employees within the cloud segment to promote a security-conscious culture Policy DevelopmentDevelop and enforce security policies and procedures specific to cloud operations Audit and AssessmentSupport security audits and assessments to ensure the effectiveness of security measures within the cloud segment Business PartnershipFoster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Proven experience in developing and implementing cloud security strategies Experience in leading cloud incident response efforts Experience in conducting cloud security audits and assessments Solid knowledge of cloud risk management and security architecture Familiarity with cloud compliance regulations and security monitoring tools Proven excellent collaboration and communication skills Demonstrated ability to conduct training and develop cloud security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders

Associate Application Security Analyst Gurgaon/Bangalore, India An associate security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation and guidance service within the TAS Application Operations team The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery What you ll be DOING What will your essential responsibilities include? Assist the Application Operations (Security) team in all security related activities, forums and discussions Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys Assist in setting up Jenkins pipeline integration to CI/CD lifecycle Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization Contribute to the production of reporting and metrics to both internal and external stakeholders You will report to the Head of Application Operations What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Security First mindset Understanding of vulnerability analysis, scanning and remediation processes Understanding of CVEs, CVSS Understanding of security industry compliancy benchmarks and standards i e CIS Understanding of security best practices/standards i e OWASP, NIST Preferable experience with at least 2 coding languages i e Java, Dot Net, C++, Python etc Excellent analytical, critical thinking and organizational skills, ability to multitask and work to deadlines Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting Desired Skills and Abilities: Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability

Redefine the future of customer experiences. One conversation at a time. We re changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans. Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service , our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication. If you re ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you re in the right place. Build Amazing - Deliver Amazing - Live Amazing - Be Amazing The AI Security and Compliance Engineer is responsible for working with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle. The engineer applies knowledge of AI and application security risks and threats to design and implement appropriate, cost-effective security controls during development, deployment, and operation of AI based applications. The engineer defines and promotes the implementation guidelines for data classification, segregation, and access controls to AI model inputs and training data to ensure data confidentiality and privacy for different data sources and user groups. The engineer performs audits and vulnerability assessments, penetration testing and supports mitigation of findings. Key Responsibilities: Ensure AI products have security and privacy by design. Establish and document policies and guidelines for data classification and data used for training to prevent leaks of sensitive data. Work with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle to meet customer, regulatory, and contractual obligations. Monitor and audit AI systems and development processes for compliance with policies, regulations and contractual obligations. Monitor and respond to security incidents involving AI systems. Create AI-specific incident management procedures to address AI related security incidents. Enhance the resilience of AI systems against potential threats by implementing cyber security best practices, controls, and tools to protect AI models from threats such as those in the OWASP AI Top Ten, including supply chain and model poisoning threats and attempts to access, modify, and exfiltrate confidential information via the query interface. Establish policies and guidelines for access controls, limitations and guardrails on usage and prompts for AI inputs and API s. Ensure proper access controls on API s and processing pipelines, and segregation of data. Create, update, and maintain threat models for a wide variety of software projects. Provide AI security training for internal development teams. Maintain current knowledge of AI risks, threats, and AI testing tools and techniques. Perform other duties to support the technical and operational security of the organization as required. Qualifications: Bachelor s degree in an IT related field or equivalent experience and 2-5 years of experience in working in IT security, software development, or AI development. Desired certifications - one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+. Understanding of Application Security and Data Security for applications and AI, such as the OWASP Top 10 and the OWASP Top 10 for Generative AI. Proficiency in and strong working knowledge of AI technologies and models such as Llama and ChatGPT. Experience and understanding of threats and risks related to web applications and API s, particularly with AI based applications. General knowledge of security implications of threats and vulnerabilities related to networks, servers, operating systems, applications, and databases. Experience with vulnerability management, patching, and mitigation assessment. Experience working within and implementing policies for a security framework such as ISO 27001 and NIST. Flexibility to work off-hours to support global project teams and maintenance windows. Ability to support 24x7 on-call for incident response on a rotating basis. Experience developing software, scripting and using SQL queries to automate controls, processes and reporting. Competencies: Strong analytical problem-solving skills and attention to detail. Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner. Ability to form productive relationships across the organization to accomplish information security objectives. Ability and willingness to learn all aspects of the information security field. Professional verbal and written communication skills in English. Expresses ideas using clear, effective and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat. Able to assess, document, and prioritize identified security flaws and vulnerabilities based on risk. Total Rewards Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office. Our compensation packages are tailored to each role and candidates qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses. Medical - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity. Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means. Coverage Type - Employee Only Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000 Free Cover Limit - 1.5 Crore Work-Life Balance - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays Financial Security - Provident Fund & Gratuity Wellness - Employee Assistance Program and comprehensive wellness initiatives Growth - Access to ongoing learning and development opportunities and career advancement At Nextiva, were committed to supporting our employees health, well-being, and professional growth. Join us and build a rewarding career! Established in 2008 and headquartered in Scottsdale, Arizona, Nextiva secured $200M from Goldman Sachs in late 2021, valuing the company at $2.7B.To check out what s going on at Nextiva, check us out on Instagram , Instagram (MX) , YouTube , LinkedIn , and the Nextiva blog . #LI-RQ1 #LI-Hybrid

Administration of One Identity tool and management of integrated Identities and Services. Engineering support of One Identity Manager Environment. Management of cloud and on-prem infrastructures hosting IAM. Working knowledge on One identity tools : 1IM Manager / Object Browser / Job Queue / Synchronization editor. Understanding of the whole IAM environment, Active Directory Multi forest environment at an enterprise level, Windows OS, IIS, MS SQL server. Monitor, Report and Analysis of bugs during and after IAM release versions. Performance management of IAM tools, database and Infrastructure. Administration of Identities and Services integrated with the One IDM tool. Support for Organization integration with the IAM Infra. Collaborate and work with onshore development and project team to provide solutions and assist during Project release, testing and for operational support. Responsible for management of incident, problem and change within the IAM Infrastructure. Responsible for documentation and update of IAM Processes and operating procedures. Work with Software Development tool (e.g., JIRA) and handle various IAM related tasks. Your benefits. We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroa. We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location). From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered. Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teachAbout Allianz Technology. Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum \u2013 from one of the industry\u2019s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. D&I statement. Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life. Join us. Let\u00B4s care for tomorrow. You. IT.

Application Security Analyst Bangalore/ Gurgaon, India A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery What you ll be DOING What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys Assist in setting up Jenkins pipeline integration to CI/CD lifecycle Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures Manage the production of reporting and metrics to both internal and external stakeholders You will report to the Operations Lead What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Security First mindset Understanding of vulnerability analysis, scanning and remediation processes Understanding of CVEs, CVSS Understanding of security industry compliancy benchmarks and standards i e CIS Understanding of security best practices/standards i e OWASP, NIST Preferable experience with at least 2 coding languages i e Java, Dot Net, C++, Python etc Desired Skills and Abilities: Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability

Graduate Or Post Graduate Degree in computer science, information technology, or similar field, plus recent computer application programming experience, or an equivalent combination of education and experience. 5-10 years\u2019 development experience in Dell One Identity & .net technologies . Good experience in Dotnet(c#.net or vb.net), SQL server. Good to have knowledge Or added advantages of having experience in REST API , WCF. Good understanding of Product development life cycle. Good understanding of Identity Lifecycle, Access Management & Application provisioning/de-provisioning . Good to have knowledge of Scrum methodology. Good to have knowledge of Azure . Good to have knowledge of Active directory. Azure Active Directory experience will be a added advantage. Good to have fluent communication and interpersonal skills . Your benefits. We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad. We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location). From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostere. Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teachAbout Allianz Technolog. Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum \u2013 from one of the industry\u2019s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. D&I statement. Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life. Join us. Let\u00B4s care for tomorrow. You. IT.

Fynd is India s largest omnichannel platform and multi-platform tech company with expertise in retail tech and products in AI, ML, big data ops, gaming+crypto, image editing and learning space. Founded in 2012 by 3 IIT Bombay alumni: Farooq Adam, Harsh Shah and Sreeraman MG. We are headquartered in Mumbai and have 1000+ brands under management, more than 10k stores and servicing 23k + pin codes. We are seeking a highly skilled Data Protection Officer (DPO) / GRC Officer responsible for ensuring compliance with global security and data protection regulations. The ideal candidate will oversee governance, risk, and compliance (GRC) programs, implement security frameworks, and safeguard sensitive data across the organization. What will you do at Fynd ? 1. Governance, Risk, and Compliance (GRC): Develop, implement, and maintain GRC frameworks to align with regulatory and industry standards. Establish risk assessment methodologies and ensure mitigation strategies are in place. Conduct IT General Controls (ITGC) assessments to ensure effective security controls and processes. Oversee third-party risk assessments, ensuring vendors comply with security policies. 2. Data Protection & Privacy Compliance: Implement and oversee compliance with DPDP (Digital Personal Data Protection Act, India) and GDPR regulations. Act as the point of contact for data protection authorities and internal privacy matters. Conduct Data Protection Impact Assessments (DPIAs) and privacy risk assessments. Develop and enforce privacy policies, data retention, and protection measures. 3. Information Security Compliance & Certifications: Lead and maintain compliance with ISO 27001, ensuring policies and controls meet certification requirements. Manage SOC 2 compliance efforts, including security, availability, processing integrity, confidentiality, and privacy principles. Oversee PCI-DSS compliance for handling cardholder data securely. Ensure alignment with NIST security frameworks for risk management and cybersecurity resilience. 4. Business Continuity & Incident Management: Develop and maintain a Business Continuity Management (BCM) program, including disaster recovery plans. Lead security incident response and investigations to mitigate data breaches and cybersecurity threats. Conduct regular tabletop exercises and audits to test resilience and readiness. Some Specific Requirements Bachelor s/Master s degree in Information Security, Cybersecurity, Compliance, or a related field. Professional certifications such as CIPP/E, CIPM, CISSP, CISM, CISA, ISO 27001 Lead Auditor, or CRISC are highly preferred. 5+ years of experience in Data Protection, Compliance, GRC, or Cybersecurity roles. Strong knowledge of regulatory frameworks (SOC2, ISO27001, GDPR, DPDP, PCI-DSS, NIST, ITGC, Third-Party Risk Management). Experience in implementing GRC tools and automating compliance processes. Excellent stakeholder management skills with the ability to work cross-functionally. Strong analytical, problem-solving, and decision-making skills. What do we offer? Growth Growth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially. Flex University We help you upskill by organising in-house courses on important subjects Learning Wallet: You can also do an external course to upskill and grow, we reimburse it for you. Culture Community and Team building activities Host weekly, quarterly and annual events/parties. Wellness Mediclaim policy for you + parents + spouse + kids Experienced therapist for better mental health, improve productivity & work-life balance We work from the office 5 days a week to promote collaboration and teamwork. Join us to make an impact in an engaging, in-person environment!

Delivery Lead Bangalore, Karnataka, India The Delivery Lead co-owns end-to-end delivery of business solutions for the scope of the Delivery Team with Transformation & Change Delivery (TCD) Delivery Lead; Understands the strategy, needs and challenges of the business partners s/he supports as well as the end-to-end processes for those businesses This role requires partnership and collaboration with many application teams Oversees all applications supporting that customer group to ensure service levels are received and system changes are delivered to expectation Accountable for the design, delivery, and support of solution What you ll be DOING What will your essential responsibilities include? Establish the scope of services, service levels, and key processes required to deliver application services within the application portfolio Produce and maintain the roadmap of change associated to application group Align team to high-level organization goals and objectives Manage and report on budget and resource allocation and utilization Monitor supplier performance reports and address concerns Review and approve contracts for a predetermined level of authority Assist procurement to manage vendor relations and maintaining vendor accountability Oversee Continuous Service Improvement initiatives to ensure continuously improving processes and capabilities Interface with internal and external auditors Support resolution of escalated risks and issues as a part of service delivery Develop and maintain relationships with key stakeholders and suppliers Produce high-level estimates as needed May participate as a member of a Major Incident Team Manage threats to application assets Protect and maintain AXA XL s Intellectual Property Ensure all processes are documented and maintained Develop change management strategies and approaches and assist business partners with readiness and change implementation Provides audit support for both internal and external assessments; Articulates policies and standards as appropriate and provides all required evidence on a timely basis Owns the completion of any action plans Ensures the Solution Delivery Center adheres to Information Security policies and standards for secure coding and manages risk acceptances In collaboration with Procurement, manages RFI/RFPs, contract negotiations and delivery of contract terms Also manages clean termiSolution Delivery Center of contracts with vendors who consistently underperform You will report to the Global Head of Transversal Applications Services What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Expert level experience in planning and executing complex, large scale initiatives or operational area Significant leadership experience in insurance and IT Budget, supply, and resource management for in scope applications and services Hold suppliers accountable for performance against Service Levels Ensure appropriate SoWs / SLAs exist for all development vendor engagements Measurable improvements in service delivery over time High customer confidence in delivery capability Internal and external audit support Risk identification and mitigation Knowledge Management strategy for process, training and applications Knowledge in tools include Biztalk, APIM, Azure Integration Services, Swagger Hub, and potentially Mulesoft Effective communication skills, particularly on key matters relating to the application grouping to stakeholders Stakeholder management Desired Skills and Abilities: Proven planning and organization skills, creating own work schedules, prioritizing workload, preparing in advance and setting realistic timescales Adaptable to new/different strategies, programs, technologies, practices, cultures, etc Comfortable with change, able to easily make transitions Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability

Senior Solution Architect-Ceded Reinsurance Bangalore, Karnataka, India We invent the new to help the world move forward Combining powerful analytics and deeper insights with bigger ideas and innovative solutions, we free up our clients potential, thereby fulfilling our own Take it seriously Make it fun Know it matters As we develop an enterprise-wide Insurance strategy to transform our business, we are seeking an Insurance Solutions Architect The Insurance Solutions Architect is a hands-on, execution focused role helping translate the Insurance strategy, define architecture, and deliver the solution In this role you will have an understanding of our insurance systems and processes, and function as an insurance architecture subject matter expert for our various projects What you ll be DOING What will your essential responsibilities include? Understanding of AXA XL s existing architecture Understand user requirements (desired output & outcome) and existing environments (current state) and translate these into an architecture and road map Collaborate with customers, analysts, other architects, modelers, developers, testers, partners and vendors Understand the Business Capabilities that are required and translate this to Technical Capabilities and Solution Architecture Assist the customer (and business solutions analysts) to define and declare non-functional requirements for building out solution capabilities Design AXA XL s architecture and solutions to meet business requirements in a manner that balances architectural standards, and implementation and operational risks, with restricted parameters such as budget and time Document solution interactions and relationships, along with basic infrastructure and application onboarding requirements Assist in the creation of cost estimates including implementation as well as total cost of ownership Ensure the future-state solutions have been fully vetted, are performant and scalable, enable agility, can be supported, are cost effective and highly available, and meet the robust needs of the business Ensure security by design to meet Information Security policies, Legal, Compliance, Risk, and Regulatory requirements, and industry best practice Assess vendor tools based on required capabilities, future capabilities, and architecture drivers, and document justification for tool selection Be hands on to demonstrate tools, patterns, security, performance, scalability, etc in a lab environment when necessary Work with quality assurance team to ensure the testing approach is appropriate for the given architecture and solution Lead design reviews (pre-development) and implementation reviews (post-development) to ensure principles and standards are followed, and that technical debt is managed Create a feedback loop for those who are implementing and interacting with the solutions Participate in the definition of adoption and experience metrics for the solution to measure the success of the solution Present architecture decisions, explain the end-to-end solution, educate others how they can contribute, and provide guidance on tool usage Extract best-practice knowledge, reference architectures, and patterns for sharing with the broader community of Architects at AXA XL and/or AXA Group Document cost and performance metrics for different design patterns and provide project teams the ability to decide the most appropriate pattern for their requirements, timeline, and budget Participate in the definition and maintenance of Architecture principles and artifacts Engage with tool vendors on their roadmaps and appropriate usage of their tools Engage with industry experts to validate the architecture and designs and understand industry trends Key part of the role will be driving the solution architecture and design for the AXA XL Ceded Reinsurance Solution You will report to Principal Architect - APAC, Europe & UK & Lloyd s Title What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Hands on knowledge and experience with architecting and implementing Ceded Reinsurance Package solutions such as DXC Assure Cede, SAP FS-RI, Sapiens Reinsurance Master or similar Initiates own work receiving broad direction as needed Lead or manage large, long term or complex projects with dotted line responsibility Ability to assess and advise on the department s strategy Self-directedly resolve a variety of novel strategic challenges that have significant impact on organization-wide cost and efficiency with far-reaching impact Relevant years in architecture roles Possess broad and deep insurance and architecture expertise and knowledge of Ceded Reinsurance Domain Understand & be able to communicate business problems & technical solutions in appropriate terminology Excellent presentation, communication (oral & written), and relationship building skills, across all levels of management Effective organizational skills with attention to detail and ability to handle change Excellent problem solving and analysis skills Must be able to work well under pressure and consistently meet deadlines Ability to work as part of a team or to be self-directed as required Practiced at working as part of a global team (including outsourcing) spanning multiple time zones Knowledge and active use of Agile, SCRUM and Continuous Delivery Desired Skills and Abilities: Understand cultural differences and be effective working in a diverse environment Passion for learning and prepared to go the extra mile You care about what you do, and what we do Hands-on experience with architecting, implementing, and performance tuning of: Insurance products & services, Azure cloud platform environment, Container & Orchestration platforms, Relational databases and structured query languages, Message queues, streaming technologies, and event driven architecture, Microservices, Integration and ETL/ELT technologies, Reference & Master Data Management, Access control and security Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability

Head of Applications Solutions Delivery Bangalore, Karnataka, India The Technology Head of Corporate Finance owns end-to-end delivery of technology solutions for the entire suite of applications/platforms supporting various Corporate Finance functions (Actuarial Reserving, Tax, Investments, etc) This role Understands the strategy, needs and challenges of the business partners s/he supports as well as the end-to-end processes for those businesses; Understands and Oversees all platforms/applications supporting that customer group Accountable for the Technology roadmap and IT delivery (design, delivery, and support of technology solution) across the multiple applications/platforms in Corp Finance area This role partners with Portfolio with Transformation & Change Delivery (TCD) Delivery Lead and Head of Enterprise Architecture (CTO) to deliver solutions to the business What you ll be DOING What will your essential responsibilities include? Leading an impactful portfolio of application delivery teams supporting AXA XL s corporate Finance business functions including Finance and Actuarial Reserving Working closely with key business and Ops &Tech stakeholders supporting the delivery of business and IT solutions to Corporate Finance (CFO) business functions Manage day to day relationship with Finance business leadership, address BAU risks and issues, provide transparency on IT initiatives and help prioritize business and IT initiatives Provide oversight for fianc and reserving close cycles including issue escalation and resolutions support with external vendors and internal dependencies Own end to end delivery responsibilities for critical IT initiatives including, but not limited to, Move to the Cloud Program, Application Rationalization, Security Remediation etc Promote a culture of innovation, automation and hands on technical skill development aligning with AXA XL s growth strategy and technology roadmap Establish the scope of services, service levels, and key processes required to deliver application services within the application portfolio Produce and maintain the roadmap of change associated to application group Align team to high-level organization goals and objectives Manage and report on budget and resource allocation and utilization Monitor supplier performance reports and address concerns Review and approve contracts for a predetermined level of authority Assist procurement to manage vendor relations and maintaining vendor accountability Oversee Continuous Service Improvement initiatives to ensure continuously improving processes and capabilities Interface with internal and external auditors Support resolution of escalated risks and issues as a part of service delivery Develop and maintain relationships with key stakeholders and suppliers Produce high-level estimates as needed May participate as a member of a Major Incident Team Manage threats to application assets Protect and maintain AXA XL s Intellectual Property Ensure all processes are documented and maintained Develop change management strategies and approaches and assist business partners with readiness and change implementation Provides audit support for both internal and external assessments; Articulates policies and standards as appropriate and provides all required evidence on a timely basis Owns the completion of any action plans Ensures the Solution Delivery Center adheres to Information Security policies and standards for secure coding and manages risk acceptances In collaboration with Procurement, manages RFI/RFPs, contract negotiations and delivery of contract terms Also manages clean term Solution Delivery Center of contracts with vendors who consistently underperform You will report to the Global Head of Application Delivery What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Experience leading global application development teams supporting Financial and Reserving systems for Insurance Industry Experience managing complex financial data and reporting systems in a high-volume environment Demonstrated leadership skills delivering high impact bespoke and packaged solutions for the insurance industry Demonstrated hands on design, development, technical architecture experience leading global teams including internal staff and external vendor resources and successfully delivering complex business solutions Expert level experience in planning and executing complex, large scale initiatives or operational area Budget, supply, and resource management for in scope applications and services Hold suppliers accountable for performance against Service Levels Ensure appropriate SoWs / SLAs exist for all development vendor engagements Measurable improvements in service delivery over time High customer confidence in delivery capability Internal and external audit support Risk identification and mitigation Knowledge Management strategy for process, training and applications Effective communication skills, particularly on key matters relating to the application grouping to stakeholders Stakeholder management Proven planning and organization skills, creating own work schedules, prioritizing workload, preparing in advance and setting realistic timescales Desired Skills and Abilities: Adaptable to new/different strategies, programs, technologies, practices, cultures, etc Comfortable with change, able to easily make transitions Experience with AS400, Mainframe, DB2 and Informatica technologies Cloud migration skillset preferred

AI Controls Lead Gurgaon/Bangalore, India OR Wroclaw, Poland AXA XL recognizes AI digital, data and information as critical business assets, both in terms of managing risk and enabling new business opportunities This data should be high quality, and actionable - enabling AXA XL s executive leadership team to maximize benefits and facilitate sustained advantage Our Innovation, Data & Analytics function (IDA) is focused on driving innovation through optimizing how we leverage data to drive strategy and create a new business model - disrupting the insurance market This role is for an AI Governance Senior Analyst to centrally execute, maintain, and advise business units on the AI Governance Framework This function is part of CIDAO, IDA Data Controls function What you ll be DOING What will your essential responsibilities include? Support AI Governance Led to establish an AI Governance Framework to centrally execute, maintain and advise business units on AI Governance requirements Report scope of AI Framework scales in support of the AI Governance Lead Drive AI risk assessments, AI Procedure, and maintenance of the AI inventory Maintain AXA XL AI Governance Framework in support of AXA XL AI solution development Support AI Governance Lead and AI Compliance Officer in driving AI governance via AI Working Group / Governance Committee Support AI Governance Lead for driving efficiency across governance processes with the aim of rationalizing governance requirements, reducing overhead, and improving time for delivery Coordination across use case owners: Product Owners, Data Scientists, Information Security, DPO, 3rd Party Assurance, Procurement, Legal, Architecture, Risk Support ongoing evolution of AXA XL AI Policy with alignment and implementation of AI governance controls Support introduction of new governance requirements where required by external regulation or internal requirements from AXA Group Maintain reporting of AI Inventory in support of AXA XL governance KPIs & metrics Engagement with Product Owners to conduct AI definitions, AI risk tiering and lower-level AI Risk Assessment support Advise on the application and testing of AI controls Supporting the maintenance of AI governance artefacts and AI Inventory You will partner with stakeholders from Global Technology, Risk Management, Data Protection, and Information Security to ensure IDA AI products and processes are compliant, resilient and audit ready Support and contribute to AI KPIs / KRIs that will support AXA XL strategic goals Instill a customer-first culture, serving business stakeholders while balancing process improvements You will be an effective communicator with presentation and negotiation skills to ensure that key stakeholders have a clear understanding of risks to ensure appropriate prioritizing and funding You will report to AI Governance Lead What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: A passion for understanding AI development, adoption and governance Knowledge of the evolving regulatory AI requirements is a prerequisite for this role, this includes solid understanding of the guiding principles of ethical and responsible AI Deep understanding of Data Privacy Regulations such as GDPR and the interplay with AI Governance Data Governance experience is preferred Knowledge of Cloud technologies and the evolving AI capabilities Experience in technology space, with a passion to optimize process performance to delivery business value i e , someone who understands that technology needs processes to be effective Understanding of Risk Mitigation plan and tracking the progress to report to appropriate stakeholders Requires the ability to connect the dots to optimize delivery Experience of project management, analytical skills & continuous improvement frameworks Desired Skills and Abilities: Knowledge of commercial lines insurance would be an advantage Knowledge of 3 Lines of Defense Governance You understand the importance of data and have a passion to be part of a strategic data team You will demonstrate ability to effectively communicate to senior stakeholders with excellent presentation, communication (in person & written format), and relationship building skills You will bring a collaborative spirit, can-do attitude, and a customer-first mindset

Position Summary: We are seeking a highly skilled and experienced Product Security Strategy Senior Advisor, who will also act as a mentor to our team in HIH, to lead and mature our application and product security team. This role is pivotal in driving the overall maturity of our product security program, ensuring robust security measures are integrated into our development processes, and providing direct line management for team members in the HIH region. This individual will work on several of the largest technology initiatives for Evernorth, aimed at revolutionizing health services and the healthcare delivery system in the United States, utilizing the latest technologies and development techniques. Job Description & Responsibilities: Lead and manage the product security strategy team, focusing on the overall maturity and effectiveness of the application and product security program. Act as the direct line manager for security team members in the HIH region, providing guidance, support, and career development. Develop and implement long-term strategic security initiatives to continuously improve our security posture and innovate within the product security space. Oversee and guide the development and implementation of secure software and systems architectures. Collaborate with cross-functional teams to identify security requirements and develop comprehensive security strategies. Conduct security assessments, threat modeling, and vulnerability analysis to ensure robust security measures are in place. Oversee product security incident response activities, ensuring timely and effective resolution of security incidents and incorporating lessons learned into future strategies. Foster strong communication and relationship-building skills to negotiate and influence across various levels of the organization. Ensure compliance with industry standards and regulatory requirements. Mentor and develop team members, promoting a culture of continuous learning and improvement. Drive the integration of security practices into all stages of the product development lifecycle. Maximize the security efficiency (operational, performance, and cost) of the application assets. Advocate for and implement innovative security solutions to address emerging threats and vulnerabilities. Lead efforts to standardize security practices across the organization, promoting consistency and best practices. Collaborate with external partners and industry groups to stay abreast of the latest security trends, threats, and technologies. Experience Required: Bachelor or Master degree in Computer Science, Information Security, or a related field. 13 years of experience in cybersecurity, with a focus on application and product security. Proven expertise in automating security solutions within development pipelines (CI/CD). Extensive experience in threat modeling, architecture reviews, and vulnerability management. Strong understanding of various pipeline touchpoints and integration methods. Cloud experience (AWS, Azure, Google Cloud, OCI) is highly desirable. Familiarity with modern security technologies, practices, and standards. Strong knowledge of secure software development practices and principles. Industry certifications such as CISSP, CISM, CEH, or similar are preferred. Excellent leadership and team management skills. Strong communication, relationship-building, and negotiation skills. Ability to work effectively in an Agile environment. Experience Desired: Experience with security tools and platforms such as static analysis (SAST), dynamic analysis (DAST), and runtime application self-protection (RASP). Knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI-DSS). Hands-on experience with security automation and orchestration. Proficiency in programming and scripting languages relevant to security (e.g., Python, Java, Shell scripting). Ability to manage and prioritize multiple projects in a fast-paced environment. Education and Training Required: Advanced degree (Master or higher) in Computer Science, Information Security, or a related field. Relevant industry certifications. Additional training in secure software development, application security, and risk management is highly desirable. Primary Skills: Advanced expertise in secure software development practices, application security, and security tool integration. Proficiency in Angular and Java for security-related software development and integration. Additional Skills: Extensive experience with AWS and other cloud platforms, with a focus on securing cloud-based applications and services. Hands-on experience with application security frameworks and tools, including security automation and orchestration.

Delivery Manager, TAS DevOps Automation & Tooling Gurgaon, Haryana, India We are seeking a highly skilled and motivated Delivery Manager to join our dynamic team, which is responsible for our DevOps automation and tooling ecosystem In this role, you will play a pivotal part in enhancing our customer success, demand management, and product disciplines, all of which are essential to the development, deployment, and operations of our AXA XL applications What you ll be DOING What will your essential responsibilities include? Understand and manage the expectations of product stakeholders and customers Articulate what success looks like for our product portfolio by defining key metrics for success Conduct customer research to gain a thorough understanding of their requirements, identifying their needs and determining how we can enhance our automation and tooling to meet those needs Collaborate with Application Managers, Technical Leads, and Technical Architects to create efficient and effective processes for development operations Serve as a key conduit between the Delivery Team and the broader organizational standards, structures, and processes Assist in coordinating demand intake for the DevOps Automation team Propose and implement solutions to improve demand forecast accuracy and effectively communicate estimations to customers Work with business and information security teams to identify security risks and find solutions, including risk acceptance Build effective relationships and networks to navigate the organization and support the team in delivering change Support internal and external audits to ensure services are delivered in a controlled manner, minimizing undue risk to the company Manage service levels to ensure all commitments are met, mitigating any variances to reduce impacts on overall cost, schedule, and quality for business needs Identify and prioritize proactive maintenance action items and support impact assessments of environmental changes Raise Statements of Work (SOW) and/or Service Level Agreements (SLA) with application development vendors for specific developments and changes, collaborating with Program/Project Managers, Analysts, Solution Architects, and Product Owners Implement SLA/KPI alignment across the full Software Development Life Cycle (SDLC) for each SOW/SLA Manage risks to ensure the delivery of service level commitments and project milestones Act as a point of escalation for risks and issues, supporting the team in overcoming operational and technical blockers Govern internal change processes and maintain development documentation You will report to Delivery Lead What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Familiarity with multiple application delivery models including Agile, iterative and waterfall Experience of working and improving DevOps ecosystems and the Cloud platforms Excellent customer success and stakeholder management background Track record in product management and tooling portfolio management Budget, supply, and resource management for IT application development services Significant leadership experience in IT with knowledge / skills for leading multi-disciplined technology teams Effective communication skills, particularly on key matters relating to the application grouping to stakeholders Risk identification and mitigation Desired Skills and Abilities: Proven planning and organization skills, creating own work schedules, prioritizing workload, preparing in advance and setting realistic timescales Adaptable to new/different strategies, programs, technologies, practices, cultures, etc Comfortable with change, able to easily make transitions Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and enables business growth and is critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most inclusive workforce possible, and create a culture where everyone can bring their full selves to work and reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family-friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far-reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability

Job Overview: We are seeking an experienced and highly skilled Windows Lead IT Engineer to join our dynamic Infrastructure Engineering team. The successful candidate will be responsible for designing, implementing, and managing our Windows-based infrastructure, ensuring its robustness, scalability, and security. This role requires a deep understanding of Windows Server operating systems, network administration, and VMware technologies, as well as leadership and project management skills to ensure the stability and performance of our global infrastructure. The Role: As a Lead IT Engineer, you will be part of a dedicated team of global engineers managing and maintaining the infrastructure in support of the managed hosting products. The team deploys and maintains management services, server hardware, and operating systems for all managed hosting products within the Lumen managed hosting datacenters. You will provide internal support by deploying and maintaining infrastructure and services required by internal teams to manage our hosting customers. Responsibilities: Develop and implement comprehensive infrastructure solutions based on Windows Server operating systems. Ensure alignment with organizational goals and industry best practices. Oversee the installation, configuration, and maintenance of Windows servers, ensuring optimal performance and reliability. Implement and manage security protocols and procedures to safeguard the infrastructure. Conduct regular security audits and vulnerability assessments. Lead infrastructure projects from inception to completion, ensuring they are delivered on time and within budget. Implement monitoring tools, automations, and processes to proactively identify and resolve issues. Perform root cause analysis and implement corrective actions. Maintain comprehensive documentation of infrastructure design, configuration, processes, and procedures. Work closely with other teams, including operations, product, network, security, and application teams, to ensure seamless integration and operation of the infrastructure. Stay current with emerging technologies and industry trends. Propose and implement improvements to the infrastructure to enhance performance and efficiency. Maintain 99.999% availability for all Hosting Infrastructure and provide 24 x 7 support. Required Qualifications: At least 18-20 years of experience in Windows infrastructure engineering including significant experience in a lead or senior role. Expertise in Windows Server operating systems (2016, 2019, 2022) and Active Directory. Strong knowledge of virtualization technologies, such as VMware and/or Hyper-V. Strong experience in scripting and automation (PowerShell programming, Ansible). Understanding of complex network topologies, protocols and services (e.g., VLAN, Load balancing, TCP/IP, DNS). Knowledge of storage systems and SAN/NAS/vSAN technologies. Excellent verbal and written communication skills. Ability to convey complex technical concepts to non-technical stakeholders. Demonstrated ability to work effectively in a team-oriented environment. Strong interpersonal skills. Ability to thrive in a fast-paced, dynamic environment. Willingness to take on new challenges and learn new technologies. Preferred Qualifications: Education: Bachelor s degree in Computer Science, Information Technology, or a related field. Advanced certifications (e.g., MCSE, MCITP) are highly desirable. Knowledge of ITIL processes and frameworks. Experience with cloud platforms, particularly Microsoft Azure. Experience managing large-scale infrastructure projects. Familiarity with project management methodologies and tools. Strong background in information security best practices and regulatory obligations (SOC, PCI). "We are an equal opportunity employer committed to fair and ethical hiring practices. We do not charge any fees or accept any form of payment from candidates at any stage of the recruitment process. If anyone claims to offer employment opportunities in our company in exchange for money or any other benefit, please treat it as fraudulent and report it immediately."

In this role, your primary responsibilities include implementing, configuring, and supporting application security and identity access management technology solutions including generate reports and threat identification The candidate needs to have experience in application security and identity management area. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Responsible for developing and maintaining application security and identify access management technology solutions including Sailpoint/IIQ, Okta Single Sign On, Azure AD, AWS SSO, Cloudflare Web application firewall, penetration testing, developing and maintaining internally developed Python tools and utilities. Identify and develop integration opportunities between security solutions and automation but not exclusively. Work with virtual team/management to collect and prioritize system requirements, develop delivery plans and meet aggressive deadlines, develop code, perform unit as well as system integration testing, participate in architecture of new capabilities and debug, troubleshoot production support. Coordinate quality assurance and testing with users of the new functionalities/capabilities. Generate reports for capability implementation Review report data and identify threats to discuss with management for mitigation Ensure that project issues are communicated in a timely and effective manner Other duties as assigned. To ensure you re set up for success, you will bring the following skillset & experience: Experiences in Sailpoint IIQ, Python and Java development (automation, integration, etc) and application security are must-have. Familiar with security tools in software development lifecycle as well as Azure AD, AWS APIs/CLI, containers experiences are nice to have. Knowledge of Artificial Intelligence learning model Ability to work with little supervision as well as being a team player Excellent verbal, written, and interpersonal communication skills Experience working with remote teams 4 years + experience Should be willing to work in 12.30 PM to 9.30 PM shift

Daily Monitoring and Investigation Monitor DLP alerts across email, endpoint, web, and cloud. Perform triage to determine false positives, true positives, and actual incidents. Document findings and escalate critical violations per SOPs. Incident Response Support Support incident response by providing evidence, logs, and context around DLP policy violations. Coordinate with IT, HR, and Legal teams for user engagement, awareness, and disciplinary action if necessary. Participate in Root Cause Analysis (RCA) for recurring or high-severity incidents. Policy Tuning and Optimization Analyse alert trends and false positive patterns to suggest and implement policy refinements. Work with business and security teams to validate policy changes and test updated rulesets before production deployment. Maintain documentation of policy changes, rationales, and approvals. Lifecycle Management Support onboarding business units, or geographies into DLP coverage. Maintain and update DLP dashboards and reporting structures. Stakeholder Communication Provide regular reports to CISO on DLP violations Interface with Data Owners, Business Units, and Compliance teams for policy alignment and exception management.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Requires limited prior training or licenses and training certifications. Has basic operational or analytical skills to perform tasks. Works within clearly defined standard operating procedures and adheres to quality guidelines. Work is completed with close supervision and under clearly defined procedures. Functional Knowledge Requires a basic understanding of theories, practices, and procedures. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Responsible for the accuracy of work. Receives close supervision and duties are clearly defined. Methods and tasks are described in detail. Leadership Has no supervisory responsibilities. Problem Solving Uses existing procedures to solve standard problems. Has limited opportunity to exercise discretion. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Performs first level Sourcing process such as requisition and purchase order creation, following client standard operating instructions. Ability to review and analyze input data for completeness. Requests additional information if required. Achieves productivity and quality targets set for the project. Performs any other first-level tasks assigned. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Requires limited prior training or licenses and training certifications. Has basic operational or analytical skills to perform tasks. Works within clearly defined standard operating procedures and adheres to quality guidelines. Work is completed with close supervision and under clearly defined procedures. Functional Knowledge Requires a basic understanding of theories, practices, and procedures. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Responsible for the accuracy of work. Receives close supervision and duties are clearly defined. Methods and tasks are described in detail. Leadership Has no supervisory responsibilities. Problem Solving Uses existing procedures to solve standard problems. Has limited opportunity to exercise discretion. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Performs first level Sourcing process such as requisition and purchase order creation, following client standard operating instructions. Ability to review and analyze input data for completeness. Requests additional information if required. Achieves productivity and quality targets set for the project. Performs any other first-level tasks assigned. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has advanced, specialized expertise within a range of analytical or operational processes. Completes assignments and facilitates the work of others. May coordinate assignments beyond work area. Proposes improvements to processes and methods. Acts as a lead, coordinating the work of others, but is not a supervisor. Works autonomously within established procedures. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Acts as a technical expert in some areas. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided. Suggests enhancements to work procedures and practices to improve efficiency. Leadership Serves as a team lead. May allocate work to team members. Provides subject matter guidance to junior team members. Problem Solving Provides solutions to atypical problems with little or no precedent. Interpersonal Skills Exchanges information and ideas effectively. Uses tact and diplomacy when dealing with others. Responsibility Statements Supports emergency procurement processes as needed by the client. Monitors open requisitions, expedite, and closeout before turnaround. Works with stakeholders to ensure proper recommendation and documentation is received for the procurement process. Assists Team Leaders in extracting data for dashboard on process and reconciliation metrics. Provides supporting records and documentation to assist with audits. Ensures that adequate and updated process documentation and desktop procedures exist and are utilized. Contributes towards quality efforts and guides the quality verifiers team. Participates in first-level tasks and quality check tasks. Performs other duties as assigned. Complies with all policies and standards.

Job Track Description Requires formal education and relevant expertise in a professional, sales, or technical area. Performs technical-based activities. Contributes to and manages projects. Uses deductive reasoning to solve problems and make recommendations. Interfaces with and influences key stakeholders. Leverages previous knowledge and expertise to achieve results. Ability to complete work self-guided. College or university degree required. General Profile Requires knowledge and experience in field. Uses best practices and knowledge of business to improve products or services. Solves complex problems and takes a new perspective on existing procedures. Self-starter, requiring minimal guidance. Acts as a resource for colleagues with less experience. Functional Knowledge Requires conceptual expertise of theories, practices, and procedures. Business Expertise Has knowledge of best practices and team integration. Aware of the competition and what differentiates them. Impact Impacts a range of customer, operational, project or service activities. Works within broad guidelines and policies. Leadership Acts as a resource for colleagues with less experience. May guide small projects with manageable risks and resource requirements. Problem Solving Solves complex problems. Takes a new perspective on existing solutions. Exercises judgment based on the review of multiple information sources. reviewing many sources of information. Skills Clearly articulates difficult or sensitive information. Works to build consensus within a team. Responsibility Statements Supports the development of strategies for new client offerings. Ensures the effective use and application of resources. Assesses customer requirements and assists with the development of solutions. Reviews service and operating procedures to ensure compliance with industry standards and regulations. Works closely with the solutions team and sales, practice, and delivery leaders to develop the solution strategy and approach. Developing proficiency in market trends, best practices, and innovation. Performs other duties as assigned. Complies with all policies and standards.

Job Title Security Analyst Role and Responsibilities The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies.The Security analyst will be professional, independent, impartial, and fair in all interactions. The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units\u2019 information, applications, and infrastructure. Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts; change detection (FIM) alerts application firewall alerts; malware alerts rogue wireless network alerts security system health alerts; exploit attempt alerts Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to audits of system security to ensure compliance with Corporate security framework NIS 2, NIST 800-53, ISO 27001/2, PCI-DSS emerging country, state, and Federal privacy laws Primary POC in a vulnerability management program of the account that includes external and internal vulnerability scans of applications and systems external and internal penetration tests of applications and systems documentation and remediation of identified vulnerabilities and exploits routinely monitoring various communication avenues for security vulnerabilities and security patches taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement Acts as the initial point of contact to facilitate the handling of security audits and client requests Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills Creating and Maintaining NIST 800-53-rev5 based SSP and POAM Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks).