2559 Information Security Jobs - Page 7

SOC Analyst Level 2 Location: Mumbai Around 4+ years working experience in Global SOC Must have experience in any SIEM Management tool Splunk, QRADAR, HP Arc sight, Triage Specialist - Separating the wheat from the chaff. Deep investigations/CSIRT, Mitigation/recommends changes, More advanced SME in cybersecurity, Experienced security analyst, understands more advanced features of security tools, thorough understanding of networking and platform architecture (routers, switches, firewalls, security), Ability to dig through and understand various logs (Network, firewall, proxy, app, etc..) Good to have either of certifications like, ITIL, CCNA, CEH, etc. Process and Procedure adherence. Tier 2 Security Analyst addresses real security incidents. Evaluates incidents identified by tier 1 analysts. Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, and Phone) Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack. Analyzes running processes and configs on affected systems. Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. Creates and implements a strategy for containment and recovery. Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up to date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams. Generate monthly reports on SOC activity. Should be skilled on Deception Technology, EPP, EDR, IPS/IDS desirable. Please share your CV to [email protected] Regards, Annapurna Manager TA

SOC Analyst Level 2 Location: Mumbai Around 4+ years working experience in Global SOC Must have experience in any SIEM Management tool Splunk, QRADAR, HP Arc sight, Triage Specialist - Separating the wheat from the chaff. Deep investigations/CSIRT, Mitigation/recommends changes, More advanced SME in cybersecurity, Experienced security analyst, understands more advanced features of security tools, thorough understanding of networking and platform architecture (routers, switches, firewalls, security), Ability to dig through and understand various logs (Network, firewall, proxy, app, etc..) Good to have either of certifications like, ITIL, CCNA, CEH, etc. Process and Procedure adherence. Tier 2 Security Analyst addresses real security incidents. Evaluates incidents identified by tier 1 analysts. Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack. Analyzes running processes and configs on affected systems. Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. Creates and implements a strategy for containment and recovery. Act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques. Should have experience in Developing new correlation rules & Parser writing Experience in Log source integration Act as the lead coordinator to individual information security incidents. Document incidents from initial detection through final resolution. Participate in security incident management and vulnerability management processes. Coordinate with IT teams on escalations, tracking, performance issues, and outages. Communicate effectively with customers, teammates, and management. Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation. Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies. Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management. Staying up to date with emerging security threats including applicable regulatory security requirements. Maintain an inventory of the procedures used by the SOC and regularly evaluate the SOC procedures and add, remove, and update the procedures as appropriate Publish weekly reports to applicable teams. Generate monthly reports on SOC activity. Should be skilled on Deception Technology, EPP, EDR, IPS/IDS desirable. Please share your CV to [email protected] Regards, Annapurna Manager TA

Our Purpose Title and Summary Lead Software Engineer (Java Fullstack Developer) Technology at Mastercard What we create today will define tomorrow. Revolutionary technologies that reshape the digital economy to be more connected and inclusive than ever before. Safer, faster, more sustainable. And we need the best people to do it. Technologists who are energized by the challenges of a truly global network. With the talent and vision to create the critical systems and products that power global commerce and connect people everywhere to the vital goods and services they need every day. Working at Mastercard means being part of a unique culture. Inclusive and diverse, a rich collaboration of ideas and perspectives. A place that celebrates your strengths, values your experiences, and offers you the flexibility to shape a career across disciplines and continents. And the opportunity to work alongside experts and leaders at every level of the business, improving what exists, and inventing what s next. Overview This position is a member of the STRM - Security Threat and Response Management team which is responsible for Vulnerability Management, security monitoring and response functions for Mastercard, accounting for both physical and cyber security events. This team leads with the mission to provide overall stewardship of enterprise-grade application architecture & design within the context of holistic software development. This includes driving the architecture & design decisions and building consensus around it and supporting existing enterprise-level applications. The team leads the Security implementation related to customer access, employee access, and exploration of software architecture & technology innovations along with enabling excellence in the overall team. Design secure, reliable, and scalable solutions for globally distributed customer facing products. Collaborate closely with the global Solution Architecture & Engineering team to define principles and best practices Engage with wider Mastercard Architecture & Technology teams to ensure alignment on the wider technical strategies and policies within Mastercard Support development teams and work with stakeholders, promoting agile development Research, create and evaluate technical solution alternatives for the business needs using current and upcoming technologies and frameworks They are hands on all the time and collaborate by writing interfaces, tests; unit or acceptance and architecture fitness functions, outside of meeting rooms. Work with business/product owners to architect and deliver on new services to introduce new products and bundles Participate and contribute to team s agile process and decisions. Drive prioritization decisions and trade-offs in working with product partners Drive the architectural design, including dependent services, service interactions, and policies Contribute and lead Squad initiatives by engaging and mentoring Engineers at all levels to improve the craftmanship of Software Engineering Simplify and improve the cost/benefit of a function/service/architecture strategy Consult across teams and across organization lines to identify synergies and reuse opportunities Participate and contribute to Principal review architecture meetings and drive resolutions to enterprise-wide challenges and regulatory needs Conduct technical interviews for hiring engineering staff and raising the performance bar Technologies: - 1. Java, J2EE, micro services, RESTful APIs, Angular, Web Services, JavaScript, Docker 2. Framework - Spring -Spring Boot, Spring Data, Spring Batch, Spring REST, Spring Cloud, AOP, Hibernate 3. UI/UX frameworks and best practices -React, Angular. 4. API tooling and design best practices 5. Cloud and DevOps Architecture, especially via Pivotal Cloud Foundry 6. Databases - Oracle, SQL server, PostgreSQL, Cassandra, ElasticSearch 7. Tools - Eclipse or IntelliJ, Sonar, GIT, Maven, SQL Developer, Jenkins, CI/CD, Gatling. Experience with Software Vulnerabilities tools SCA/SAST/DAST will be plus. About You Bachelor s degree in information systems, Information Technology, Computer Science or Engineering or equivalent experience. Proficiency in software development languages, including but not limited to Java and Java-based frameworks (Spring, Spring Boot), React or Angular, and JSON. Demonstrated expertise in containerization, container orchestration, microservices, REST services, and cloud technologies, preferably Azure or AWS. Strong understanding of technology selection, system architecture, and full-stack development principles. Proven ability to deliver large-scale, complex software programs with measurable business impact. Skilled in performing code reviews, conducting troubleshooting and debugging, executing root cause analysis (RCA), and resolving coding errors. Practical experience with CI/CD pipelines to streamline development and deployment processes, docker containers & Kubernetes to Cloud platforms. Adept at mentoring developers and coaching teams on best practices, coding standards, and development methodologies. Exceptional analytical, presentation, and problem-solving skills to address challenges effectively. Strong communication abilities to collaborate across teams and articulate complex ideas clearly. Experience in coding Microservices in Java, building UI/UX, frameworks such as React, Angular, spring boot, RDBMS, Oracle and event driven architecture. Knowledge with Pivotal Cloud Foundry or any other cloud platform AWS or Azure or GCP is preferred. Has experience designing and implementing solutions focusing on the non-functional concerns - Performance, Scalability, Availability, Extensibility, Supportability, Usability Operate with urgency, fairness and decency to address challenges and solve for new opportunities. Capable of working under pressure - navigating complex initiatives, competing priorities and customer requirements. Familiar with cutting edge industry trends and thorough understanding of development methodologies and standards. Ability to manage objectives and pipelines, build business cases, define success metrics and interpret P&L to optimize the business. Has skills to promote and coach teams on take on full stack development and facilitate end-to-end service ownership, Has skills to engage engineers across Technology organization to promote standard software patterns and reuse of common libraries and services. Has skills to drive trade-off discussions to set right development capacity based on value drivers e.g., regulatory, security, new business, market parity, technical debt Has experience in design and execution of automation across multiple business areas and provides guidance on best methods and tools. Has skills to succinctly articulate architecture patterns of complex systems, with business and technical implications, to executive and customer stakeholders. Experienced in agile and modern SDLC practices: Scrum/Kanban/Continuous Delivery/DevOps/Quality engineering, and the delivery situations they are used for Corporate Security Responsibility

Date 10 Jun 2025 Location: Kokata, WB, IN Company Astom At Astom, we understand transport networks and what moves peope. From high-speed trains, metros, monorais, and trams, to turnkey systems, services, infrastructure, signaing and digita mobiity, we offer our diverse customers the broadest portfoio in the industry. Every day, 80,000 coeagues ead the way to greener and smarter mobiity wordwide, connecting cities as we reduce carbon and repace cars. Coud you be the fu-time Weding Expert in Kokata were ooking for Your future roe Take on a new chaenge and appy your comprehensive weding process expertise in a new cutting-edge fied. You work aongside dedicated, innovative, and coaborative teammates. You' contribute to the exceence of our manufacturing process by ensuring the highest weding standards from tender to warranty phases. Day-to-day, you coaborate with teams across the business (Tech. Bid, Product Eng., Industria Quaity, etc.), oversee the preparation of wed pans, and much more. You specificay take care of the performance and assessment of Weding Procedure Quaification, but aso ensure the compatibiity and handing of weding consumabes & parent materias. We ook to you for: Participation in technica reviews and wed sequence definitions Conducting suppier audits and ensuring equipment suitabiity Aocation of quaified weders and preparation of wed pans Visua inspection before, during, and after weding Supporting the reduction of defects through root cause anaysis Ensuring compiance with heath, safety, and environmenta standards A about you We vaue passion and attitude over experience. Thats why we dont expect you to have every singe ski. Instead, weve isted some that we think wi hep you succeed and grow in this roe: Degree in Engineering (BE/B.Tech) or an IWE certification Experience or understanding of heavy meta weding in industries such as ocomotive or automotive Knowedge of internationa weding standards and technoogica advancements Famiiarity with MS Office toos (Word, Exce, PowerPoint) Proficiency in the Engish anguage Abiity to train engineers and weders A coaborative mindset with a goba vision Things you enjoy Join us on a ife-ong transformative journey the rai industry is here to stay, so you can grow and deveop new skis and experiences throughout your career. You aso: Enjoy stabiity, chaenges and a ong-term career free from boring daiy routines Work with the atest standards for rai weding quaity and safety Coaborate with transverse teams and hepfu coeagues Contribute to innovative projects that impact goba mobiity Utiise our fexibe working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your deveopment, through award-winning earning Progress towards eadership and advanced technica roes Benefit from a fair and dynamic reward package that recognises your performance and potentia, pus comprehensive and competitive socia coverage (ife, medica, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or famiy, you be proud. If youre up for the chaenge, wed ove to hear from you! Important to note As a goba business, were an equa-opportunity empoyer that ceebrates diversity across the 63 countries we operate in. Were committed to creating an incusive workpace for everyone.

About this role: Wells Fargo is seeking a Securities Operations Representative In this role, you will: Perform various operational tasks on complex securities that require general knowledge of unit functions and systems Support securities operations Identify ways to improve the overall process Perform moderately complex duties such as processing, researching inquires and reconciling transactions Review time sensitive documents Receive direction from supervisor and coordinate situations involving other departments Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Interact with internal customers Receive direction from leaders and exercise independent judgment while developing the knowledge to understand function, policies, procedures, and compliance requirements Required Qualifications: 2+ years of Securities Operations experience, or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education

As a PC@IBM Windows Engineer, you wi be responsibe for designing, managing, configuring, and maintaining PC@IBM’s M365 tenant for managing IBM empoyee devices. You wi ensure the avaiabiity, security, and reiabiity of PC@IBM services whie coaborating with various teams to meet their technica requirements. Your responsibiities wi incude: Impement and manage poicies required for IBM security compiance. Monitor Microsoft Intune service heath, swifty addressing issues to maintain system integrity. Impement stringent security measures such as muti-factor authentication. Conduct reguar security assessments to strengthen data protection and ensure compiance with reguations. Deveop detaied user documentation to faciitate system navigation and troubeshooting. Design and impement backup strategies and disaster recovery pans to safeguard M365 data. Empoy PowerShe for monitoring system performance and service metrics, proactivey identifying potentia issues. Required education Master's Degree Required technica and professiona expertise Required Professiona and Technica Expertise: Overa 10+ years of experience in security and compiance roes. In-depth knowedge of compiance frameworks such as NIST, CMMC, ITAR/EAR, GDPR, HIPAA, and PCI. Expertise in Intune MDM for device security and management. Strong understanding of Microsoft 365 security and compiance capabiities. Exceent anaytica and probem-soving skis. Abiity to work in a fast-paced, high-stakes environment. Preferred technica and professiona experience Preferred Professiona and Technica Expertise: Mastery in PowerShe for automation and system management. Exceptiona probem-soving skis and the abiity to communicate compex technica concepts ceary.

The SIEM Administrator wi be responsibe for administering the depoyed SIEM service. The candidate is aso expected to have hands on experience of depoying a SIEM soution from scratch, where the candidate shoud have the skis and knowedge to gather a the required information to buid the SIEM soution. In-depth knowedge of technica approaches in security anaytics, monitoring and aerting. Maintains technica knowedge within areas of expertise. This roe is aso responsibe for identifying, anayzing, deveoping new or tuning & Refinement of the content or use cases. Strong probem soving and troubeshooting skis incuding the abiity to perform root cause anaysis for preventative investigation Required education Bacheor's Degree Preferred education Master's Degree Required technica and professiona expertise Shoud have experience in any of the query anguage i.e AQL ,KQL, SPL, LEQL etc for writing the compex queries & saved search creation. Shoud have strong knowedge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber ki chain mode. Shoud have understanding of reguar expression writing and custom parsing Preferred technica and professiona experience Coaborate with key stakehoders within technoogy, appication and cyber security to deveop use cases to address specific business needs. Create technica documentation around the content depoyed to the SIEM. Creates and deveops correation and detection rues with SIEM soution, reports & dashboards to detect emerging threats

What You will Do: 1. Identify the affected resources that the vulnerability applies to 2. Identify the validity of vulnerability 3. Communicate the vulnerability to affected stakeholders 4. We work closely with stakeholders to ensure closure/resolution based on SLA 5. We execute necessary retesting to audit/confirm actual closure 6. Monitoring alerts and tickets including generated through multiple security tools 7. Responding to tickets and emails within SLA 8. Delegating tickets to appropriate team members 9. Focus on quality control within the IT security team 10. Co-ordinate with teammates and end users for updates 11. Follow up with stakeholders and team members for ticket closure 12. Feedback or customer satisfaction 13. Complies with the policies and procedures of the organization 14. Communication of security vulnerability process. What You will Need: Minimum 1+ years of experience as IT Security Analyst Graduation is mandatory Ticketing tool knowledge -familiar with ITIL process of closing actions in tickets Understanding of IT security framework like ISO 27001& NIST800sp Knowledge of AWS, Email gateway (Proofpoint)& Antivirus Must be familiar with Windows & application patching process Good team player Excellent communication abilities (verbal & writing). Willing to work in rotation shifts(24x7) Experience from IT audit field will be added advantage Technical requirement Familiar with alerts generated by technologies like AWS Guard Duty, Proofpoint, Sophos AV, OpenVAS, etc.

About this role: Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Review and correlate security logs Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Required Qualifications: 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Essential Qualifications: 4+ years of demonstrated information security applications and systems experience 3+ years of demonstrated experience leveraging security technologies such as SIEM for security incident analysis 2+ years of demonstrated experience with at least one scripting language (preferably JavaScript and its frameworks / Python) working on automation and engineering projects Strong expertise in Splunk SPL ,CIM , dashboards, alerts and reports. Good Understanding of Regular Expressions and Yara rules. Experience in creating Indicators of Attack on EDR platforms Expertise in fine-tuning alerts and improving response efficiency by working closely with SOC analysts. Knowledge of threat intelligence frameworks such as MITRE ATTACK. Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats Advanced knowledge of networks, protocols, standards, Linux/Unix/Window OS internals, and system configuration Bachelors and/or Masters degree in computer science or information systems 2+ years of experience with network security, endpoint security/EDR or security threat vectors Experience with host-based and/or network-based forensics tools and techniques Good understanding on agile methodology Desired Qualifications: Knowledge and understanding of banking or financial services industry Should possess understanding of security and threat landscape relevant to cloud technologies Excellent verbal, written, and interpersonal communication skills Strong ability to identify anomalous behavior on endpoint devices and/or network communications Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Relevant certifications such as Splunk Certified Admin, Splunk Enterprise Security Certified Admin.

Some careers open more doors than others. If you re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. Principal Responsibilities This role is responsible for Stewardship of Data, Technology and Cyber Security, Resilience Risks as well as providing oversight of the Data Privacy Office capability. The role is also a nodal officer, for the central banking regulator, RBI, for all IT and Cyber risks, and is the designated CISO for the bank. CISO responsible for bringing to the notice of the Exco / IT sub-committee of the Exco about the vulnerabilities and cyber security risk the bank is exposed to. member secretary of information security and related committee(s), if any, and ensuring current / emerging cyber threats to banking (including payment systems) sector and the banks preparedness in these aspects are invariably discussed in such committee(s). manage and monitor SOC and drive cyber security related projects in collaboration with CIO/CTO. coordinate the activities pertaining to Cyber Security Incident response Teams (CSIRT). develop cyber security KRIs and KPIs and get an independent assessment of the same including its coverage at least on a quarterly basis. shall have a robust working relationship with CRO to enable holistic risk management approach. To this effect, CRO may be invited to information security committee meetings. CISO may be a member of (or invited to) committees on operational risk where IT/IS risk is also discussed. CISOs office shall be adequately staffed with technically competent people, if necessary through recruitment of specialist officers, commensurate with the business volume, extent of technology adoption and complexity. an invitee to the IT strategy committee and IT steering committee. Data Privacy and data risk responsible for ensuring the bank meets its obligations under data protection and privacy laws and provide expert advice, guidance and direction and support the necessary standards and controls to enable the Bank, including its employees and relevant third parties, to manage privacy risks and comply with obligations under data protection laws in relation to the processing of personal data. To establish a culture of privacy within HSBC, to work collaboratively with key senior stakeholders across the business and be accountable for keeping executives appraised of privacy risks and issues. Informing and advising the business and its employees of their data privacy and protection compliance obligations Providing expert guidance, oversight and challenge on all aspects of data protection and privacy risk strategy and compliance focusing efforts on areas that present higher data privacy risks Monitoring compliance with data privacy provisions and with HSBC Group policies relating to the protection of personal data, including the assignment of responsibilities, staff education and awareness training, and ensuring remediation of any related audit findings Reviewing and advising on Data Protection Impact Assessments (DPIAs) and monitoring performance of mitigations, where necessary Cooperating with the regulatory authority Acting as the contact point internally and externally with data subjects and the regulatory authority Advising on, and providing the business with support, to ensure the necessary safeguards and controls are in place to ensure compliance with requirements for international data transfers by identifying all circumstances in which personal data is transferred outside of the relevant jurisdiction; and Provide incident management advice and/or support as needed and ensure that data incidents and breaches are responded to and managed effectively with data subjects and that the relevant authorities are informed within necessary timeframes. Resilience Risk (RR) Specialists provide expert advice covering specific RR risk lens to ensure high quality advice, expertise and guidance is available across the responsible risk types: Technology (including Cyber Security) Risk; Data and Information Security Risk. RR Specialists operate on an entity-wide basis and must work closely with the ERM Business and Functions aligned roles to support them by providing RR technical advice and guidance for their consumption and use in delivering their respective relationship management remits. Given the broad scope of the RR risk types, in country RR specialists will also operate within a regional RR specialist community, which will operate in each region. Provide technical advice and support to INM ERM Business and Functions teams and ensure they understand and are aware of the control environment and assessment of risk within the country commensurate with the scale and nature of operations. Support the ERM, Business & Functions teams to explain in non-technical terms the impact of issues or events, and top and emerging risks that may require changes (for example, to controls, resources or business operations) to remain within respective Risk Appetite. Support the ERM Business & Functions teams to ensure Risk and Control Owners have clear understanding of the effectiveness of the current control environment. Monitor the local external environment to get early sight of emerging risks and provide detailed guidance on controls required to mitigate against them. Build and maintain relevant cross-organisation and industry relationships. Deliver tailored and specific expertise across INM enabling 1LOD to successfully deploy and operate mitigating key controls. Provide technical guidance to support development and completion of Enterprise Risk and Regulatory reporting obligations (e. g. RAS, Top & Emerging Risks, Risk Profile Reporting, RMM, Board reporting where relevant, etc) Ensure the root cause of relevant local operational risk issues and events are fully understood and correctly treated. Ensure any concerns with key controls and material change programmes, relevant to their area of RR specialism, are understood and escalated (i. e. within country, to region and/or global peers) as needed. Work in conjunction with the ERM Business & Functions team and 1LOD to escalate any matters within the RR classes when needed. Lead INM regulator and audit engagement pertaining to RR risk types; ensure regulatory compliance for the specialist area/s and timely completion of Audit actions and findings. Support ERM Business & Functions team in the development and implementation of localised Non-Financial Risk framework activity as required (e. g. Locally Significant Risks) or to meet local regulatory expectations. Support training and capability uplift for the ORR Business & Functions team and to the wider HSBC community to ensure robust understanding of all RR risk areas Support the region/ global RR Specialist teams to leverage niche expertise and knowledge as required Additional specific Country responsibilities may be added to this role profile at the direction of the CRO and the country reporting line. Emerging Risks & Change Oversight: Ensuring critical issues, events and incidents both in key controls and material change programmes are managed and understood by and escalated to appropriate governance forums for appropriate and timely resolution Educating stakeholders to understand the impact of emerging risks that require changes to controls, resources and business operations to ensure they remain within appetite Ensuring that Data, Technology and Cyber/Digital related initiatives are not adversely affected as a result of poor planning, testing and approach during the delivery of significant change Conduct Impacts: Overseeing, escalating and providing guidance on the identification of conduct impacts across Data, Technology and Cyber Security risks and activities owned by the 1LOD, including where control weaknesses and risk events impact the delivery of good outcomes Requirements Strong leader with the ability to influence at the senior levels of the organisation Strong level of Data, Technology and Cyber Security risk management knowledge and relevant deep experience Strong level of business knowledge and experience of working in the key resilience risk specialist areas Ability to communicate effectively, building strong relationships and influence senior internal and external stakeholders Comprehensive knowledge of the external environment (threat, regulatory, geopolitical, competitor, technological landscapes) Comprehensive knowledge of the internal control environment MBA / FRM / CA or equivalent with at least 10 years of post-qualification work experience in related industry / field plus a professional certificate in one or more RR specialist disciplines, will be an advantage Professional qualifications in the area of Cybersecurity, Information Systems Audit or equivalent qualification from a recognised professional body may be advantageous You ll achieve more at HSBC. HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

In this role, you will: Participate in security consulting on small projects for internal clients to ensure uniformity with corporate information, security policy, and standards Track or remediate vulnerabilities and security issues Review and correlate security logs Assist with the design, documentation, testing, maintenance, and troubleshooting of security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security Provide technical support for security related issues Utilize industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals Interface with more experienced technologists Required Qualifications: 2+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Exposure and hands-on experience with EDR solutions such as CrowdStrike Microsoft Azure Certifications(AZ-500/ AZ-900) Any other Cloud Certifications Job Expectations: To be part of the Cyber Threat Management team with a focus on delivering engineering and support for Endpoint Detection and Response Capabilities, File Integrity Monitoring and Compliance programs to aid the business with Risk Management initiatives. Manage and Maintain the Infrastructure for Enterprise Endpoint Detection and Response Solution Sound knowledge of Windows, Linux , AIX server operating systems Incident Handling and troubleshooting of performance issues on Server and ensuring System uptime Build and Deployment of Enterprise Endpoint Detection and Response Solution Collaborate with security solution vendors, software engineers, platform teams and cybersecurity teams to support development and production environments Maintain and develop procedure and knowledgebase documents Manage Health of the Enterprise Endpoint Detection and Response Solution Perform Compliance checks in keeping with requirements for the Enterprise Endpoint Detection and Response Solution Participate and perform Business and Resiliency tests Regular and proactive discovery, assessment, engagement, remediation, and mitigation of exploitable cyber vulnerabilities and cyber attacks within the Enterprise computing ecosystem.

About this role: Wells Fargo is seeking a Lead Information Security Analyst In this role, you will: Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation Direct information security risk assessment and research, and recommend remediation plans and strategies Influence stakeholders on net new or on material changes to an asset to influence control decisions Provide consulting on security risk assessment and research, and recommend remediation plans and strategies Act as more experienced lead to the organization to develop security risk awareness and mitigating actions Consult the organization on complex security issues and findings Manage the most complex and critical information assets Evaluate and interpret internal and companywide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security Serve as information security lead to advise on the development and delivery of Information Security Education and Awareness Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals Lead projects and teams Coordinate with vendor manager on third party assets to manage information security risks Serve as a mentor to less experienced staff Required Qualifications: 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: 5+ years of experience with strong technical skills in SQL database environment Operations/production support Experience writing, editing, coordinating, and publishing documentation Knowledge and understanding of complex enterprise systems and frameworks including frontends, middleware, services layer, database, backend, and downstream interfaces Knowledge and understanding of technical writing: storage, middleware, or virtualization Demonstrated ability supporting applications in a distributed, highly available, mission-critical environment Documenting run books for operations engineers. Familiarity with deployments and integration of IAM solutions within the cloud (Azure, AWS or Google Cloud) Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives Risk and Control Management experience (Control design, execution, audit walkthrough skills) Strong verbal, written, and interpersonal communication skills Strong negotiation and leadership abilities Platform familiarization with Microsoft Windows Servers, IIS, Critical services etc. 3+ years of SQL experience (Basic administration and SQL query) Familiarization with any of the following database platforms: MS SQL, Oracle, MySQL. Fluent in scripting or querying languages utilizing SQL, Powershell. Experience with scripting and automation tools (e.g., PowerShell, Python) is a plus.

Your benefits: We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl up to 25 days per year working from abroad We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location) From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach About Allianz Technology Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry, We oversee the full digitalization spectrum from one of the industrys largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age, D&I statement Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment We are interested in your strengths and experience We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life, Join us Let?s care for tomorrow, You IT

As our Sr Security Incident Response Engineer, you will support Everbridges Cyber Intelligence function performing computer network defense and incident response You will be a senior technical leader of threat intelligence; security event monitoring; security incident investigation; forensic analysis; and, security incident response for all Everbridge systems and data globally You will operate in collaboration with other Information Services team members to improve and maintain the overall security posture of Everbridge companies as well as protect data assets You will have the critical function of defining and enhancing effective security monitoring of Everbridge systems and cloud platforms globally You will lead incident response during a known or potential security event You will lead in-depth analysis of systems and data involved with these events, About The Team As a member of the Security Operation Center team, you will strive to take a pragmatic approach when proposing security solutions, implement security best practices, and performing day to day analysis of security events and in maintaining security and threat situation awareness, What you'll do Operational Duties: Lead technical development of security event monitoring and alerting, lead threat intelligence activities, provide technical leadership of incident response, lead forensic analysis, provide monitoring of intrusion detection systems, anti-virus solutions, vulnerability assessment tools, as well as log correlation tools to identify actionable threats or remediation Communicate and coordinate with all internal IS and operations teams as well as any service providers on various attack scenarios including viruses, worms, stolen credentials, DDoS attacks, etc Conduct investigations while communicating and coordinating remediation efforts Stays well-informed and current on product updates, the threat landscape, and vulnerabilities relating to technology, Business Support: Participate in business and technology initiatives as an senior information security technical leader Assist in defining security related processes and procedures for the department as well as the company that can be employed on a global basis Participates in internal and third-party audits of the companys information security policies, procedures, as well as operational duties while supporting any remediation efforts that may be identified as a result of an audit, Projects: Provide technical leadership of strategic security projects Evaluate the effectiveness of cyber intelligence services globally as well as any related systems and processes Stay well-informed and current on the latest information security technologies, methodologies, and events Lead implementation and enhancement of security monitoring systems and processes as well as security incident investigation and analysis tools Liaisons with external vendors and service providers What you'll bring: Bachelors degree (or equivalent experience) in Computer Science, Engineering, or other technical field Must have 5+ years of direct information security experience in a global IT environment Security certification, such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or Certified | Ethical Hacker (C|EH) a plus Strong experience in an internal security operations center (SOC) Demonstrated ability to lead security incident response teams Experience as lead investigator of security incidents Strong experience with forensic analysis and forensic evidence handling Experience implementing and monitoring thread intelligence systems Detailed functional knowledge of network technologies including network security focused technologies such as next generation firewalls and web application firewalls in a global IT environment Working knowledge of server technologies including administration, virtualization and Active Directory Working knowledge of both Windows and Linux/Unix operating systems Working knowledge of cloud platforms, including AWS, GCP and Azure Experience analyzing network traffic to identify anomalous activity and potential threats to network resources Experience configuring and using Security Information and Event Management (SIEM) systems to effectively monitor security events Experience performing event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack Demonstrated ability to analyze network alerts from various sources within the enterprise and determine possible causes of such alerts Experience providing timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities Demonstrated ability to analyze identified malicious activity to determine weaknesses exploited, exploitation methods, and effects on system and information Experience with tools such as Sumo Logic, Sophos and Office 365 email security are a plus, Experience using Microsoft Word, Excel, PowerPoint, Visio, and SharePoint Microsoft Project, Access, SQL, PowerShell, or scripting experience is a plus About Everbridge Everbridge empowers enterprises and government organizations to anticipate, mitigate, respond to, and recover stronger from critical events In todays unpredictable world, resilient organizations minimize impact to people and operations, absorb stress, and return to productivity faster when deploying critical event management (CEM) technology Everbridge digitizes organizational resilience by combining intelligent automation with the industrys most comprehensive risk data to Keep People Safe and Organizations Running? For more information, visit everbridge,, read the company blog, and follow on Twitter Everbridge? Empowering Resilience Everbridge is an Equal Opportunity/Affirmative Action Employer All qualified Applicants will receive consideration for employment without regard to race, creed, color, religion, or sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law,

Nomura Overview: Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking) Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership For further information about Nomura, visit nomura,, Nomura Services, India supports the groups global businesses With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the groups global operations, At Nomura, creating an inclusive workplace is a priority Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards, Responsibilities: Implement and support data masking, encryption, and tokenization strategies using Thales Cipher Trust Data Security Platform, Collaborate with application owners and infrastructure teams to identify data protection needs and design integration approaches, Develop and maintain policies, templates, and security rules for protecting sensitive data across databases, filesystems, and cloud platforms, Manage Cipher Trust Manager, DSM (Data Security Manager), CTE (Cipher Trust Transparent Encryption), DPM (Data Protection on Demand), and TDP (Tokenization), Perform integration of Thales DPoD with SaaS platforms, cloud-native applications, and structured databases, Support audits and ensure alignment with regulatory compliance (e-g , GDPR, RBI, PCI-DSS), Participate in data discovery and classification exercises in collaboration with other platform leads (e-g , BigID, MIP), Monitor operational health, perform troubleshooting, and ensure availability and integrity of the deployed controls, Generate and deliver technical reports, incident analysis, and improvement plans to leadership and compliance teams, Train and support internal teams for secure adoption of obfuscation and tokenization solutions, Knowledge, Skill, Experience Required: Required: 810 years of experience in Information Security or Data Protection, 3+ years of hands-on experience with Thales Cipher Trust Suite or similar tools (e-g , Vormetric, Voltage), Strong understanding of encryption key lifecycle management, tokenization, and data masking strategies, Experience integrating obfuscation tools into databases (Oracle, MSSQL, MySQL) and enterprise applications, Good scripting and automation skills (e-g , Python, Shell, Ansible) preferred, Familiarity with cloud security concepts and integration of obfuscation solutions with AWS, Azure, or GCP, Working knowledge of data discovery tools like BigID, and classification tools like Microsoft Purview (MIP) is a plus, Understanding of compliance drivers such as GDPR, HIPAA, SOX, and RBI regulations, Beneficial: Thales Certified Engineer / Architect CipherTrust CISSP, CISA, CDPSE, or CIPT will be a bonus Personal Characteristics: Strong problem-solving and analytical mindset, Ability to manage and prioritize tasks in a fast-paced environment, Clear communicator with technical and non-technical stakeholders, Proactive in identifying security gaps and proposing solutions, Detail-oriented, organized, and documentation-focused, Strong ethical standards and a passion for data privacy, We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carers responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age, *Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates,

Ways of working: Mandate 3 : Onsite Office / Field: Employees are expected to work from the office on all days out of their respective base locations, About Swiggy Swiggy Instamart, is building the convenience grocery segment in India We offer more than 30000 + assortments / products to our customers within 10-15 mins We are striving to augment our consumer promise of enabling unparalleled convenience by making grocery delivery instant and delightful Instamart has been operating in 90+ cities across India and plans to expand to a few more soon We have seen immense love from the customers till now and are excited to redefine how India shops, Job Description Custodian of finance for 3PL (Contracts, surges, base pay) and overall CPD alignment Verifying invoices shared from 3PL Base pay computation Taxation clauses Incentive payouts Coordinate with the Finance Automation team to enhance the reporting requirements through system automation, Uploading on finly / oracle and following up on payments process as per DOA Recon with 3PL partners and finance team for quarterly/yearly closures Desired Skills Integrity: Accepting and adhering to high moral, ethical, and personal values in decisions, communications, actions, and when dealing with others, Strong analytical skills: able to clearly link financial results to operational performance drivers, generate alternatives and drive positive change, Excellent verbal and written communication skills and the ability to communicate complex business issues in a clear/concise manner, Adaptable/Flexible: being open to change in response to new information, different or unexpected circumstances, and/or to working in ambiguous situations, Strong knowledge of MS excel, We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regards to race, colour, religion, sex, disability status, or any other characteristic protected by the law"

Everbridge is seeking an energetic, multi-tasking, and process focused Sales Security Analyst to support our nationwide sales team The Sales Security Analyst provides a wide range of security, privacy, and operational support to the Everbridge sales team, The Sales Security Analyst will also become a strong user of Salesforce, and confidential messaging technologies (email and 3rd party based), What you'll do Responding to client security inquiries and questionnaires Validating confidentiality and deploying security attestation documentation Reviewing security and compliance requirements in contract negotiations Participating in security control discussions with our Legal Team and clients/prospects Interacting with Everbridge Security & Compliance teams to obtain up to date content/responses Managing and updating security response content and associated security artifacts Creating and configuring environments in Everbridges SaaS system to be used by sales, technical, and client teams Reviewing and assigning incoming proposals and engaging with our proposal management team as first point of contact for technical and operational support What you'll bring: Minimum experience required for the role is 3 yrs High level understanding of internet hosted applications, highly available architectures, computer security, telephony, and networking Experience interfacing with business and technical teams Ability to learn, understand, and discuss technical concepts, security/compliance requirements and regulations Ability to maintain a high level of productivity in a fast-paced, team environment while managing multiple competing priorities Strong time management skills with proficiency with the Microsoft Office Suite Knowledge of Salesforce, application a plus About Everbridge Everbridge empowers enterprises and government organizations to anticipate, mitigate, respond to, and recover stronger from critical events In todays unpredictable world, resilient organizations minimize impact to people and operations, absorb stress, and return to productivity faster when deploying critical event management (CEM) technology Everbridge digitizes organizational resilience by combining intelligent automation with the industrys most comprehensive risk data to Keep People Safe and Organizations Running? For more information, visit everbridge,, read the company blog, and follow on Twitter Everbridge? Empowering Resilience Everbridge is an Equal Opportunity/Affirmative Action Employer All qualified Applicants will receive consideration for employment without regard to race, creed, color, religion, or sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law,

The Application Security Analyst reports directly to the team lead of Vulnerability Management and Applications Security. The role is responsible for identifying vulnerabilities and weaknesses in applications before they go live to reduce company's attack surface and supports the operational teams in the understanding of vulnerabilities. This position is responsible of the proper maintenance, configuration and governance of the solution used for scanning the target applications. This role requires constant communication with the operational teams and other stakeholders, supervision of the processes and making sure that the service quality is delivered with the highest standards. Basic Qualification: Education: Bachelors in information technology, Computer Science or similar Field. Experience: Minimum 3 years of experience in Applications Security scans, Vulnerability Management or related cyber security experience. Excellent verbal and written communication skills Excellent team player that demonstrates proactiveness Strong analytical and interpersonal communication skills, including the ability to communicate effectively Mandate Skills: Service-related expert knowledge Experienced in designing and implementing secure tests Secure configuration management techniques Knowledge of software quality assurance process Knowledge of secure software deployment methodologies and tools Ability to document technical concise and understandably Experience in the use of Application Security Testing tools Understanding of the attack surface and company security posture Knowledge in log analysis and troubleshooting of issues Advanced knowledge of application related vulnerabilities Cyber security and technical knowledge Experienced in discerning the protection needs (i.e., security controls) of information systems and networks Experienced in estimating specific operational impacts of cybersecurity incidents caused in applications Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, etc.) Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) Knowledge of cybersecurity principles and methods that apply to software development Consideration of laws, regulations, policies, and ethics (GDPR, etc.)

Location Pune (Maharashtra), India Designation / Position Associate Technology Manager Type of Position Full time Work Experience Required 7-10 Years Corporate Office : 466, Southern Blvd, 2nd Floor, Chatham, New Jersey 07928, USA Innovation Centre : A-202, Teerth Technospace, Survey no.113, Mumbai Bangalore Highway Baner : 411045 Key Responsibilities: Extensive experience in Linux (RHEL, Ubuntu, etc) environments. Strong understanding of Data Center, OS, and Storage concepts. Ensure system uptime of 99.9%. Understand high availability concepts, including clustering, load balancing, uptime/downtime, failover (active-passive/active-active) and disaster recovery planning Strong understanding of database concepts like Clustering, Replication, and NoSQL concepts. Ability to use database tools (e.g. MongoDB). Internet Technologies: Good knowledge in DNS, Web and Application Servers (e.g., Tomcat, WebLogic), Virtualization, Cloud Computing, VPC, VNet and basic web technologies (HTML, JavaScript). Basic understanding of the mobile technologies and concepts like PlayStore/AppStore, GCM/FCM, APNs, etc. Strong knowledge of IT security and software, Antivirus, Firewall, Networking, and Server support. Proficiency in MS-Office, Project Management software (JIRA, Confluence, etc.) and Support software (Zendesk, Zohodesk, etc). Install, configure, and integrate Product on customers servers. Follow and execute instructions from user guides or emails to operate, monitor, and resolve system issues. Lead the product integration (Mobile SDKs, Backend APIs, etc) effort by understanding the customers product and participating in design/integration discussions. Take calls, sessions and remotes of customer issues and provide prompt and accurate resolution/feedback to customers. Ensure proper recording and closure of all issues. Must be able to document activities, procedures, reports etc. Should be ready to work for extended shifts and travelling to client sites, if needed. Lead and mentor a team of technology professionals, providing guidance, training and support. Possess an analytical mindset, capable of working under pressure and resolving complex technical issues. Excellent customer management and communication skills. Understand business scenarios and recommend changes to products to fulfill customer needs. Implement and manage SRE practices including defining SLAs, SLIs, and SLOs. Ensure robust observability across application and infrastructure layers. Gain hands-on experience in maintaining high availability and performance. Adopt Chaos Engineering to proactively identify and address potential problems in production systems, ensuring resilience and reliability. Qualification BE/B.tech (CS,IT), ME/M.tech (CS,IT), BSC-IT, BCA, MCA

You will be responsible to assist with the efficient running of the department in line with Hyatt International's Corporate Strategies and brand standards, whilst meeting employee, guest and owner expectations. The Team Leader - Security is responsible to assist in the smooth operations of the security operations of the Security team Qualifications Ideally with a professional diploma or certificate in Safety and Security. Minimum 2 years work experience as Assistant Security Manager, or Senior Security Officer in larger operation. Good practical, operational and adequate administrative skills are an asset.

You will be responsible to assist with the efficient running of the department in line with Hyatt International's Corporate Strategies and brand standards, whilst meeting employee, guest and owner expectations. The Team Leader - Security is responsible to assist in the smooth operations of the security operations of the Security team Qualifications Ideally with a professional diploma or certificate in Safety and Security. Minimum 2 years work experience as Senior Security Officer in larger operation. Good practical, operational and adequate administrative skills are an asset.

Dear Candidate, We are hiring a Cybersecurity Consultant to provide expert advice on securing systems, applications, and infrastructure. Best for professionals who stay ahead of emerging threats and compliance trends. Key Responsibilities: Perform security assessments, audits, and risk analysis Advise clients on cybersecurity frameworks (NIST, ISO 27001, CIS Controls) Develop and implement incident response and data protection strategies Provide guidance on secure architecture and cloud security Required Skills & Qualifications: Knowledge of threat modeling, secure coding, and network security Experience with security tools (SIEM, DLP, IAM, vulnerability scanners) Strong communication and documentation skills Bonus: Certifications such as CISM, CISSP, or OSCP Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Job Description: Cloud Segment Information Security Officer (SISO GL28) Location- Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organizations cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Key Responsibilities: Cloud Security Strategy: Develop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure. Risk Management: Identify, assess, and mitigate security risks associated with cloud operations and technologies. Incident Response: Lead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation. Compliance: Ensure compliance with relevant cloud-specific regulations and standards. Collaboration: Work closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications. Training and Awareness: Support security training and awareness programs for employees within the cloud segment to promote a security-conscious culture. Policy Development: Develop and enforce security policies and procedures specific to cloud operations. Audit and Assessment: Support security audits and assessments to ensure the effectiveness of security measures within the cloud segment. Business Partnership: Foster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions. Qualifications: Proven experience in developing and implementing cloud security strategies. Strong knowledge of cloud risk management and security architecture. Experience in leading cloud incident response efforts. Familiarity with cloud compliance regulations and security monitoring tools. Excellent collaboration and communication skills. Ability to conduct training and develop cloud security policies. Experience in conducting cloud security audits and assessments. Demonstrated ability to build and maintain relationships with business leaders and stakeholders. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission. njp

Job Description: Cloud Segment Information Security Officer (SISO GL28) Location Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organizations cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Primary Responsibilities: Cloud Security Strategy: Develop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure Risk Management: Identify, assess, and mitigate security risks associated with cloud operations and technologies Incident Response: Lead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation Compliance: Ensure compliance with relevant cloud-specific regulations and standards Collaboration: Work closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications Training and Awareness: Support security training and awareness programs for employees within the cloud segment to promote a security-conscious culture Policy Development: Develop and enforce security policies and procedures specific to cloud operations Audit and Assessment: Support security audits and assessments to ensure the effectiveness of security measures within the cloud segment Business Partnership: Foster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Proven experience in developing and implementing cloud security strategies Experience in leading cloud incident response efforts Experience in conducting cloud security audits and assessments Solid knowledge of cloud risk management and security architecture Familiarity with cloud compliance regulations and security monitoring tools Proven excellent collaboration and communication skills Demonstrated ability to conduct training and develop cloud security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.

Primary Responsibilities: Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelors degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification: CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.