47 Infosec Jobs

As an Associate Audit and Infosec at Setu, you will play a crucial role in ensuring the security and compliance of our technical systems. Setu aims to bridge the gap between regulated financial institutions and technology companies to facilitate the creation of innovative financial products. Your responsibilities will include working closely with the Audit & Compliance Manager to uphold Setu's reputation as a dependable player in the eyes of asset partners and regulators. Your primary objective will be to establish and maintain a robust information security, risk & compliance management framework at both the company and individual product levels. You will be involved in managing and enhancing Setu's security, compliance, assessment, and penetration testing programs. Collaboration with various teams within the organization will be essential to improve security compliance and reduce risks effectively. To excel in this role, you should have a minimum of 2-4 years of experience in managing audit and compliance functions, preferably in a fintech or regulated financial institution. Familiarity with frameworks such as ISO 27001:2013 and PCI DSS, as well as experience in completing vendor and technical audits, will be beneficial. Attention to detail, patience in dealing with stakeholders, and a strong focus on process implementation are key attributes for success in this role. You will be responsible for coordinating internal and external audits, ensuring compliance with security policies and standards, and working towards acquiring and maintaining relevant certifications such as ISO 27001:2013, SOC2 Type 2, and data localization requirements. Your role will involve monitoring security advisories, conducting audits, and collaborating with partners to meet audit requirements efficiently. At Setu, you will have the opportunity to work closely with the founding team, access a range of learning and development resources, and enjoy comprehensive health benefits. Our culture is defined by core values such as decisiveness, accountability, leadership, and innovation. If you are passionate about making a direct impact on financial inclusion and improving lives through infrastructure development, Setu offers a challenging yet rewarding environment to grow and excel in your career.,

INFORMATION SECURITY PROJECT SPECIALIST The Information Security Project Specialist will be responsible for supporting the InfoSec project portfolio and the delivery of security projects for the IT department, primarily with a focus on Cloud Security. The role includes acquiring resources and coordinating the efforts of team members and enterprise stakeholders to deliver projects according to plan. What You'll Do: Executes the end-to-end management of security projects: including resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You'll Bring: Bachelors Degree required. 7 - 10 years of relevant work experience, including Information Security, project management, and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. Management of projects in AWS or other public cloud infrastructure desired. Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (ie. Cloud Security enhancements, Firewall implementation, Anti-Virus migration, MDM implementation, OS/Network hardening, etc.) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

Position Summary : At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our company's internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelor's or Master's degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 4 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment Role: IT & Information Security - Other Industry Type: IT Services & Consulting Department: IT & Information Security Employment Type: Full Time, Permanent Role Category: IT & Information Security - Other Education UG: B.Tech/B.E. in Any Specialization PG: M.Tech in Any Specialization

Job Title: Senior Information Security Engineer (ISO, Compliance) Experience Required: 4-5 years in Information Security Location: Whitefield, Bengaluru -Hybrid Key Areas: SOC 2 Type 1 and Type 2, ISO 27001, GDPR, security governance, vendor security due-diligence, vendor security reviews and assessment, preparation of security checklist, security awareness/phishing simulation, management dashboards, manage key metrics for IT and Infosec. You can apply by filling the form : https://forms.gle/LGarRicG4jcFVWEX6 Roles & Responsibilities: Develop and finalize policies, procedures, and guidelines related to IT and Infosec domains in alignment with industry best practices (ISO 27001 , GDPR and SOC 2). Align internal IT and Infosec processes as per ISO 27001 and SOC 2 standards and security guidelines. Assist in defining and reviewing the key metrics for management reporting. Developing cyber security standards, including incorporating industry practices and applicable compliance requirements. Develop review checklists, questionnaires, and manage evidences to assist the IT vendor risk management process. Perform 3rd party security due-diligence reviews and periodic vendor risk assessments to assess vendor compliance. Coordinate with external stakeholders and auditors for IT and Infosec related reviews Coordinate for conducting periodic penetration testing exercises on in-scope applications and related infrastructure. Coordinate with stakeholders for timely closure of open risks. Assist in imparting security awareness training and executing phishing simulation exercises to employees. Assist IT and Infosec in gathering the metrics data and prepare management dashboards. Coordinate and facilitate SOC 2 audits, acting as the primary point of contact for the external auditor. Gather evidence and documentation to demonstrate compliance with SOC 2 requirements. Address any audit findings and implement corrective actions. Experience Should have 4-5 years of experience in information security domain and minimum Should have 4 of years in overall IT and Infosec governance related activities. Must have sound knowledge in defining processes, developing policies, procedures, and guidelines, and preparing management reporting dashboards. Must have experience in guiding teams with respect to SOC 2 requirements Developing and implementing enterprise governance, risk, and compliance strategy and solutions. Familiarity with industry standards and regulations including PCI, ISO27001, SOC 2, GDPR, CIS, NIST is desired. Candidates from BFSI experience will be preferred Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security implications.

INTERESTED CANDIDATE SHARE CV TO VAIJAYANTHI.M@PARAMINFO.COM Exp: 12+ Years Notice: Max 30 Days Location: Bangalore Domain: Banking is Must Must Required Skills: PMP or equivalent certification Experience managing Unified Contact Center / IVR Projects Strong understanding of Microsoft Solutions , CRM Tools , IVR Implementation Hands-on with cross-functional stakeholder coordination (Compliance, Risk, InfoSec, GRC, etc.) Excellent in reporting , project planning , risk mitigation , and governance Experience working in banking sector mandatory Preferred Skills: Familiarity with Lean / Six Sigma / Process Improvement Exposure to IT Governance & Regulatory Processes Strong decision-making in fast-paced, multi-project environments Job Description: Job Purpose: Project Manager is responsible for managing project related to unified contact centre within the business units. The Project Manager will lead the Unified Contact Centre project and ensure deliverables are in accordance to the business requirements and within the budget (minimize risk and optimize delivery); Projects will be related to lines of businesses, organization growth and service enhancements for the customers Key Result Areas: Responsible for managing projects for lines of businesses. Monitor the development and implementation of project plans which includes design, testing, and implementation of all business requirements. Ensure Project Management Framework is followed, and all the required artifacts are submitted at each stage of the project. Ensure all relevant documentation related to projects are stored in the Central Project repository. Coordinate with the project team and other stakeholders like Compliance, Information Security Group, Operational Risk Management, IT GRC, Procurement, Finance teams to ensure necessary approvals are obtained for the smooth delivery of the projects. Provide accurate reporting to the senior leadership teams and governance forums on the status of the projects. Operating Environment, Framework and Boundaries, Working Relationships: The job holder will need to work across all functions in the organization while ensuring the project management methodologies are followed by technology team members in the Bank for the local & overseas operations. Ensure the project status are accurately reported to the IT Governance forums and senior leadership team. Problem Solving: Will need to deal with all the problems associated with multiple interdependencies that will arise out of multi-disciplinary projects In a fast paced, dynamic environment where time to market is critical, the incumbent will frequently need to make quick decisions on risks associated with the projects / programs Decision Making Authority & Responsibility: Ensure Project management framework is followed, and periodic reporting is done to senior leadership teams on the status of the projects. Responsible to ensure all stage gates as prescribed in the project management framework are followed by the project teams and in case of risks / issues highlight it to senior management Knowledge, Skills and Experience: Masters degree with at least 12 years of experience in banking industry with project management certification (e.g. PMP) or equivalent practical experience Previous experience working in Microsoft solution or any project related to build customer contact centre. Ability to establish and maintain strong working relationships with the stakeholders across the organisation INTERESTED CANDIDATE SHARE CV TO VAIJAYANTHI.M@PARAMINFO.COM

Fresh B Tech graduates who are pass out in 2024, 2025 can only apply Candidates must possess good communications skills. Candidate must be open for WFO/ Open for Shifts. P lease share CV with Bhawana. Sharma@rsystems.com or Whatsapp Bhawana at 8595575733

Role :Information Security Exp - 10+yrs (8+Relevant Exp) Must have - GRC, ISO 27001, ISO 23001, Internal and external Audits, IT Audits, SOC 2& GDPR(EU)/HIPAA Loc - Chennai /Bangalore/hyderabad Budget - 22LPA Regards, Ragul 8428065584

Within Societe Generale Global Solution Center (SGGSC), you will join Global Cybersec Capability Centre (G3C) team based out of Bengaluru, working in Cyber sec team as a infosec specialist to contribute in the information security and risk management practice. As a Cybersecurity senior analyst, you will be part of the G3C Infosec services within the G3C team (Global Cybersecurity Capability Centre). Based in Bangalore, you will manage infosec operations and responsibilities across regions and collaborate closely with security and IT teams across the organization to coordinate cybersecurity operations, governance activities, manage compliance efforts, and support audit readiness. You will play a vital role in presenting evidence, identifying risks, and implementing security controls in line with organizational and regulatory expectations. The candidate will be working in a high-pressure environment, it calls for assertiveness and flexibility to ensure deadlines are met based on agreements / defined milestones The main responsibilities are: Collaborate with internal stakeholders including CIO, CTO, and CISO teams, Centers of Expertise, and various tribes to manage security governance activities. Engage with HR, Risk, Internal Control, and Audit functions to coordinate cybersecurity reporting, evidence collection, and issue resolution. Conduct independent research and assessments to identify weaknesses and recommend remediation strategies in secure environments. Drive compliance initiatives and ensure readiness for internal and external audits. Support the development, implementation, and tracking of cybersecurity governance programs and documentation. Profile required Bachelors degree in Computer Science, Mathematics, or a related field (Masters degree preferred) Minimum 5 years of work experience in IT and Cybersecurity Strong knowledge of Information security, risk management, and monitoring frameworks Experience conducting independent research and identifying technical security gaps Relevant certifications such as CISSP, CISA, ISO 27001 Lead Auditor, CompTIA Security+, etc. Intermediate-level proficiency in Microsoft Excel Strong English proficiency (spoken, written, and read) Behavioral Competencies: Excellent organizational and cross-functional coordination skills Team player with strong initiative and the ability to work independently Effective analytical and decision-making abilities Proactive communication and stakeholder management skills Strong adaptability, openness to feedback, and willingness to continuously learn Results-driven with strong planning and execution discipline Negotiation skills are an added advantage

2-3 yrs of exp of software quality assurance or working knowledge of ISO standards Preferably CISSP certified - If not, would look to certify within 1 to 2 years with ongoing training in data security/privacy field Location: Goregaon, Mumbai (Hybrid)

KPMG India is looking for Assistant Manager - Info Sec and Tech Risk Assessments Assistant Manager - Info Sec and Tech Risk Assessments to join our dynamic team and embark on a rewarding career journey Ensuring company policies are followed. Optimizing profits by controlling costs. Hiring, training and developing new employees. Resolving customer issues to their overall satisfaction. Maintaining an overall management style that follows company best practices. Providing leadership and direction to all employees. Ensuring product quality and availability. Preparing and presenting employee reviews. Working closely with the store manager to lead staff. Overseeing retail inventory. Assisting customers whenever necessary. Organizing employee schedule. Ensuring that health, safety, and security rules are followed. Ensuring a consistent standard of customer service. Motivating employees and ensuring a focus on the mission. Maintaining merchandise and a visual plan. Maintaining stores to standards, including stocking and cleaning. Completing tasks assigned by the general manager accurately and efficiently. Supporting store manager as needed.

Skill required: Risk & Compliance - Operational Audit & Compliance Designation: Risk and Compliance Senior Analyst Qualifications: BCom/Chartered Accountant/CA Inter Years of Experience: 5 to 8 years Language - Ability: English - Proficient About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.The Operational Audit & Compliance team focuses on auditing and managing effective implementation and delivery of functional processes within operations to mitigate risks. The role may require for you to have a good understanding of anti-corruption, BCM and infosec policies, records management and contractor controls. The team is responsible for establishing processes to validate the effectiveness and drive improvements wherever required. What are we looking for Audit RepEnglish Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification BCom,Chartered Accountant,CA Inter

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program. Responsibilities Include: Work with peers to identify and assess Information Security risks Conduct risk assessments using CME Groups established GIS Third Party Risk Management assessment process Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc. Assist the GIS TPRM function with: Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions Assist in compiling and delivering business and operational metrics at regular intervals Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support Problem Solving: Objectively assess the impact, likelihood, and velocity of identified risks Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers Rapidly analyze complex technical details Synthesize detailed analysis into a big picture view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company Decision Making: Recommend risk treatment decisions Recommend remediation actions when risk mitigation is desired Recommend improvements to methods, instrumentation, training, documentation, and processes Recommend solutions for automating and streamlining GIS TPRM risk management practices Working Relationships: Interacts with peers across all elements of the Technology Division Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Interact occasionally with industry peers from other Systemically Important Financial MarketUtilities(SIFMUs),research organizations, solution providers, etc. Required Experience: Bachelors Degree or equivalent experience Minimum of 4 to 6 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.) Demonstrable knowledge of a broad range of InfoSec technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Additional preferred experience: Demonstrable knowledge of InfoSec risk management methods and practices Experience with operating GRC solutions Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.)

The Global Information Security (GIS) Technology Risk Management Analyst will work with peers in Global Information Security (GIS) and across the Technology Division to ensure that third party technology risks are properly identified, assessed, monitored, and communicated in support of the overall Third Party Risk Management (TPRM) program. The Analyst will assist with the continuous improvement and daily operation of the GIS Third Party Risk Management (GIS TPRM) program. Responsibilities Include: Work with peers to identify and assess Information Security risks Conduct risk assessments using CME Groups established GIS Third Party Risk Management assessment process Collaboratively author and edit various assessment related documents including Deficiencies Observed, Summary of Work, Risk Advisory Memos, exceptions from GIS technical policies and standards, and other related output resulting from risk adjudication activities Participate in and contribute to various working groups across the Technology Division, including, but not limited to, Third Party Risk Management working group, Governance, Risk Management, and Compliance (GRC) working group, etc. Assist the GIS TPRM function with: Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly manage third party technology risks Providing advisory and consulting services to the Information Technology Management Team related to InfoSec risks, treatment strategies, and decision-making Assist in the preparation of management reports, presentations, metrics, and other documentation required to support governance functions Assist in compiling and delivering business and operational metrics at regular intervals Promoting a culture of risk awareness and accountability through training, education, and risk management consultative support Problem Solving: Objectively assess the impact, likelihood, and velocity of identified risks Objectively advise on any number of controls that will mitigate risk while not imposing undue burden on those who must implement the controls Drive objectivity and build consensus among stakeholders with widely divergent perspectives and drivers Rapidly analyze complex technical details Synthesize detailed analysis into a big picture view that can be easily understood by non-technical stakeholders in order to support risk-based decision-making for senior managers within the company Decision Making: Recommend risk treatment decisions Recommend remediation actions when risk mitigation is desired Recommend improvements to methods, instrumentation, training, documentation, and processes Recommend solutions for automating and streamlining GIS TPRM risk management practices Working Relationships: Interacts with peers across all elements of the Technology Division Communicate regularly with cross-functional peers outside of the Technology Division, including Legal, Information Governance, Global Operations, Global Assurance (Internal Audit), Enterprise Risk Management, Third Party Risk Management, and other business unit leadership Interact occasionally with industry peers from other Systemically Important Financial MarketUtilities(SIFMUs),research organizations, solution providers, etc. Required Experience: Bachelors Degree or equivalent experience Minimum of 1 to 3 years of relevant experience in publicly traded companies or finance/technology industry operations with third party risk management experience a plus Experience in at least two of the following: InfoSec (Operations, Program Management, Governance, Risk Management, etc.), Enterprise Architecture, Identity & Access Management, Application Development, Infrastructure & Operations, IT Compliance, or Internal Audit Experience working with industry based information security and / or control frameworks (NIST Cyber Security Framework, ISO 27002, COBIT, etc.) Demonstrable knowledge of a broad range of InfoSec technologies and practices Demonstrable, impeccable writing skills for technical, management, and executive audiences Additional preferred experience: Demonstrable knowledge of InfoSec risk management methods and practices Experience with operating GRC solutions Professional certification in InfoSec or Risk Management (such as CRISC, CISM, CISSP, CGEIT, CISA, etc.)

Arcadis is the world's leading company delivering sustainable design, engineering, and consultancy solutions for natural and built assets. We are more than 36,000 people, in over 70 countries, dedicated to improving quality of life. Everyone has an important role to play. With the power of many curious minds, together we can solve the worlds most complex challenges and deliver more impact together. Individual Accountabilities Collaboration Collaborates with domain architects in the DSS, OEA, EUS, and HaN towers and if appropriate, the respective business stakeholders in architecting data solutions for their data service needs. Collaborates with the Data Engineering and Data Software Engineering teams to effectively communicate the data architecture to be implemented. Contributes to prototype or proof of concept efforts. Collaborates with InfoSec organization to understand corporate security policies and how they apply to data solutions. Collaborates with the Legal and Data Privacy organization to understand the latest policies so they may be incorporated into every data architecture solution. Suggest architecture design with Ontologies, MDM team. Technical Skills & Design Significant experience working with structured and unstructured data at scale and comfort with a variety of different stores (key-value, document, columnar, etc.) as well as traditional RDBMS and data warehouses. Deep understanding of modern data services in leading cloud environments, and able to select and assemble data services with maximum cost efficiency while meeting business requirements of speed, continuity, and data integrity. Creates data architecture artifacts such as architecture diagrams, data models, design documents, etc. Guides domain architect on the value of a modern data and analytics platform. Research, design, test, and evaluate new technologies, platforms and third-party products. Working experience with Azure Cloud, Data Mesh, MS Fabric, Ontologies, MDM, IoT, BI solution and AI would be greater assets. Expert troubleshoot skills and experience. Leadership Mentors aspiring data architects typically operating in data engineering and software engineering roles. Key Shared Accountabilities Leads medium to large data services projects. Provides technical partnership to product owners Shared stewardship, with domains architects, of the Arcadis data ecosystem. Actively participates in Arcadis Tech Architect community. Key Profile Requirements Minimum of 7 years of experience in designing and implementing modern solutions as part of variety of data ingestion and transformation pipelines Minimum of 5 years of experience with best practice design principles and approaches for a range of application styles and technologies to help guide and steer decisions. Experience working in large scale development and cloud environment. Why Arcadis We can only achieve our goals when everyone is empowered to be their best. We believe everyone's contribution matters. Its why we are pioneering a skills-based approach, where you can harness your unique experience and expertise to carve your career path and maximize the impact we can make together. Youll do meaningful work, and no matter what role, youll be helping to deliver sustainable solutions for a more prosperous planet. Make your mark, on your career, your colleagues, your clients, your life and the world around you. Together, we can create a lasting legacy. Join Arcadis. Create a Legacy. Our Commitment to Equality, Diversity, Inclusion & Belonging We want you to be able to bring your best self to work every day, which is why we take equality and inclusion seriously and hold ourselves to account for our actions. Our ambition is to be an employer of choice and provide a great place to work for all our people.,

- Information Security Manager shall be primarily responsible to : - Run and manage the BAU security infosec operations - Create and maintain ISMS Policy and Process documents - Ensure Infosec compliance with RBI and other regulatory agencies - Participate in IT Infosec Audits and ensure closure of observations within given timeliness - Conduct regular VAPT (Vulnerability Assessments) and track closure of open observations - Identifying and evaluating new IT security technologies and services and implementing it - Ensure cyber security related polices and technologies are in place - Conducting regular Inforsec Awareness within users in the organization - The person needs to work closely with the CISO and other stakeholders Risk, IT and Audit teams. - The position will based at CreditAccess Grameen HQ in Bangalore, and may require short term travel on need basis to other CAGL offices. Key Accountability: - Ensuring adequate security controls are in place & working effectively within the organization for information & cyber security - Ensuring effectiveness of all IT controls to prevent any unauthorized access or activities at a system administration level - Identify potential security weaknesses through vulnerability assessments and track them to closure within the timeliness -Tracking and reporting key risk indicators defined for IT processes - Create and maintain the documentation for information system audits in accordance with regulatory and compliance requirements - Create Review ISMS policy and process - Implement Strategic IT Infosec projects to strengthen the overall IT Security posture at CAGL

Role & responsibilities Security Program & Project Delivery Lead the planning, execution, and delivery of security initiatives including vulnerability management programs, NAC implementation, SIEM integration, and incident response enhancements. Coordinate cross-functional security projects across IT, infrastructure, compliance, and executive stakeholders. Ensure alignment with security frameworks including NIST, ISO 27001, CIS Controls, MITRE ATT&CK , and regulatory standards like HIPAA and GDPR . Technical Oversight & Reporting Act as the SME across multiple domains including cloud security (AWS, Azure, GCP), endpoint security (Crowdstrike, Symantec), and network security (Fortinet, NAC, IDS/IPS). Translate technical requirements into business-aligned roadmaps and timelines. Own the development of project documentation including scope, timelines, resource allocation, risk logs, and communications plans. Vulnerability & Risk Management Collaborate with vulnerability and threat management teams to prioritize and drive remediation projects. Design and deliver reporting dashboards and metrics (KPIs/KRIs) for executive leadership. Support remediation planning from external assessments (e.g., Red/Purple Team, penetration testing). Incident Response Coordination Partner with SOC and engineering teams to ensure effective execution of the Cyber Incident Response Plan (CIRP). Facilitate tabletop exercises, after-action reviews, and response drills aligned with NIST 2.0 . Vendor & Stakeholder Management Coordinate security vendor evaluations, POCs, onboarding, and performance reviews. Work with 3rd party consultants, auditors, and MDR service providers to ensure timely delivery of contracted services. Act as liaison between technical teams and leadership to manage expectations and ensure strategic alignment. Continuous Improvement & Governance Maintain and update project governance structures to align with industry best practices. Champion continuous improvement by assessing and refining project methodologies, tools, and templates. Contribute to policy updates, compliance audits, and control gap remediation plans. Required Skills & Qualifications: Bachelors degree in Cybersecurity, Information Technology, or related field. 8+ years of IT experience with a minimum of 3–5 years in a dedicated cybersecurity or InfoSec project management role . Proven success delivering complex, cross-functional security projects in manufacturing, healthcare, or enterprise environments . Strong understanding of cybersecurity domains including cloud security, endpoint protection, identity management, and threat detection. Familiarity with GRC processes, compliance audits, and risk frameworks (NIST, ISO, CIS, HIPAA, GDPR). Proficiency in project management tools (e.g., Jira, MS Project, Smartsheet) and reporting dashboards (e.g., Power BI, Tableau). Exceptional written and verbal communication skills , including executive-level presentation and documentation abilities. Preferred Certifications: PMP, PRINCE2, or equivalent Project Management certification CISSP, CISM, or CISA (strongly preferred) Certified ScrumMaster (CSM) or other Agile experience a plus

Information Security Engineers Date: Monday, 7th July 2025 Location for Interview: Bangalore Work Mode: Work From Home (5 Days a Week) Role: Information Security Engineer Experience: 6 to 9 years Required Skill Set: Strong programming skills in Python , Perl , and Java Hands-on experience with cloud platforms (AWS, Azure, or GCP) Solid understanding of cloud security , automation , and secure coding practices Exposure to network security , vulnerability management , and incident response Ability to design, develop, and integrate security tools and systems Eligibility: 6+ years of relevant experience in information security engineering Available for Face-to-Face (F2F) interview on Monday, 7th July 2025 Open to working remotely ( full-time WFH 5 days/week ) Role & responsibilities

Job Profile: Infosec Analyst 4 Location: Bangalore | Karnataka Years of Experience: 7 - 10 ABOUT THE TEAM & ROLE Swiggy is seeking a highly capable and hands-on SaaS Application Administrator to join our dynamic SaaS App IT team. This role is ideal for a technically skilled professional with deep experience in SaaS platforms, automation, and identity and access management (IAM/IDAM). The candidate should be able to manage and optimize SaaS ecosystems, build integrations, and ensure applications are secure, scalable, and aligned with business goals. What qualities are we looking for? Proficient in managing SaaS applications such as Google Workspace, Azure AD/Intune, Oracle, Snowflake, Databricks, GitHub . Strong hands-on experience with IDAM platforms (e.g., Azure AD, Okta, Ping Identity, SailPoint). Skilled in scripting and automation using PowerShell, Python, or similar tools. Deep understanding of IAM protocols and standards: SAML, OAuth, SCIM, LDAP . Familiar with Zero Trust security models and cloud-native security best practices. Analytical and detail-oriented with a process-driven mindset. Strong problem-solving and troubleshooting capabilities. Excellent communicator, able to explain technical details clearly to non-technical stakeholders. Self-starter who thrives in collaborative and fast-paced environments. Qualifications Bachelor’s degree in computer science , Information Technology, Engineering , or a related field. 7+ years of experience in systems engineering, SaaS administration, and cloud integration. Relevant certifications (e.g., Azure Administrator Associate, Okta Certified Admin, Google Workspace Admin ) are a plus. Experience with platforms like Microsoft 365, AWS, Google Workspace, Snowflake, Atlassian . Familiarity with development tools (e.g., Github, Jira ) and CI/CD best practices. Proven track record in security, compliance, automation , and incident resolution. What will you get to do here? SaaS Platform Management: Oversee deployment, configuration, integration, and maintenance of SaaS applications. Automation & Integration: Design and implement automated workflows and API-based integrations using scripting languages (PowerShell, Python, Bash). Identity & Access Management (IDAM): Administer identity platforms (Azure AD, Okta, Google Identity, SailPoint, Ping Identity) and manage SSO, MFA, JIT provisioning, and RBAC. Security & Compliance: Enforce security controls (Zero Trust), monitor threats, and ensure compliance with standards like GDPR, SOC 2, and ISO 27001. Monitoring & Reporting: Track performance, analyze logs, optimize license consumption, and generate stakeholder reports. Technical Support & Enablement: Act as a Subject Matter Expert, resolve complex issues, and mentor junior engineers. Continuous Improvement & Innovation: Stay updated on industry trends and recommend improvements to our SaaS ecosystem. Visit our tech blogs to learn more about some the challenges we deal with: https://bytes.swiggy.com/the-swiggy-delivery-challenge-part-one-6a2abb4f82f6 https://bytes.swiggy.com/swiggy-distance-service-9868dcf613f4 https://bytes.swiggy.com/the-tech-that-brings-you-your-food-1a7926229886 We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, disability status, or any other characteristic protected by the law.

Position Overview: We are seeking a highly experienced and strategic Third-Party Risk Management (TPRM) professional to lead and enhance our enterprise-wide third-party risk program. This role involves overseeing risk assessments, governance, due diligence, monitoring, and issue management for vendors, partners, and service providers across the organization. The ideal candidate will bring 10–12 years of expertise in risk management, information security, compliance, and vendor oversight, with the ability to collaborate across legal, procurement, technology, and business functions to ensure consistent application of third-party risk controls. Roles and Responsibilities Key Responsibilities: Lead the execution and continuous improvement of the Third-Party Risk Management lifecycle, including on boarding assessments, ongoing monitoring, risk reviews, and exit management. Oversee the development and implementation of TPRM policies, frameworks, and procedures, aligned with regulatory standards such as NIST, ISO 27001, SOC 2, GDPR, DORA, and PCI DSS. Conduct and review inherent and residual risk assessments for new and existing vendors across multiple risk domains (information security, compliance, financial, operational, etc.). Collaborate with procurement, legal, IT, business units, and compliance teams to integrate TPRM into sourcing and contract processes. Drive the automation and scalability of the TPRM program through use of GRC platforms (e.g., ServiceNow, Archer, ProcessUnity, OneTrust). Manage third-party due diligence questionnaires (DDQs), control gap analysis, and track remediation efforts for identified issues. Prepare and deliver executive-level reporting and dashboards related to vendor risk posture, risk acceptance, and compliance status. Stay current on emerging regulatory requirements, supply chain risks, and third-party threats to inform program strategy. Support internal/external audits and regulatory reviews involving vendor risk management. Required Qualifications: 10–12 years of professional experience in Third-Party Risk Management, IT Risk, InfoSec, Audit, or related GRC functions. In-depth understanding of third-party risk domains, including cybersecurity, data privacy, business continuity, and compliance. Experience developing or managing TPRM frameworks and governance structures across global enterprises. Hands-on experience with TPRM tools such as ServiceNow GRC, Archer, OneTrust, Prevalent, or ProcessUnity. Strong knowledge of risk and control frameworks including NIST, ISO 27001, SIG, SOC 2, and GDPR. Proven ability to assess and report on third-party risk posture, remediation plans, and contract compliance. Excellent written and verbal communication skills with ability to influence technical and non-technical audiences. Preferred Qualifications: Relevant certifications such as CISA, CRISC, CISSP, CTPRA, CTPRP, or ISO 27001 Lead Auditor. Experience in regulated industries such as financial services, healthcare, or critical infrastructure.

Role & responsibilities: Accountable for driving information security across all digital initiatives of the organization, including Cloud, Automation, Hyper-automation, Analytics, and AI Lead the design and review of end-to-end technology solutions across on-premises and cloud platforms (M365, Azure, AWS), with a focus on building secure and resilient systems . Oversee the security architecture for AI platforms, including internal enterprise adoption of Generative AI and external client-facing AI applications and solutions. Provide strategic security recommendations and implementation guidance to Risk, Information Security, and Enterprise IT leadership teams Manage and maintain oversight of third-party risk management activities. Conduct comprehensive system risk assessments to identify threats and vulnerabilities that could affect IT operations Lead the conceptualization, development, and delivery of managed security service (MSS) offerings across various cybersecurity domains for existing clients. Key Accountabilities Experience: Proven expertise in designing and architecting security solutions, managing cloud security, IT security operations, server and network platforms, cloud environments (M365, Azure, AWS), endpoint security, SOC operations, incident response, cyber threat management, and securing Generative AI solutions. Demonstrated success in delivering Security-as-a-Service for enterprise clients with a strong performance track record. Deep understanding of SOC fundamentals including engineering and operations, incident response, threat intelligence, cyber crisis management, identity, and access management (IAM) lifecycle, and holistic security across cloud, endpoints, servers, and network infrastructure Preferred candidate profile Strong grasp of core IT and security technologies, including Security domains : Active Directory, Group Policy, DNS, DHCP, DLP, Zero Trust, CSPM IT platforms : Servers, Networks, Databases, VPN, Proxy Endpoint security : Desktop, Laptop, Thin Clients Cloud platforms : Microsoft 365, Azure, AWS, Defender for Cloud Relevant Security Certifications : CISSP, CISA, CISM, SANS, OSCP (or equivalent), Cloud certifications (Azure, AWS, GCP), MCSE, CCNA

Role & responsibilities Conduct internal audits and control assessments across frameworks including but not limited to: SOC 2 Type 2 ISO/IEC 27001:2022 PCI DSS HiTrust CSF PIMS (ISO/IEC 27701), AIMS (ISO/IEC 22301) EcoVadis Prepare and maintain audit documentation, evidence collection, and control narratives. Liaise with stakeholders from IT, Security, HR, Legal, and Operations to gather and verify compliance evidence. Support external auditors during SOC, ISO, and PCI assessments by coordinating walkthroughs, follow-ups, and remediation tracking. Perform risk-based control testing and gap analysis against regulatory and contractual obligations. Maintain and update the audit calendar, issue logs, and compliance dashboards. Monitor and track audit findings and assist in developing corrective action plans (CAPAs). Contribute to the development and continuous improvement of the GRC framework and control library. Stay current on updates to standards (e.g., ISO 27001:2022 updates), regulatory developments (e.g., DPDPA, GDPR), and industry best practices. Looking for early Joiners. Interested Candidate can share resume on bhawana.sharma@rsystems.com or can call at 8595575733. Regards, Bhawana

Core Responsibilities Assist with technical control design, implementation and monitoring, support incident responses and assist with providing root cause analysis support for incidents. Monitor for attacks, intrusions, and un-usual, unauthorised or illegal activities when the Security Analysts are finding the instance challenging. Keep an eye on the alerts from systems including SEIM solutions and vulnerability monitoring services and check if the Analysts are able to handle the flow appropriately, if not then jump in and investigate if there are any abnormality in the inflow. Monitor identity and access management, including monitoring for abuse of permissions by authorised systems users if the stats are fluctuating or when you see a spike in the alerts. Assist with Information Security Reporting and metrics, providing input into improving information security reporting and metrics. Identify/recommend improvements on internal investigation capabilities via tool and process building/automation. Provide support to recovering from security breaches; participate in investigation and remediation of security incidents, which may include working as part of a team Assist in perform deep-dive incident analysis, determining if critical systems or data sets has been impacted. Assist with the definition and configuration of compliance policies for security technologies. Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases. Support the incident response of minor incidents by advising on remediation actions, escalating major incidents to the designated parties. Recording lessons learnt whilst supporting on improving existing processes and procedures. Providing support of new analytic methods for detecting threats. Continuously seeking to identify potential service and process improvements. Participate in the implementation of technologies and platforms supporting the corporate infrastructure. Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility. Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility. Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations. Monitoring technical controls that are in place Addressing quires raised by the Security Analysts during investigation or other BAU. Assist Security Analysts in decision making and help in setting up standards. Will be responsible to suggest new fine tunings in the environment to the vendor or to the technical counterparts. Process review and upgradation recommendation when required. Setting up simplified and effective steps in BAU that in turn improves the quality of the work Implementation of new process based on business requirements and communicating the same with the team Team building and team management activities will be one of the key responsibility.

Shift: (GMT+05:30) Asia/Kolkata (IST) What do you need for this opportunity? Must have skills required: ISO 27001, SOC 2, AWS, GCP, Azure, public cloud Infosec Engineer As an Information Security Engineer at IDfy, youll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, youll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if youve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Heres what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!. Who We Are. Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.. Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.. Deepwatch Recognition Includes. 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified. 2024 Military Times Best for Vets Employers. 2024 US Department of Labor Hire Vets Gold Award. 2024 Forbes' America's Best Startup Employers. 2024 Cyber Defense Magazine, Global Infosec Awards. 2023 and 2022 Fortress Cybersecurity Award. 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners. 2022 Cybersecurity Excellence Award for MDR. Position Summary. This role is 100% onsite in Bengaluru. The shift for this position is Monday Friday, 7:30AM 3:30 PM.. Deepwatch is looking for a highly motivated, self-driven, technical analyst dedicated to making a difference in global security by protecting organizations against the most advanced attackers in the world. The Deepwatch Squad and Security Operations Center offers opportunities to expand your skill set through a wide variety of experiences, detecting and responding to incidents as they occur in real-time for our customers.. The Deepwatch squad is a unique approach to how we support our customers and ultimately provide an experience not found anywhere else. You’ll be an integral part of supporting our customers by understanding their bespoke environment, needs and challenges. You will be playing a key role in supporting some of the top organizations in the world, and have the opportunity to develop your skills by working with the best responders in the industry, your team and your Squad.. The Analyst I is focused on providing descriptive analysis. They will answer questions such as the who, what, when, and where of events. Analysts are curious individuals who actively work to develop a better understanding of the environments they are assigned. Using cybersecurity best practices, you will monitor and secure complex customer environments utilizing industry leading technology such as Splunk, xSOAR, CrowdStrike and more.. In This Role, You’ll Get To. Support incident handling processes across multiple platforms and security technologies including Windows, Linux and macOS. Monitor a queue of security events generated by the Deepwatch platform SOAR, triage events based on their criticality, and escalate validated security events to customers. Document and manage incident cases in our case management system. Keep up-to-date with information security news, techniques, and trends. Identify and report any gaps in log collection or reporting as soon as possible to the customer and Deepwatch Engineering. Become proficient with Splunk, ServiceNow and other third-party threat intelligence tools as required. Perform security detection analysis and investigations using SIEM and SOAR technologies, leverage Deepwatch proprietary tooling and intelligence and maintain SLA’s. Act as the first line of defense during security events by triaging and investigating alerts within a customer’s environment. Produce high-quality written and verbal communications, recommendations, and findings to customer management in a timely manner. Continue to sharpen your skills and capabilities on the job, and through the Deepwatch development program. To be successful in this role, you’ll need to:. A basic understanding of cyber security principles, concepts and practice with a focus on SOC operations, alert triage and investigations. Know your way around SIEM platforms (Splunk preferred), how to perform queries and leverage various log sources to perform investigations. Articulate the process involved in pivoting to other log sources, cloud systems, or consoles to perform a comprehensive analysis from multiple data sources. Have a basic understanding of modern EDR, email security and cloud identity platforms. Review SIEM alerts and make a determination for what other sources or intelligence is needed to make a determination, relying on peers to help improve your skills and capabilities. A strong understanding of all basic ports and protocols. Familiarity with Windows, Mac, and Linux file path structure.. Familiarity with OSINT, TTPs and IOCs. Strong written and verbal communication skills with the ability to produce well-written reports and analysis that’s thorough, accurate and complete.. Provide the customer with a complete understanding of the investigation. CEH, CySA, GSEC, Sec+, or equivalent certification preferred. A college degree in Information Security or IT, related training, certifications or on-the-job experience. Life At Deepwatch. For employees, Deepwatch fosters a unique, flexible work environment designed with collaboration in mind. The company emphasizes personal and professional. growth, offering benefits such as professional development programs, comprehensive health coverage, and generous parental leave. Deepwatch is also committed to diversity, equity, inclusion, and belonging, aiming to empower underrepresented groups in tech by connecting them with meaningful opportunities, mentors, and sponsors.. In recognition of its supportive workplace culture, Deepwatch earned the Great Place To Work Certification/(TM) in 2025, underscoring its dedication to. creating a positive and inclusive work environment. Deepwatch is a global cybersecurity company with offices in San Francisco Bay Area, CA; Tampa, Florida;. and Bengaluru, India.. What We Offer. At Deepwatch, we are committed to supporting our employees with a comprehensive benefits package designed to enhance your well-being and financial security.. We Partner With Plum Benefits To Provide. ? Group Health Insurance – Comprehensive medical coverage for you and your dependents.. ? Group Accidental Insurance – Financial protection in case of accidental injuries.. ? Group Term Life Insurance – Security for your loved ones in unforeseen circumstances.. For additional details, refer to the benefits guide provided by Plum.. Payroll & Compensation. ? Pay Cycle: Salaries are processed monthly and paid on the last day of each month.. ? Pay Slips & Reimbursements: Delivered via email.. ? Payroll Processing: Managed by BCL Chartered Accountants through GreytHR, which provides tax and payment-related details.. Show more Show less

Desired Candidate The ideal candidate is a proactive and detail-oriented professional with strong leadership skills and a passion for cybersecurity. They should have excellent communication abilities to convey technical concepts to diverse audiences and a proven track record of managing teams and fostering a culture of security awareness. Adaptable and ethical, the candidate thrives in dynamic environments and collaborates effectively to address evolving cyber threats while maintaining the highest standards of confidentiality and integrity. Responsibilities: Strategic Planning: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with organizational goals. Risk Management: Identify, assess, and mitigate potential cybersecurity risks and vulnerabilities across systems, applications, and networks. Incident Response: Lead and coordinate incident response activities, ensuring quick containment, recovery, and root-cause analysis of security breaches. Compliance and Standards: Ensure adherence to relevant regulatory standards (e.g., GDPR, ISO 27001) and internal security policies. Team Collaboration: Lead and mentor the cybersecurity team, fostering skill development and ensuring alignment with security objectives. Stakeholder Communication: Act as a liaison between technical teams and senior management, translating technical risks into business terms. Continuous Improvement: Monitor and evaluate the effectiveness of security measures, and recommend enhancements to maintain a robust security posture. Tool and Technology Management: Oversee the deployment and management of security tools (e.g., SIEM, firewalls, endpoint protection, etc.) to ensure system integrity and confidentiality. Training and Awareness: Develop and conduct security training programs to promote awareness and compliance across the organization. Requirements: Education: Bachelors or Masters degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 6-10 years of experience in cybersecurity roles with progressive leadership responsibilities. Certifications: CISSP (Certified Information Systems Security Professional)[Ongoing is acceptable]. Additional certifications (e.g., CISM, CEH) are a plus. Technical Expertise: Strong understanding of security architecture, protocols, and best practices. Experience with tools like SIEM, IDS/IPS, endpoint security, firewalls, and vulnerability management systems. Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments. Soft Skills: Excellent verbal and written communication skills for technical and non-technical audiences. Strong leadership, project management, and team collaboration abilities. Analytical and problem-solving mindset with attention to detail.