34 Infosec Jobs

Skill required: Risk & Compliance - Operational Audit & Compliance Designation: Risk and Compliance Senior Analyst Qualifications: BCom/Master of Business Administration/CA Inter Years of Experience: 5 to 8 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.The Operational Audit & Compliance team focuses on auditing and managing effective implementation and delivery of functional processes within operations to mitigate risks. The role may require for you to have a good understanding of anti-corruption, BCM and infosec policies, records management and contractor controls. The team is responsible for establishing processes to validate the effectiveness and drive improvements wherever required. What are we looking for Risk and Compliance Experience Knowledge of Finance & Accounting processAuditing experience Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification BCom,Master of Business Administration,CA Inter

Skill required: Risk & Compliance - Risk Management Designation: Senior Analyst Qualifications: BCom,Master of Business Administration,CA Inter Years of Experience: 5 to 8 About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.The Operational Audit & Compliance team focuses on auditing and managing effective implementation and delivery of functional processes within operations to mitigate risks. The role may require for you to have a good understanding of anti-corruption, BCM and infosec policies, records management and contractor controls. The team is responsible for establishing processes to validate the effectiveness and drive improvements wherever required. What are we looking for Risk and Compliance Experience Knowledge of Finance & Accounting processAuditing experience Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualification BCom,Master of Business Administration,CA Inter

Fortinet-Fortigate Firewalls, Data Network Security - Firewalls, VPN, Microsoft Email Security, Zscaler Proxy, Load Balancing. Security exposure, PA, Fortinet, WAF, Email Security, Proxy. All L2 level. 3 years of Exp in Infosec Domain. Should be able to handle Domestic and Global customers both. Key Skills: Firewalls Web Application Firewall Application Delivery Controller (Load Balancer) Virtual Private Network (VPN) Email Security Appliance Proxy Web filtering Important Note: CEH certification is Mandatory

This will be an Individual Contributor role to start and can evolve over time based on how this function matures. You will play a critical role in the companys tech infrastructure, processes which will be fully aligned with regulatory, security and business continuity standards. Key Responsibilities Draft, coordinate monitor IT processes policies to ensure compliance as per IT Act, regulatory bodies (e.g. RBI, SEBI, GDPR, UIDAI etc.), info security (ISM) guidelines and other applicable laws with respect to Technology, in coordination with internal external stakeholders Prepare update business-wise IT infra details required by the Compliance/Legal teams for regulatory filings and 3rd party audits Conduct vendor risk assessment audits ensure identified gaps are proactively filled Introduce new processes policies by conducting market studies surveys relevant to our business Plan, formulate, coordinate, implement monitor the cyber crisis management plan (CCMP) Incident Management and resolution Interface with external auditors and set up processes to ensure all Infosec audits go smoothly Formulate, implement, review monitor BCP Requirements 4-6 years of experience, including being SPOC for Infosec audits In-depth knowledge of technology, security, risk, and compliance best practices Strong capability in interfacing with both technology and business teams Detailed understanding of security monitoring, threat intelligence vulnerability management A self-driven attitude with a strong sense of ownership Experience with RBI and/or SEBI (preferred) audits is a big plus Assisting the team to conduct Technology Committee Assisting the Risk Officer to conduct independent assessments of the business functions Provide timely data for Risk Management Committee

we have a requirement on InfoSec Engineer for one of our clients for contract to Hire role. job Details: skills InfoSecEngineer Experience9+ Years Location:PAN INDIA Job typeContract to Hire Pay roll companyIDESLABS Work ModelHybrid INFOSEC ENGINEER Linux/RHEL/Windows patching and vulnerabilities remediation SSH Keys/Certificate management EOL analysis for Java/Python/Jenkins Libraries Nice to haveScripting for automation

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZS’s India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What You’ll Do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk. Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

An Information Security Consultant is responsible for ensuring an organization's data and systems are secure and compliant with industry standards. They assess vulnerabilities, develop security policies, and implement solutions to protect digital

Job Opening: Local IT Administrator Location: On-site | Company: PRINTS24x7 Type: Full-time | Experience: 3+ years preferred What Were Looking For: PRINTS24x7 is seeking a skilled and responsible Local IT Administrator to manage and enhance our on-site IT infrastructure. The ideal candidate will have proven expertise in network and system administration, asset management, and hands-on software handling, along with familiarity with modern AI tools. A deep understanding of IT security protocols and compliance standards is essential to safeguard our operations and ensure data integrity. Candidates should be proactive, detail-oriented, and committed to providing reliable technical support across the organization. Key Responsibilities: Monitor and maintain network infrastructure (routers, firewalls, switches). Provide end-user support for hardware/software issueshands-on and responsive. Administer Windows Server environments (Active Directory, Group Policy). Enforce IT security protocols and manage antivirus and threat mitigation systems. Maintain and oversee IT asset lifecyclefrom procurement to decommissioning. Document system configurations, software licenses, support logs, and audits. Integrate and utilize AI tools to improve diagnostics and operational efficiency. Ensure adherence to compliance standards and data protection regulations. Collaborate with vendors for procurement, maintenance, and technical support. Required Skills & Knowledge Proficiency in system administration, software patching, and troubleshooting. Strong grasp of networking (IP addressing, VLANs, subnetting). Working knowledge of AI tools (e.g., automation platforms, AI-based diagnostics). Familiarity with cybersecurity best practices and compliance frameworks. Solid documentation practices and inventory management experience. Effective communication skills for both technical and non-technical users. Desired Attitudes Proactive and solution-focused with strong problem-solving skills. Adaptable to evolving technologies and operational needs. Detail-oriented with a commitment to accuracy and system integrity. Team-oriented and approachable with a service-minded outlook. What Success Looks Like: You will serve as the backbone of our IT operations—ensuring reliability, enforcing security, optimizing performance, and enabling team productivity through seamless technology support. Your expertise and foresight will directly contribute to PRINTS24x7’s operational excellence. Ready to make a difference? Send your resume and cover letter to hr@prints24x7.com

Role & responsibilities General description of the role: Minimum 8 years of experience in managing security audits, such as, ISO 27001, HIPAA, SOC 1, SOC2, PCIDSS Including preparing control owners for audits, interpreting control requirements, reviewing control evidence for appropriateness, testing control effectiveness, presenting control evidence to external auditors, and audit planning with external auditors In-depth knowledge of security controls, interpreting control requirements for SOC 2, ISO, or HIPAA, PCIDSS audits, reviewing control evidence for completeness an accuracy, and ensuring evidence provided to auditors satisfies control requirements. Ability to of plan and lead meetings with control owners and external auditors. Ability to clearly define control requirements to control owners or explaining control evidence to external auditors. Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness, following up on audit requests, and helping to establish a continuous monitoring function. Assist in testing and verification of all controls and formulating reports documenting findings. Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies, standards, and procedures. Work closely with internal business teams to assist in the identification and assessment of potential security risks, and establish risk owners, ratings, and management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS, HIPAA, GDPR Analyse potential impact of new threats and communicates risks to relevant business units Manage security operations, analyse security exceptions, gather necessary background information, document exceptions and ensure that the risk is recognized and managed with compensating controls Provide orientation to Business Units on Risk Assessment, Business Continuity Plan and Business Impact Analysis Facilitate in preparation of Business continuity plan for each project and functions Conduct internal ISMS and BCMS audits and identify potential gaps in the system Prepare detailed and summary reports of assessments, remediation plans as needed and advise internal stakeholders Report the audit findings on the potential weakness in the system and areas of improvement Preferred candidate profile Top 5 Skill Set Hands-on experience with security technologies Experience in Information security and business continuity internal audits Strong Knowledge in risk management, ISO 27001, ISO 22301 PCI DSS, HIPAA, GDPR, SOC 2 Knowledgeable in security concepts, techniques, tools, methods, and practices Good technical in cyber security products Individually to perform the technical audits

Department: Information Security Location: Mumbai Reports to: IS GRC Head Employment Type: Full-time Job Purpose: This role is responsible for driving the organization’s Information Security Governance, Risk, and Compliance (GRC) function, Industry standards (ISO 27001, NIST CSF), and regulatory requirements. The candidate will lead internal audits, vendor risk governance, SOC 2 readiness, automation initiatives, client assessments, and security awareness across the enterprise—while managing a team of security professionals. Key Responsibilities: Governance, Risk & Compliance • Implement and maintain a scalable Information Security GRC framework based on ISO 27001, NIST Cybersecurity Framework, and applicable regulatory requirements (RBI, SEBI, IRDAI, DPDPA). • Manage the information security policy lifecycle, risk registers, and control objectives across business units. • Lead the exception management process, including impact assessments, approval workflows, and periodic reviews. Internal Audit & Control Testing • Plan and execute periodic internal audits, control design evaluations, and operational effectiveness testing for IT and cybersecurity controls. • Coordinate external assessments, including SOC 2 readiness, ISO 27001 surveillance audits, and customer/compliance audits. • Track and close audit findings with clear ownership, root cause analysis, and sustainable remediation plans. Vendor Risk Management (End-to-End) • Oversee the Third-Party Risk Management (TPRM) lifecycle: onboarding, risk assessment, security clauses, ongoing monitoring, and exit governance. • Drive continuous oversight of critical vendors based on data exposure and service criticality, using automated tools where feasible. Automation & Tooling • Identify manual GRC activities suitable for automation; perform POCs, evaluate tools, and drive implementation. • Lead automation initiatives for risk assessments, control testing, evidence gathering, and exception workflows. SOC 2 & Compliance Readiness • Lead organizational readiness for SOC 2 Type 1 and Type 2 audits, working with Business SPOC's, application owners and control owners. • Align existing practices to SOC trust service criteria (Security, Availability, Confidentiality). Security Training & Awareness • Develop and deliver cybersecurity training and awareness programs tailored to various stakeholder groups (employees, management, vendors). • Promote a risk-aware culture and drive ongoing compliance awareness campaigns. Incident Response Oversight • Support and enhance the incident response governance process by aligning it with NIST CSF framework. • Ensure roles, responsibilities, and reporting mechanisms are clearly defined and followed during incidents. • Oversee the documentation of lessons learned, RCA, and incorporation of incidents into risk registers. Reporting & Stakeholder Engagement • Prepare and present dashboards, heatmaps, and reports for executive management, audit committees, and the board. • Maintain governance KRIs and provide insights into risk trends, audit closures, and compliance status. • Serve as a key liaison during client assessments, RFP security responses, and due diligence efforts. Team Leadership • Manage, mentor, and upskill a team of GRC analysts and specialists. • Allocate responsibilities, track performance, and foster collaboration across IT, Legal, Procurement, and Business teams. Key Requirements: Qualifications: • Bachelor’s/Master’s in Information Security, Computer Science, or related field. • Professional certifications preferred: CISA, CRISC, ISO 27001 LA, CISSP, CCSK, or equivalent. Experience: • 8+ years of experience in Information Security GRC, IT Risk, and Regulatory Compliance. • Strong expertise in internal audits, control testing, and vendor security governance. • Hands-on experience in managing SOC 2, ISO 27001, or similar frameworks. • Demonstrated leadership in team management and multi-stakeholder coordination. • Exposure to automating GRC functions using platforms like ServiceNow GRC, Archer, OneTrust, or similar. Skills & Competencies: • Strong analytical, documentation, and reporting skills. • Effective communication across technical and business audiences. • High level of integrity, ownership, and stakeholder management.

Role & responsibilities Serve as an IT project leader by exerting influence on the overall program's direction to ensure business and IT objectives are met. Drive and oversee all project lifecycles within the program to ensure incremental delivery of business outcomes and project stays within budget constraints Develop and maintain program or project documents including prioritization artifacts, charters, iterative program implementation plans, status reporting on deliverables, handling risks, assumptions, issues, and cross team dependencies with little to no oversight using established standards and procedures Perform and analyze intake of project demands, forecasting team allocation, demonstrating standard processes and procedures. Preferred candidate profile Bachelor's Typically, 5 - 8 years demonstrated and direct work experience in leading and large, complex, and strategic global initiatives. Experience working in a hybrid Agile environment with global matrix teams. Should have knowledge of and have done some level of program management. Skilled in Project Management Methodologies & Frameworks (SAFe, PMP, CSM) In depth understanding of Cost Management, Resource Management and Risk Management. Proven ability to create CBA, SBARs and other project management artifacts. Exposure to handling projects ranging InfoSecurity, Regulatory & Compliance, Strategy and IT Cloud Projects. Should have some working knowledge of the DevOps Model. Skilled in Word, Excel, Outlook, PowerPoint, Project Management Tools, Zoom, and SharePoint Experience working for a publicly traded company or financial services in a similar role. Working in a maturing IT Portfolio/Project Management office. Perks and Benefits Transportation Services : Convenient and reliable commute options to ensure a hassle-free journey to and from work. Meal Facilities : Nutritious and delicious meals provided to keep you energized throughout the day. Career Growth Opportunities : Clear pathways for professional development and advancement within the organization. Captive Unit Advantage : Work in a stable, secure environment with long-term projects and consistent workflow. Continuous Learning : Access to training programs, workshops, and resources to support your personal and professional growth. In order to apply, please click on below mentioned link - https://encore.wd1.myworkdayjobs.com/externalnew/job/Gurgaon---Candor-Tech-Space-IT---ITES-SEZ/Senior-Project-Manager_HR-15007

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. We are looking for Information Security Professional (ISMS/InfoSec) Job Summary: We are seeking a dedicated Information Security Professional to join our team. The ideal candidate will focus on maintaining and managing our ISO27001 certification. This role involves handling the overall Information Security Management System (ISMS), managing internal stakeholders, conducting internal audits, facilitating external audits, and overseeing the information security program management. Key Responsibilities: Maintain and manage the ISO27001 certification and related processes. Oversee the Information Security Management System (ISMS) ensuring compliance with ISO27001 standards. Manage and coordinate internal audits, identifying areas for improvement and implementing necessary changes. Facilitate external audits, acting as the primary point of contact with external auditors. Engage with internal stakeholders to ensure information security policies and practices are effectively communicated and implemented. Develop, implement, and manage information security programs to enhance organizational security posture. Stay updated with the latest developments in information security standards and best practices. Qualifications: Bachelor"™s degree in Information Security, Computer Science, or a related field. 5-7 years of experience in information security with at least 5 years in direct ISMS. Strong knowledge of ISO27001 standards and requirements. Experience in managing and maintaining an Information Security Management System (ISMS). Excellent stakeholder management skills and the ability to communicate effectively with various levels of the organization. Strong organizational and program management skills. Certifications such as ISO27001 Lead Auditor (LA) and Certified Information Systems Auditor (CISA) are preferred. Preferred Certifications: ISO27001 Lead Auditor (LA) Certified Information Systems Auditor (CISA) Skills: Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills. Ability to work independently and as part of a team. High attention to detail and a commitment to maintaining high standards of work. Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers atwww.siemens.com/careers

Role & responsibilities ISMS or Third-Party Risk Assessments Ability to effectively liaise with clients and manage stakeholder expectations Work with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Conducting risk assessments and audits with respect to people, process and technology Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures and standards Documenting information security risk, recommendation and compensating controls in the form of assessment/audit reports Desired qualifications Relevant 6+ years of experience in Third party risk management Highly preferred certifications - ISO27001, CISM , CRISK, CISA. Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management

Greetings from Datamark !!! Postion : Information Security Analyst Experience : 3 to 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Job Profile: IT Manager / Sr. Manager Role Overview and Responsibilities: We are looking for an IT & Service Desk Manager to maintain and supervise the IT setup of our company. This person will liaison with three key entities the CISO & Indus Leadership, Consulting staff, and our outsourced IT services provider. This is a great opportunity for someone to maintain a rapidly growing cloud-based IT setup of one of the most cutting-edge Big Data organizations Key Responsibilities: 1. Manage issues raised by internal consulting staff and liaison with the internal IT team and outsourced vendor to get these fixed; Provide interim support as and when required to consulting staff 2. Manage a team of 1 or 2 IT associates (internal or outsourced) to help provide IT support to consulting staff through the course of their work. 3. Continuously work on the requirements of maintaining our ISO 27001 certification and support the CISO perform backup recovery tests, review access control policies, perform disaster recovery procedures, etc. 4. Work with Internal Auditor to keep all compliances and improvements in check 5. Oversee client security assessments, respond to their compliance teams to build their trust and comfort with Indus Information security management systems 6. Create, manage, execute, and sustain key IT special projects at Indus 7. Support asset (software, hardware) purchase, drive procurement, maintain asset list, manage warranty timelines, etc. 8. Support creation of IT reports for systems across the organization (networks, servers, user laptops, etc.); Monitor & track them on regular basis 9. Continuously identify opportunities to improve the IT setup through new apps, products, services, with a view to improving the efficiency of the consulting staff Requirements 1. Experience and Personality Traits a. 8+ years of enterprise IT experience; IT desk management and supervisory of L1/L2/L3 support will be a plus b. Ability to work in a fast-paced, results focused environment c. Organized and detail-oriented d. Self-motivated and results-driven e. Resilient, persistent, and resourceful f. Proactive and independent 2. Skills Working knowledge of: i. Laptop & server hardware ii. Windows Domain Controller / Active Directory iii. Amazon cloud (Redshift, EC2, IAM) & Microsoft Azure Active Directory services iv. Microsoft 365 services and suite Intune, Exchange, Teams, SharePoint, OneDrive, Defender. v. Network & Firewall management vi. Microsoft office (Word, Power Point, Excel) vii. Basic Linux CLI and SQL commands viii. Technical experience on below will be preferred (but not mandatory): i. Management of enterprise solutions such as Data leakage prevention, MS Sentinel. b. Experience with clearing/supporting international certification ISO audits (especially ISO-27001) will be preferred but not mandatory c. Comfort in written and spoken English, since the position requires working with international clients periodically 3. Education i. Educational background in IT will be preferred

Client Questionnaires & Audit Manager, Information Security & Risk Management Role Description: The Client Questionnaires & Audit Manager, Information Security position will be an integral member of the Information Security and Risk Management team. This role will be responsible for organizing and managing internal and external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance. Successful candidate will have a good mix of security knowledge, understanding of industry best practice, and a demonstrated background in information security risk management. The candidate will be responsible for managing and responding to client security questionnaires, audits, and assessments related to the organizations information security posture. This role involves working closely with internal teams, clients, and external auditors to ensure the companys security practices align with industry standards and client requirements. The manager will also coordinate audit activities to ensure compliance with security frameworks and regulations. The ideal candidate: is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve. possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies. possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role. Successful candidate will develop strong relationships, collaborate across teams, coordinate multiple timelines, and manage complex, cross discipline projects. global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly. Responsibilities: Client Security Questionnaires: Establish a repository of standardized security questionnaire responses and ensure they are updated with the implemented security controls, certifications, and policies. Manage responses to client security questionnaires in a timely and accurate manner. Collaborate with internal teams (e.g., IT, legal, Information Security) to gather necessary documentation and information for client inquiries. Serve as the main point of contact for clients regarding security-related inquiries and responses. Client MSA Security Terms and Conditions Review: Create security terms and conditions for inclusion in contracts. Review security terms and conditions and provide feedback to legal team. Audit Coordination: Lead and coordinate client and internal audits to assess the organization's compliance with security policies, procedures, and regulatory requirements (e.g., ISO 27001, HIPAA). Serve as the liaison between the organization and external auditors or clients performing audits. Prepare and provide evidence for security audits, ensuring all documentation is complete and accurate. Collaborate with internal teams to design and implement mitigation strategies for identified risks. Collaborate with control owners to create corrective action plans to ensure appropriate remediation efforts are implemented and completed in a timely manner. Cyber Insurance Response: Respond to cyber insurance questionnaires based on implemented security controls, certifications, and policies. Process Improvement: Identify opportunities to improve the efficiency and effectiveness of client questionnaire responses and audit processes. Develop and implement templates, and workflows to streamline the completion of client questionnaires. Continuously improve the organization's internal audit and compliance processes to meet client expectations. Stakeholder Engagement: Engage with clients and third-party auditors in discussions around the organization's security posture. Communicate effectively with internal stakeholders, including IT, legal, compliance, and senior leadership, to ensure timely responses to audits and questionnaires. Provide recommendations to management regarding areas of improvement in security practices and compliance. Experience: 10+ years of experience in information security, with a focus on audit management. Experience with responding to security questionnaires and managing client audits. Experience in managing third-party audits and internal audit processes. Familiarity with compliance frameworks such as NIST, ISO 27001, HIPAA, and others. Demonstrated advanced verbal and written communication skills Excellent project management and organizational skills, with the ability to handle multiple audits and client requests simultaneously. Excellent organization skills and be a self-motivated learner Qualifications: Bachelors degree in Information Security, Cybersecurity, Communications, Education, Computer Science, Engineering or related field or equivalent work experience CISA, CRISC, CISM, or CISSP certifications (one or more) preferred Why Join Us Remote work flexibility and a collaborative team environment. Work on meaningful Transformation projects with global clients. Continuous learning and growth opportunities. Supportive culture where your voice matters and your work makes an impact.

Purpose An Information Security Analyst /Consultant will provide expert advice and solutions to organizations to help identify, assess, and mitigate security risks. Consultants may work independently, as part of a company's internal IT infra & security team. Responsibilities Security Risk Assessment & Auditing Conduct security audits and assessments to identify vulnerabilities. Perform penetration testing and ethical hacking to simulate cyberattacks. Evaluate compliance with regulations like ISO 27001, NIST, GDPR, HIPAA, SOC 2 . Security Strategy & Policy Development Develop and implement cybersecurity policies, procedures, and frameworks . Advise organizations on best practices for risk management, data protection, and incident response . Assist in aligning security strategies with business objectives and compliance mandates. 3. Threat Management & Incident Response Help organizations develop incident response plans (IRP) . Conduct forensic investigations in the event of security breaches. Provide real-time threat intelligence and recommend proactive security measures. 4. Implementation of Security Solutions Recommend and deploy firewalls, SIEM, IDS/IPS, endpoint security, and cloud security tools . Guide organizations on zero-trust architecture, identity access management (IAM), and encryption . Assist in setting up secure cloud environments (AWS, Azure etc..) 5. Security Awareness & Training Conduct cybersecurity training sessions for employees and executives. Educate teams on social engineering attacks (phishing, BEC, ransomware defense) . Competencies A Bachelor's/masters degree in computer science or a related discipline, or equivalent work experience Experiencing in reviewing Mobile applications & platforms, with knowledge of Cloud Environment set up, and knowledge of common information security requirements for such platforms is a plus Experience providing and validating security requirements related to information system design and implementation Experience providing and validating security requirements related to a broad range of operating systems and databases Experience conducting risk assessments, vulnerability assessments, vendor and third-party risk assessments and recommending risk remediation strategies Experience in the use of tools and methods to identify security exposures and business risks Familiarity with information system attack methods and vulnerabilities Working experience with the design and engineering of web-based multi-tier information systems and architecture design Working experience with web technologies and programming languages Working experience with operating systems and database platforms Experience 8+ years of IT industry experience with minimum five years of relevant experience in Information Security discipline Technical skills / Certifications Technical Skills: SIEM (Splunk etc..) IDS/IPS, Encryption, IAM EDR (CrowdStrike, Microsoft Defender, Sophos, Eset etc..) Firewalls & Network Security (Cisco ASA, Sophos, Azure WAF etc..) Cloud Security (AWS Security Hub, Azure Sentinel) Ethical hacking & Penetration Testing (Kali Linux, Metasploit, Burp Suite) Programming (Python, Bash, PowerShell) Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT

Develop, implement policies , procedures to ensure Information security compliance with laws and RBI regulations Preparing & filing of regulatory returns &reports, IT controls, risk management techniques familiarity with GRC tools Required Candidate profile Min 3-5 years relevant exp in InfoSec compliance & audit Experience in conducting audits, investigations & providing relevant strategies.

Role: GRC Manager Location: Gurugram Mode: Work from office in sector 22 Gurugram Preferred candidate profile Functional Knowledge : Experience of working in InfoSec/Compliance team/Risk & Compliance team & managing client/internal/external audits Experience of audit/implementation of ISO 27001/PCIDSS etc Experience in Risk & Compliance Role & Responsibilities: Responsible for driving the security policies across organization Conducting audits and releasing reports to stakeholders Assist stakeholders on CAPA for audit findings and tracking of closures Assisting in internal & external IT/Infosec audits (e.g. ISO 27001, PCIDSS, SOC reports etc.) It is our policy to provide equal employment opportunities to all individuals based on job-related qualifications and ability to perform a job, without regard to age, gender, gender identity, sexual orientation, race, color, religion, creed, national origin, disability, genetic information, veteran status, citizenship or marital status, and to maintain a non-discriminatory environment free from intimidation, harassment or bias based upon these grounds.

We are looking for a dynamic Group Manager-Information Security to join our team in Mumbai/Pune/Delhi/NCR. As a Group Manager-Information Security, you will be responsible for providing leadership and strategic direction to the information security teams, ensuring the confidentiality, integrity, and availability of our organization's data and information systems. If you are a skilled professional with strong analytical abilities and a passion for cybersecurity, we would love to hear from you. Location- Mumbai/Pune/Delhi/NCR Your Future Employer You will be joining a leading organization in the (mention industry) industry, known for its commitment to diversity, equality, and inclusion. The company values its employees and provides a collaborative and innovative work environment where your skills and expertise will be recognized and rewarded. Responsibilities Provide leadership and direction to the information security teams Develop and implement information security policies, procedures, and guidelines Conduct risk assessments and vulnerability scans to identify security threats Lead incident response and security breach investigations Stay updated with the latest cybersecurity trends and technologies Requirements 7+ years of experience in information security Proven leadership skills and experience managing a team Strong analytical and problem-solving abilities In-depth knowledge of cybersecurity best practices and standards Relevant certifications such as CISSP, CISM, or CISA would be a plus What's in It for You Competitive compensation package Opportunity to work with a collaborative and diverse team Professional development and career growth opportunities Reach Us If you feel this opportunity is well aligned with your career progression plans, please feel free to reach me with your updated profile at isha.joshi@crescendogroup.in Disclaimer Crescendo Global specializes in Senior to C-level niche recruitment. We are passionate about empowering job seekers and employers with an engaging memorable job search and leadership hiring experience. Crescendo Global does not discriminate on the basis of race, religion, color, origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Note We receive a lot of applications on a daily basis, so it becomes a bit difficult for us to get back to each candidate. Please assume that your profile has not been shortlisted in case you don't hear back from us in 1 week. Your patience is highly appreciated. Profile Keywords Group Manager, Information Security, Leadership, Cybersecurity, CISSP, CISM, CISA, Mumbai, Pune, Delhi/NCR, Analytics

Role & responsibilities : Responsible for the security of an organization's information, systems, and technology. Identifying vulnerabilities in our current network. Developing and implementing a comprehensive plan to secure our computing network. Monitoring network usage to ensure compliance with security policies. Keeping up to date with developments in IT security standards and threats. Collaborating with management and the IT department to improve security. Documenting any security breaches and assessing their damage. Educating colleagues about security software and best practices for information security. Preferred candidate profile : Experience of minimum 5 years. Certified in at least two INFOSEC areas. Perks and benefits : As per company standards

INFORMATION SECURITY PROJECT SPECIALIST The Information Security Project Specialist will be responsible for supporting the InfoSec project portfolio and the delivery of security projects for the IT department, primarily with a focus on Cloud Security. The role includes acquiring resources and coordinating the efforts of team members and enterprise stakeholders to deliver projects according to plan. What You'll Do: Executes the end-to-end management of security projects: including resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You'll Bring: Bachelors Degree required. 7 - 10 years of relevant work experience, including Information Security, project management, and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. Management of projects in AWS or other public cloud infrastructure desired. Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (ie. Cloud Security enhancements, Firewall implementation, Anti-Virus migration, MDM implementation, OS/Network hardening, etc.) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

Skill required: Risk & Compliance - Operational Audit & Compliance Designation: Risk and Compliance Senior Analyst Qualifications: Chartered Accountant Years of Experience: 5 to 8 years Language - Ability: English(Domestic) - Mastery What would you do? You will be aligned with our Risk and Compliance vertical and help us perform compliance reviews, publish reports with actions and provide closure guidance as needed. We design & recommend effective controls to mitigate risks and help service delivery team prepare for upcoming client / external audits.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.The Operational Audit & Compliance team focuses on auditing and managing effective implementation and delivery of functional processes within operations to mitigate risks. The role may require for you to have a good understanding of anti-corruption, BCM and infosec policies, records management and contractor controls. The team is responsible for establishing processes to validate the effectiveness and drive improvements wherever required. What are we looking for? You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans.You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. Roles and Responsibilities: In this role you are required to do analysis and solving of increasingly complex problems Your day to day interactions are with peers within Accenture You are likely to have some interaction with clients and/or Accenture management You will be given minimal instruction on daily work/tasks and a moderate level of instruction on new assignments Decisions that are made by you impact your own work and may impact the work of others In this role you would be an individual contributor and/or oversee a small work effort and/or team Please note that this role may require you to work in rotational shifts Qualifications Chartered Accountant

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 2-4 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 6561 Reporting into: Director Role Type: Individual Contributor