92 Infosec Jobs - Page 4

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZS’s India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What You’ll Do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk. Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

An Information Security Consultant is responsible for ensuring an organization's data and systems are secure and compliant with industry standards. They assess vulnerabilities, develop security policies, and implement solutions to protect digital

Job Opening: Local IT Administrator Location: On-site | Company: PRINTS24x7 Type: Full-time | Experience: 3+ years preferred What Were Looking For: PRINTS24x7 is seeking a skilled and responsible Local IT Administrator to manage and enhance our on-site IT infrastructure. The ideal candidate will have proven expertise in network and system administration, asset management, and hands-on software handling, along with familiarity with modern AI tools. A deep understanding of IT security protocols and compliance standards is essential to safeguard our operations and ensure data integrity. Candidates should be proactive, detail-oriented, and committed to providing reliable technical support across the organization. Key Responsibilities: Monitor and maintain network infrastructure (routers, firewalls, switches). Provide end-user support for hardware/software issueshands-on and responsive. Administer Windows Server environments (Active Directory, Group Policy). Enforce IT security protocols and manage antivirus and threat mitigation systems. Maintain and oversee IT asset lifecyclefrom procurement to decommissioning. Document system configurations, software licenses, support logs, and audits. Integrate and utilize AI tools to improve diagnostics and operational efficiency. Ensure adherence to compliance standards and data protection regulations. Collaborate with vendors for procurement, maintenance, and technical support. Required Skills & Knowledge Proficiency in system administration, software patching, and troubleshooting. Strong grasp of networking (IP addressing, VLANs, subnetting). Working knowledge of AI tools (e.g., automation platforms, AI-based diagnostics). Familiarity with cybersecurity best practices and compliance frameworks. Solid documentation practices and inventory management experience. Effective communication skills for both technical and non-technical users. Desired Attitudes Proactive and solution-focused with strong problem-solving skills. Adaptable to evolving technologies and operational needs. Detail-oriented with a commitment to accuracy and system integrity. Team-oriented and approachable with a service-minded outlook. What Success Looks Like: You will serve as the backbone of our IT operations—ensuring reliability, enforcing security, optimizing performance, and enabling team productivity through seamless technology support. Your expertise and foresight will directly contribute to PRINTS24x7’s operational excellence. Ready to make a difference? Send your resume and cover letter to hr@prints24x7.com

Role & responsibilities General description of the role: Minimum 8 years of experience in managing security audits, such as, ISO 27001, HIPAA, SOC 1, SOC2, PCIDSS Including preparing control owners for audits, interpreting control requirements, reviewing control evidence for appropriateness, testing control effectiveness, presenting control evidence to external auditors, and audit planning with external auditors In-depth knowledge of security controls, interpreting control requirements for SOC 2, ISO, or HIPAA, PCIDSS audits, reviewing control evidence for completeness an accuracy, and ensuring evidence provided to auditors satisfies control requirements. Ability to of plan and lead meetings with control owners and external auditors. Ability to clearly define control requirements to control owners or explaining control evidence to external auditors. Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness, following up on audit requests, and helping to establish a continuous monitoring function. Assist in testing and verification of all controls and formulating reports documenting findings. Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies, standards, and procedures. Work closely with internal business teams to assist in the identification and assessment of potential security risks, and establish risk owners, ratings, and management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS, HIPAA, GDPR Analyse potential impact of new threats and communicates risks to relevant business units Manage security operations, analyse security exceptions, gather necessary background information, document exceptions and ensure that the risk is recognized and managed with compensating controls Provide orientation to Business Units on Risk Assessment, Business Continuity Plan and Business Impact Analysis Facilitate in preparation of Business continuity plan for each project and functions Conduct internal ISMS and BCMS audits and identify potential gaps in the system Prepare detailed and summary reports of assessments, remediation plans as needed and advise internal stakeholders Report the audit findings on the potential weakness in the system and areas of improvement Preferred candidate profile Top 5 Skill Set Hands-on experience with security technologies Experience in Information security and business continuity internal audits Strong Knowledge in risk management, ISO 27001, ISO 22301 PCI DSS, HIPAA, GDPR, SOC 2 Knowledgeable in security concepts, techniques, tools, methods, and practices Good technical in cyber security products Individually to perform the technical audits

Department: Information Security Location: Mumbai Reports to: IS GRC Head Employment Type: Full-time Job Purpose: This role is responsible for driving the organization’s Information Security Governance, Risk, and Compliance (GRC) function, Industry standards (ISO 27001, NIST CSF), and regulatory requirements. The candidate will lead internal audits, vendor risk governance, SOC 2 readiness, automation initiatives, client assessments, and security awareness across the enterprise—while managing a team of security professionals. Key Responsibilities: Governance, Risk & Compliance • Implement and maintain a scalable Information Security GRC framework based on ISO 27001, NIST Cybersecurity Framework, and applicable regulatory requirements (RBI, SEBI, IRDAI, DPDPA). • Manage the information security policy lifecycle, risk registers, and control objectives across business units. • Lead the exception management process, including impact assessments, approval workflows, and periodic reviews. Internal Audit & Control Testing • Plan and execute periodic internal audits, control design evaluations, and operational effectiveness testing for IT and cybersecurity controls. • Coordinate external assessments, including SOC 2 readiness, ISO 27001 surveillance audits, and customer/compliance audits. • Track and close audit findings with clear ownership, root cause analysis, and sustainable remediation plans. Vendor Risk Management (End-to-End) • Oversee the Third-Party Risk Management (TPRM) lifecycle: onboarding, risk assessment, security clauses, ongoing monitoring, and exit governance. • Drive continuous oversight of critical vendors based on data exposure and service criticality, using automated tools where feasible. Automation & Tooling • Identify manual GRC activities suitable for automation; perform POCs, evaluate tools, and drive implementation. • Lead automation initiatives for risk assessments, control testing, evidence gathering, and exception workflows. SOC 2 & Compliance Readiness • Lead organizational readiness for SOC 2 Type 1 and Type 2 audits, working with Business SPOC's, application owners and control owners. • Align existing practices to SOC trust service criteria (Security, Availability, Confidentiality). Security Training & Awareness • Develop and deliver cybersecurity training and awareness programs tailored to various stakeholder groups (employees, management, vendors). • Promote a risk-aware culture and drive ongoing compliance awareness campaigns. Incident Response Oversight • Support and enhance the incident response governance process by aligning it with NIST CSF framework. • Ensure roles, responsibilities, and reporting mechanisms are clearly defined and followed during incidents. • Oversee the documentation of lessons learned, RCA, and incorporation of incidents into risk registers. Reporting & Stakeholder Engagement • Prepare and present dashboards, heatmaps, and reports for executive management, audit committees, and the board. • Maintain governance KRIs and provide insights into risk trends, audit closures, and compliance status. • Serve as a key liaison during client assessments, RFP security responses, and due diligence efforts. Team Leadership • Manage, mentor, and upskill a team of GRC analysts and specialists. • Allocate responsibilities, track performance, and foster collaboration across IT, Legal, Procurement, and Business teams. Key Requirements: Qualifications: • Bachelor’s/Master’s in Information Security, Computer Science, or related field. • Professional certifications preferred: CISA, CRISC, ISO 27001 LA, CISSP, CCSK, or equivalent. Experience: • 8+ years of experience in Information Security GRC, IT Risk, and Regulatory Compliance. • Strong expertise in internal audits, control testing, and vendor security governance. • Hands-on experience in managing SOC 2, ISO 27001, or similar frameworks. • Demonstrated leadership in team management and multi-stakeholder coordination. • Exposure to automating GRC functions using platforms like ServiceNow GRC, Archer, OneTrust, or similar. Skills & Competencies: • Strong analytical, documentation, and reporting skills. • Effective communication across technical and business audiences. • High level of integrity, ownership, and stakeholder management.

Role & responsibilities Serve as an IT project leader by exerting influence on the overall program's direction to ensure business and IT objectives are met. Drive and oversee all project lifecycles within the program to ensure incremental delivery of business outcomes and project stays within budget constraints Develop and maintain program or project documents including prioritization artifacts, charters, iterative program implementation plans, status reporting on deliverables, handling risks, assumptions, issues, and cross team dependencies with little to no oversight using established standards and procedures Perform and analyze intake of project demands, forecasting team allocation, demonstrating standard processes and procedures. Preferred candidate profile Bachelor's Typically, 5 - 8 years demonstrated and direct work experience in leading and large, complex, and strategic global initiatives. Experience working in a hybrid Agile environment with global matrix teams. Should have knowledge of and have done some level of program management. Skilled in Project Management Methodologies & Frameworks (SAFe, PMP, CSM) In depth understanding of Cost Management, Resource Management and Risk Management. Proven ability to create CBA, SBARs and other project management artifacts. Exposure to handling projects ranging InfoSecurity, Regulatory & Compliance, Strategy and IT Cloud Projects. Should have some working knowledge of the DevOps Model. Skilled in Word, Excel, Outlook, PowerPoint, Project Management Tools, Zoom, and SharePoint Experience working for a publicly traded company or financial services in a similar role. Working in a maturing IT Portfolio/Project Management office. Perks and Benefits Transportation Services : Convenient and reliable commute options to ensure a hassle-free journey to and from work. Meal Facilities : Nutritious and delicious meals provided to keep you energized throughout the day. Career Growth Opportunities : Clear pathways for professional development and advancement within the organization. Captive Unit Advantage : Work in a stable, secure environment with long-term projects and consistent workflow. Continuous Learning : Access to training programs, workshops, and resources to support your personal and professional growth. In order to apply, please click on below mentioned link - https://encore.wd1.myworkdayjobs.com/externalnew/job/Gurgaon---Candor-Tech-Space-IT---ITES-SEZ/Senior-Project-Manager_HR-15007

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. We are looking for Information Security Professional (ISMS/InfoSec) Job Summary: We are seeking a dedicated Information Security Professional to join our team. The ideal candidate will focus on maintaining and managing our ISO27001 certification. This role involves handling the overall Information Security Management System (ISMS), managing internal stakeholders, conducting internal audits, facilitating external audits, and overseeing the information security program management. Key Responsibilities: Maintain and manage the ISO27001 certification and related processes. Oversee the Information Security Management System (ISMS) ensuring compliance with ISO27001 standards. Manage and coordinate internal audits, identifying areas for improvement and implementing necessary changes. Facilitate external audits, acting as the primary point of contact with external auditors. Engage with internal stakeholders to ensure information security policies and practices are effectively communicated and implemented. Develop, implement, and manage information security programs to enhance organizational security posture. Stay updated with the latest developments in information security standards and best practices. Qualifications: Bachelor"™s degree in Information Security, Computer Science, or a related field. 5-7 years of experience in information security with at least 5 years in direct ISMS. Strong knowledge of ISO27001 standards and requirements. Experience in managing and maintaining an Information Security Management System (ISMS). Excellent stakeholder management skills and the ability to communicate effectively with various levels of the organization. Strong organizational and program management skills. Certifications such as ISO27001 Lead Auditor (LA) and Certified Information Systems Auditor (CISA) are preferred. Preferred Certifications: ISO27001 Lead Auditor (LA) Certified Information Systems Auditor (CISA) Skills: Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills. Ability to work independently and as part of a team. High attention to detail and a commitment to maintaining high standards of work. Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers atwww.siemens.com/careers

Role & responsibilities ISMS or Third-Party Risk Assessments Ability to effectively liaise with clients and manage stakeholder expectations Work with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations Conducting risk assessments and audits with respect to people, process and technology Identification of gaps/observations, risks, opportunities and improvement of policies, processes, procedures and standards Documenting information security risk, recommendation and compensating controls in the form of assessment/audit reports Desired qualifications Relevant 6+ years of experience in Third party risk management Highly preferred certifications - ISO27001, CISM , CRISK, CISA. Relevant years of experience in IT Audits, Cloud security Experience with ISO22301 implementation and audits Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA to work in a cross-functional, cross-cultural matrix environment\ Understanding of Third party/vendor/supplier risk management considerations Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management Excellent written/verbal communication Excellent documentation and presentation skills Highly motivated and willing to work in local and global environments Security certifications like CISSP, CISA, CISM, CEH, ISO27001 Work experience in Infrastructure / Application Security Work experience in IT Audit Work experience in Information Risk Management

Greetings from Datamark !!! Postion : Information Security Analyst Experience : 3 to 5 Yrs in Experience Location: Ambattur Industrial Estate , Chennai Position Overview: The Information Security Analyst is responsible for the administration of the organizations information and data security policies and practices of the overall internal security audit program to ensure that the Company is protected in terms of security, compliance and confidentiality. Primary Responsibilities: Coordinates and assists with security activities for the enterprise Operate, maintain, and validate vulnerability scanning of Infrastructure, Applications, and APIs Review daily threat intelligence. Ensures compliance to security standards for assigned sites Schedules and administers internal security audits for Client and Physical Site Audits Follows up on remediation plans Support the management and maintenance of security tools with an emphasis on Security Information and Event Monitoring (SIEM) tools. Assist with the review of technical deployments for risk prior to deployment across the campus. Recommends risk mitigation solutions based on audit findings Maintains Security and Compliance Metrics monthly Assists in the development and delivery of IT risk and security awareness and compliance training programs Willingness to travel to DATAMARK global sites as necessary Other duties as assigned Minimum Qualifications: Education Requirements: Bachelors degree in Computer Science or related field, experience in lieu of degree can be considered Field Experience: At least four years of experience in Information Security Position Experience: At least four years of experience in an Information Security Analyst position, or similar position Demonstrated experience with traditional vulnerability analysis: identify, categorize, prioritize, track, and validate remediation of known vulnerabilities by accountable IT teams Other Qualifications: Certification in IT Security required Knowledge in Information Security policies and practices Knowledge of third-party auditing and risk assessment methodologies Experience in an IT Security related environment preferred Required Skills: Extremely organized and detail oriented. Capable of holding team members accountable to timely delivery of audit evidences. Practices and methods of IT strategy, enterprise architecture and security architecture Excellent analytical and problem-solving abilities to identify and remediate security risks Team-work mentality to develop security solutions in collaboration with other IT professionals If you are interested please share your updated resume to jagadish.jayavel@datamark.net or contact us 9500681139

Job Profile: IT Manager / Sr. Manager Role Overview and Responsibilities: We are looking for an IT & Service Desk Manager to maintain and supervise the IT setup of our company. This person will liaison with three key entities the CISO & Indus Leadership, Consulting staff, and our outsourced IT services provider. This is a great opportunity for someone to maintain a rapidly growing cloud-based IT setup of one of the most cutting-edge Big Data organizations Key Responsibilities: 1. Manage issues raised by internal consulting staff and liaison with the internal IT team and outsourced vendor to get these fixed; Provide interim support as and when required to consulting staff 2. Manage a team of 1 or 2 IT associates (internal or outsourced) to help provide IT support to consulting staff through the course of their work. 3. Continuously work on the requirements of maintaining our ISO 27001 certification and support the CISO perform backup recovery tests, review access control policies, perform disaster recovery procedures, etc. 4. Work with Internal Auditor to keep all compliances and improvements in check 5. Oversee client security assessments, respond to their compliance teams to build their trust and comfort with Indus Information security management systems 6. Create, manage, execute, and sustain key IT special projects at Indus 7. Support asset (software, hardware) purchase, drive procurement, maintain asset list, manage warranty timelines, etc. 8. Support creation of IT reports for systems across the organization (networks, servers, user laptops, etc.); Monitor & track them on regular basis 9. Continuously identify opportunities to improve the IT setup through new apps, products, services, with a view to improving the efficiency of the consulting staff Requirements 1. Experience and Personality Traits a. 8+ years of enterprise IT experience; IT desk management and supervisory of L1/L2/L3 support will be a plus b. Ability to work in a fast-paced, results focused environment c. Organized and detail-oriented d. Self-motivated and results-driven e. Resilient, persistent, and resourceful f. Proactive and independent 2. Skills Working knowledge of: i. Laptop & server hardware ii. Windows Domain Controller / Active Directory iii. Amazon cloud (Redshift, EC2, IAM) & Microsoft Azure Active Directory services iv. Microsoft 365 services and suite Intune, Exchange, Teams, SharePoint, OneDrive, Defender. v. Network & Firewall management vi. Microsoft office (Word, Power Point, Excel) vii. Basic Linux CLI and SQL commands viii. Technical experience on below will be preferred (but not mandatory): i. Management of enterprise solutions such as Data leakage prevention, MS Sentinel. b. Experience with clearing/supporting international certification ISO audits (especially ISO-27001) will be preferred but not mandatory c. Comfort in written and spoken English, since the position requires working with international clients periodically 3. Education i. Educational background in IT will be preferred

Client Questionnaires & Audit Manager, Information Security & Risk Management Role Description: The Client Questionnaires & Audit Manager, Information Security position will be an integral member of the Information Security and Risk Management team. This role will be responsible for organizing and managing internal and external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance. Successful candidate will have a good mix of security knowledge, understanding of industry best practice, and a demonstrated background in information security risk management. The candidate will be responsible for managing and responding to client security questionnaires, audits, and assessments related to the organizations information security posture. This role involves working closely with internal teams, clients, and external auditors to ensure the companys security practices align with industry standards and client requirements. The manager will also coordinate audit activities to ensure compliance with security frameworks and regulations. The ideal candidate: is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve. possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies. possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role. Successful candidate will develop strong relationships, collaborate across teams, coordinate multiple timelines, and manage complex, cross discipline projects. global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly. Responsibilities: Client Security Questionnaires: Establish a repository of standardized security questionnaire responses and ensure they are updated with the implemented security controls, certifications, and policies. Manage responses to client security questionnaires in a timely and accurate manner. Collaborate with internal teams (e.g., IT, legal, Information Security) to gather necessary documentation and information for client inquiries. Serve as the main point of contact for clients regarding security-related inquiries and responses. Client MSA Security Terms and Conditions Review: Create security terms and conditions for inclusion in contracts. Review security terms and conditions and provide feedback to legal team. Audit Coordination: Lead and coordinate client and internal audits to assess the organization's compliance with security policies, procedures, and regulatory requirements (e.g., ISO 27001, HIPAA). Serve as the liaison between the organization and external auditors or clients performing audits. Prepare and provide evidence for security audits, ensuring all documentation is complete and accurate. Collaborate with internal teams to design and implement mitigation strategies for identified risks. Collaborate with control owners to create corrective action plans to ensure appropriate remediation efforts are implemented and completed in a timely manner. Cyber Insurance Response: Respond to cyber insurance questionnaires based on implemented security controls, certifications, and policies. Process Improvement: Identify opportunities to improve the efficiency and effectiveness of client questionnaire responses and audit processes. Develop and implement templates, and workflows to streamline the completion of client questionnaires. Continuously improve the organization's internal audit and compliance processes to meet client expectations. Stakeholder Engagement: Engage with clients and third-party auditors in discussions around the organization's security posture. Communicate effectively with internal stakeholders, including IT, legal, compliance, and senior leadership, to ensure timely responses to audits and questionnaires. Provide recommendations to management regarding areas of improvement in security practices and compliance. Experience: 10+ years of experience in information security, with a focus on audit management. Experience with responding to security questionnaires and managing client audits. Experience in managing third-party audits and internal audit processes. Familiarity with compliance frameworks such as NIST, ISO 27001, HIPAA, and others. Demonstrated advanced verbal and written communication skills Excellent project management and organizational skills, with the ability to handle multiple audits and client requests simultaneously. Excellent organization skills and be a self-motivated learner Qualifications: Bachelors degree in Information Security, Cybersecurity, Communications, Education, Computer Science, Engineering or related field or equivalent work experience CISA, CRISC, CISM, or CISSP certifications (one or more) preferred Why Join Us Remote work flexibility and a collaborative team environment. Work on meaningful Transformation projects with global clients. Continuous learning and growth opportunities. Supportive culture where your voice matters and your work makes an impact.

Summary: We are seeking an experienced Network Admin to join our team. The ideal candidate should have 7-10 years of experience in network administration and a strong background in information security. As a Network Admin, you will be responsible for managing and maintaining our organization's network infrastructure, ensuring its security and efficiency. You will work closely with the InfoSec team to implement and enforce network security policies and procedures. Roles and Responsibilities: - Design, implement, and maintain the organization's network infrastructure, including routers, switches, firewalls, and other network devices. - Monitor network performance and troubleshoot any issues that arise, ensuring minimal downtime and maximum efficiency. - Collaborate with the InfoSec team to develop and implement network security measures, including firewalls, intrusion detection systems, and access controls. - Conduct regular network audits to identify vulnerabilities and recommend appropriate solutions. - Manage network documentation, including network diagrams, configurations, and security policies. - Provide technical support and guidance to end-users regarding network-related issues. - Stay up-to-date with the latest network technologies and security trends, making recommendations for improvement when necessary. - Collaborate with cross-functional teams to ensure network connectivity and security requirements are met for new projects and initiatives. - Assist in the development and implementation of disaster recovery and business continuity plans. Qualifications: - Bachelor's degree in Computer Science, Information Technology, or a related field. - 7-10 years of experience in network administration, preferably in an InfoSec environment. - Proven experience in Firewalls, network protocols, routing, switching, and network security principles. - Experience in VPN (Remote and Site to site). - Experience in the cloud Networking and security (AWS/Azure). - Experience with network monitoring and troubleshooting tools. - Familiarity with industry-standard network security practices and technologies. - Excellent problem-solving and analytical skills. - Strong communication and interpersonal skills. - Relevant certifications such as CCNA, CCNP, or CISSP are highly desirable. - Ability to work independently and in a team environment. - Proven ability to manage multiple tasks and prioritize effectively.

Role & responsibilities Help create and update company policies and procedures Monitor compliance with internal rules and external regulations Assist in internal audits and follow up on findings Keep records of risks, incidents, and decisions Support training and awareness on governance topics Prepare reports for management Work with teams to ensure policies are followed correctly Preferred candidate profile Understanding of ISO 27001 and ISMS frameworks Knowledge of information security best practices Basic knowledge on Audit and Risk Assessment Attention to detail with strong documentation skills Good communication and training skills

Role: Internal Auditor Min 7+ Years experience Min 5-8 years of experience in Internal Audit of Outsourcing experience Domain F&A (Internal Audit) Bachelors degree in accounting and auditing (or geography equivalent). Chartered Accountants and / Certified Internal Auditors (CIAs) / Certified Information Systems Auditor (CISA) or CPAs / Master of Business Administration (MBAs) preferred. Shifts - 11 AM - 8:30 PM (Candidate should be flexible with the shifts) Mode: WFO Immediate Joiners Preferred Location: Bangalore/ Gurugram/ Mumbai/ Chennai Send profiles to anumeha@manningconsulting.in/ sakshi.n@manningconsulting.in Call Sakshi: 9368820159

INFORMATION SECURITY PROJECT SPECIALIST The Information Security Project Specialist will be responsible for supporting the InfoSec project portfolio and the delivery of security projects for the IT department, primarily with a focus on Cloud Security. The role includes acquiring resources and coordinating the efforts of team members and enterprise stakeholders to deliver projects according to plan. What You'll Do: Executes the end-to-end management of security projects: including resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You'll Bring: Bachelors Degree required. 7 - 10 years of relevant work experience, including Information Security, project management, and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. Management of projects in AWS or other public cloud infrastructure desired. Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (ie. Cloud Security enhancements, Firewall implementation, Anti-Virus migration, MDM implementation, OS/Network hardening, etc.) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

What you’ll do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

You will work with This team is responsible for response and management of cyber incidents, applying an intelligence-led approach for identification, mitigation, and rapid response to safeguard bp on a global scale. By applying lessons learned and data analytics, they establish engineering principles and enhance the technology stack to continuously bolster bps cybersecurity posture. Let me tell you about the role We are looking for a Security Engineering Specialist who will support a team dedicated to enabling security experts and software engineers to write, deploy, integrate, and maintain security standards and develop secure applications and automations. You will advocate for and help ensure that cloud, infrastructure, and data teams adhere to secure policies, uncover vulnerabilities and provide remediation insights, and contribute to the adoption of secure practices. You will stay informed on industry and technology trends to strengthen bps security posture and contribute to a culture of excellence. What you will deliver Support development of and implement platform security standards, co-design schemas, ensure quality at the source of infrastructure build and configuration, and find opportunities to automate manual secure processes wherever possible. Work with business partners to implement security strategies and to coordinate remediation activities to ensure products safely meet business requirements. Contribute as a subject matter expert in at least one domain (cloud, infrastructure, or data). Provide hands-on support to teams on secure configuration and remediation strategies. Align strategy, processes, and decision-making across teams. Actively participate in a positive engagement and governance framework and contribute to an inclusive work environment with teams and collaborators including engineers, developers, product owners, product managers and portfolio managers. Evolve the security roadmap to meet anticipated future requirements and needs. Provide support to the squads and teams through technical guidance and by managing dependencies and risks. Create and articulate materials on how to embed and measure security on our cloud, infrastructure, or data environments. Contribute to mentoring and promote a culture of continuous development! What you will need to be successful (experience and qualifications) 3+ years of experience in security engineering or technical infrastructure roles. A minimum of 3 years of Cyber Security experience on one of the following areas: Cloud (AWS and Azure), Infrastructure (IAM, Network, endpoint, etc.), or Data (DLP, data lifecycle management, etc.). Deep and hands-on experience designing security architectures and solutions for reliable and scalable data infrastructure, cloud and data products in complex environments. Development experience in one or more object-oriented programming languages (e.g., Python, Scala, Java, C#) and/or development experience in one or more cloud environments (including AWS, Azure, Alibaba, etc.). Exposure/experience with full stack development. Experience with automation and scripting for security tasks (e.g., IaC, CI/CD integration) and security tooling (e.g., vulnerability scanners, CNAPP, Endpoint and/or DLP). Deep knowledge and hands-on experience in technologies across all data lifecycle stages. Foundational knowledge of security standards, industry laws, and regulations such as Payment Card Industry Data Security Standards (PCI-DSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and Sarbanes-Oxley (SOX). Strong collaborator management and ability to influence teams through technical guidance. Continuous learning and improvement approach. About bp Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. Even though the job is advertised as full time, please contact the hiring manager or the recruiter as flexible working arrangements may be considered.