776 Iso 27001 Jobs

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It’s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you’re always ready to act ahead. Learn more about Technology & Transformation Practice Your work profile As a Consultant in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible for conducting clients vendors risk assessment and providing a holistic view of clients risk exposure due to outsourcing Responsible for conducting Information Systems audits covering IT infrastructure assets Works on projects with clearly defined guidelines as team member with responsibility for project delivery Works under general supervision with few direct instructions Performs development and customization work on larger security and privacy implementation projects Understands basic business and information technology management processes. Demonstrates knowledge of firm's methodologies, frameworks and tools. Desired qualifications 2-3yrs of relevant work exp in Cyber security, Information Security, related domains. B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification preferred Strong communication skills (written & verbal) Understanding of basic business and information technology management processes Basic knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, identity management, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection Location and way of working Base location: Kochi This profile involves frequent travelling to client locations. Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Consultant across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Good experience in in the areas of, ITGC ,ITAC, IT audits, SOX / ICFR / IFC / SAS 70 / SSAE / SOC, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits Knowledge of ERP s like SAP / OFIN / JDE / etc and their native application controls. Must have hands on experience or led projects to comply with regulatory requirements / international standards like (SSAE / ISAE / SOX, PCI, ISO 27001) and good practices (COSO, COBIT) relating to information security. Must have Excellent English skills, excellent presentation skills, excellent soft-skills (influencing & negotiation) Team management skillset is mandatory In our Risk Assurance team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You ll: Assist client in identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services Understand clients business environment and basic risk management approaches Project Management: Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions Play substantive/lead role and engagement planning, economics, and billing Generate innovative ideas and challenge the status quo Participate in proposal development efforts Participate in "add-on" sales to client Membership and visibility in professional & civic organizations Identify opportunities to cross-sell other services Build and nurture positive working relationships with clients with the intention to exceed client expectations Qualification and Certification: Chartered Accountant and/or MBA with Finance/IT Certifications of CISA, CISSP, CISM, ISO27001 preferred Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. In addition to living our purpose, employees across our organization: Builds own understanding of our purpose and values; explores opportunities for impact Demonstrates strong commitment to personal learning and development; acts as a brand ambassador to help attract top talent Understands expectations and demonstrates personal accountability for keeping performance on track Actively focuses on developing effective communication and relationship-building skills Understands how their daily work contributes to the priorities of the team and the business

Employment Type: Full-Time Experience Level: 8+ Years Role Overview: We are looking for a Cloud Pre-Sales & Delivery Lead with strong AWS solution architecture expertise, people management skills, and experience handling international clients. The role involves engaging with global customers, leading pre-sales discussions, designing AWS solutions, estimating costs, and managing a technical delivery team. The candidate should be open to traveling internationally for client meetings, workshops, and project engagements. Key Responsibilities: Pre-Sales & Solution Design Responsibilities: - Engage with enterprise and international clients to assess their cloud requirements and propose AWS solutions. - Design scalable, secure, and cost-effective AWS architectures aligned with best practices. - Develop high-level and detailed solution proposals, including architecture diagrams, technical roadmaps, and implementation strategies. - Conduct AWS Well-Architected Reviews and provide recommendations for performance, security, and cost optimizations. - Prepare cloud cost estimates, TCO (Total Cost of Ownership) analysis, and ROI models for AWS solutions. - Lead technical demonstrations, Proof of Concepts (PoCs), and client workshops to showcase AWS capabilities. - Collaborate with sales, marketing, and executive teams to create compelling AWS solution proposals and RFP responses. Cloud Delivery & People Management Responsibilities: - Lead a team of cloud engineers, architects, and DevOps professionals to deliver AWS solutions. - Oversee end-to-end cloud project execution, ensuring quality, security, and compliance with customer requirements. - Provide technical leadership and mentoring to cloud engineers and junior architects. - Drive AWS solution implementations, including cloud infrastructure provisioning, automation, and security hardening. - Manage cloud governance, security, and compliance frameworks (SOC 2, ISO 27001, HIPAA, GDPR). - Monitor project timelines, budgets, and resource utilization while ensuring customer satisfaction. - Work with international clients to align cloud strategies with business objectives. - Travel for client meetings, conferences, and on-site workshops across different regions (APAC, EMEA, North America). Key Requirements: Technical Expertise: - Cloud Platforms: AWS (primary), Azure (secondary) - Solution Architecture: Multi-tier applications, Microservices, Serverless, High Availability (HA), Disaster Recovery (DR) - Cost Estimation & Optimization: AWS Pricing Calculator, AWS Cost Explorer, AWS Budgets - Security & Compliance: IAM, AWS Security Hub, AWS WAF, GuardDuty, AWS Config - DevOps & Automation: Terraform, AWS CloudFormation, Ansible, CI/CD (GitHub Actions, Jenkins) - Networking & Infrastructure: VPC, Direct Connect, Transit Gateway, Route 53, Load Balancers - Storage & Databases: S3, EBS, RDS, DynamoDB, Aurora, Backup & DR Strategies - Containers & Orchestration: Kubernetes (EKS), Docker, ECS, Fargate - Monitoring & Logging: CloudWatch, AWS X-Ray, AWS Systems Manager, ELK Stack Soft Skills & Experience: - Experience in leading technical teams and managing people effectively. - Strong experience in working with international clients and managing cross-cultural teams. - Ability to travel internationally for client engagements, workshops, and conferences. - Excellent stakeholder management, communication, and negotiation skills. - Strong ability to simplify complex cloud concepts for business stakeholders. - Experience in AWS solution costing, proposal development, and RFP responses. - AWS certifications preferred: AWS Certified Solutions Architect - Professional, AWS Security Specialty, AWS Certified DevOps Engineer.

The Senior Specialist - DevOps will lead efforts to optimize and automate the organizations infrastructure and software delivery pipeline. This role requires a deep understanding of cloud services, automation tools, and best practices in CI/CD, with the aim to improve deployment speed, reduce manual processes, and enhance system reliability. Key Responsibilities: Infrastructure Automation & Management: o Design, implement, and maintain scalable infrastructure solutions, leveraging cloud platforms like AWS, Azure, or GCP. o Automate infrastructure provisioning using Infrastructure as Code (IaC) tools such as Terraform, Ansible, or CloudFormation. o Manage configuration and deployment of containerization tools such as Docker and orchestration tools like Kubernetes. Continuous Integration/Continuous Deployment (CI/CD): o Lead the design and management of CI/CD pipelines to ensure efficient, reliable, and scalable software delivery. o Collaborate with development and operations teams to improve automation, reduce release cycle times, and implement best practices. o Ensure the smooth integration of automated testing within CI/CD pipelines for quality assurance. Monitoring & Performance Optimization: o Develop and implement robust monitoring, logging, and alerting systems to ensure high availability and performance. o Monitor infrastructure and application performance using tools like Prometheus, Grafana, or Datadog. o Analyze performance bottlenecks and work on optimizing system performance for scalability and reliability. Security & Compliance: o Implement security best practices in infrastructure management and automation, ensuring compliance with industry standards (e.g., SOC 2, ISO 27001). o Collaborate with security teams to integrate security testing and compliance checks into the CI/CD pipelines. o Manage access controls, secrets management, and vulnerability scans as part of security and compliance measures. Collaboration & Leadership: o Serve as a technical lead and subject matter expert on DevOps practices, mentoring junior team members and collaborating across teams. o Work closely with development, operations, and security teams to establish a culture of DevOps and continuous improvement. o Provide input into project timelines, resource allocation, and risk management. Troubleshooting & Incident Management: o Lead troubleshooting efforts during incidents related to software delivery, infrastructure, or application performance. o Participate in on-call rotations, ensuring swift and effective resolution of critical issues and incidents. o Conduct post-mortems and provide actionable insights to prevent future incidents. Required Skills & Qualifications: Bachelor s degree in Computer Science, Engineering, or related field. 5+ years of experience in DevOps, infrastructure automation, or related roles. Proficiency in cloud platforms (AWS, Azure, GCP) and IaC tools (Terraform, Ansible, CloudFormation). Experience with containerization (Docker) and orchestration tools (Kubernetes). Strong experience in automating CI/CD pipelines using tools like Jenkins, GitLab CI, or CircleCI. Solid understanding of monitoring and logging tools (e.g., Prometheus, Grafana, ELK stack, Datadog). Excellent scripting skills in languages such as Python, Bash, or PowerShell. Familiarity with security best practices in infrastructure and software delivery. Strong problem-solving and communication skills. Preferred Qualifications: Master s degree in Computer Science or related field. Certifications in cloud platforms (AWS Certified DevOps Engineer, Google Cloud DevOps Engineer, etc.). Experience with microservices architecture and serverless computing. Knowledge of regulatory compliance (e.g., SOC 2, HIPAA, GDPR). What does the future of the air transport industry look like to youWhether you re an industry veteran or someone with experience from other industries, we want to make your ambitions a reality!

About Plum Plum is an employee insurance and health benefits platform focused on making health insurance simple, accessible and inclusive for modern organizations. Healthcare in India is seeing a phenomenal shift with inflation in healthcare costs 3x that of general inflation. A majority of Indians are unable to afford health insurance on their own; and so as many as 600mn Indians will likely have to depend on employer-sponsored insurance. Plum is on a mission to provide the highest quality insurance and healthcare to 10 million lives by FY2030, through companies that care. Plum is backed by Tiger Global and Peak XV Partners. Position Overview We are seeking an experienced Senior Cybersecurity Engineer with 4+ years of expertise to lead our security initiatives and protect our healthcare platform. This role is critical in ensuring the security, privacy, and compliance of our systems that handle sensitive healthcare data for millions of users while enabling rapid business growth. Key Responsibilities Core Security Expertise Demonstrate deep understanding of security domain principles and concepts across multiple disciplines Lead expertise across critical security domains including: Advanced Incident Response and forensics Red Team operations and adversarial simulation Sophisticated Malware Analysis and reverse engineering Attack metrics development and threat modeling Comprehensive Vulnerability Assessment & Penetration Testing Proactive Threat Hunting & Root Cause Analysis Malicious Code analysis and deciphering techniques Advanced SIEM Analysis, XDR integration, and SOAR orchestration Execute complex incident triage based on advanced security parameters and established methodologies Leverage strong scripting expertise (Python, C#, JSON, shell scripting) for security automation and tool development Design and architect secure systems, networks, and application infrastructures for healthcare environments Maintain hands-on expertise with enterprise security tools including Symantec Endpoint Protection & Encryption, Tenable Nessus, Kali Linux, and Burp Suite Cloud Security Architecture & Engineering Design and implement enterprise-grade secure cloud architectures aligned with industry frameworks (CIS, NIST, ISO 27001) Define, maintain, and enforce security patterns for Infrastructure as Code implementations using Terraform and Helm Architect comprehensive security for AWS and GCP services, Kubernetes clusters (EKS/GKE), serverless functions, and containerized workloads Lead the implementation of zero-trust security models and micro-segmentation strategies Design secure multi-cloud and hybrid cloud architectures for healthcare data processing Security Operations & Monitoring Implement and optimize native cloud security tools including AWS Security Hub, GCP Security Command Center, and integrated third-party platforms Deploy and manage advanced security platforms including CrowdStrike, Snyk, Wiz, Prisma Cloud, and SentinelOne Configure and maintain Cloud Security Posture Management Integrate comprehensive security posture monitoring with observability tools like DataDog and enterprise SIEM platforms Conduct regular security audits, automated vulnerability assessments, and compliance verification checks Develop custom security metrics and KPIs for executive reporting Incident Response & Threat Detection Lead investigation and response activities for complex cloud-based security incidents and data breaches Develop, maintain, and continuously improve incident response playbooks and forensics procedures Leverage threat intelligence feeds and frameworks to enhance detection capabilities and threat hunting activities Coordinate with external security vendors and law enforcement during major incidents Conduct post-incident reviews and implement preventive measures Governance, Risk & Compliance Support and lead regulatory audits, comprehensive risk assessments, and compliance initiatives (ISO27001, GDPR, SOC2) Define, implement, and enforce enterprise cloud security standards, policies, and procedures Provide subject matter expertise in secure access management, data protection strategies, and encryption key management Manage vendor security assessments and third-party risk evaluations Develop and maintain security awareness training programs for technical and non-technical staff Required Qualifications Experience & Education 4+ years of hands-on experience in cybersecurity roles with a proven track record of securing production environments at scale Bachelors or Masters degree in Computer Science, Cybersecurity, Information Security, or related technical field Experience in healthcare, fintech, or other highly regulated industries is strongly preferred Core Technical Expertise Cloud Security Platforms : Expert-level proficiency in cloud security architectures: AWS : Deep knowledge of AWS security services, Security Hub, GuardDuty, CloudTrail, Config, IAM, KMS, and VPC security GCP : Comprehensive understanding of Security Command Center, Cloud Security Scanner, Identity and Access Management, and VPC security controls Security Tools & Platforms : Hands-on experience with enterprise security solutions including: Endpoint protection: Symantec Endpoint Protection & Encryption Vulnerability management: Tenable Nessus, penetration testing frameworks Security testing: Kali Linux, Burp Suite, OWASP methodologies Cloud security: CrowdStrike, Snyk, Wiz, Prisma Cloud, SentinelOne Container & Kubernetes Security : Advanced proficiency in securing containerized environments including RBAC, network policies, admission controllers, and Pod Security Standards Programming & Scripting : Strong development skills in Python, Bash, Go, and Infrastructure as Code tools (Terraform, CloudFormation) Authentication & Authorization : In-depth understanding of modern identity protocols including OAuth2, OpenID Connect (OIDC), SAML, and zero-trust architectures Security Specializations Incident Response : Proven experience leading complex security incident investigations and coordinating response activities Threat Intelligence : Experience with threat hunting, malware analysis, and leveraging threat intelligence platforms DevSecOps Integration : Hands-on experience integrating security tools into CI/CD pipelines and implementing security-as-code practices Security Architecture : Experience designing secure system architectures and implementing defense-in-depth strategies Professional Certifications Required Certifications (minimum 2 of the following): AWS Certified Security - Specialty Google Professional Cloud Security Engineer Certified Information Systems Security Professional (CISSP) Certified Kubernetes Security Specialist (CKS) Certified Information Security Manager (CISM) CompTIA Security+ Certified Ethical Hacker (CEH) Leadership & Communication Skills Proven ability to lead security initiatives and mentor junior security professionals Experience with crisis management and executive-level security reporting Strong written and verbal communication skills for technical and non-technical audiences Ability to work independently while collaborating effectively across cross-functional teams Experience with security awareness training and building security culture

Job Summary The Vendor Qualification Manager is responsible for overseeing the qualification, monitoring, and ongoing assessment of vendors that support GxP systems and services. This role ensures that vendors are selected, assessed, and managed in accordance with applicable regulatory requirements (FDA, EMA, MHRA), GAMP 5 principles, and internal quality standards. Key Responsibilities Vendor Qualification & Assessment Lead and execute vendor qualification activities for GxP-relevant third-party providers (e.g., SaaS, IRT, eTMF, CROs, IT service providers). Develop and maintain the vendor qualification strategy and risk-based assessment framework. Conduct vendor audits (remote and on-site), prepare audit plans, reports, and CAPA follow-up. Maintain up-to-date documentation for vendor qualification including risk assessments, questionnaires, and technical agreements. Governance & Lifecycle Oversight Establish and maintain a centralized vendor inventory and qualification status. Collaborate with Procurement, IT, Validation, and Business Owners to ensure vendor compliance throughout lifecycle. Ensure appropriate contracts, Quality Technical Agreements (QTAs), and SLAs are in place. Participate in vendor onboarding and change control processes for qualified vendors. Compliance & Continuous Improvement Stay abreast of evolving regulatory expectations for third-party oversight. Support inspection readiness and represent vendor oversight during audits or regulatory inspections. Identify areas for improvement in vendor management processes and drive continuous improvement. Provide training and guidance on vendor qualification procedures across functions. Qualifications Education Bachelor s or Master s degree in Life Sciences, Computer Science, Quality, or a related field. Experience Minimum 5 8 years of experience in QA, compliance, or validation roles in the life sciences industry. 3+ years of direct experience in vendor qualification or third-party oversight for GxP systems. Experience conducting vendor audits and managing supplier CAPAs. Strong knowledge of GxP regulations (21 CFR Part 11, EU Annex 11), GAMP 5, and ICH Q10. Skills In-depth understanding of software development lifecycles and cloud vendor qualification (e.g., SaaS). Strong analytical, communication, and negotiation skills. Ability to manage multiple priorities in a fast-paced environment. Proficiency in quality systems and tools (e.g., eQMS, VMS, audit tracking tools). Preferred Qualifications Auditor certification (e.g., ISO 9001, ISO 27001, or equivalent). Knowledge of data integrity principles and AI/ML vendor oversight. Familiarity with privacy requirements (GDPR, HIPAA) for vendor assessment. Working Conditions Some travel required (~15 25%) for on-site vendor audits May require flexible hours to work with global teams

About the Role: We are seeking an experienced and highly skilled Technical Architect with deep expertise in backend systems design and blockchain technology . The ideal candidate will be responsible for designing scalable backend architectures, leading the development of secure and efficient blockchain/crypto currency integrated systems, and providing technical leadership to cross-functional teams. The ideal candidate should also have worked extensively with Node.js, TypeScript/JavaScript , and MySQL , and must bring deep architectural and system design experience . Responsibilities: . Design and define high-level backend architecture and system components, ensuring scalability, performance, security and reliability. Lead the design and integration of blockchain components into existing and new product ecosystems. Define and enforce architectural standards and guidelines; conduct architecture reviews. Collaborate closely with Product, Engineering, and Security teams to deliver well-architected and scalable solutions. Evaluate and integrate emerging technologies and blockchain protocols suitable for business use cases. Drive POCs and technical feasibility assessments for new products and features. Conduct code reviews and mentor engineers on architectural principles and modern development techniques. Ensure security, data integrity, and compliance with industry best practices and standards. Desired Candidate Profile: 15+ years of experience in backend development and system architecture. Proven experience designing and implementing scalable backend systems using Node.js and TypeScript/JavaScript .Strong expertise in MySQL or other relational databases. Hands-on experience with blockchain protocols , smart contracts, or decentralized application development. Solid understanding of RESTful APIs , microservices, event-driven architecture, and authentication protocols (OAuth, JWT, etc.). Exposure to cloud platforms such as AWS, GCP, or Azure. Good to have - experience with Layer 1/Layer 2 blockchain solutions (e.g., Ethereum, Polygon, Solana). About Liminal: Liminal is a compliant and insured digital asset custody and wallet infrastructure provider. Launched in April 2021, Liminal Custody is a CCSS Level 3, SOC Type 2, and ISO 27001 & 27701 certified organization. Based in Singapore, Liminal has operations spread across APAC, MENA, and Europe, along with offices in Singapore,Taiwan , India, and UAE. The company has received an initial approval from VARA. Liminal takes pride in supporting businesses with its qualified and insured custody (self and institutional) that enables stress-free safekeeping of digital assets for institutions. It also provides a cutting-edge wallet infrastructure platform that is secure, compliant, and automated and comes with a plug-and-play architecture for faster onboarding of developers, business partners, and government agencies. Our website - https://www.liminalcustody. com/

Jun 16, 2025 Location: Bengaluru Designation: Deputy Manager Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 4-5 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Jul 28, 2025 Location: Mumbai Designation: Assistant Manager Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure

Collaborate with business unit heads (Regulatory, AFT, HR & Payroll) to define hiring needs. Source, screen, and shortlist candidates across roles \u2014 especially in accounting, finance, company secretarial, legal, and compliance functions . Handle job postings, candidate pipeline management, and interview coordination through Zoho Recruit . Conduct preliminary interviews and coordinate panel rounds. Maintain and update recruitment dashboards and reports for management review. Build and maintain a strong talent pool for niche profiles. Onboarding (30%) Coordinate with Admin, IT, and Payroll for

Vestas is well-known in wind technology and actively contributes to its development. Vestas core business comprises the development, manufacture, sale, marketing, and maintenance of Wind Turbines. Come and join us at Vestas! Vestas Technology & Operations > Frontend Engineering & Technology > Global Power Plant Solutions Vestas Technology & Operations (VTO) is where new product solutions envisioned, developed, improved, and verified before we in Front-end Engineering & Technology take full technical accountability of deployment in customer projects. Within VTO and Front-end Engineering & Technology, you will find our Global Power Plant Solutions team. A team that enables our regional colleagues with Technical- and Functional Excellence. Responsibilities Maintain up-to-date knowledge of key CS standards & frameworks including ISA/IEC 62443, ISO 27000 Series, C2M2 Framework, NIST CSF, AESCSF, NERC-CIP, EU NIS2 Directive, EU Cyber Resilience Act and Country-specific Critical Infrastructure cybersecurity legislation Identify and mitigate contractual risks in alignment with Vestas internal guidance Review the Cyber security contract language in alignment with Vestas business units with stakeholder engagement Customer negotiations to enable the regions to close technical deals on cyber security offerings Collaborate closely with teams across Vestas business units, Cyber community in the organization to ensure cybersecurity commitments are realistic and deliverable Translate identified cybersecurity gaps from customer contracts into clear, structured requirements to product teams Follow up on mitigation plans, timelines, and implementation feasibility with product and engineering teams Conduct gap analysis between contractual cybersecurity commitments and actual capabilities delivered Monitor evolving global cybersecurity legislation relevant to OT and industrial control systems (ICS) Analyze and interpret evolving cyber security legislation requirements impact on Vestas offerings Initiate cross-functional alignment and implementation where necessary Prepare and deliver training material related to all the above Qualifications Masters / Bachelors in Cybersecurity / Computer Science / Similar engineering specialization Cyber security models, frameworks, systems, principles, concepts, designs & architectures for IT & OT systems International and National Legislation & Standards related to OT Safety & Cyber security Extensive knowledge of cybersecurity standards (e.g., IEC 62443, NIST, ISO 27001) Good exposure to industrial control system Effective communication, negotiation, and presentation skills in English Experience working in a global, cross-functional, and matrix organization Acumen with Industry certifications such as IEC 62443, GICSP, CISSP, CISM, or similar are preferred Familiarity with energy or renewables industry and operational environments Competencies OT systems development, design, architecture, and deployment in the electric utility industry Technical and organizational cyber security implementation projects Sales contract reviews, revisions, and customer negotiations Product stakeholder management What We Offer In this position, you will be able to put your competencies and experience to the test in a modern and growing company. You will have the opportunity to help improve the position of Vestas in key markets while being part of a company with rapid growth. Join Vestas and you will cultivate your career in an inspiring environment at a renowned wind turbine and power plant OEM, which has an ongoing dedication to sustainability. We value individual initiative, the willingness to take initiative, and the right balance between creativity and quality in all solutions. We offer you an exciting and inspiring job with great opportunities for professional and personal development within the major player in wind energy. In this position, you will be at the heart of the action of the wind industry. Despite being the largest presence in the industry, Vestas is responsive, giving you the freedom to act creatively in a truly global environment, within a highly diverse, skilled, and knowledgeable team. Team members with experience working in Regional Engineering & Technology are highly valued across multiple functions in Vestas - working within Power Plant Solutions opens career paths in Engineering and Project-facing roles within Vestas. Additional Information Your primary workplace will be Vestas India, Chennai. Please note: We do amend or withdraw our jobs and reserve the right to do so at any time, including before the advertised closing date. Please be advised to apply on or before 31st August 2025. Our commitment to a fair hiring At Vestas, we evaluate all candidates solely on professional experience, education, and relevant skills. To support a fair recruitment process, please remove any photos, dates of birth or graduation dates, gender pronouns, marital status, or other personal details not relevant to the role, before submitting your CV. Please keep your CV focused on work and educational details, and the necessary information that we contact you (email and phone number). We train our hiring teams in inclusive evaluation and regularly review process outcomes to ensure fairness. DEIB Statement At Vestas, we recognise the value of diversity, equity, and inclusion in driving innovation and success. We strongly encourage individuals from all backgrounds to apply, particularly those who may hesitate due to their identity or feel they do not meet every criterion. As our CEO states, "Expertise and talent come in many forms, and a diverse workforce enhances our ability to think differently and solve the complex challenges of our industry". Your unique perspective is what will help us powering the solution for a sustainable, green energy future. BEWARE RECRUITMENT FRAUD It has come to our attention that there are a number of fraudulent emails from people pretending to work for Vestas. Read more via this link, https: / / www.vestas.com / en / careers / our-recruitment-process About Vestas Across the globe, we have installed more wind power than anyone else. We consider ourselves pioneers within the industry, as we continuously aim to design new solutions and technologies to create a more sustainable future for all of us. With more than 185 GW of wind power installed worldwide and 40+ years of experience in wind energy, we have an unmatched track record demonstrating our expertise within the field. With 30,000 employees globally, we are a diverse team united by a common goal: to power the solution today, tomorrow, and far into the future. Vestas promotes a diverse workforce which embraces all social identities and is free of any discrimination. We commit to create and sustain an environment that acknowledges and harvests different experiences, skills, and perspectives.

Job Title : Senior DevOps Engineer Infrastructure & Platform Specialist Department : Product and Engineering Location : Remote / Kolkata, WB (On-site) Job Summary: A Senior DevOps Engineer is responsible for designing, implementing, and maintaining the operational aspects of cloud infrastructure. Their goal is to ensure high availability, scalability, performance, and security of cloud-based systems. Key Responsibilities Design and maintain scalable, reliable, and secure cloud infrastructure.Address integration challenges, data consistency. Choose appropriate cloud services (e.g., compute, storage, networking) based on business needs. Define architectural best practices and patterns (e.g., microservices, serverless, containerization). Ensure version control and repeatable deployments of infrastructure. Automate cloud operations tasks (e.g., deployments, patching, backups). Implement CI/CD pipelines using tools like Jenkins, GitHub Actions, GitLab CI, etc Design and implement cloud monitoring and alerting systems (e.g., CloudWatch, Azure Monitor, Prometheus, Datadog, manage engine). Optimize performance, resource utilization, and cost across environments. Capacity planning of resources.- Resource planning and deployment (HW, SW, Capex). Financial forecasting. Tracking and Management of allotted budget. Cost optimization with proper architecture and open source technologies . Ensure cloud systems follow security best practices (e.g., encryption, IAM, zero-trust principles,VAPT). Implement compliance controls (e.g., HIPAA, GDPR, ISO 27001). Conduct regular security audits and assessments . Build systems for high availability, failover, disaster recovery, and business continuity. Participate in incident response and post-mortems. Implement and manage Service Level Objectives (SLOs) and Service Level Indicators (SLIs). Work closely with development, security, and IT teams to align cloud operations with business goals. Define governance standards for cloud usage, billing, and resource tagging. Provide guidance and mentorship to DevOps and engineering teams. Keep updating infrastructure/deployment documents . Interacting with prospective customers in pre-sales meetings to showcase architecture and security layer of the product and answering questions. Key Skills & qualifications : Technical Skills VM provisioning and infrastructure ops on AWS, GCP, or Azure. Experience with API gateways (Kong, AWS API Gateway, NGINX). Experience managing MySQL and MongoDB on self-hosted infrastructure. Operational expertise with Elasticsearch or Solr. Proficient with Kafka, RabbitMQ, or similar message brokers. Hands-on experience with Airflow, Temporal, or other workflow orchestration tools. Familiarity with Apache Spark, Flink, confluent/devezium or similar streaming frameworks. Strong skills in Docker, Kubernetes, and deployment automation. Experience writing IaC with Terraform, Ansible, or CloudFormation. Building and maintaining CI/CD pipelines (GitLab, GitHub Actions, Jenkins). Experience with monitoring/logging stacks like Prometheus, Grafana, ELK, or Datadog. Sound knowledge of networking fundamentals (routing, DNS, VPN, TLS/SSL, firewalls). Experience designing and managing HA/DR/BCP infrastructure. Bonus Skills Prior involvement in SOC 2 / ISO 27001 audits or documentation. Hands-on with VAPT processes especially working directly with clients or security partners. Scripting in Go, in addition to Bash/Python. Exposure to service mesh tools like Istio or Linkerd. Experience: Must h ave 7+ years of experience as DevOps Engineer OTHER DETAILS Engagement : Full Time No. of openings : 1 About SuperProcure SuperProcure is transforming Indian logistics with its next-generation Transportation Management System (TMS) that streamlines and digitizes the entire logistics value chain from vehicle sourcing to freight accounting. SP platform enables seamless collaboration among multiple enterprises, delivering real-time visibility and transparency to all stakeholders. Trusted by Fortune 500 clients like Tata Chemicals, Tata Consumer, ITC, Asian Paints, etc. SuperProcure is solving India s logistics inefficiency responsible for nearly 14% of the GDP by automating manual processes and breaking down operational silos. Backed by IndiaMart, Caret Capital, and IIM Calcutta, and recognized as one of Asia s top TMS providers, we re on a bold mission to save 1% of India s GDP in logistics costs, making Indian industries more competitive globally while simplifying and empowering logistics teams every day. Life @ SuperProcure SuperProcure operates in an extremely innovative, entrepreneurial, analytical, and problem-solving work culture. Every team member is fully motivated and committed to the companys vision and believes in getting things done. In our organization, every employee is the CEO of what he/she does; from conception to execution, the work needs to be thought through. Our people are the core of our organization, and we believe in empowering them and making them a part of the daily decision-making, which impacts the business and shapes the companys overall strategy. They are constantly provided with resources, mentorship, and support from our highly energetic teams and leadership. SuperProcure is extremely inclusive and believes in collective success. Looking for a bland, routine 9-6 job? PLEASE DO NOT APPLY. Looking for a job where you wake up and add significant value to a $180 Billion logistics industry every day? DO APPLY. . Culture: All challenges and fun associated with start-ups. Competitive salary, responsibilities, flat hierarchy, daily challenges, long working hours, delivery pressure, and a fun workplace.

IT Compliance & Audit Lead ZS Governance, Risk & Compliance (GRC) Team Location: Pune, India Function: ZS (IT) Governance, Risk & Compliance (GRC) Level: Lead / Specialist / Consultant Experience Required: 4+ years in technical Information Security and Compliance roles About ZS ZS is a global professional services firm that works shoulder-to-shoulder with companies to help them deliver products and solutions that drive customer value and business impact. With expertise spanning healthcare, life sciences, high-tech, and beyond, we apply cutting-edge analytics, strategy, operations, and digital technologies to real-world challenges. Our Governance, Risk & Compliance (GRC) team is instrumental in preserving ZSs reputation, enabling innovation, and ensuring we remain compliant with global regulatory, privacy, and security standards. The GRC team leads our operational risk management, manages certifications (ISO 27001, SOC 2, ESG, etc.), and champions continuous improvement in internal controls, privacy, and quality frameworks. Role Overview We are seeking a dynamic IT Compliance & Audit Lead to join our Governance, Risk & Compliance (GRC) team in Pune. This role will be pivotal in driving the implementation and evolution of ZSs Continuous Compliance Monitoring (CCM) program. The ideal candidate will bring hands-on technical security expertise, a strong audit and risk management mindset, and the ability to collaborate across technical and business stakeholders. Responsibilities Lead the development and execution of ZSs Continuous Compliance Monitoring (CCM) program across infrastructure, applications, and third-party vendors Collaborate cross-functionally with internal security, privacy, engineering, and operations teams to drive remediation and maturity of compliance gaps Serve as SME for security audits, helping interpret and implement compliance controls (e.g., ISO 27001, SOC 2 Type 2, NIST CSF, HIPAA, ESG reporting frameworks) Design and implement automated compliance checks and control testing routines aligned with risk appetite and audit requirements Conduct and support internal and external audits, including pre-audit readiness assessments, evidence collection, and issue remediation oversight Contribute to enterprise risk assessments, security profiling, and threat modeling to improve ZSs security posture Drive security incident post-mortems and track audit findings to closure with technical leads and business owners Assist in the maintenance and enhancement of security policies, procedures, and standards to reflect evolving risk and regulatory requirements Create training and awareness content related to policy adoption, audit preparedness, and security control responsibilities Provide metrics and executive-level reporting on compliance posture, audit outcomes, and CCM maturity Serve as a technical consultant in areas such as SIEM tuning, bounty hunting initiatives, and threat intelligence integration Qualifications Bachelor's degree in Computer Science, Information Systems, or a related field 4+ years of hands-on experience in Information Security, Audit, Compliance, or GRC roles with technical depth Proven experience implementing or maturing compliance frameworks like ISO 27001, SOC 2 Type 2, HIPAA, NIST CSF, etc. Strong understanding of security tooling and architecture, including: SIEM platforms (e.g., Splunk, Sentinel, QRadar) Threat modeling and profiling tools Vulnerability management platforms Cloud security configurations (AWS, Azure, GCP) Experience with bug bounty programs or threat hunting initiatives is a plus Excellent communication skills; ability to articulate risk and compliance requirements to technical and non-technical stakeholders Certifications preferred: CISA, CISSP, CRISC, CISM, ISO Lead Auditor/Implementer, CEH ZS is a global consulting firm; fluency in English is required. Candidates must possess work authorization for their intended country of employment. An on-line application, including a cover letter expressing interest and a full set of transcripts (official or unofficial), is required to be considered. ZS offers a competitive compensation package with salary and bonus incentives, plus an attractive benefits package. NO AGENCY CALLS, PLEASE. Connect with ZS in India on social media: Like ZS in India on Facebook Follow ZS in India on Twitter and Instagram Follow ZS on LinkedIn for more job opportunities Subscribe to the ZS in India YouTube channel Explore the Life at ZS blog ZS has been recognized globally for its expertise in consulting and its flexible work environment. View ZSs accolades .

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. IDENTITY AND ACCESS MANAGEMENT SPECIALIST ZS IT Support teams are aligned with the companys business strategy and operating model and aims to provide its 10,000 plus employees and their clients the right tools and information for high performance. The IT organization focuses on providing products and services to ZS to ensure successful business outcomes. This involves providing a scalable, sustainable and reliable IT infrastructure, customized applications, messaging and collaboration products, Business Intelligence and Database administration support along with a reliable 24*7 uninterrupted high-quality technology support services. What You'll Do: Develop and execute the IAM strategy and roadmap for ZS, aligning with the business objectives and security requirements. You will define the IAM vision, goals, policies and standards, and oversee the implementation and governance of the IAM framework. Serve as subject matter expert across the lifecycle of identity and access management, including identity governance, access management, privileged access management, identity federation and single sign-on. You will ensure the effective and efficient provisioning, deprovisioning, authentication, authorization and auditing of identities and access rights for all users, roles and applications. Ensure the IAM solutions are scalable, secure and compliant with industry standards and best practices, such as ISO 27001, NIST, SSO, OAuth, SAML, OIDC, etc. You will evaluate and select the appropriate IAM technologies, platforms and tools, and ensure they meet the security, performance and usability requirements. Oversee and design the integration of IAM solutions with internal and client facing applications, covering a fully hybrid model with cutting edge technology, such as cloud, mobile, biometric, etc. You will collaborate with the application owners, developers and architects to ensure the seamless and secure integration of IAM capabilities and features, and support the adoption and migration of applications to the IAM solutions. Train IAM team, providing guidance, coaching and performance evaluation. You will motivate and develop the IAM team Manage IAM vendor contracts, SLAs and deliverables. You will also foster a culture of collaboration, innovation and excellence within the IAM team and across the organization. Establish and maintain effective relationships with key stakeholders, such as business leaders, IT teams, auditors and clients. You will communicate and advocate the IAM strategy, roadmap and value proposition, and solicit feedback and input from the stakeholders. You will also ensure the alignment and coordination of the IAM activities and initiatives with the business and IT priorities and plans. Monitor and report on the IAM metrics, KPIs and SLAs, ensuring the quality and efficiency of the IAM services. You will establish and track the IAM performance indicators, such as availability, reliability, security, compliance, user satisfaction, etc. You will also identify and report on the IAM achievements, challenges and opportunities. Identify and manage the IAM risks, issues and incidents, ensuring timely resolution and mitigation. You will conduct and oversee the IAM risk assessments, audits and reviews, and implement the appropriate controls and remediation actions. You will also manage and escalate the IAM issues and incidents, and coordinate the response and recovery efforts. Stay abreast of the latest trends and developments in the IAM domain, and provide recommendations for continuous improvement and innovation. You will research and benchmark the best practices and emerging solutions in the IAM field, and evaluate their applicability and feasibility for ZS. You will also propose and implement the IAM enhancements and innovations, and drive the continuous learning and improvement of the IAM team and processes. What You'll Bring: Bachelor's degree or higher in Computer Science, Information Systems, Cybersecurity or related field. Minimum 6-8 years of experience in IAM domain, with at least 3 years of experience as a subject matter expert. Proven track record of successfully delivering complex IAM projects in a large and dynamic environment. Strong knowledge and hands-on experience with various IAM technologies, platforms and tools, such as Microsoft EntraID, Okta, SailPoint, beyondTrust, CyberArk, Ping Identity, etc. Excellent communication, presentation and interpersonal skills, with the ability to communicate effectively with both technical and non-technical audiences. Strong analytical, problem-solving and decision-making skills, with the ability to balance business needs and security risks. Certifications in IAM, such as CISSP, CISM, CISA, CRISC, etc., are preferred.

We are seeking a highly motivated and experienced professional to build and lead our Insider Threat Risk Management team within the Information Security group. This role is critical in identifying, assessing, and mitigating insider risks to protect our firms critical data, intellectual property, and operational integrity. The Lead will develop and execute an insider threat program, leveraging behavioral analytics, security tools, and cross-functional collaboration to proactively detect and respond to threats. What You'll Do: Program Development Leadership: Design and implement a comprehensive insider threat and risk management program aligned with business and security objectives. Threat Detection Response: Utilize data analytics, behavioral indicators, and security tools (e.g., UEBA, DLP, SIEM) to monitor and investigate potential insider threats. Risk Assessment Mitigation: Conduct insider risk assessments, define detection methodologies, and recommend mitigation strategies. Collaboration Stakeholder Engagement: Work closely with Legal, HR, IT, Security Operations, and Compliance teams to develop policies, response frameworks, and training initiatives. Incident Handling Investigations: Lead investigations into potential insider threats, ensuring timely response and remediation while adhering to privacy and legal considerations. Security Awareness Training: Drive awareness programs to educate employees and leaders about insider risks and best practices. Regulatory Compliance Alignment: Ensure the program aligns with industry standards (e.g., NIST, ISO 27001, SOC2) and regulatory requirements. Continuous Improvement: Regularly assess and refine the program to adapt to evolving threats and business needs. What You'll Bring: Bachelors degree in information security, Cybersecurity, or related field. 6+ years of experience in information security, with a focus on information protection, DLP and data protection. Strong understanding of information security frameworks, regulations, and standards (e.g., ISO 27001, NIST, GDPR). Familiarity with network security, endpoint protection, and cloud security principles. Ability to balance proactive prevention with reactive incident response. High ethical standards and discretion when handling sensitive information. Demonstrated ability to build and lead teams, with excellent communication and interpersonal skills. Experience with security technologies such as data classification, DLP, encryption, SIEM, and access controls. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Excellent analytical and problem-solving skills, with the ability to assess risks and recommend effective solutions. Strong communication and interpersonal skills to collaborate with various teams and stakeholders. Proven track record of successfully implementing and managing information protection programs.

Career Category Information Systems Job Description Join Amgen s Mission of Serving Patients At Amgen, if you feel like you re part of something bigger, it s because you are. Our shared mission to serve patients living with serious illnesses drives all that we do. Since 1980, we ve helped pioneer the world of biotech in our fight against the world s toughest diseases. With our focus on four therapeutic areas Oncology, Inflammation, General Medicine, and Rare Disease we reach millions of patients each year. As a member of the Amgen team, you ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let s do this. Let s change the world. We are looking for a seasoned IAM Architect with deep expertise in designing and implementing enterprise-grade identity and access management solutions. The ideal candidate will have hands-on experience with SailPoint Identity Security Cloud (ISC), Ping Identity, Microsoft Entra ID, Okta, and Privileged Access Management (PAM) platforms. This role requires a strategic thinker with strong technical skills to lead IAM architecture initiatives across hybrid and multi-cloud environments. Roles & Responsibilities: Design and Develop the Amgen s enterprise Identity and Access architecture vision and strategy, ensuring alignment with business objectives Architect, implement and manage IAM solutions using SailPoint ISC, Ping Identity, Entra ID, Okta, and PAM tools (e. g. , CyberArk, Beyond Trust). Accountable for designing and building customizations & configurations on the SailPoint ISC, Entra ID, Ping environments as per the business needs including creating custom objects, integrations, fields, workflows Responsible for strategizing IAM Integrations while adhering to consistent integration standards and patterns, designing integration workflows, building connectors, centralizing build & run, and performing a consistent DevOps model for integrations Lead the design of identity lifecycle management, access governance, and role-based access control (RBAC) frameworks. Identify and mitigate architectural risks, ensuring that the IAM platform is scalable, secure, and resilient Maintain comprehensive documentation of the IAM architecture, including principles, standards, user guides, and models Drive continuous improvement in the architecture by finding opportunities for innovation and efficiency Work with stakeholders to gather and analyse requirements, ensuring that solutions meet both business and technical needs Drive Zero Trust and least privilege access strategies. Provide domain expertise in IAM to the team, offering guidance on architecture, solution design, and implementation challenges. Provide hands-on technical leadership in resolving complex technical issues and ensuring smooth deployment and system integration What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Doctorate degree / Masters degree / Bachelors degree and 12 to 17 years of experience in Computer Science, IT or related field of experience Proven experience with: SailPoint Identity Security Cloud (ISC), SailPoint IIQ Ping Identity (PingFederate, PingAccess) Microsoft Entra ID (Azure AD) Okta Identity Cloud Privileged Access Management (CyberArk, Beyond Trust, or similar) Strong understanding of IAM protocols: SAML, OAuth2, OpenID Connect, SCIM, LDAP. Experience with cloud IAM and hybrid identity architectures. Familiarity with regulatory and compliance frameworks (e. g. , SOX, HIPAA, GDPR, ISO 27001). Experience working in agile methodology, including Product Teams and Product Development models Can lead and guide multiple teams to meet techno functional needs and goals Preferred Qualifications: Certifications such as SailPoint Certified Identity Now Architect, Okta Certified Professional, Microsoft SC-300, CISSP, CCSP or CISM. Experience with scripting and automation (PowerShell, Python, REST APIs). Knowledge of DevSecOps practices and CI/CD integration with IAM. Experience with Identity Governance and Administration (IGA) and Identity Risk Management. Good-to-Have Skills: Good Knowledge of the Global Pharmaceutical Industry Understanding of GxP process Strong solution design and problem-solving skills Ability to analyze client requirements and translate them into solutions Soft Skills: Excellent leadership and team management skills. Strong transformation and change management experience. Exceptional collaboration and communication skills. High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented with a focus on achieving team goals. Strong presentation and public speaking skills. Excellent analytical and solving skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams Shift Information: This is a Hybrid position that requires partly office and remote presence and may require working during later hours to align with business hours. Candidates must be willing and able to work outside of standard hours as required to meet business needs . What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers. amgen. com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. .

Job Description: Job Title: PMO Risk Reduction and Service Owner for Key Vendors Corporate Title: VP Location: Pune, India Role Description The Project Manager - Risk reduction is responsible for leading risk and audit remediation initiatives for Hybrid Cloud Infrastructure division. This includes managing end to end delivery of risk mitigation plans, ensuring timely closure of audit findings and strengthening control environments. Strong project management, stakeholder engagement and risk oversight are key success to the role. The Service Owner (SO) is responsible for managing the entire lifecycle of third-party relationships within the organization. This role involves ensuring that all risk assessment tasks and activities are completed accurately and in a timely manner, overseeing the selection and screening of third parties, and ensuring compliance with regulatory requirements. The SO will work closely with various stakeholders to mitigate risks, manage subcontractors, and ensure continuous risk monitoring. What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Project Manager - Risk Reduction : Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting and keeping GTI risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for GTI and key cross divisional priorities impacting GTI (control / remediation book of work) Track project status, maintain action logs, and ensure documentation Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Ensure alignment with internal risk frameworks and regulatory expectations. Service Owner Risk Assessment and Management: Complete risk assessments, ensure proper screening, and report third-party issues. Regulatory Compliance: Nominate Local Service Owners and ensure compliance with local regulatory requirements. Third-Party Selection and Screening: Select third parties, consider risk aspects, and review screening outputs. Control Assessments and Mitigation: Ensure third parties complete required tasks, develop continuity plans, and manage risk mitigation actions. Continuous Monitoring and Termination: Update risk assessments, perform post go-live controls, and execute termination strategies. Contracting and Payment: Complete risk assessments before service commencement, ensure contractual clauses are included, and execute risk process activities for contract renewals or amendments. Stakeholder Management - Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD functions within the bank to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with Divisional Control teams and Embedded Risk teams to manage the audit finding lifecycle Promote and support proactive IT/IS risk culture at the Bank Your skills and experience Overall experience in similar roles for 5-8 years in a global Bank withing Technology division or IT/IS audit Minimum 5 years of experience within Risk and Control domain steering technology risk framework / control implementation in a global organization Proven experience in Project management in Risk related programs, including managing vendor governance in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 etc Deeper understanding of industry wide risk landscape and regulatory expectations Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs.

Job Description: Job Title: Information Security Specialist - AVP Location: Pune, India Role Description The Information Security Analyst is responsible for supporting the execution of the Information Security strategy. The Information Security Analyst provides data and analysis to measure the effectiveness of Information Security controls across group wide products and services. The Information Security Analyst identifies and evaluates potential areas of Information Security threats by assessing the probability and impact and facilitates feedback for mitigation. Roles within Information Security may cover one or more areas of specialty, e.g., Identity & Access Management (which may include, for example, authentication; access management & control; recertification etc.); Information Security ( IS ) Operations (which may for example include, cyber threat operations; cyber forensics, protection against data leakage etc.) and IS Technology (which may include IS architecture, IS engineering, cryptographic services etc.) What we ll offer you As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Review Risk Assessment (Application/Technical Risk profile) and Assurance spot checks for Compliance evaluation (e.g., IS/Cloud/SOx/MAS/Client Access Management/other regulatory controls) Analysis and verification of compliance issues Support stakeholder remediation activities Collect and review evidence (e.g., from de-centrally managed applications) Create compliance issue tickets and address issues to responsible stakeholders. Analyze and identify root causes. Provide and prepare data for management communication. Preparing reports for stakeholders and management Improvement and documentation of operational tracking activities Raise Business Requirements to Central Solutions run by other CSO teams. Your skills and experience Attitude of diligence and precision Ability to integrate in heterogeneous teams. Proactively driving topics, not shunning to address issues to higher management levels. Structured way of thinking and working Very good communicator Very good analytical and problem-solving skills Very good English (verbal and written) Experience in Excel (advanced) Good German skills beneficial Good Python programming skills beneficial Certifications in ISO 27001 or information security (e.g., CISSP, CISA) beneficial Practical experience in Governance or Compliance Monitoring beneficial. Knowledge about basic principles of Identity and Access Management beneficial How we ll support you Training and development to help you excel in your career. Coaching and support from experts in your team A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About us and our teams https: / / www.db.com / company / company.htm

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a professional in our Cyber - Enterprise Security Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Location and way of working Base location: Mumbai, Delhi, Pune, Hyderabad, Bangalore Professional is required to work from office Work you ll do : Work independently to lead and complete high quality threat-based risk assessments, business impact analysis across a diverse set of cloud technologies, business functions, and platforms. Conduct cloud infrastructure security risk assessments based on cloud security best practices. Assess cloud security architecture Cloud security controls evaluation to ensure compliance with business scope, security policies and standards Preparing cloud infrastructure risk assessment reports. Work closely with internal management/team and client business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent assessment of risks by following a structured risk assessment methodology. Driving the efforts to identify, assess, and communicate the cloud information security risks to relevant-internal and external stakeholders. Skills Required : Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Should have the ability to work independently Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure Qualifications/Experience: Bachelor s degree preferred in Computer Science, Information Security, Information Technology, Engineering Cloud security certifications CCSK/CCSP, AWS/Azure/GCP 3-6 years of working experience in Cyber Security Consulting with proficiency in cloud security assessment Should have played a role in client engagements Preferred: Certifications: CCSK/CCSP, Azure/AWS/GCP certifications

Job Description Job Description: As a Senior Bidder, you will work closely with one or more Sales Directors aligned with overall sales goals to support client relationship management. This role requires a strong understanding of the company s full range of offerings and plays a key role in client satisfaction, account management, and sales strategy. Essential Duties and Responsibilities: Facilitate bid process by qualifying RFP s, writing proposals, and developing effective pricing for clients. Define project-level feasibility for client bids using proprietary tools. Keep the company s CRM tool updated with delivered bids. Work with Account Directors and Sales Directors to develop, expand and leverage the client relationship with focus on developing incremental revenue through closing sales, effective up[1]selling and managing client expectations during delivery phase. Assist the Client Services Team during project delivery with additional information and partner source, if required. Assist in presentations, and other sales related activities, required by the Sales Director and Account Directors. As part of job responsibilities, you are required to comply with ISO 20252:2019 and ISO 27001 standards. Supervisory Responsibility: No Qualifications Bachelor s degree or equivalency preferred 2-5 years Bidder and 5-8 Years Senior Bidder of experience in pre-sales and proposal management in the Market Research industry Strong communicat

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a professional in our Cyber -ES Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Location and way of working Base location: Mumbai Professional is required to work from office Work you ll do Work independently to lead and complete high quality threat-based risk assessments, business impact analysis across a diverse set of cloud technologies, business functions, and platforms. Conduct cloud infrastructure security risk assessments based on cloud security best practices. Assess cloud security architecture Cloud security controls evaluation to ensure compliance with business scope, security policies and standards Preparing cloud infrastructure risk assessment reports. Work closely with internal management/team and client business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent assessment of risks by following a structured risk assessment methodology. Driving the efforts to identify, assess, and communicate the cloud information security risks to relevant-internal and external stakeholders. Skills Required: Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Should have the ability to work independently Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure Qualifications/Experience: Bachelor s degree preferred in Computer Science, Information Security, Information Technology, Engineering Cloud security certifications CCSK/CCSP, AWS/Azure/GCP 1-3+ years of working experience in Cyber Security Consulting with proficiency in cloud security assessment Should have played a role in client engagements Preferred: Certifications: CCSK/CCSP, Azure/AWS/GCP certifications

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a professional in our Cyber - Enterprise Security Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Location and way of working Base location: Mumbai, Delhi, Pune, Hyderabad, Bangalore Professional is required to work from office Work you ll do : Work independently to lead and complete high quality threat-based risk assessments, business impact analysis across a diverse set of cloud technologies, business functions, and platforms. Conduct cloud infrastructure security risk assessments based on cloud security best practices. Assess cloud security architecture Cloud security controls evaluation to ensure compliance with business scope, security policies and standards Preparing cloud infrastructure risk assessment reports. Work closely with internal management/team and client business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent assessment of risks by following a structured risk assessment methodology. Driving the efforts to identify, assess, and communicate the cloud information security risks to relevant-internal and external stakeholders. Skills Required : Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Should have the ability to work independently Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure Qualifications/Experience: Bachelor s degree preferred in Computer Science, Information Security, Information Technology, Engineering Cloud security certifications CCSK/CCSP, AWS/Azure/GCP 8-10 years of working experience in Cyber Security Consulting with proficiency in cloud security assessment Should have played a role in client engagements Preferred: Certifications: CCSK/CCSP, Azure/AWS/GCP certifications How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As a professional in our Cyber - Enterprise Security Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Location and way of working Base location: Mumbai, Delhi, Pune, Hyderabad, Bangalore Professional is required to work from office Work you ll do : Work independently to lead and complete high quality threat-based risk assessments, business impact analysis across a diverse set of cloud technologies, business functions, and platforms. Conduct cloud infrastructure security risk assessments based on cloud security best practices. Assess cloud security architecture Cloud security controls evaluation to ensure compliance with business scope, security policies and standards Preparing cloud infrastructure risk assessment reports. Work closely with internal management/team and client business representatives to scope assessments, gather documentation, interview clients, identify risks, document findings, and ensure transparent assessment of risks by following a structured risk assessment methodology. Driving the efforts to identify, assess, and communicate the cloud information security risks to relevant-internal and external stakeholders. Skills Required : Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Should have the ability to work independently Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure Qualifications/Experience: Bachelor s degree preferred in Computer Science, Information Security, Information Technology, Engineering Cloud security certifications CCSK/CCSP, AWS/Azure/GCP 6-8 years of working experience in Cyber Security Consulting with proficiency in cloud security assessment Should have played a role in client engagements Preferred: Certifications: CCSK/CCSP, Azure/AWS/GCP certifications How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters.

Manager - Cyber Security About Navi Navi is one of the fastest-growing financial services companies in India providing Personal Home Loans, UPI, Insurance, Mutual Funds, and Gold. Navis mission is to deliver digital-first financial products that are simple, accessible, and affordable. Drawing on our in-house AI/ML capabilities, technology, and product expertise, Navi is dedicated to building delightful customer experiences. Ignite the Spirit of a Navi_ite Imagine being at th e heart of India s fastest-growing financial services company, where every day brings the opportunity to redefine how millions manage their money. Navi is transforming the landscape with Personal and Home Loans, UPI, Insurance, Mutual Funds, and Gold delivering innovation that makes financial products simpler, more accessible, and truly affordable. With our cutting-edge AI/ML technology and deep expertise, we re not just setting new standards; we re creating experiences that delight and inspire. This is your chance to be part of something extraordinary. At Navi, you won t just be advancing your career; you ll be leading a revolution in finance. Join us and discover how it feels to be at the forefront of this. Founders Sachin Bansal Ankit Agarwal Job Summary We are seeking an experienced Cyber Security professional to lead the Cyber Security team . The ideal candidate will be responsible for developing and implementing comprehensive security strategies to protect our organization s information assets. This role involves overseeing security operations, managing security incidents, and ensuring compliance with relevant regulations and standards. Key Responsibilities Leadership and Strategy Develop and implement the overall security strategy for the organization. Build, Lead and mentor cyber security team, ensuring continuous development and improvement. Provide strategic direction and guidance on all security-related matters to senior management. Security Operations Oversees the day-to-day operations of the IT security and cloud security, including monitoring, incident response, and vulnerability management. Knowledge of SIEM, XDR, ASM, DMARC, IAM , cloud security, email security, CASB, DLP is mandatory Experience and knowledge of managing security operations center (SOC). Proficiency with SIEM tools (e.g., Splunk, ArcSight, QRadar). Ability to configure, monitor, and analyze security events. Knowledge of threat hunting, threat modeling, and incident response. Ability to analyze threat data and implement proactive security measures. Cloud SecurityUnderstanding of cloud security principles and best practices for AWS and Google Cloud. Experience with cloud security tools and services Manage and respond to security incidents and breaches, conducting thorough investigations and implementing corrective actions. Risk Management Identify, assess, and prioritize potential security risks and vulnerabilities. Experience with vulnerability assessment tools (e.g., Nessus, Qualys). Knowledge of patch management processes and remediation strategies. Develop and implement risk mitigation strategies and controls. Conduct regular security assessments and audits to ensure compliance with policies and standards. Policy and Compliance Develop, review, and update security policies, procedures, and guidelines. Ensure compliance with industry standards and regulatory requirements (e.g., ISO 27001, PCI-DSS, RBI, IRDAI and SEBI). Coordinate and lead internal and external audits related to IT security. Training and Awareness Promote a culture of security awareness throughout the organization. Technology and Innovation Stay current with emerging security threats, technologies, and industry trends. Evaluate and implement new security technologies and solutions to enhance the organization s security posture. Qualifications Education Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable. Experience 7 to 10 years of experience in cyber security, with at least 2 years in a Team lead role. Proven experience in developing and implementing security strategies and policies. Strong knowledge of security frameworks, standards, and best practices. Skills Excellent leadership and team management skills. Strong analytical and problem-solving abilities. Effective communication and interpersonal skills. Proficiency in security tools and technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM). Personal Attributes High level of integrity and ethical conduct. Ability to work under pressure and manage multiple priorities. Strong attention to detail and accuracy. What is awaiting you at Navi Unyielding Perseverance, Boundless Passion, Unwavering Commitment Are you ready to channel your relentless drive into something truly transformativeAs a Navi_ite, you will embody the essence of perseverance and passion, pushing boundaries and redefining what s possible. As a Navi_ite, you ll be at the forefront of our mission, taking on responsibilities that challenge you and push the limits of what you thought possible. Relentless Pursuit of Unmatched Excellence Imagine a place where your quest for excellence knows no bounds. At Navi, we don t just set high standards; we live them. At Navi, we believe in delivering exceptional results and creating real value. You will have the opportunity to tackle projects with precision and pride, setting standards and achieving outcomes that make a tangible difference. Your ability to manage tasks effectively and maintain high standards will be key to our shared success. Unbreakable Resilience and Agility Visualize yourself thriving in an environment where change is not a barrier but a catalyst for your growth. As a Navi_ite, you ll turn every challenge into an opportunity with your unparalleled resilience and adaptability. Your adaptability will be essential as you navigate evolving situations, contributing to both your personal development and the team s achievements. Joining Navi means stepping into a role where your perseverance, pursuit of excellence, and resilience are not just valued they are celebrated. If you re ready to leave a legacy of impact and innovation, your journey starts here. Embrace this chance to be a part of something extraordinary and let your potential shine. Your future as a Navi_ite awaits.

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you re always ready to act ahead. Learn more about Technology & Transformation Practice Your work profile As a practitioner in our Cyber Team, you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients vendors risk assessment and providing a holistic view of clients risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Demonstrates ability to work independently on projects with limited supervision Demonstrates understanding of complex business and information technology management processes Demonstrates working knowledge of firm tools and methodologies that may be suitable for the engagement Manages day-to-day client relationships at mid and lower levels. Participates in proposal development efforts to sell "add-on" work to clients Identifies opportunities to improve engagement economics Plays substantive role in designing and implementing business development plan for the service line Plays substantive/lead role in retention of professionals and in building staff complement, mix, and recruiting Undertakes initiatives in people and practice development Desired qualifications Cyber experience ranging from 1 year to 7yrs is mandatory. Levels being hired for: Analyst, Senior Analyst, Consultant, AM, DM B.E / B.Tech (Tier 1/2) in Computer Science, Information Technology or related fields ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification Strong communication skills (written & verbal) Understanding of basic business and information technology management processes. Basic knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, identity management, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection Location and way of working Base location: Coimbatore/Chennai/Kochi This profile involves frequent travelling to client locations. Your role as a practitioner We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, practitioners across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Repor t a nd our India Impact Repor t . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young Worl d partnership . Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities . Know mor e about everyday steps that you can take to be more inclusive . A t Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte . Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruitin g tips from Deloitte professionals .