776 Iso 27001 Jobs - Page 2

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Assurance is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Learn more about Audit & Assurance Practice Your work profile In our Assurance (A&A) Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Job Description Roles and Responsibilities At Deloitte, you are expected to contribute to the firms growth and development in a variety of ways, including: Familiarity with various risk assessment methodologies and tools . Establish and maintain effective working relationships with third-party vendors, ensuring clear communication channels and mutual understanding of expectations. Knowledge of cybersecurity, data privacy, and compliance frameworks (e.g., ISO 27001, NIST, GDPR) is desirable. Conduct periodic audits and assessments to ensure ongoing compliance with contractual obligations, service level agreements, and regulatory requirements. Conduct comprehensive risk assessments of prospective and existing third-party vendors to evaluate their ability to meet the organizations requirements. Utilize risk assessment frameworks, methodologies, and tools to ensure a systematic and objective evaluation of third-party risks. Conduct comprehensive risk assessments of third-party vendors, suppliers, and service providers. Evaluate the vendors risk profile by analyzing financial statements, legal and regulatory compliance, cybersecurity practices, and operational processes. Eligibility criteria and requirements: B.E/B. Tech in Computer Science, Information Technology, or related fields. Chartered Accountant and/or MBA with Finance/IT Must have 4 6 years of experience in the areas of IT audits. Knowledge of ERP s like SAP / OFIN / JDE / etc and their native application controls will be preferred. Must have hands on experience on regulatory requirements / international standards (SSAE / ISAE / SOX, PCI, ISO 27001) and good practices (COSO, COBIT) relating to information security. Must have Excellent English skills, excellent presentation skills, excellent soft skills. Must have Excellent English skills, excellent presentation skills, excellent soft-skills Team Management skill is mandatory Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruiting tips from Deloitte professionals.

Minimum 3+yrs experience in Information Technology Infrastructure, Information Security, IT Audits etc Experience in managing Information Security Management, GRC, Cyber, System & ISO Audits. Good knowledge of SEBI Cyber Security & NCIIPC guidelines. Required Candidate profile Exposure on ISO 27001, ISO 22301, ISO 9001, NIST framework. Good interpersonal,communication, documentation & presentation skills. Track compliance /regulatory requirements & ensure on time reporting. Perks and benefits To be disclosed post interview

Job Role & responsibilities:- Develop and maintain Security Controls relating to 3rd Party suppliers. Carry out reviews/audits/risk assessments to ensure Third Parties are compliant to inhouse Security standards. Align 3rd Party security assurance to the group standards. Ensure Contracts include security schedules. Own relationships with third party suppliers and follow up on unresolved issues. Support, review and quality assure assurance Reporting and Dashboard Assess and develop a supplier information risk tiering to rate suppliers based on criticality of services to be delivered Engage with wider stakeholders to understand and gather supplier strategy and risk management requirements. Assess and develop a set of security requirements from Information policy framework to be included as part of supplier contract schedules Technical Skills , Experince & Qualification required:- Experince into Third party risk Management Bachelor degree in Computer Science, Engineering, or related field. An MSc Information Security would be desirable but is not essential ISO 27001 Lead Auditor certification strongly preferred In depth experience of Security domains, architectures and issues. Information Security and/or Information Technology industry certification (CISSP, CISM or equivalent) strongly preferred Immediate Joiners will be preferred only

Job Description: Job Title: Risk and Controls Specialist, VP Location: Bangalore, India Role Description: The 1st line GTI Risk and Controls function is part of Group Technology Infrastructure (GTI), which is a division of Technology, Innovation and Data (TDI) of Deutsche Bank Group. As part of the GTI Risk and Controls team, you will contribute towards DB strategic goals to improve operational resilience and reduce risk. Specifically, you will support a proactive risk management function. As such, your role will be focused on risk identification and remediation activities. Additionally, you will use your expertise to plan and execute thematic risk assessments as well as supporting risk scenario testing and macro threat assessments. What we ll offer you: As part of our flexible scheme, here are just some of the benefits that you ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities: GTI Risk Management (InfoSec) Serve as the IT Security delegate for the CIO Unit (i.e. GTI), managing a team of Analysts / Associates / AVPs. Drive InfoSec Controls compliance activities / InfoSec Controls implementation facilitation management responsibilities. Steer IT Security initiatives and programs. Interface with application-level teams and app owners to facilitate and support remediation activities and consequent adoption of compliance solutions for the GTI applications estate across the CSO mandated security control domains. Manage stakeholders across InfoSec Control areas and multiple InfoSec Governance Forums. Orchestrate periodic reporting activities and deliverables governing the InfoSec controls compliance space. This role holds the ownership of various InfoSec reporting outputs / work-products. Coordinate closure actions related to SII/Findings within the Findings Management space. Provide GTI ERTs with InfoSec SME support wherever required. Work with the associated D-CISO (Divisional Chief Information Security Officer) for maintenance of Divisional ISMS (Information Security Management System) over IT assets and processes. Support the implementation of IT Security requirements and ensure overall Information Security posture is within agreed Risk Appetite. Work in close collaboration with the CIO area (i.e. GTI) level application teams and the technical security structure embedded within the CIO-1 units namely the DTISOs/TISOs (Divisional Technical Information Security Officers). Steer IT Security initiatives and programs. Ensure all members of the IT Security organization are trained and have completed the curriculum specific to their assigned roles. Advise and report on Technical Information Security topics. Report regularly on the status of IT Security to the CIOs, relevant IT senior management and to key stakeholders. Additionally, Report to the associated Divisional CISOs on handling of information security topics, issues and risks. Support the Divisional CISO in managing Information Security topics for Technical Security Matters. Ensure effective and efficient communication of all IS requirements and decisions within their IT Security organization. Stakeholder Management Identify, Partner, and Collaborate Establish relationship with the DTISO/TISO community within GTI to ensure effective and robust support towards InfoSec realm of activities. Partner with the CSO teams to ensure alignment towards Group wide CSO mandated InfoSec controls and standards. Collaborate closely and proactively with the DTISO teams to manage the alignment towards InfoSec control requirements. Promote and support proactive IT risk culture at the Bank. Your skills and experience: Desired experience 15+ years of experience as Risk and Control Lead in designing and implementing Technology risk framework in a global organization. Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001. Knowledge of Agile change delivery methodology, DevOps and Shift left concepts. Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains. Other professional qualifications and certifications in Technology risk management. Desired behaviors A strong team player able to operate in a cross-cultural and diverse operating environment. Result oriented and ability to deliver under tight timelines. Proven ability to lead a team Ability to successfully resolve conflicts in a globally matrix driven organization. Excellent communication and collaboration skills. Desire to learn about new and emerging technologies and continuous upskilling. Must be comfortable with navigating ambiguity to extract meaningful risk insights. How we ll support you: Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs

Jul 25, 2025 Location: Bengaluru Designation: Deputy Manager Entity: Deloitte Touche Tohmatsu India LLP Context & Main Purpose of Role As A Cyber Security Reporting Senior Consultant, you will work with internal and external stakeholder of Cyber Security Org to understand the reporting requirements and translate it to Measurable metrics, KPIs and KRIs to track cyber Security Posture of the Organization Ideal candidate will be having an experience for 5+ years in BISO or Senior analyst role for a Security organization in global company in GRC, Vulnerability Management, Secure by Design, NIST implementation domain. Key Responsibilities / Focus Areas: Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Understanding of Various framework such as NIST, ISO 27001, MITRE etc. and use the framework-based reporting to draw actionable insights for Cyber-savvy as well as non-technical stakeholder. Excellent presentation and program Management skills to drive Cyber Security reporting program independently with timely reviews, status updates and problem-solving ability to ensure project meets its desired objective. Understanding of Visual modes of communications Dashboards and Presentation for Senior stakeholders and ability to quickly turn in prototypes, solution for Cyber reporting requirements. Translate concepts into user flows, wireframes, mockups, and prototypes that lead to intuitive user experiences on the dashboard. Understanding of users requirements, ability to document requirement write user stories, RCA reports, design compelling presentations to support various stakeholders responsible for decision making Facilitate the client s dashboard vision by researching, conceiving, sketching, prototyping, and user-testing experiences for Power BI dashboards. Design and deliver wireframes, user stories, user journeys, and mockups optimized for Power BI service. Make strategic design and user-experience decisions related to core, and new, functions and features. Take a user-centered design approach and rapidly test and iterate your designs. A clear understanding of the importance of user-centered design and design thinking.

Job Title: Audit & Compliance Specialist Experience: 5 8 Years Certifications Required: ISO 27001 Lead Auditor (Mandatory) Job Summary: We are seeking an experienced and proactive Audit & Compliance Specialist to lead and manage internal audits, client audits, and RCSA (Risk Control Self-Assessment) exercises. This role will act as a key liaison between internal stakeholders, subject matter experts (SMEs), and external/internal auditors to ensure timely, accurate, and complete delivery of audit responses and evidence. Key Responsibilities: Coordinate and manage internal audits, client audits, and RCSA assessments from planning through closure. Work closely with auditors to understand assessment scope and requirements. Collaborate with internal stakeholders and SMEs to gather relevant responses and evidence. Review and validate responses to ensure alignment with auditor requirements before packaging and submission. Maintain a well-organized and secure repository of evidence and supporting documents for audits and compliance checks. Draft and maintain clear documentation, trackers, and status reports for all ongoing audit and compliance initiatives. Manage audit timelines, delivery schedules , and ensure commitments are met across teams. Support in developing corrective action plans for audit findings and track closure. Mentor and guide junior resources assisting in audit and compliance projects. Required Skills & Qualifications: ISO 27001 Lead Auditor certification is mandatory. Understanding of Information Security concepts, controls, and frameworks (e.g., ISO 27001, NIST). Proven experience handling internal audits, client audits, and RCSA processes . Strong analytical and problem-solving skills to validate audit responses. Proficient in MS Excel, Word, and PowerPoint for documentation, reporting, and presentations. Exceptional verbal and written communication skills for interacting with clients, auditors, and internal teams. Highly organized with the ability to store, manage, and retrieve evidence efficiently. Demonstrated maturity and capability to handle complex and time-sensitive situations . Ability to work both independently and as part of a team in a fast-paced, cross-functional environment. Nice to Have: Exposure to client-facing security audits . Experience working in regulated industries such as BFSI, Banks or IT Services . Knowledge of Power BI

"Overview Experience3-5 Years Location Hyderabad Skills-Security Operations +Security platforms such as WAF, CASB, ZTNA, CFW, EDR, and SIEM tools +managing Netskope, Devo, and/or Akamai at a configuration/policy level Shift Timing - 6 30 pm - 3 30 am Analyst, Security Operations About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company Omnicom s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey Responsibilities Role Overview We have an exciting opportunity for an Analyst, Security Operations at our Hyderabad office This role is responsible for maintaining the confidentiality, integrity, and availability of personal information and company assets, ensuring compliance with Omnicom s internal policies and standards The Analyst will support the tools, technologies, and operational architecture that monitor and protect Omnicom s physical and digital environments This role plays a vital part in defending the organization s infrastructure and data by executing daily operational security tasks and contributing to long-term strategic security initiatives Key Responsibilities Manage and support cybersecurity tools and software that protect Omnicom s digital and physical environments Operate and maintain controls such as Web Access Firewall (WAF), Zero Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), Cloud Firewall (CFW), Endpoint Detection & Response (EDR), and Security Information and Event Management (SIEM) systems Deploy and maintain software agents and intermediate nodes to facilitate secure operations across cloud and on-premises environments Collaborate across internal Omnicom teams as well as with external support, accounting, and engineering teams from trusted security partners Monitor environments for security threats and respond in accordance with incident response protocols Support ongoing security posture improvement initiatives and assist in risk mitigation efforts Qualifications Required Qualifications 3 5 years of experience in security operations, cybersecurity, or IT infrastructure Working knowledge of security platforms such as WAF, CASB, ZTNA, CFW, EDR, and SIEM tools Familiarity with incident detection, triage, and response processes Experience in agent deployment and system integration for enterprise-wide security tools Strong analytical and problem-solving skills with a proactive security mindset Ability to coordinate across teams and manage third-party security service providers Excellent communication skills and a detail-oriented approach to operational tasks Preferred Qualifications Security certifications such as CompTIA Security+, GIAC, or equivalent Experience with cloud security frameworks and zero trust architecture Exposure to regulatory compliance environments (e g, GDPR, HIPAA, ISO 27001) location_nameAnnalect Indiastreet_addressRMZ Spire, Tower 110,

Educational Qualification: B.Tech Work Experience: Minimum - 9 Years Maximum - 14 Years Nature of Work Experience: Experience in System Engineering, Automation and strong cross-functional team engagement Key Responsibilities: Develop and execute IT Quality Assurance (QA) strategies for applications, infrastructure, and IT service management Lead and manage the IT Testing Team to ensure the delivery of high-quality software products. Collaborate with development teams to identify and resolve defects and issues. Work with cross-functional stakeholders to implement quality gates in agile/scrum and waterfall delivery models Implement and manage automation testing frameworks and tools Drive end-to-end test management across the SDLC including test planning, execution, defect tracking, and release certification. Establish and monitor quality KPIs and metrics across IT teams and report to senior management. Collaborate with project managers, developers, and IT operations teams to ensure quality and reliability in deliverables. Manage internal IT audits and support external IT compliance audits (e.g., ISO 27001, SOC2). Develop and maintain test automation frameworks and scripts Support digital transformation initiatives (e.g., Industry 4.0, Smart Factory, IIoT) with quality oversight Competencies/Skills: Proven experience working in cross-functional IT teams, preferably in complex or hybrid environments. Experience with automation testing tools (e.g., Selenium, QTP, JUnit). Strong understanding of SDLC, DevOps pipelines, CI/CD environments, and IT service management Strong knowledge of IT quality frameworks (e.g., ITIL,CMMI) Experience with cloud platforms (AWS, Azure) is a plus Soft Skills: Analytical mindset with attention to details Assertiveness and Conflict Management Good Influencing Skills Customer orientation Process orientation Keen Learner Any Other (Certification etc.): ITIL , Six Sigma, Az-900

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security #Eviden

Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security Let s grow together.

Role: Social Media & Events Associate (6-Month Contract) Location : Mumbai / Bangalore Duration: 6 months (with opportunity for full-time conversion) About the Role: Were looking for a creative and driven individual to support our social media and event initiatives. This is a hands-on role ideal for recent graduates who are eager to build a career in content and digital marketing. Responsibilities: Support social media planning, posting, and engagement Assist in organizing and promoting events (online and offline) Help track performance metrics across platforms Contribute to content creation copy, creatives, and campaign ideas Desired Candidate profile: A graduate (BMS/BMM preferred) with 0 2 years of experience Familiar with LinkedIn, Twitter, YouTube, and Facebook Passionate about content, storytelling, and brand engagement Actively follows trends and conversations on social media Detail-oriented and comfortable working in a fast-paced environment About Liminal : Liminal is a compliant and insured digital asset custody and wallet infrastructure provider. Launched in April 2021, Liminal Custody is a CCSS Level 3, SOC Type 2, and ISO 27001 & 27701 certified organization. Based in Singapore, Liminal has operations spread across APAC, MENA, and Europe, along with offices in Singapore,Taiwan , India, and UAE. The company has received an initial approval from VARA. Liminal takes pride in supporting businesses with its qualified and insured custody (self and institutional) that enables stress-free safekeeping of digital assets for institutions. It also provides a cutting-edge wallet infrastructure platform that is secure, compliant, and automated and comes with a plug-and-play architecture for faster onboarding of developers, business partners, and government agencies. Our website - https://www.liminalcustody. com/

About the Role: We are looking for a Technical Writer to create and maintain high-quality API and developer documentation for Liminal s Wallet-as-a-Service and Custody platform. This role is crucial in ensuring a seamless developer experience, making API integration easy and efficient for our customers. The ideal candidate must have experience working in an API-first product and creating public-facing developer documentation. You will work closely with engineers, product managers, and developer relations teams to write clear, concise, and user-friendly documentation that helps developers integrate our APIs, SDKs, and Web3 services effortlessly. Responsibilities: Write and maintain public-facing API documentation, developer guides, and integration tutorials. Collaborate with engineering and product teams to translate technical features into developer-friendly documentation. Ensure API usability and clarity by creating structured, well-organized documentation. Maintain OpenAPI (Swagger) documentation and ensure accuracy. Develop code examples, API workflows, and troubleshooting guides. Continuously improve documentation based on developer feedback, analytics, and support queries. Align documentation updates with new product releases and API changes. Implement best practices for documentation versioning, SEO, and accessibility. Assist in creating video walkthroughs, API onboarding tutorials, and technical blogs. Desired Candidate Profile: 4+ years of experience as a Technical Writer in an API-first product. Hands-on experience in writing public-facing developer documentation. Strong knowledge of REST APIs, JSON, OpenAPI (Swagger), and API documentation tools. Ability to read and write code snippets (JavaScript, Python, Node.js, or similar). Experience with developer portals (e.g., GitBook, ReadMe, Docusaurus, or similar). Proficiency with Markdown, AsciiDoc, or other documentation tools. Experience with Postman, API testing tools, and developer environments. Strong ability to simplify complex technical concepts for developers and non-technical users. Good to Have: Startup experience and the ability to work in a fast-paced, dynamic environment. Familiarity with crypto, blockchain, Web3, or DeFi APIs . Experience working with Git and version control for documentation . Background in software development or engineering . Experience in setting up CI/CD workflows for automated documentation updates . About Liminal: Liminal is a compliant and insured digital asset custody and wallet infrastructure provider. Launched in April 2021, Liminal Custody is a CCSS Level 3, SOC Type 2, and ISO 27001 & 27701 certified organization. Based in Singapore, Liminal has operations spread across APAC, MENA, and Europe, along with offices in Singapore, India, and UAE. The company has received an initial approval from VARA. Liminal takes pride in supporting businesses with its qualified and insured custody (self and institutional) that enables stress-free safekeeping of digital assets for institutions. It also provides a cutting-edge wallet infrastructure platform that is secure, compliant, and automated and comes with a plug-and-play architecture for faster onboarding of developers, business partners, and government agencies. Our website - https://www.liminalcustody. com/

FS XSector Specialism Risk Management Level Specialist & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . Developing end to end telecom security use cases Doing telecom security assessment, Maturity assessment Designing MBSS Documents for telecom devices Manage telecom security services Mandatory skill sets Network Security Knowledge of telecom networks and communications Knowledge in networking Good knowledge in information security Ability to learn and adopt to the environment Good presentation skill Preferred skill sets Network Security 3G ,4G and 5G architecture Scenario based Penetration Testing Configuration Review of Core Telecom NE Telecom Architecture Review Detailed VAPT, Appsec , Mobile App testing etc Good knowledge of 3GPP, NIST and ISO. Certification CISSP, CISM, CEH, ISO 27001. (But not mandatory) Years of experience required 4 + years Education qualification B.Tech. M .T ech , MCA, BE, ME Education Degrees/Field of Study required Master of Engineering, Bachelor of Engineering Degrees/Field of Study preferred Required Skills Network Security Accepting Feedback, Accepting Feedback, Accounting Consulting, Accounting Policies, Active Listening, Communication, Compliance With Accounting Standards, Complying With Regulations, Economic Forecasting, Emotional Regulation, Empathy, Financial Accounting, Financial Economics, Financial Management, Financial Market, Financial Modeling, Financial Regulation, Financial Reporting, Financial Risk Management, Financial Statement Analysis, Financial Statement Preparation, Financial Strategy, Inclusion, Intellectual Curiosity, Investment Advising {+ 6 more} No

Job Description Job Description: As a Senior Bidder, you will work closely with one or more Sales Directors aligned with overall sales goals to support client relationship management. This role requires a strong understanding of the company s full range of offerings and plays a key role in client satisfaction, account management, and sales strategy. Essential Duties and Responsibilities: Facilitate bid process by qualifying RFP s, writing proposals, and developing effective pricing for clients. Define project-level feasibility for client bids using proprietary tools. Keep the company s CRM tool updated with delivered bids. Work with Account Directors and Sales Directors to develop, expand and leverage the client relationship with focus on developing incremental revenue through closing sales, effective up[1]selling and managing client expectations during delivery phase. Assist the Client Services Team during project delivery with additional information and partner source, if required. Assist in presentations, and other sales related activities, required by the Sales Director and Account Directors. As part of job responsibilities, you are required to comply with ISO 20252:2019 and ISO 27001 standards. Supervisory Responsibility: No Education and Other Requirement: Bachelor s degree or equivalency preferred, 2-5 years Bidder and 5-8 Years Senior Bidder of experience in pre-sales and proposal management in the Market Research industry Strong communication skills (spoken and written English) Proficiency in MS Word, Excel, and PowerPoint Customer-centric mindset; previous customer service experience is a plus Qualifications Bachelor s degree or equivalency preferred

Transforming the Future of Enterprise Planning At o9, our mission is to be the Most Value-Creating Platform for enterprises by transforming decision-making through our AI-first approach By integrating siloed planning capabilities and capturing millions even billions in value leakage, we help businesses plan smarter and faster This not only enhances operational efficiency but also reduces waste, leading to better outcomes for both businesses and the planet Global leaders like Google, PepsiCo, Walmart, T-Mobile, AB InBev, and Starbucks trust o9 to optimize their supply chains Role Overview: We are seeking a skilled and detail-oriented Security Engineer II Compliance to help manage and maintain our global compliance framework You will play a key role in implementing and sustaining information security and data privacy programs across the organization, with a strong focus on ISO 27001 and GDPR compliance Key Responsibilities: Own and manage compliance initiatives for ISO 27001 and GDPR frameworks (must-have) Contribute to alignment with additional frameworks like SOC 2 and NIST (preferred) Maintain and update compliance documentation: Risk assessments Statement of Applicability (SoA) Control implementation records Conduct and document Data Protection Impact Assessments (DPIAs) Support internal and external audits , including evidence collection and stakeholder coordination Identify gaps in compliance and work with relevant teams to close them effectively Draft, review, and update security and privacy policies, procedures, and internal standards Promote principles such as privacy by design , data classification , and data retention Collaborate with cross-functional teams to ensure a strong compliance culture across the organization Required Skills & Experience: 3 6 years of hands-on experience with ISO 27001 and GDPR compliance programs Familiarity with SOC 2 and NIST frameworks is a plus Strong knowledge of data protection concepts and security control implementation Experience managing audits and regulatory assessments Excellent skills in documentation, organization, and communication Ability to work independently and manage multiple priorities in a dynamic environment Preferred Certifications: ISO 27001 Lead Implementer / Auditor CIPP/E (Certified Information Privacy Professional/Europe) CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) Why Join o9 Solutions in Bangalore Be part of a fast-growing global company making a real impact Collaborate with smart, driven, and passionate people Competitive compensation and benefits A culture that values innovation, transparency, and ownership More about us At o9, transparency and open communication are at the core of our culture Collaboration thrives across all levels hierarchy, distance, or function never limit innovation or teamwork Beyond work, we encourage volunteering opportunities, social impact initiatives, and diverse cultural celebrations With a $37 billion valuation and a global presence across Dallas, Amsterdam, Barcelona, Madrid, London, Paris, Tokyo, Seoul, and Munich, o9 is among the fastest-growing technology companies in the world Through our aim10x vision, we are committed to AI-powered management, driving 10x improvements in enterprise decision-making Our Enterprise Knowledge Graph enables businesses to anticipate risks, adapt to market shifts, and gain real-time visibility By automating millions of decisions and reducing manual interventions by up to 90%, we empower enterprises to drive profitable growth, reduce inefficiencies, and create lasting value o9 is an equal-opportunity employer that values diversity and inclusion We welcome applicants from all backgrounds, ensuring a fair and unbiased hiring process Join us as we continue our growth journey!

Jul 24, 2025 Location: Pune Designation: Senior Executive Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Brand Go-to-Market and Eminence Serve as Subject Matter Expert (SME) and lead the threat assessment pod, driving end-to-end threat assessment efforts. Review, validate, and continuously improve threat models across applications, infrastructure, and cloud environments. Define and refine threat assessment processes, methodologies, and standards in alignment with organizational goals. Collaborate with application, infrastructure, and cloud security teams to ensure comprehensive risk coverage. Mentor and train threat assessors and other security stakeholders to uplift organizational security maturity. Stay abreast of emerging threats, TTPs, and evolving attack surfaces relevant to enterprise systems. Recommend and validate implementation of security controls to mitigate identified risks. Ensure alignment with compliance and regulatory frameworks such as RBI, PCI-DSS, ISO 27001, NIST, and GDPR. Integrate and operationalize threat assessment tools such as IriusRisk and ThreatModeler within existing processes. Leverage platforms like SIEM, CSPM, and CNAPP to support threat assessment with actionable telemetry and posture management insights. Desired qualifications Research, insights, content, and thought leadership 2+ years of experience in cybersecurity, with a minimum of 1+ years focused on threat assessment. Deep expertise in threat assessment methodologies such as STRIDE, PASTA, and OCTAVE. Strong understanding of security controls across application, infrastructure, and cloud environments. Hands-on experience or domain knowledge in the banking or financial services sector is preferred. Familiarity with cloud platforms such as AWS, Azure, and GCP, including associated security services. Experience with automated threat assessment tools like IriusRisk and ThreatModeler is highly desirable. Industry-recognized certifications such as CISSP, CSSLP, CCSP, or AWS/Azure Security Specialty are preferred. Ability to assess risk, recommend mitigations, and communicate findings to both technical and non-technical stakeholders. Collaborate with cross-functional teams to ensure secure design and development practices throughout the SDLC. Creative thinking Brainstorm with the team to ideate newer ways of representing content in a reader-friendly manner through presentations, infographics, videos, battle cards etc. Innovative content creation that captures attention and improves readability Ability to work with cross-functional teams, and business, market, and brand leaders within the firm Strong interpersonal communication skills Location and way of working Base location: Pune/Bangalore Professional is required to work from office Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Deputy Manager across our organization must strive to be: Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organization and the business area you re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https: / / www2.deloitte.com / in / en / careers /

Work Flexibility: Hybrid What will you do: Architect resilient and observable infrastructure on Azure using IAC principles while considering the tradeoffs between cost, performance, and reliability. Lead the design of platform-wide monitoring, alerting, and dashboard strategy. Oversee incident management and post-incident analysis at the org level. Guide DevSecOps strategy and secure automation across engineering teams. Implement FinOps practices by optimizing cloud spend and forecasting usage trends. Collaborate with global stakeholders to drive and document best practices, governance, and standards. What will you need: Required Qualifications: Bachelors or Masters degree in Computer Science, Software Engineering, or a related discipline along with 12+ years of professional experience with deep expertise in infrastructure automation and operations. Expertise with Infrastructure as Code (IaC) tools such as Terraform, Helm, and Ansible. Expertise in CI/CD using platforms such as Gitlab, GitHub, Azure DevOps, and containerization tools such as Docker and Kubernetes. Expertise with observability tools such as Grafana, Prometheus, and ELK Stack. Experience with FinOps and compliance frameworks such as SOC 2, ISO 27001, GDPR, HIPAA, and NIST 800-53. Preferred Qualifications: Strong technical leadership skills to mentor and influence cross-functional teams. Strong ability to communicate across the team and with global stakeholders Travel Percentage: 20%

Eviden, part of the Atos Group, with an annual revenue of circa 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. Role: GRC Experience: 3 to 8 years Location: MUmbai/Bangalore Experienced in Information Security Risk Management with experience in implementing and maintaining Risk Management frameworks (ISO 31000 & ISO 27001, PCI DSSv4.0) Should have executed and managed consulting and audit assignments for clients in the areas such as internal audit, operational risk management and compliance management. Should be adept at conducting gap analysis, risk assessments to identify vulnerabilities. Have worked with organizations to develop Business Continuity Plans and Disaster Recovery related processes. Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Should have Knowledge on information security incident management. Specific Duties and Responsibilities Include: Proactively protect the organizations information by ensuring appropriate information security controls are in existence and enforced Conduct audits to verify the compliance to organizations security standards Assist in Business Continuity Planning and Implementation. Metrics collection & reporting Provide Advisory support for Implementation of PCI DSS. Perform PCI DSS QSA and QA audits and write Reports. Must Have Skills Excellent communication and presentation skills. Able to effectively interact with various functions. Good to have Skills / Certification Minimum: ISO27001:2013 Lead Auditor course, PCI DSS Implementor and PCI DSS Auditor Good to have: CISSP, CISA, CISM, ISO22301 QualificationBE/ BTech, MCA, MBA with specialization in Information Security #Eviden Let s grow together.

About the Role Were seeking a Principal Product Security Engineer to play a critical part in building and evolving Quvia s security posture across our products entire lifecycle . In this highly impactful role, you ll partner with product management, engineering, and operations teams to assess product risks, define secure development standards, enforce security policies, and implement best practices to protect our products and, by extension, our customers data and operations. This is a hands-on role requiring a deep understanding of secure software development, application security frameworks, and cloud-native product architectures, with a strong emphasis on vulnerability mitigation and secure design principles . If youre a strategic thinker with a passion for building intrinsically secure products and a knack for embedding security into the DNA of software development, we encourage you to apply. What Youll Do: Security Architecture & Design Review: Collaborate with product and engineering teams to review designs and architectures for new features and products, identifying potential security risks and recommending appropriate controls and mitigations. Threat Modeling: Conduct threat modeling exercises for applications and systems to proactively identify and address potential security weaknesses. Security Code Review: Perform manual and automated security code reviews to identify vulnerabilities such as OWASP Top 10, common weaknesses (CWEs), and other security flaws. Vulnerability Management: Participate in the vulnerability management process, including triage, prioritization, and tracking of vulnerabilities identified through various sources (e.g., pen tests, bug bounties, internal scans). Security Testing: Work with QA and development teams to integrate security testing into the CI/CD pipeline, including static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA). Security Tooling & Automation: Evaluate, implement, and maintain security tools and technologies to improve the efficiency and effectiveness of our product security program. Develop automation scripts to streamline security tasks. Security Training & Awareness: Contribute to developing and delivering security training and awareness programs for engineering teams. Incident Response Support: Provide security expertise and support during security incidents related to products. Security Best Practices: Research and stay up-to-date with the latest security threats, vulnerabilities, and industry best practices. Evangelize and promote security-first development principles within the organization. What Youll Need: Education: Bachelors degree in Computer Science, Information Security, or a related field, or equivalent practical experience. Experience: 5+ years of experience in product security, application security, or a similar role. Technical Skills: Strong understanding of application security principles, secure coding practices, and common web application vulnerabilities (e.g., OWASP Top 10). Proficiency in at least one programming language (e.g., Python, Java, Go, Node.js, C#) and the ability to review code for security flaws. Experience with security testing tools (SAST, DAST, SCA) and methodologies. Familiarity with cloud security principles and practices (e.g., AWS, Azure, GCP). Understanding of cryptographic principles and secure communication protocols. Experience with CI/CD pipelines and integrating security into the development lifecycle. Knowledge of common security frameworks and standards (e.g., NIST, ISO 27001) is a plus.

Jun 20, 2025 Location: Bengaluru Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 2 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru

Aurionpro Payments AurionPro Payments is a payment solution provider in the digital world for B2B Payments and B2C Payments. Our vision is to Make a financially inclusive digital ecosystem for individuals businesses to thrive globally. The goal is to offer solutions that help payment providers shorten their time to market while maintaining security and ease of use with each solution. We offer streamlined and secure digital payment ecosystems powered by our robust solutions such as AuroPay, a technology-first payment gateway platform that enables businesses to receive payments quickly, securely digitally from customers. AuroPayBiz provides a scalable invoice solution to simplify the process of connecting to multiple third parties and processing payments through global acquiring partners. The technological backbone for the payment providers, through our cutting-edge IP and toolkits that power some of the world s most innovative payments systems. AurionPro Payments is a subsidiary of AurionPro Solutions, an advanced technology company catering to the needs of the Banking, Mobility, Payments, and Government sectors. It has its global headquarters in Singapore. Job Title: Devops Engineer Location: Navi Mumbai ( Rabale ) Experience: 2 years Job Type: Full-Time Role Overview: Were seeking a talented individual with 0-2 years of experience to join our Mumbai office. In this role, youll have the opportunity to contribute to building and maintaining robust, scalable, and efficient infrastructure, working with cutting-edge technologies. Key Responsibilities: Collaborate with development and delivery teams to streamline software development and deployment processes. Assist in the design, implementation, and management of CI/CD pipelines. Infrastructure Management: You will be responsible for building and managing the infrastructure for our applications AWS services such a s RDS , S3, CloudFront, CloudFormation, Lambda, DynamoDB, etc Work with serverless architectures to optimize application performance and scalability. Monitor system health, troubleshoot issues, and ensure high availability of our services. Automation: You will Make and maintain automation scripts using CloudFormation for the deployment and management of applications and services. This includes ensuring proper integration of infrastructure and application code. Documentation and Process Improvement: You will develop and maintain DevOps-related documentation and continuously evaluate and improve our DevOps processes and practices. Qualifications and Skills: Git: Strong understanding of version control concepts and practical experience with Git. Linux: Proficiency in Linux operating systems, including scripting and command-line tools. AWS: Basic understanding of Amazon Web Services (AWS) concepts and services (e.g., EC2, S3, IAM, Lambda, RDS, Cloudformation , WAF, Cloudfront ). Serverless Architecture: Familiarity with serverless concepts and technologies. CI/CD: Basic knowledge of Continuous Integration and Continuous Delivery principles and tools. Infrastructure as Code ( IaC ) using cloudformation and terraform . Change Management: understanding of Change Management and agile process. Experience with scripting languages (e.g., Python, Bash). Familiarity with monitoring and troubleshooting. Good to Have: Understanding of containerization technologies (e.g., Docker, Kubernetes). Open source tools and technologies. Compliance benchmark understanding for benchmarks such as PCI DSS, ISO 27001, DPDPA, GDPR, CSF. Preferred Certifications: AWS Cloud Practitioner AWS Devops Professional

Network Security Specialist Firewall, WAF & Cloud Security Network Security Specialist Firewall, WAF & Cloud Security Vaibhav Global Ltd (VGL) Company Overview: . . Mindful Souls B. V. : In FY23-24, VGL acquired Mindful Souls B. V. , a Netherlands-based e-commerce company specializing in subscription-based online sales of fashion jewelry, gemstones, and lifestyle products. This acquisition is expected to leverage VGLs sourcing and manufacturing strengths while enhancing digital business capabilities. . Environmental and Social Responsibility: VGL is committed to sustainable business practices and renewable energy initiatives. The companys SEZ unit in India received the Excellence Award for IGBC Performance Challenge 2021 for Green Built Environment, reflecting its dedication to environmental sustainability. VGLs Your Purchase Feeds. . . initiative has provided 87 million meals to school children in India, the US, and the UK. The company encourages employees to donate at least two hours each month to charitable causes, tracked through its performance system. VGL is also a Great Place to Work (GPTW) certified organization. Shop LC Overview: Shop LC Germany Overview: Be the Value Leader in Electronic Retailing of Jewelry and Lifestyle Products. To deliver one million meals per day to children in need by FY40 through our one-for-one meal program: your purchase feeds. . . Our Core Values: As a Security Specialist, you will help keep our digital systems safe. This includes setting up firewalls and web protections, monitoring network activity, and responding to security issues quickly. You ll also support compliance, document security procedures, and work with other teams on technical tools. Key Responsibilities Install and manage firewalls (e. g. , Fortinet, Palo Alto) and WAF tools (e. g. , Azure WAF, Cloudflare) Set up and maintain Azure networking (routing, private access) Create and enforce security access rules Monitor logs, detect threats, and resolve incidents Implement CNAPP/CSPM tools in Azure cloud environments Collaborate with DevOps to add security to CI/CD pipelines Support audits (like PCI-DSS, ISO 27001, SOC 2) Write SOPs, runbooks, and incident support documentation Evaluate new tools and run tests as needed Required Skills and Experience 4 7 years working in network and cloud security Strong experience with NGFWs, WAFs, Azure cloud security tools Knowledge of SIEM platforms and packet capture tools (e. g. , Wireshark) Good understanding of VPNs, TCP/IP, and application security Excellent problem-solving and communication skills Competitive Salary & Benefits Yearly Thank You for Subscribing! Thank You for Applying! You have already applied in this position!!

Senior Cyber Security Partner | 8+ yrs exp | Lead threat modeling, secure SDLC, cloud security (AWS/Azure/GCP), compliance (OWASP/NIST/ISO), incident response, mentoring, and tool evaluation. Pref: CISSP/CISM/CEH. Hybrid – Bengaluru.

Jul 23, 2025 Location: Mumbai Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Cyber is about much more than just the numbers. It s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies the what, how, and why of change so you re always ready to act ahead. Your work profile As a Manager in our Cyber Strategy & Transformation Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Our services help our clients tackle the many security challenges they face daily and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to managing security risks. Desired qualifications Oversee assessments of cybersecurity risk management frameworks, evaluating the effectiveness of security controls aligned with standards such as NIST, ISO 27001, ITIL, COBIT, CIS, and regulatory requirements (RBI, NPCI, SEBI, PCI-DSS, IRDAI, and others,) depending on the industry. In-depth knowledge in IT audits of systems, applications, databases, networks and other cybersecurity tools (DLP, SIEM, VPN, XDR, PIM, etc) Strong knowledge of cloud infrastructure (SAAS/PAAS/IAAS), cloud service providers (AWS, Azure, GCP) and frameworks such as CSA Cloud Controls Matrix (CCM), Well-Architecture Review (WAR). Lead IT Audit activities such as plan, manage, and execute risk-based audit reviews, focusing on areas such as cybersecurity, IT general controls (ITGC), Compliance Audits, application controls, and IT infrastructure. Proven experience in Control Testing & Evaluation on IT governance, cybersecurity best practices, IT risk management strategies, cybersecurity risk assessments and advising on remediation, documentations (RCM, Workpapers, Audit Reporting). Provide advisory services to senior management on emerging technologies, cybersecurity threats, IT governance, and regulatory changes, as well as insights on best practices for IT and cybersecurity risk management. Strong team leadership experience to manage, mentor, and develop a team of IT auditors, ensuring the team remains current on emerging IT and cybersecurity risks and audit methodologies. Strong communication skills, with the ability to convey complex IT audit and cybersecurity concepts to non-technical stakeholders. 9+ years of experience in IT Audit, Cybersecurity, or Risk Management, with at least 2 years in a leadership or management role. Certifications CISSP, CISA, CCSP, GICSP or equivalent (technology-based certification) Location and way of working Base location: Mumbai This profile involves frequent travelling to client locations. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose,Manager across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation. Committed to creating purpose - Creating a sense of vision and purpose. Agile - Achieving high-quality results through collaboration and Team unity. Skilled at building diverse capability - Developing diverse capabilities for the future. Persuasive / Influencing - Persuading and influencing stakeholders. Collaborating - Partnering to build new solutions. Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization. Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities. Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems. Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https: / / www2.deloitte.com / in / en / careers /

Grade H - Office/ CoreResponsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Entity: Technology IT&S Group To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC). Are you passionate about protecting what matters mostWere seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security. Were looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bps strategy. Role Synopsis In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with bps business areas, you will support the protection of IT systems and business data that are important to bps operations. You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that business teams can operate with confidence, knowing their systems and processes are secure. Ready to make a real impact in energy securityJoin us in safeguarding the people, processes and systems that power our transition to net zero! Key Accountabilities In this role you will deliver security activities to support bps business. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities: Security Assessments : We need someone that can conduct comprehensive assessments of systems, identifying risks and issues while recommending appropriate remediation measures. Technical & Non-Technical Risk Advisory : Youll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly. Cyber Behaviour Promotion : We strive to build a strong cyber security culture. Youll assist with the development and promoting good cyber behaviours in day-to-day operations. Incident Management Support : When security incidents happen, we need you to provide specialist security expertise. Youll support incident response activities and improvement recommendations. Customer Support : We want you to act as the go-to point of contact for information security. Youll provide timely and accurate expertise on security matters affecting their systems or data. You will: Assess and Evaluate : Youll perform regular security assessments of business systems. We use established methodologies to identify potential risks, weaknesses and security gaps. Respond and Advise : We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements. Analyze and Report : Youll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences. Support and Collaborate : We work closely with business teams to implement security measures. Youll help maintain robust security posture while aligning with operational needs. Promote and Educate : We nurture positive cyber security behaviours! Youll work through targeted awareness activities, training support, and expert guidance. Monitor and Review : We want someone who understands the security landscape affecting bp systems and stay ahead of emerging threats and industry standard methodologies. Education Bachelors degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering. Working towards professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or CompTIA Security+. Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework. Desirable Experience and Capability Previous track record in information security roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies. Ability to explain security concepts to a variety of audiences. Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments. Attention to detail and ability to work independently while balancing multiple activities. Ability to adapt security recommendations to different operating environments. Ability to use technology, data, and insights to enable decision making. Travel Requirement Up to 10% travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism