776 Iso 27001 Jobs - Page 22

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What youll be doing Key Responsibilities: Design visually appealing and intuitive dashboards that display key security metrics, incidents, and trends, using data visualization tools and scripting languages for automation. Develop and maintain customized reports that provide meaningful insights into security data, ensuring they are accurate, comprehensive, and suitable for management and regulatory purposes. Collect, aggregate, and analyze data from various security tools, logs, and sources to identify security anomalies, patterns, and trends that may indicate potential threats or vulnerabilities. Generate detailed incident reports, outlining the nature of security incidents, their impact, and the actions taken for resolution. Assist in creating reports and documentation required for compliance with industry standards and regulations (e.g., IRDAI, SEBI, RBI, ISO 27001). Develop and implement automated reporting processes to streamline the generation of routine reports, reducing manual effort and increasing efficiency. Integrate threat intelligence feeds and data into reporting processes to enhance situational awareness and proactive threat hunting. Maintain accurate documentation of reporting and dashboard configurations, data sources, and data transformation processes for knowledge sharing and troubleshooting. Provide training and support to SOC analysts and other stakeholders on how to interpret and utilize dashboards and reports effectively. Assist in coordinating incident response efforts by providing real-time updates through dashboards and reports during security incidents. Evaluate new security tools and technologies that could improve reporting and dashboard capabilities within the SOC. Academic Qualifications and Certifications: Bachelors degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). 3+ years of experience Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What youll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the companys solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelors degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives.

Network Security Engineer - Staffing & HR Services Job Title: Network Security Engineer Job Summary: We are seeking a dynamic and experienced Network Security Engineer to join SCLERAVDMS Private Limited. The ideal candidate will lead the implementation and management of our network security infrastructure, ensuring the alignment of security strategies with business objectives. This role requires a strategic thinker with strong technical expertise, deep knowledge of network security best practices, and the ability to proactively identify and address potential vulnerabilities. The Network Security Engineer will be responsible for safeguarding the organization s data and IT systems while fostering a secure, efficient, and compliant environment. Key Responsibilities: Design, implement, and maintain network security systems, ensuring the protection of company systems, data, and networks. Handle and manage SOC, ISO, or HIPAA audits to ensure compliance with industry standards and regulatory requirements. Conduct regular network security assessments, vulnerability assessments, and penetration testing. Assist with internal and external audits, providing necessary documentation and evidence for compliance. Collaborate with IT and security teams to identify and resolve network security vulnerabilities. Monitor and respond to security incidents, ensuring quick resolution and minimal impact on operations. Develop and enforce network security policies, procedures, and best practices. Stay up to date with emerging network security threats and industry trends, implementing appropriate solutions. Maintain detailed records of security incidents and audits for reporting and compliance purposes. Qualifications: Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Minimum of 2 years of experience in a network security role with experience in SOC Audits, ISO Audits, or HIPAA Audits. Strong understanding of network protocols, security technologies, and network defense strategies. Hands-on experience with security tools such as firewalls, intrusion detection systems, and encryption technologies. Knowledge of regulatory standards including SOC 1/2, ISO 27001, HIPAA, and NIST frameworks. Familiarity with common security frameworks, risk management, and incident response procedures. Ability to analyze and resolve complex security issues in a timely manner. Strong communication and documentation skills. Relevant certifications (e.g., CISSP, CISM, CISA, or similar) are a plus.

6 - 10 years of work experience Go NodeJS AWS Terraform PostgreSQL Kafka TypeScript Datadog Company Overview Millions of families juggle elder-care across continents. 2care.ai turns that anxiety into confident, proactive care with an AI Health Voice Agent, WhatsApp-first workflows, and a unified medical-data platform. Founded by founders that have scaled SaaS globally to $80M, built consumer product which was acquired for $500M, and ex-AWS, managed operations, we ve just secured backing from Silicon-Valley & Indian health-tech angels to go after the $430 B global market. Build in India, ship to the world starting USA The Impact You ll Own As a Principal Engineer and Founding Engineering Leader, you will: Architect the future: Design the end-to-end backend infrastructure, including microservices, data pipelines, event buses, and observability, to enable real-time interpretation of thousands of biomarkers. Build for trust & compliance: Lead the implementation of HIPAA/GDPR-ready security measures, role-based access, audit trails, encryption, and FHIR-compatible APIs. Scale real-time care: Create resilient APIs unifying WhatsApp, voice, and web dashboards to ensure 99.99% uptime. Own data strategy: Shape our multi-tenant Postgres + time-series + vector-DB stack for longitudinal health graphs, AI embeddings, and analytics. Lead & mentor: Hire the first backend squad, establish engineering best practices (IaC, CI/CD, trunk-based dev, TDD), and cultivate a culture of autonomy, craftsmanship, and user focus. Partner with founders & doctors: Translate clinical workflows into elegant, safe services. Our Current Stack NextJs(TypeScript) MySql (Planetscale) Cloudflare(R2,Queues, Workers) Redis AI Integration with Claude, OpenAI and Gemini Whatsapp Business Integration Vercel Github with actions for CI/CD Future AI-agent-first stack could look like TypeScript-everywhere + Next.js foundation for DX consistency. Add a vector store (Pinecone / Weaviate) to power retrieval-augmented agents event streaming (Cloudflare Queues at edge) so agents run in parallel and stay decoupled Package each medical agent as an isolated TypeScript service (AWS Lambda / Workers), orchestrated by a light workflow engine (LangGraph-style) Expand Redis into a multi-tier cache (metadata, embeddings, feature flags) & OpenTelemetry tracing Bake in HIPAA/SOC 2 guardrails at middleware level (PII redaction, audit logs) What Success Looks Like in 12 Months Achieve zero-to-one PMF with backend reliably supporting 100x traffic with Pass HIPAA readiness audits to unlock US provider integrations. Hire, mentor, and enable a team of 5 high-bar engineers shipping weekly value. What You Bring 7 + years building distributed systems at scale, ideally in health-tech, healthcare, or other regulated data domains. Expertise in two of Go, TypeScript-Node, Python, plus experience with REST, gRPC/GraphQL, and event-driven patterns (Kafka, SNS/SQS, NATS ). Cloud expertise on AWS (EKS / Fargate / Lambda / RDS / DynamoDB) with IaC (Terraform / CDK / Pulumi) and CI/CD (GitHub Actions, Argo). Security-first mindset: Familiarity with OAuth2/OIDC, JWT, KMS, audit trails, SOC 2 / ISO 27001. *** Healthcare Tech experience a BIG plus. ** Startup DNA : bias for action, comfort with ambiguity, obsession with user outcomes. Bonus: experience with LLM/ML inference, stream processing, or healthcare platforms.

Job Description location: Pune office (European working hours) The Role: We are looking for a dynamic, hands-on Director of IT Operations to lead our global infrastructure and support operations from our India hub. This role is critical to ensuring the stability, scalability, and security of Strategy s enterprise IT systems. You will shape and drive our infrastructure strategy, lead a talented international team, and partner with business and technology stakeholders across regions to deliver robust, secure, and cost-effective IT solutions. Your Focus: Lead a high-performing global team of engineers and subject matter experts across infrastructure, network, systems, and storage. Inspire, hire, mentor, and develop a diverse, world-class IT team. Drive strategic IT infrastructure initiatives and ensure alignment with business objectives and evolving technologies. Establish and track KPIs to measure team performance, system uptime, and customer satisfaction. Oversee operations for data centers, cloud environments, network infrastructure, storage, virtualization, backups, and disaster recovery. Ensure high availability, performance, and security of all corporate IT systems. Manage Active Directory, Microsoft 365, server management, and system patching (SCCM). Implement and maintain secure configurations for hardware, software, and network services. Define and enforce IT operational standards, documentation, runbooks, and SLAs. Plan and coordinate maintenance windows, change controls, upgrades, and incident response. Own asset lifecycle management, inventory controls, and procurement recommendations. Manage on-call rotations and ensure 24/7 global support readiness. Partner closely with internal application teams, Security, and Engineering to align infrastructure with evolving needs. Lead vendor relationship management, contract renewals, and performance reviews. Evaluate cloud provider services and ensure optimal utilization and cost efficiency. Ensure adherence to IT policies, regulatory standards, and internal controls. Support internal/external audits and compliance initiatives (e.g., ISO 27001, SOC2). Own infrastructure-related evidence collection and documentation for certifications. Core Attributes: Motivation. Passion. Integrity. Innovation. Collaboration. Customer Focus. Experience & Skills: Bachelor s degree in Computer Science, Engineering, or related field. 7+ years in IT infrastructure operations, including 5+ years in a management or leadership role. Experience running a 24/7 enterprise-grade infrastructure across multiple regions. Proven success in disaster recovery planning, testing, and execution. Project management expertise delivering complex cross-functional IT initiatives. Advanced knowledge of enterprise network architectures (Cisco, Aruba, Nexus). Strong experience with firewalls/VPNs (Palo Alto, Cisco, Juniper), and load balancers (F5, Citrix, Meraki). Deep hands-on experience managing cloud networking components across major hyperscalers (AWS, Azure, GCP), including VPC/VNET peering, site-to-site VPNs, transit gateways, and Direct Connect/ExpressRoute configurations. Expertise in Microsoft technologies (AD, O365, SCCM), virtualization, and endpoint security. Excellent written and verbal communication skills. Ability to navigate complex global organizations and influence stakeholders at all levels. Strong analytical mindset with a bias for action and continuous improvement. Additional Information The recruitment process includes online assessments as a first step (English, logic, business) - we send them via e-mail, please check also your SPAM folder We work from the office in Pune.

Contract Required Qualifications: Technical Skills: Extensive experience with RSA Archer GRC Suite, including configuration and customization. Proficiency in scripting languages such as JavaScript, PowerShell, or Python for automation tasks. Strong knowledge of API integration techniques, including RESTful services and JSON. Experience with database management and SQL for data manipulation and reporting. Professional Experience: Minimum of 10+ years in GRC solution development, with at least 3 years in a solution architect role. Proven track record of leading end-to-end RSA Archer implementations. Experience in integrating Archer with third-party applications and data sources. Certifications: RSA Archer Certified Professional (ACP) certification is highly desirable. Additional certifications in cloud platforms (AWS, Azure) or ITIL are a plus. Preferred Qualifications: Domain Expertise: In-depth understanding of GRC frameworks and best practices. Experience with compliance standards such as SOX, GDPR, ISO 27001, and NIST. Additional Skills: Familiarity with cloud-based deployments of RSA Archer. Knowledge of Agile methodologies and project management tools.

Manager CyberArk Endpoint Privilege Manager (EPM) Results-driven CyberArk EPM Specialist with 7-10 years of hands-on experience in designing, implementing, and optimizing Endpoint Privilege Manager solutions. Proven track record of developing and managing EPM policies, configuring conditional access, and enabling Just-In-Time (JIT) access for global enterprise environments. Strong analytical thinking, ability to solve complex problems, troubleshooting mindset, user onboarding, and developing metrics/dashboard expertise. Experienced with Big 4 consulting engagements or delivering Cyber Ark security transformation projects for Fortune 500 clients is a plus. Experience Deployed and maintained CyberArk EPM environment with a focus on least privilege enforcement and endpoint protection Led EPM implementations for global clients, including developing and deploying custom EPM policies tailored to user personas and risk levels. Designed and configured Conditional Access Policies integrated with Azure AD and custom scripts to enforce context-based elevation rules. Spearheaded the onboarding of endpoints across Windows, Mac, and Linux platforms into CyberArk EPM. Implemented Just-in-Time elevation for admin tasks, significantly reducing standing privileges and lateral movement risks. Worked closely with SOC and IAM teams to ensure alignment with enterprise security policies and compliance standards. Assisted in the development of automation scripts and policy templates to streamline onboarding and policy rollout. Collaborated with GRC teams to document EPM controls for audit and compliance reporting. Conducted policy tuning sessions with application owners and end-users to reduce false positives and ensure productivity. Built real-time dashboards and weekly reporting metrics to track privileged activity, policy hits, exceptions, and threats. Acted as the primary escalation point for EPM-related troubleshooting, resolving issues within SLA targets. Provided EPM training and knowledge transfer to internal security and IT teams. Core Competencies EPM Policy Design & Deployment Conditional Access Configuration Just-In-Time (JIT) Access Enablement Application control and Whitelisting/Blacklisting Threat Protection and Endpoint hardening Security Dashboarding, Reporting & Metrics User Onboarding & Lifecycle Management Incident Response & Troubleshooting Scripting & Automation using PowerShell or Python Integration with SIEM, MDR and EDR Regulatory Compliance (NIST, HIPAA, ISO 27001) Cross-functional Collaboration (IT, SecOps, GRC) Education: Bachelor s degree in computer science. CyberArk Certified Delivery Engineer (CDE) certification is a plus. 7 10 years of IT security experience, with at least 5 years in CyberArk EPM Experience onboarding a wide range of privileged accounts (OS, DB, cloud, apps) Experience with Active Directory, LDAP, and MFA integration Experience with SCA-related scripting (PowerShell, Python, REST API)

Manager CyberArk Secure Cloud Access (SCA) We are seeking a skilled CyberArk Secure Cloud Access (SCA) Specialist with 7-10 years of hands-on experience to architect, implement, and manage secure access to cloud environments using CyberArks PAM or SCA solution. The ideal candidate will have deep experience in privileged access management, cloud security, and Zero Trust architectures, with a focus on enabling secure and just-in-time access to Azure without exposing credentials. Strong analytical thinking, ability to solve complex problems, troubleshooting mindset, user onboarding, and developing metrics/dashboard expertise. Experienced with Big 4 consulting engagements or delivering Cyber Ark security transformation projects for Fortune 500 clients is a plus. Experience Deploy, configure, and manage CyberArk Secure Cloud Access (SCA) to secure privileged access to cloud consoles, services, and infrastructure Design and implement Just-in-Time (JIT) access workflows to Azure without standing privileges Integrate SCA with identity providers such as Azure AD for federated authentication and role-based access Manage secure session brokering, recording, and monitoring for web consoles and CLI access Ensure integration with enterprise security tools (SIEM, ITSM, MFA, logging, etc. ) Automate access provisioning and deprovisioning via APIs and CI/CD pipelines Develop and enforce cloud access policies based on Zero Trust and least privilege principles Work cross-functionally with cloud engineering, DevOps, GRC, and security teams to align SCA strategies with business and compliance requirements Maintain access audit trails and reporting dashboards for internal and external audits Troubleshoot SCA session issues, policy misconfigurations, and integration failures Create technical documentation, runbooks, SOPs, and user training materials Automated scripts (PowerShell, REST API) for onboarding, reporting, and maintenance Maintained and enhanced SCA policies aligned to compliance requirements (ISO, NIST, HIPAA) Collaborate with InfoSec, Infrastructure, and App teams to enforce privileged access governance Develop technical documentation, SOPs, and knowledge base articles Core Competencies CyberArk Secure Cloud Access (SCA) Architecture & Design Cloud Access Governance Privileged Session Management for Cloud Resources Experience with Azure access models and native identity integration Configuring secure access to cloud IaaS/PaaS components Integrating CyberArk SCA with Identity Providers such as Azure AD Cloud-native Role Mapping Enforcing access elevation via temporary credentials or federated roles Integrating SCA with SIEM, SOC, ITSM Working with CI/CD pipelines and cloud-native tools Diagnosing access issues, session failures, and configuration mismatches Ensuring access provisioning and monitoring align with cloud security best practices Designing and implementing access policies based on user roles, device posture, and risk levels Creating runbooks, SOPs, and onboarding guides for teams managing or using SCA Security Dashboarding, Reporting & Metrics User Onboarding & Lifecycle Management Incident Response & Troubleshooting Regulatory Compliance (NIST, HIPAA, ISO 27001) Cross-functional Collaboration (IT, SecOps, GRC) Education & Qualifications: Bachelor s degree in computer science. CyberArk Certified Delivery Engineer (CDE) certification is a plus. 7 10 years of IT security experience, with at least 5 years in CyberArk SCA Strong hands-on experience with CyberArk Secure Cloud Access (SCA) or equivalent solutions Experience onboarding a wide range of privileged accounts (OS, DB, cloud, apps) Experience with Active Directory, LDAP, and MFA integration Experience with identity federation (SAML, OIDC) and cloud-native role mapping (IAM roles, RBAC) Knowledge of Zero Trust Architecture, least privilege, and privileged session management Experience with SCA-related scripting (PowerShell, Python, REST API) Familiarity with cloud security best practices, access logging, and compliance reporting

JOB SUMMARY The SOC L1 position involves supporting the protection and monitoring of critical infrastructure from cyber threats within the security operations center. This role contributes to the continuous operation and resilience of industrial control systems (ICS) and Operational Technology (OT) environments by assisting in incident response, threat analysis, and the application of security measures specifically designed for renewable energy generators OT networks. ROLE AND RESPONSIBILITIES Monitor OT networks for security threats and vulnerabilities, assisting in incident responses. Manage user provisioning, including creating and maintaining user accounts, modifying permissions, and managing access control lists. Execute standard operating procedures and adhere to company policies. Maintain system integrity through routine management of backup and recovery services, file and disk management, and virus protection. Engage with internal and external stakeholders to troubleshoot and resolve issues, ensuring timely resolution. Perform design, implementation, and administration of complex computing environments in power generation, involving systems like Windows servers and workstations, network and security hardware from Hirschmann, Palo-Alto, and Cisco, communications via ISP services, storage solutions such as SQL and historians, and substation hardware including SEL, along with UPS and PDU systems. Evaluate and review host, system, and network configurations for newly acquired sites, recommending improvements. Regularly review security, antivirus, traffic, and event logs to ensure optimal operation and security compliance. Report on project & ticket statuses and participate in staff and client meetings as required. Execute assigned work orders, including support tickets and project tasks, to fulfill obligations under Managed Services Provider (MSP) and Managed Security Services Provider (MSSP) contracts for both new and existing customer facilities. Perform routine and scheduled maintenance, address break/fix issues, act as a subject matter expert for programs and products offered and respond to emergent conditions across the fleet. Execute vulnerability assessments using scanning software, implement mitigation plans for vulnerabilities, and review security, antivirus, traffic, and event logs. Adhere to cybersecurity and information security procedures, guidelines, and policies, and edit Access Control Lists and security policies. QUALIFICATIONS: Technical degree or 3 years of relevant OT experience; direct or indirect service experience preferred. Experience in NERC CIP-regulated environments, compliance programs, or standard-driven environments such as PCI-DSS, NIST, ISO-27001. Knowledgeable in server hardware, OS management, networking, cybersecurity, and data storage and recovery. Strong analytical skills with the ability to manage multiple tasks and remain calm under pressure. Effective communication and organizational skills, with a proven ability to work collaboratively and make decisions independently. WORKING CONDITIONS: Floating Role: This position is based in India and requires flexibility to adapt to various schedules as needed. Shift Work: This role operates on a PM shift as part of a 24/7 operation center, requiring staff to work evenings into late nights, including weekends and holidays. PREFERRED EXPERIENCE: Experience working in a SOC, NOC, or similar operation center. Background in network and infrastructure design, deployment, or maintenance, with a focus on power generation, especially renewable energy. Work experience in at least one of the following areas:- SCADA and SCADA historian design, deployment, or maintenance

User provisioning and management, upgrade/patch, monitoring, problem resolution, and configuration management. Execute all provided Standard Operating Procedures (SOP) and policies. Modify permissions and access control lists. Perform routine management of backup and recovery services; file and disk management; and virus protection. Maintain consistent operation of multi-user systems, including coordination with internal and external stakeholders. Engage with internal and external parties (e.g., ISPs, vendors) to troubleshoot and resolve issues, escalating as necessary to ensure timely resolution. Perform design, implementation, and administration activities for complex power generation computing environments on networks, communications, and infrastructure. Evaluate host, system, and network configurations for newly acquired sites and make recommendations for improvement. Review security, antivirus, traffic, and event logs. Adhere to cybersecurity and information security procedures, guidelines, and policies. Evaluate vendor products, services, and suggestions. Perform hardware and software upgrades. Perform routine management of backup and recovery services; file and disk management; and virus protection. Other Report project status for all recurring and non-recurring efforts as required. Attend staff and client meetings as required. Availability for 24-hour on call duty to meet customer requirements. Availability to make occasional, planned shifts in work hours to accommodate efforts that can only be performed after generation hours. Develop and document technical processes and procedures as needed. Ensure that required tasks are completed or directed to others as necessary. Effective written and oral communication at all organizational levels internally and with external customers. Analyze known and ad-hoc requirements to determine an efficient schedule, workflow, and process to complete. Provide Subject Matter Expertise in the evolution of IT/OT framework programs developed for our customers, which include product selection, infrastructure design, and security policies. Execute SOPs. Preferred Experience Experience in NERC CIP-regulated environments is preferred. Experience in compliance programs or standard-driven environments (e.g., PCI-DSS, NIST, ISO-27001) SOC, NOC, or other operation center experience Work experience in at least one of the following areas: Network and infrastructure design, deployment, or maintenance. Power generation, especially renewable energy. Required Qualification & Education A university technical degree or minimum 0-2 years of relevant IT/OT professional experience. Direct or indirect service experience and/or experience providing remote support. Ability to read electrical, network, infrastructure, and cabling drawings. All applicants must have prior professional IT/OT systems management experience and knowledge in at least two of the following fields: Server hardware and OS management. Networking and infrastructure design, implementation, and management. Cybersecurity, including Next-Generation Firewall configuration and management. Remote infrastructure and network support. Data storage and recovery. Work experience in at least one of the following focus areas is required: Tier 2 or Tier 3 IT help desk support. IT infrastructure design or support. Computer network design or support. Host hardening or security monitoring (Cybersecurity). Skills & Competencies Ethical, responsible, and reliable. Self-motivated. Desire to learn and share newly acquired knowledge with colleagues. Remain cool under pressure in a fast-changing environment. Navigate business and technical challenges with ease. Effective oral and written communication with peers, external customers, and direct supervisors. Exceptional organizational skills required. Strong team collaborator. Independently make decisions and solve problems. Accurately remember and clearly communicate detailed technical information. Able to work in an electrical environment. This may have been achieved through formal training, previous work experience, or the ability to demonstrate electrical safety skills. A valid driver s license is required. NGFW configuration, maintenance, and administration. Microsoft Windows Server support. Effective written and oral communication at all organizational levels, including engineers, end-users, and external customers. Additional Notes This position requires participation in the company s 24/7 on call rotation. Occasionally required to lift and move up to 50 pounds. Must be willing and able to travel throughout North America, or internationally as required.

Management Level F Core Duties/Responsibilities Risk Identification, Assessment and Analysis As a Senior Information Security Risk Analyst, you will lead and conduct comprehensive security risk assessments across EQ s internal systems, infrastructure, cloud platforms, third-party services, applications, mobile environments, and networks. Your role will be pivotal in identifying and evaluating potential cybersecurity threats and vulnerabilities, ensuring robust risk mitigation strategies are in place to protect EQ s data and systems. You will work cross-functionally with stakeholders to embed security best practices and ensure alignment with regulatory and organisational standards. Review cloud architecture, deployment models, and services to identify gaps against industry best practices (e.g., CIS Benchmarks, NIST, ISO 27001). Collaborate with DevOps and Cloud Engineering teams to advise on security controls and risk mitigation strategies in AWS, Azure. Lead the analysis and interpretation of security data from diverse sources including technical assessments, penetration test reports, and code reviews to identify systemic vulnerabilities, inform strategic risk decisions, and guide enterprise-level remediation efforts. Drive the development and strategic recommendation of risk mitigation initiatives, translating assessment findings into actionable improvements to security policies, enterprise controls, and technical architectures Maintain Risk records and Risk Acceptances regarding IT, Information or Cyber Security in the Company s Risk Register/GRC tool. Regulatory Requirements Identification Lead the interpretation and strategic integration of evolving cybersecurity regulations and standards (e.g., GDPR, NIST, ISO 27001, SOX, AI Act, DORA), in collaboration with Legal and Compliance, to ensure enterprise-wide alignment and risk-informed decision-making. Lead enterprise-level compliance assessments and cybersecurity gap analyses to evaluate EQ s adherence to relevant regulations and frameworks. Embed these requirements into the broader Risk Management lifecycle, ensuring systematic enforcement across all new and evolving IT systems and applications Third-Party Risk Management Conduct Risk Analysis of existing and new third-parties playing a significant role in the Company s supply chain and with access to Company or customer data or the Company s systems Track any significant risk issues arising to completion over agreed timescales. Information Security Metrics & Reporting Oversee the aggregation and analysis of enterprise-wide risk data to identify emerging threats, and deliver strategic, data-driven insights and reports to Executive and senior leadership teams. Stakeholder Engagement Engage with various developers and stakeholders across the business in selecting tailored security training on the training platform. Engage in knowledge sharing sessions on emerging threats and security risk trends. Risk Method Development Lead the evolution and governance of the enterprise Security Risk Management Framework, collaborating across IT and security teams to embed effective technical controls (e.g. firewalls, encryption, MFA) and ensure policies, standards, and procedures align with best practice and regulatory requirements. Advise and enable secure software development by defining secure coding standards, guiding development teams, and integrating application security testing tools into the SDLC.

Job_Description":" About Us Tsaaro Consultings prime focus is on Data Privacy and Security. Our team of specialist Data Privacy Consultants, Information Security Consultants, and penetration testers help and advise our Clients to make running a secure business easier with high efficiency. Everything We do is tailored to the individual, and organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support That helps them to deal with a wide range of security and privacy-related challenges. At Tsaaro, we adopt a pragmatic, risk-based strategy to deliver practical and effective advice. By providing real-world guidance, support, and actionable recommendations, we confidently equip our clients to address a broad spectrum of security and privacy challenges. Looking to take your career in a new, high-impact direction? Tsaaro Consulting is seeking for a highly skilled and experienced GRC Analyst , this role is for those eager to transition into data privacy and information security, with hands-on experience and mentorship from industry experts. Responsibilities: Assist in the development, implementation, and continuous improvement of the Information Security Management System (ISMS) in accordance with ISO 27001 standards. Monitor and ensure compliance with ISO 27001, making sure controls are in place and effectively operating across the organization. Conduct regular assessments to ensure adherence to regulatory, contractual, and internal security requirements. Coordinate internal audits and provide support for external ISO 27001 audits. Prepare documentation, assist with gathering evidence, and address findings to ensure timely closure of audit actions. Maintain and update ISMS documentation, policies, and procedures. Ensure that security controls, risk assessments, and audit records are accurately documented and up to date. Support the delivery of security awareness and training programs related to ISO 27001 standards. Foster a culture of security awareness across the organization. Support incident response processes and prepare crisis management plans, ensuring incidents are logged, analyzed, and resolved. Participate in root cause analysis and implement corrective actions to prevent recurrence. Collaborate with cross-functional teams to identify, assess, and prioritize security risks. Assist in developing risk mitigation strategies and track the progress of risk treatment plans. Proactively identify opportunities to enhance the ISMS framework, suggesting improvements to policies, processes, and tools to ensure they are efficient and effective. Requirements Minimum of 2 years in Governance, Risk, and Compliance (GRC) roles, with a focus on ISMS and ISO 27001. Bachelors degree in Information Security, Computer Science, Business Administration, or a related field (preferred). Excellent analytical and problem-solving skills. Strong understanding of regulatory requirements and industry standards related to information security. Proficiency in risk assessment methodologies and risk management practices. Strong communication and interpersonal skills. Ability to work effectively both independently and as part of a team. Experience with security incident response and crisis management. Familiarity with data protection regulations and privacy laws. Certification in ISO 27001 Lead Auditor or Lead Implementer (preferred). Experience in developing and delivering security awareness training programs. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. ","

: Collaborationand Implementation: Proven ability to work effectively with business andenterprise functions to structure and implement emergency response plans,ensuring coordinated and effective response during disruptions. ComprehensiveBCM Expertise: Extensive experience in coordinating, performing, or assistingwith BCP implementation and ongoing maintenance, ensuring program effectivenessand alignment with organizational needs. Testingand Improvement: Demonstrated skills in executing BCP/DR exercises and testing,identifying areas for improvement and fostering program effectiveness. Riskand Impact Assessment: Proven ability to conduct comprehensive riskassessments, threat analyses, and Business Impact Analyses (BIA) to understandpotential disruptions, their impact on critical business processes, and theassociated financial consequences. ITAlignment: Experience in collaborating with technology and digital teams (asspecified) to develop and test IT recovery (DR) plans, ensuring seamlessintegration with overall BCM strategies. Awarenessand Engagement: Expertise in conducting BCP awareness training, fostering aculture of preparedness within the organization. StakeholderManagement: Proven track record in maintaining a high level of stakeholdermanagement and business engagement, ensuring buy-in and active participationfrom all relevant parties. TechnicalStandards: Familiarity with ISO 22301, NIST, ISO 27001, and other applicablestandards (as specified), applying industry best practices for robust BCMimplementation. Requirements Possessa sound knowledge of fundamentals of information security systems. Minimum1 year of relevant experience in the field. Experiencein collaborating with technology and digital teams to develop and test ITrecovery (DR) plans, ensuring seamless integration with overall BCM strategies. Demonstrateproficiency in standards such as ISO 22301 ,ISO 27701etc. Expertisein conducting BCP awareness training to foster a culture of preparedness withinthe organization Extensiveexperience in coordinating, performing, or assisting with Business ContinuityPlanning (BCP) implementation and ongoing maintenance. Proficiencyin Microsoft Office Suite (Word, Excel, Power point). Showcaseexcellent communication skills, both written and verbal.

Position will be responsible for QA function. Develop, implement and maintain the Quality Management System (QMS) at Scitara. Perform audits (internal and vendor) to ensure compliance to organizational procedures, customer and regulatory requirements and establish the training function within Scitara. Key Responsibilities Perform audits (internal and vendor) to ensure compliance to organizational procedures, customer and regulatory requirements. Responsible for authoring, reviewing and approving Standard Operating Procedures, Work Instructions, Policies, Manuals and Guidance documents for Scitara. Represent Scitara in customer audits, regulatory inspections and certification audits (ISO 27001 and SOC II Type 2). Responsible to ensure education and awareness about audit / inspection readiness in the organization. Impart training on SOPs and regulations. Manage CAPAs and deviations at an organizational level. Ensure that software systems meet regulatory requirements (e.g., 21 CFR Part 11, EU Annex 11, GAMP 5). Provide QA oversight for all phases of validation (planning, testing, deployment, and change control). Review and approve validation deliverables (e.g., Validation Plan, Test Plan, Test Scripts, Traceability Matrix, Validation Summary Report). Implementing the data privacy policies and associated processes in Scitara across functional units. Bachelor s or Master s degree in appropriate field of study. IT CSV QA candidate with 08-10 years experience in QA, IT and Computer System validation with some background of Software Development. Expertise in validation principles and validation types, software development best practices, and quality management systems used in the FDA/MHRA/EMA regulated environments is required. Preferably, candidates who have worked / supported Pharma / Life Sciences companies. Desired Skills Knowledge and understanding of GxPs and other governing regulations, both local and international. Understanding of quality systems processes and their implementation.

Were Celonis, the global leader in Process Mining technology and one of the worlds fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join us. The Team: As part of the Information Security Organization, you will be working closely with different departments for their information security compliance. This role will be part of the new and growing Compliance Engineering function . The Information Security team plays a critical role in ensuring Celoniss technology and information assets are appropriately guarded from external and internal threats. The Security GRC Department youll be joining is responsible for maintaining existing security attestations at Celonis globally, balancing risk with appropriate controls and assessing control effectiveness. The Role: This isnt a typical compliance role. It is a technical, hands-on position within our GRC organization , at the critical interface between business operations and technology . Here, you can be a data analyst , an engineer, an auditor, and a builder, using leading technology to design, create, and run automated solutions that test our security controls. In addition to that your analytical skills will contribute to our overall security process intelligence. You will get hands-on experience with our own Celonis platform, modern GRC (Governance, Risk, and Compliance) tools, and low-code automation. The work you ll do: Design and build assets to test and continuously monitor the effectiveness of our internal security controls including continuous evidence collection Rigorously test and validate the data and logic within your solutions to ensure accuracy, completeness, and reliability. Participate in and support internal as well as external security compliance audits, applying your technical understanding as well as business acumen to assess control design and effectiveness. Develop and manage insights to measure program effectiveness. This includes metrics for compliance and offers the opportunity to support broader security performance and risk management analytics. Work with technical and non-technical teams across Celonis to translate security requirements into automated tests and operational workflows. The qualifications you need: Academic background in Computer Science, Engineering, Information Systems, Physics, Mathematics or a related field, or equivalent work experience. You thrive on big challenges, can anticipate and adapt to changes in direction, and are driven to continuously improve the solution. A Builders Mindset: You have foundational experience with data integration and analyzing data using SQL, Python, or similar languages in a database-like environment. Strong Problem-Solving Skills: You are a self-starter who can troubleshoot issues independently and enjoys tackling open-ended challenges. Excellent Communication Skills: You can clearly articulate and right-size complex technical issues in English to both technical and non-technical people. This role requires working in shifts aligned with Central European Time (CET) to collaborate effectively with our global teams. Preferred Qualifications: A strong interest in or foundational knowledge of Process Mining, Continuous Controls Monitoring, Evidence Collection, GRC platforms, and IT Auditing. Knowledge of cloud technologies from different cloud service models and security frameworks ( ISO 27001, SOC 2, NIST etc.) Demonstrated knowledge of technology risks, infrastructure, and information security princip What Celonis Can Offer You: Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business. Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities. Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more . Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs. Connect and Belong: Find community and support through dedicated inclusion and belonging programs. Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future. Collaborate Globally: Join a dynamic, international team of talented individuals. Empowered Environment: Contribute your ideas in an open culture with autonomous teams. About Us: Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It s system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide. Get familiar with the Celonis Process Intelligence Platform by watching this video . Celonis Inclusion Statement: At Celonis, we believe our people make us who we are and that The Best Team Wins . We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard - thats when creativity and innovation happen. Your Privacy: Any information you submit to Celonis as part of your application will be processed in accordance with Celonis Accessibility and Candidate Notices By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process . Please be aware of common job offer scams, impersonators and frauds. Learn more here .

Shell has a requirement for ITGC Analyst . Based on JD, it appears to be more on Risk Management/Environment Governance. Can you suggest a primary skill to be used for this role and add the respective representative from TA team for this role. As an ITGC Testing Analyst, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts.. More specifically, your role will include: ITGC Testing: Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing: Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Test Scripts: Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation: Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting: Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management: Advise IT operations on risk management and contribute to remediation plans for deficient controls. : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication: Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management: Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. Experience: IT Audit Expertise: Proven experience in IT audits or ITGC testing. Technical Skills: Certifications: Relevant certifications like ISO 27001, CISA, CISM, and CRISC or having a strong desire to work towards obtaining such certifications. Information Risk Management: Good understanding of information risk management and associated processes. Application Proficiency: Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement: A mindset geared towards continuous improvement and project management experience. Work Schedule: Mid-Shift: Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization po Shell has a requirement for ITGC Analyst . Based on JD, it appears to be more on Risk Management/Environment Governance. Can you suggest a primary skill to be used for this role and add the respective representative from TA team for this role. As an ITGC Testing Analyst, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts.. More specifically, your role will include: ITGC Testing: Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing: Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Test Scripts: Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation: Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting: Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management: Advise IT operations on risk management and contribute to remediation plans for deficient controls. : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication: Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management: Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. Experience: IT Audit Expertise: Proven experience in IT audits or ITGC testing. Technical Skills: Certifications: Relevant certifications like ISO 27001, CISA, CISM, and CRISC or having a strong desire to work towards obtaining such certifications. Information Risk Management: Good understanding of information risk management and associated processes. Application Proficiency: Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement: A mindset geared towards continuous improvement and project management experience. Work Schedule: Mid-Shift: Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization po

location: Pune office (European working hours) The Role: We are looking for a dynamic, hands-on Director of IT Operations to lead our global infrastructure and support operations from our India hub. This role is critical to ensuring the stability, scalability, and security of Strategy s enterprise IT systems. You will shape and drive our infrastructure strategy, lead a talented international team, and partner with business and technology stakeholders across regions to deliver robust, secure, and cost-effective IT solutions. Your Focus: Lead a high-performing global team of engineers and subject matter experts across infrastructure, network, systems, and storage. Inspire, hire, mentor, and develop a diverse, world-class IT team. Drive strategic IT infrastructure initiatives and ensure alignment with business objectives and evolving technologies. Establish and track KPIs to measure team performance, system uptime, and customer satisfaction. Oversee operations for data centers, cloud environments, network infrastructure, storage, virtualization, backups, and disaster recovery. Ensure high availability, performance, and security of all corporate IT systems. Manage Active Directory, Microsoft 365, server management, and system patching (SCCM). Implement and maintain secure configurations for hardware, software, and network services. Define and enforce IT operational standards, documentation, runbooks, and SLAs. Plan and coordinate maintenance windows, change controls, upgrades, and incident response. Own asset lifecycle management, inventory controls, and procurement recommendations. Manage on-call rotations and ensure 24/7 global support readiness. Partner closely with internal application teams, Security, and Engineering to align infrastructure with evolving needs. Lead vendor relationship management, contract renewals, and performance reviews. Evaluate cloud provider services and ensure optimal utilization and cost efficiency. Ensure adherence to IT policies, regulatory standards, and internal controls. Support internal/external audits and compliance initiatives (e.g., ISO 27001, SOC2). Own infrastructure-related evidence collection and documentation for certifications. Core Attributes: Motivation. Passion. Integrity. Innovation. Collaboration. Customer Focus. Experience & Skills: Bachelor s degree in Computer Science, Engineering, or related field. 7+ years in IT infrastructure operations, including 5+ years in a management or leadership role. Experience running a 24/7 enterprise-grade infrastructure across multiple regions. Proven success in disaster recovery planning, testing, and execution. Project management expertise delivering complex cross-functional IT initiatives. Advanced knowledge of enterprise network architectures (Cisco, Aruba, Nexus). Strong experience with firewalls/VPNs (Palo Alto, Cisco, Juniper), and load balancers (F5, Citrix, Meraki). Deep hands-on experience managing cloud networking components across major hyperscalers (AWS, Azure, GCP), including VPC/VNET peering, site-to-site VPNs, transit gateways, and Direct Connect/ExpressRoute configurations. Expertise in Microsoft technologies (AD, O365, SCCM), virtualization, and endpoint security. Excellent written and verbal communication skills. Ability to navigate complex global organizations and influence stakeholders at all levels. Strong analytical mindset with a bias for action and continuous improvement. Additional Information The recruitment process includes online assessments as a first step (English, logic, business) - we send them via e-mail, please check also your SPAM folder We work from the office in Pune.

At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology. Job Description Position: IT- Staff Software Security Engineer Grade: IT4 Location: Noida/Hyderabad Job Description: Role: Cadence s Information Security team is seeking a Sr. Software Security Engineer. This role will focus on Cloud and on-premise Software Security controls including WAF and CDN tools. This is a Security Development Operations role that will ensure security tool integration at the source code repo (Perforce, Github etc. ), build environment, and artifactory level. As a member of the Information Security team, this role will develop and support the secure software develop life cycle, including DAST, SAST, SCA, penetration testing, and attack surface management. This role reports to Group Director and will interface directly with development teams. Of course, there is broad exposure to other aspects of information security related tasks such as incident response, vulnerability management, and deployment of security solutions. The successful candidate for this position is a highly motivated individual with a strong Application Development and Configuration Management/DevOps background with hands-on experience in building software security within CI/CD. Required Skills Qualification Hands-on experience in securing corporate environment. Hands-on experience in security frameworks (NIST, ISO 27001, CIS) and experience with risk management and compliance Hands-on experience securing Windows (Workstations and Servers), Linux (Workstations and Servers), and Mac Hands-on experience conducting risk management by identifying gaps and providing strategies for mitigation. Hands-on experience documenting vulnerability assessment results in a clear and actionable format. Expertise in network security, firewalls, IDS/IPS, and security monitoring tools such as SIEM Proficiency with cloud security technologies (AWS, Azure, GCP) and securing cloud-based infrastructure. Experience with incident response, forensics, and managing security incidents from detection to resolution. Determines security violations and inefficiencies. Knowledge of mergers and acquisitions Experience: Should have relevant experience of at least 10-15 years. Qualification: Engineering (Computers, Electronics, IT) or equivalent We re doing work that matters. Help us solve what others can t.

Key Responsibilities: Assist in developing, implementing, and maintaining information security policies, standards, and procedures in line with industry best practices and regulatory requirements. Conduct regular risk assessments and vulnerability scans to identify potential security risks and recommend appropriate mitigation strategies. Monitor security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) tools to detect and respond to security incidents. Support incident response activities by investigating security breaches and coordinating with relevant teams to remediate vulnerabilities. Conduct security awareness training and promote best practices across the organization to foster a security-conscious culture. Collaborate with IT and business teams to ensure security controls are integrated into system development and operational processes. Maintain documentation related to security policies, incident reports, and audit trails. Assist in internal and external security audits and compliance assessments (e.g., ISO 27001, GDPR, HIPAA). Stay updated with the latest cybersecurity trends, threats, and technologies to proactively enhance security measures.

8-10 years of exp in Cloud Technology, DevSecOps, cloud security, & CI/CD automation. Expertise in Kubernetes security, IAM, API security, & automated compliance frameworks. Hands on exp in Terraform, container security, & zero-trust architecture. Required Candidate profile Manage Enterprise wise Microservices based Applications hosted on AWS Cloud Technology.Exp in CI/CD & DevOps Tools:Jenkins,GitHub Actions,Terraform,AWS Code Pipeline & Kafka.Strong exp in EKS Cluster

The Staff Data Engineer will architect and scale the next generation of our real-time, AI-powe'red data infrastructure. In this high-impact role, you'll design and build systems that power everything from advanced machine learning to regulatory insights and global supplier intelligence. you'll take full ownership of end-to-end data architecture driving innovation at the intersection of cloud, big data, and AI. If you're passionate about building scalable platforms, thrive in fast-moving environments, and want to shape the data foundation of a global technology company, we'd love to connect. What You Will Do Architect and Scale Data Infrastructure : Design and maintain high-throughput data pipelines and distributed systems to support real-time and batch data processing. Build for AI : Collaborate with ML engineers and data scientists to operationalize models and ensure data readiness for AI pipelines. Create Reliable ETL/ELT Pipelines : Develop resilient data ingestion, transformation, and loading processes from external sources, including APIs andcustomer/partner data. Drive Data Quality & Governance : Implement best practices for data validation, lineage tracking, and compliance, ensuring audit-readiness and trustworthiness. Optimize for Performance : Continuously tune systems for speed, scalability, and cost-efficiency from schema design to processing engines. Mentor and Influence : Serve as a go-to technical expert across engineering teams and play a leadership role in defining data engineering standards. Collaborate Globally : Engage with distributed teams across US and India time zones to deliver cohesive and scalable solutions. What You Will Bring 8+ years of experience in data engineering or backend development with a focus on highly scalable data systems. Experience working in a B2B SaaS /AI company , ideally in a high-growth or startup environment. Proven track record of designing and scaling cloud-based data platforms (AWS, GCP, or Azure). Deep expertise in tools like Databricks or equivalent. Proficiency in Python, SQL , and experience with data modeling and architecture patterns. Strong understanding of real-time and batch processing, event-driven systems, and data lakehouse principles. Experience supporting AI/ML pipelines and working with data science teams. Exceptional English-speaking and -writing communication skills, with a proven ability to convey complex technical ideas clearly across technical and non-technical teams. Experience working with global teams across US and India time zones, demonstrating flexibility and collaboration. What Will Make You Stand Out Experience with Graph Databases such as Neo4j. Experience working in the Supply Chain Industry. Familiarity with data security, privacy, and compliance standards (GDPR, SOC 2, ISO 27001). Why You Will Love It Here Data with Purpose: Help shape global supply chains by engineering the data backbone of ESG, compliance, and risk intelligence. Hypergrowth Momentum: Join a category-defining SaaS company at the forefront of AI and supply chain tech. Tech-First Culture: Work with modern data stacks, deep learning teams, and a product that s redefining an industry. Leadership Track: Senior IC role with mentorship, influence, and opportunity to grow into an architect or manager path. Remote-Friendly Flexibility: Work from anywhere in India.

Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Mandatory Skill Strategy and Governance Preferred Skill Cyber Strategy Years of Experience Required 7 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CISA/CISM/ISO will be added advantage Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Strategy Plan Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage

We're looking for a Solutions Engineer to join Sprinto s Customer Experience team and play a critical role in accelerating sales cycles, securing technical wins, and shaping how mid-market and enterprise customers experience GRC automation. This is a high-impact, customer-facing individual contributor role that works closely with Sales, Product, and Customer Success teams to design and deliver solution architectures that map tightly to our customers infosec and compliance goals. If you bring deep experience in one or more of GRC, SaaS/cloud technologies, or solution/pre-sales engineering and enjoy translating complex problems into actionable, customer-specific value this role is for you. Some key responsibilities of this role - Lead technical discovery conversations with prospects to uncover goals, challenges, and compliance needs. Deliver tailored product demos that showcase Sprinto s unique value in the GRC automation space. Guide prospects through sandbox environments or proof-of-concept (POC) evaluations. Build mutual action plans , solution designs, and business cases that instill confidence in Sprinto as a partner. Support Sales in articulating Sprinto s differentiation and winning competitive deals. Ensure seamless post-sale handoffs to implementation and success teams. Collaborate with Product by sharing market feedback and surfacing key use cases or gaps. Contribute to internal initiatives such as SE-CSM handover playbooks, sales narratives, and positioning assets. Support renewals and upsells by identifying new framework needs or customer expansion opportunities. Maintain competitive intelligence (battlecards, objection handling, differentiators) for GTM effectiveness. Some key requirements of this role - 2-4 years in Solution Engineering, Pre-sales, or GRC consulting Experience with mid-market/enterprise customers , especially in APAC/EU Knowledge of key frameworks like ISO 27001, SOC 2, HIPAA, GDPR , etc Comfortable engaging with CxOs and mapping solutions to compliance needs Proficient in SaaS/cloud environments (AWS, GCP, Azure) and sales tools Strong communication, solution design, and stakeholder management skills Bonus: I SO Auditor, CISSP, CISA , or related infosec certifications Benefits - Remote First Policy. 5 Days Working With FLEXI Hours. Group Medical Insurance (Parents, Spouse, Children). Group Accident Cover. Company Sponsored Device. Education Reimbursement Policy.

Privacy Program Delivery & Management Lead delivery of end-to-end privacy consulting engagements by managing the team (gap assessments, impact assessments, data mapping, RoPA creation, DPIAs, privacy strategy, audits). Interpret, implement, and align customer policies and controls with applicable regulations such as GDPR, UAE PDPL, KSA PDPL, India DPDP. Translate regulatory requirements into actionable and auditable privacy controls. Track, report, and manage project scope, timelines, quality, and outcomes across multiple customer projects. Serve as the primary privacy advisor and point of contact for client stakeholders (CISOs, DPOs, Legal). Conduct senior-level presentations, workshops, and steering committee meetings. Drive customer satisfaction and retention by proactively identifying privacy risks and recommending strategic solutions. Stay abreast of evolving data protection laws, privacy technologies, and regulator interpretations across regions. Guide privacy impact assessments for IT, Cloud, HR, CRM, and third-party vendors. Provide expertise on implementing technical and organizational controls for personal data. Mentor and guide junior consultants and privacy analysts. Contribute to internal privacy delivery frameworks, tools, accelerators, and knowledge repositories. Key Skills 1. Deep knowledge of UAE PDPL, KSA PDPL, DPDP Act (India), GDPR, ISO 27701 and other frameworks 2. Strong understanding of cross-border data transfers, data lifecycle management, and privacy risk frameworks. 3. Experience in leading privacy projects across BFSI, Healthcare, Retail, or Government sectors. 4. Excellent client communication, stakeholder management, and delivery leadership. Key Competencies 1. Certifications: CIPP/E, CIPM, CIPT, ISO 27701 Lead Implementer/Auditor. 2. Familiarity with privacy automation tools (eg, OneTrust, BigID, TrustArc). 3. Knowledge of cyber regulations (NIST, ISO 27001, PCI DSS, HIPAA) and their intersection with privacy.

About the job We are a global biopharmaceutical company focused on human health. Our purpose is to find treatment to fight pain and ease suffering. We combine breakthrough science and advanced technology to develop life-changing medicines and vaccines. What you will be doing: At Sanofi, our Cyber Security team plays a crucial role in developing trust in our digital activities. We provide cutting-edge security services to mitigate cyber risks that could threaten our customers, employees, shareholders, products, and processes. As one of the key enablers of Sanofis digital ambition, were at the forefront of expediting value creation through innovative and optimized computerized capabilities. Our global Cyber Security organization operates consistently at Sanofis scale, addressing any cyber challenge or threat against the company across all corporate and business entities. Our reach extends to our external stakeholders, ensuring comprehensive protection in an increasingly interconnected digital landscape. What you have to know about this opportunity Job title : Cyber Security Expert Compute Location: Hyderabad, INDIA Grade: L3 Hiring Manager: Jerome Lahalle 40% Remote working Job type: Permanent Full time Are you ready to contribute to our Cyber Security journey within a worldwide and innovative global healthcare company devoted to chase the miracles of science to improve people s lives? The Cyber Security contribution to this noble mission is to ensure that this purpose will never be endangered by Cyber threats. Comprising around 85+ employees, we are a global, multidisciplinary and diverse team committed to supporting and enabling digital transformation with trust. A keen sense of excellence, creativity and a data-driven mindset are our guiding principles. Sanofi is also a company where you can flourish and grow your career, with countless opportunities to explore, make connections with people, and stretch the limits of what you thought was possible. Ready to get started? Main responsibilities: We are looking for a Cyber Security Expert with a robust real world technical and operational experience motivated to delve into and implement cutting-edge cyber security solutions and strategies to constantly improve and sustain our security posture. The Cyber Expert for Compute scope is pivotal in strengthening sanofi security posture through driving, supervising and implementing the security measures of all server instances, both on-premises and in the cloud. Keys responsibilities include: Managing Server Security Compliance Standards: Collaborate with Server and Cyber Security teams to define and establish security rules for all standard platforms. Regularly review and update OS hardening settings in accordance with NIST 800-53 / ISO 27001 standards for all operating systems. Maintain the list of mandatory security agents in coordination with other cyber teams (Antivirus, EDR, Compliance App, Whitelisting solutions, ). Oversee access management rules for servers (Privilege Access Management, segregation of duty, least privilege principle, ). Contribute to definition and improvements of patch management policy and process Own the System Security Standard policy. Providing KPI measurements: Identify and sponsor security KPIs and dashboards to assess and reach excellence on the compliance level of all servers. Adjust KPI measurement rules and compliance level targets. Review and approve/deny exception requests in KPIs (ex. Monthly committee meeting KPI review and exception sessions). Following-up on non-compliance remediations and improvement plans: Lead Cyber operational governance with external support partner leveraging geographical proximity to enforce regular face-to-face interactions. Review Cyber non-compliances, analyze failures, advise or perform remediation steps. Assist and facilitate coordinating security remediations and improvements (ex. OS hardening, WINRM enablement, vulnerability remediation and reporting). Unlock any operational impasse by taking the lead in executing the implementation of cybersecurity measures globally. Leading Server Security Expertise: Trusted advisor for all server security matters within the organization (Infrastructure projects, Security/Vulnerability Operations Center, Audits, ). Identify coverage gaps and facilitate proper service management coverage with Digital or remote organizations. The profile of the colleague we d love to work with: If you enjoy diving into complex technical topics, troubleshooting with hands-on on various technical contexts, exploring new technologies, working with multiple stakeholders and cultures, defining pragmatic and realistic plans that can be measured by real data metrics, you will find your dream job here. Technical qualifications Broad operational experiences on multiple cyber security domains with a focus on server security as well as relevant foundations on cloud security. Servers administration and technical security skills for Windows and Unix/Linux OS. Experience with Ansible, Python and PowerShell. Non-Technical qualifications High level of autonomy while collaborative and well-organized with the ability to structure plans effectively. Ability to work with diverse stakeholders in an international environment. Good analytical skills with a risk-based approach. Pragmatic and action-oriented (be a doer as opposed to a theorist only). Curious and enjoys digging into technical topics. Able to take a step back to see the big picture. Strong ability to adjust and adopt strategy and priority changes. Excellent verbal and written communication skills in English. Why choose us? Opportunity to work on global, high-impact projects that directly contribute to Sanofis digital transformation. Collaborative and innovative work environment that encourages continuous learning and professional growth. Chance to be at the forefront of cyber security in the pharmaceutical industry. Competitive compensation and benefits package. Global exposure and the potential to make a significant impact on healthcare through technology. Join us in our mission to protect and enable Sanofis digital future. Your expertise will directly contribute to safeguarding breakthrough medicines and vaccines that improve peoples lives around the world. Bring the miracles of science to life alongside a supportive, future-focused team. Discover endless opportunities to grow your talent and drive your career, whether it s through a promotion or lateral move, at home or internationally. Enjoy a thoughtful, well-crafted rewards package that recognizes your contribution and amplifies your impact. Take good care of yourself and your family, with a wide range of health and wellbeing benefits including high-quality healthcare, prevention and wellness programs and at least 14 weeks gender-neutral parental leave. Opportunity to work in an international environment, collaborating with diverse business teams and vendors, working in a dynamic team, and fully empowered to propose and implement innovative ideas. Pursue Progress . Discover Extraordinary .