776 Iso 27001 Jobs - Page 23

About Arctera Arctera keeps the world s IT systems working. We can trust that our credit cards will work at the store, that power will be routed to our homes and that factories will produce our medications because those companies themselves trust Arctera. Arctera is behind the scenes making sure that many of the biggest organizations in the world - and many of the smallest too - can face down ransomware attacks, natural disasters, and compliance challenges without missing a beat. We do this through the power of data and our flagship products, Insight, InfoScale and Backup Exec. Illuminating data also helps our customers maintain personal privacy, reduce the environmental impact of data storage, and defend against illegal or immoral use of information. It s a task that continues to get more complex as data volumes surge. Every day, the world produces more data than it ever has before. And global digital transformation - and the arrival of the age of AI - has set the course for a new explosion in data creation. Joining the Arctera team, you ll be part of a group innovating to harness the opportunity of the latest technologies to protect the world s critical infrastructure and to keep all our data safe. Overview As the Senior Principal SRE, you will serve as a strategic architect, technical advisor, and hands-on engineer, responsible for advancing the performance, scalability, security, and resiliency of our large scale cloud environment. You ll work across Windows and Linux environments, lead infrastructure automation efforts in Azure using Terraform and Puppet, and design the observability and reliability strategies that support large workloads. Key Responsibilities Define and drive the strategic roadmap for reliability engineering, infrastructure automation, cloud security, and cloud architecture. Architect resilient, secure, and scalable infrastructure in Microsoft Azure across both Windows Server and Linux. Lead enterprise-wide initiatives around Infrastructure as Code using Terraform. Drive organization-wide configuration management practices using Puppet. Design the architecture for highly available SQL Server clusters and distributed Elasticsearch deployments, ensuring consistency, observability, and performance. Serve as technical mentor and advisor to engineers across SRE, DevOps, security, and product teams. Lead incident reviews and architectural deep-dives. Collaborate with security and compliance stakeholders to embed zero trust principles, IAM, encryption, and auditing into all areas. Guide documentation initiatives, reliability reviews, and resilience initiatives to proactively determine and resolve failure points. Preferred Qualifications 10+ years in Site Reliability Engineering, Infrastructure/Platform Engineering, or Cloud Architecture roles. Proven track record architecting large-scale, distributed systems in production and cloud-native environments Deep hands-on expertise in Microsoft Azure, Windows Server, and Linux (Ubuntu, RHEL). Expert-level proficiency in Terraform and enterprise-scale Infrastructure as Code strategies. Advanced knowledge of Puppet configuration management at scale, including custom modules and Hiera integration. Extensive experience managing and scaling SQL Server and Elasticsearch in production. Strong expertise in scripting and automation using PowerShell, Bash, and/or Python. Deep understanding of networking, security, identity, RBAC, encryption, and compliance frameworks (SOC 2, HIPAA, ISO 27001). Proven leadership in incident response, reliability architecture, and root cause analysis. Demonstrated ability to lead multi-team initiatives and mentor junior team members. Familiarity with GitOps, Kubernetes, and modern CI/CD practices.

Summary The Information Security & Compliance team is looking for an a highly skilled and experienced Business Information Security Expert to join our team. The successful candidate will be responsible for ensuring Information Security Compliance across our organization. This role requires a deep understanding of information security principles, risk management, and regulatory requirements, including GDPR and GxP. About the Role Your responsibilities include, but not limited to: Develop, implement, and maintain information security policies, procedures, and guidelines to ensure compliance with industry standards and regulatory requirements. Conduct regular security assessments, audits, and risk analyses to identify vulnerabilities and ensure the effectiveness of security controls. Collaborate with various departments to ensure that information security requirements are integrated into business processes and projects. Provide expert guidance on information security best practices and emerging threats to senior management and other stakeholders. Lead incident response efforts and coordinate with internal and external teams to address security breaches and mitigate risks. Develop and deliver information security training and awareness programs to employees at all levels. Conduct regular Risk Committee Meetings and drive accountability & remediations. Conduct Annual Risk Identification Workshops to identify Risks, assign ownerships and gain agreements on Remediation Plans and target dates. Stay up-to-date with the latest developments in information security, GDPR, and GxP regulatory requirements to ensure the organization remains compliant and secure. Role Requirements: Bachelors or Masters degree in Computer Science, Information Technology, or a related field. 12 - 16 years of experience in information security, with a focus on compliance, risk management, GDPR, and GxP. Infrastructure expertise Minimum of one certification among CISSP, CISA, CCSP. Strong knowledge of information security frameworks, standards, and regulations (e.g., ISO 27001, NIST, GDPR, HIPAA). Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with the ability to effectively convey complex security concepts to non-technical stakeholders. Proven ability to work independently and as part of a team in a fast-paced, dynamic environment. Preferred Skills: Experience with security tools and technologies such as SIEM, DLP, IDS/IPS, and vulnerability management. Knowledge of cloud security principles and best practices. Experience in conducting security assessments and audits. Familiarity with data privacy regulations and requirements.

Job Description Deploy, configure, and manage Azure resources, including virtual machines, storage accounts, virtual network resources. Design, Deploy and Support Azure cloud native components such as Logic App, API management, SSO,Availability Zones, Storage, Serverless, Load Balancers, Containerization, System Administration, Backups, Patching, etc. Supporting Azure Monitor and Log Analytics for proactive monitoring and logging of Azure Resources and Services along with alerting, reporting and dashboarding Setting up and managing virtual machines, monitoring the performance of the cloud environment, provisioning and managing virtual storage volumes, and networking resources to support cloud-based applications. Collaborate with systems administrators, developers, stakeholders, and leadership to develop consensus-based outcomes around cloud infrastructure provisioning, monitoring, management, & troubleshooting. Setting up public and private cloud environments. Develop tools, scripts or templates that automate cloud security controls, governance, compliance validations and operational processes. Monitor and maintain Azure infrastructure to ensure optimal performance, availability, and security. Maintaining Azure profiles and subscriptions. Implementing and managing cost-effective cloud systems Set up and configure monitoring and alerting for Azure resources using Azure Monitor, Log Analytics, and Application Insights. Implement and manage Azure Resource Manager (ARM) templates for infrastructure as code (IaaC) deployments. Manage Azure security solutions, such as Azure Security Center, Azure Sentinel, and Azure Key Vault. Ensure security best practices and compliance with industry standards. Implement and manage role-based access control (RBAC) and identity management. Develop and implement backup and disaster recovery strategies using Azure Backup and Azure Site Recovery. Conduct regular backup and recovery tests to ensure data integrity and availability. Troubleshooting and resolving issues related to Azure services. Working closely with other teams, such as developers, security experts, and DevOps engineers, to deliver seamless Azure-powered solutions. Assist in the design and architecture of cloud solutions to meet business requirements. Provide technical support and expertise to engineering teammates and other stakeholders. Documenting configurations, processes, and procedures. Providing regular reports on the status and performance of the Azure environment. Experience with Azure IaaS and PaaS services. Experience administering Azure based cloud infrastructures at an Enterprise level. Experience and proficient with automation tools, such as PowerShell, Logic app, Azure CLI, or ARM templates. Experiences with security and compliance standards such as ISO 27001, SOC 2, and HIPAA. Excellent problem-solving and troubleshooting skills. Excellent written and verbal communication skills.

for an IT Senior Compliance Manager who can overlook and ensure Application Compliance, IT Risk mitigation & Issue management. How you ll make an impact: Engaging the third party and driving the ITGC operations across P&A (Platforms and Applications). Review that all the JSOX Controls are executed as per the standards and the required quality is being adhered to by the third party. Defining the key attributes needed to perform the controls effectively. Planning and ensuring that all the audits are completed in a timely manner in Coordination with the Control performers. Liaison between the P&A Application managers and the Control performers. Support Framework transition and optimization. Work out opportunities for efficiency improvements, automated controls, aggregation of controls, etc. Work out concept of internalization of Control Owner. Defining the KPI and come out with adequate measures to reduce the outsourcing costs without reducing the security risks to the applications. Supporting non JSOX audits and defining clear plans with timelines for all identified gaps, working on mitigations. Supporting non JSOX compliance maturity enhancements across P&A. Responsible to ensure compliance with applicable external and internal regulations, procedures, and guidelines. Living Hitachi Energy s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business. Your background: The candidate should have more than 20 years professional experience and more than 15 years in Internal audits The candidate should be a CISA and ISO 27001 Certified The candidate should have extensive experience with compliance service The candidate should have extensive experience in dealing with diverse technological audits The candidate should have experience in dealing with regulatory audits and also have a track record of completing SOX audits testing on time The candidate should have experience in managing large, global and diverse teams include handling third parties The candidate should have worked with senior management, provided and discussed reporting Proficiency in both spoken & written English language is required. .

About Us Observe.AI is transforming customer service with AI agents that speak, think, and act like your best human agents helping enterprises automate routine customer calls and workflows, support agents in real time, and uncover powerful insights from every interaction. With Observe.AI , businesses boost automation, deliver faster, more consistent 24/7 service and build stronger customer loyalty. Trusted by brands like Accolade, Prudential, Concentrix, Cox Automotive, and Included Health, Observe.AI is redefining how businesses connect with customers driving better experiences and lasting relationships at every touchpoint. The Opportunity The security team at Observe is responsible for securing our application platform, cloud infrastructure, and IT systems to protect Observe and its 60 million Community members. As a Senior Infrastructure Security Engineer, you will collaborate closely with other security, cloud infrastructure, SRE, Engineering Development team members and other stakeholders to design and harden infrastructure, network, systems and access, implementing security best practices. What you ll be doing Function as the Subject matter expert for Systems, Network and Cloud Security. Support existing Cloud and Corporate Infrastructure security tools and propose improvements. Augment the On-shore Infrastructure security team-related activities to utilise follow-the-sun model. Lead an engineering team to develop platforms and systems to support IAM/PAM. Enhance OS, Systems-related security best practices, including Vulnerability, Patch Management, Forensics, Endpoint Detection and Response. Deploy and streamline role-based access control (RBAC), break glass methods, authentication/authorisation into environments, and implement migration paths for existing services. Define and implement a consistent pattern for the definition of access controls, integrate and manage a single source of identity. Develop, document System and IT security reference architectures, design patterns, roadmaps, and other architectural artefacts aligned with policies, standards and industry best practice. Leverage the structure of compliance frameworks (Eg MITRE, NIST, ISO 27001) to identify and implement necessary security controls. Automate security incident detection and response using scripting languages. What you bring to the role 3-4 Years of hands-on experience across Systems, Network security and Cloud Security Strong team player, communication and documentation skills are required Deep understanding and expertise in Enterprise Corporate IT and Production Cloud Infrastructure, Systems, Hardware and OS Experience in Corporate IT security across IAM, Endpoint and other employee endpoint solutions Industry Certifications in Security, Systems and Network preferred Infrastructure Scripting and automation experience preferred (Python, Ansible, Powershell, Terraform, Jenkins) Experience with building IAM/PAM infrastructure entities- Federated Single Sign-On, SAML, etc Experience securing, designing and implementing large-scale distributed cloud systems, including but not limited to: Operating systems (such as RHEL, Ubuntu, CentOS, Mac, Windows, etc.) Container management solutions (e.g. Docker, Kubernetes, AKS, ECS) Containerisation and virtualisation technologies (e.g. containerd, Docker, VMWare) Automation and configuration management (e.g. CFEngine, Jenkins, Puppet, Ansible) Experience in rolling out security controls across the workforce, including understanding of security objectives, operational objectives, and trade-offs. Experience designing and implementing Cloud security architecture What you can expect Excellent medical insurance options and free online doctor consultations Yearly privilege and sick leaves as per Karnataka S&E Act Generous holidays (National and Festive) recognition and parental leave policies Learning & Development fund to support your continuous learning journey and professional development Fun events to build culture across the organization Flexible benefit plans for tax exemptions (i.e. Meal card, PF, etc.) Our Commitment to Inclusion and Belonging Observe.AI is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Observe AI does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Observe.AI also strives for a healthy and safe workplace and strictly prohibits harassment of any kind. We welcome all people. We celebrate diversity of all kinds and are committed to creating an inclusive culture built on a foundation of respect for all individuals. We seek to hire, develop, and retain talented people from all backgrounds. Individuals from non-traditional backgrounds, historically marginalized or underrepresented groups are strongly encouraged to apply. If you are ambitious, make an impact wherever you go, and youre ready to shape the future of Observe.AI, we encourage you to apply. For more information, visit www.observe.ai .

Colliers is looking to hire a cyber security analyst with expertise and experience in data analysis and reporting for cyber risk and compliance. Coming from an IT Security in infrastructure technical background, the right candidate will be able to work across multiple technical and non-technical teams in the Colliers regional environment and seek to take the next steps of their career into cyber security analysis across Asia Pacific. Role responsibilities Develop and complete technical cyber risk and compliance assessments followed by appropriate treatment plans. Prepare detailed compliance reports on specific cyber security risks. Support internal stakeholders with their Information Security queries. Coordination of cyber security related project work Conduct periodic supplier risk assessments against supply chain risk. Administering periodic online training in cyber security. Assist the Regional Director Cyber Risk and Compliance in completing customer facing cyber risk reviews. Keeping up to date on major cyber industry news relevant to Colliers and bringing relevant information to the wider IT team. Other ad hoc queries and tasks related to cyber security at Colliers

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist In this role, you will: Be responsible for maintaining, and uplifting IAM PAM control. Identify, investigate, and report potential Cybersecurity related exposures and recommend corrective action, maintaining SME support and/or ownership through to resolution. Work alongside the IDAM Control Owners to record, analyse, monitor, and publish MI / KCI reporting; dashboards; for the Cybersecurity management and other appropriate stakeholders. Stakeholder Engagement: Collaborate with business units and IT teams, to gather requirements and ensure smooth project execution. Provide regular updates to senior management and other stakeholders. Governance and Compliance: Experience of working in a regulated environment with exposure to global regulatory requirements, including GDPR, SOX, PCI DSS, and ISO 27001. Implement robust governance practices to manage risks and ensure compliance. Team Coordination and Leadership: Lead cross-functional teams, work alongside project managers, control owners, business analysts, and technical specialists. Foster collaboration and resolve conflicts to maintain project momentum. Proven track record of working with technical, cybersecurity and/or operations teams. Lead geographically disbursed team and pull them together to achieve common objectives. Excellent written and verbal communications Excellent data analytics skills. Process Improvement: Continuously evaluate processes and propose enhancements to improve efficiency, scalability, and security. Develop and implement best practices for project delivery. Risk and Issue Management Identify, assess, and mitigate risks throughout the project lifecycle. Proactively manage issues and dependencies to avoid project delays. Documentation Project initiation, planning, execution, monitoring, and closure documentation including but not limit project charter, project plan, various status report, performance report and project closeout report. Requirements To be successful in this role, you should meet the following requirements: Knowledge Experience of Identity Access Management (IAM) Controls Technical background within security spaces- Privileged Access Management Extensive knowledge on managing compliance IAM Security Standards Able to understand Operating Effectiveness of IAM Secrets Controls, Identify Gaps and Remediate Manage Govern KPIs / KCIs / KRIs Stakeholder Management Across all Lines of Defence Communication Skills for stakeholder collaboration on Standard Procedures and Best Practices Role relevant qualifications, i. e. CISSP/CISM is desirable but not essential Excellent written and verbal communications Excellent technical data analytics skills. Strong presentation and reporting skills.

Role & responsibilities : Have in-depth knowledge of governance, risk, and compliance, including internal auditing, audit standard, risk and compliance, cyber security review, policy review, ISO 27001, ISMS etc. Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery. Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding projects progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables.

Opportunity for a remote role. Experienced in GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 compliance. Led implementation and maintenance of compliance programs including TPRA. Skilled in IT audit planning, ISO 27001 audits, and reporting.

Lead and support IT compliance audits and assessments aligned with ISO 27001 and SOC 2 standards.Understanding of regulatory compliance standards, such as GDPR, HIPAA,PCI-DSS,or ISO27001.Understanding of cloud platforms (AWS, Azure, or Google Cloud)

Looking for Immediate Joiners only !!! Job Title: Con/Assistant Manager/Manager Role: Cyber Location: Gurgaon & Noida Job Description: Have in-depth knowledge of governance, risk, and compliance, including internal auditing, audit standard, risk and compliance, cyber security review, policy review, ISO 27001, ISMS etc. Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery. Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding projects progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status

Position Summary The Compliance, Quality & Data Fiduciary Manager is responsible for ensuring the organizations compliance with ISO 9001 (Quality Management System), ISO 27001 (Information Security Management System) standards, also fulfilling the duties of data fiduciary. This role involves managing the quality and information security frameworks, ensuring data protection & privacy compliance and overseeing all related processes to maintain the highest standards of integrity and trust. Area of Responsibility A . ISO 9001Quality Management System (QMS) 1. Design, Development and Implementation Design, implement and maintain QMS in accordance with ISO 9001 standards Develop and document quality policies, procedures and processes which are aligned with prevailing ISO 9001 standards. 2. Monitoring and Auditing Conduct regular interval audits to ensure ISO 9001 Compliance Monitor key performance indicators(KPIs) to access and improve effectiveness of QMS Lead continuous improvement initiatives in quality management 3. Training and Awareness Provide training on ISO 9001 standards and quality management best practices Ensure all employees understand their role within the QMS framework B.ISO 27001 Information Security Management System (ISMS) 1. Development and Implementation Establish, implement the ISMS standards as per ISO 27001 Develop and maintain robust information security policies, procedures and controls. 2. Risk Management Conduct risk assessments to identify potential threats to information security. Implement appropriate security measures to mitigate identified risks. 3. Monitoring and Auditing Conduct regular interval audits to ensure ISO 27001 Compliance Address any non-conformities identified during audits and ensure continuous improvement 4. Incident Management Develop and manage an incident response plan for handling security breaches. Lead investigation into security incidents and coordinate remedies efforts. C.ISO 27701 Privacy Information Management System (PIMS) 1. Development and Implementation Establish, implement the PIMS standards as per ISO 27701 Develop and maintain robust personal data protection policies, procedures and controls 2. Data security and Privacy Regularly review and update data protection policy to align with changing regulation Implement appropriate data protection measures, ensuring that personal data is secured and handled ethically. 3. Monitoring and Auditing Conduct regular interval audits to ensure ISO 27701 Compliance Address any non-conformities identified during audits and ensure continuous improvement 4. Transparency and Accountability Maintain transparent data practices, clearly communicating how personal data is used and stored. Ensure that the organization can demonstrate compliance with data protection principles and respond effectively to data principles request. 5. Training and Awareness Provide training on ISO 27701 standards and train employees on data protection laws DPDP Act 2023, emphasizing their roles and responsibilities as data handlers Promote a culture of privacy and data protection within the organization D. Compliance Management 1. Regulatory Compliance Ensure the organization complies with all relevant legal and regulatory requirements related to quality, privacy information and information security Keep upto date with changes in legislation and standards that impact ISO 9001, ISO 27001 and ISO 27701 2. Documentation and Reporting Maintain comprehensive record of compliance activity, include audit findings, corrective actions and management reviews Prepare and present compliance and quality reports to senior management E. Continuous Improvement 1. Process Optimization Identify opportunities for process improvements for across quality, information security and data protection functions Lead initiatives to enhance organizational practices and promote a culture of continuous improvement 2. Stakeholder Engagement Collaborate with internal and external stakeholders to ensure alignment with these ISO 90001, ISO 27001 and ISO 27701 requirements. Act as a primary contact for all compliance certification such as quality, information security and data protection related matters. Qualification: Bachelor Degree, relevant certifications( ISO 9001 lead auditor, ISO 27001 Lead Auditor, Data Protection Officer) Experience: Proven experience in managing, implementing and getting certification on ISO 9001 and ISO 27001 for atleast 9-11 years of experience Last experience along with ISO 9001 and ISO 27001, preferably in managing ISO 27701 for atleast 2-3 years Experience in conducting audits, vendor assessments/ due diligence with respect to ISMS and data protection as requested by the clients. Leading all compliance initiatives. Compensation 14-16 LPA Timing 9 AM-6 PM, 5 days with 2 alternate Saturdays in a month Key Competencies Functional Strong knowledge of ISO 9001, ISO 27001 and ISO 27701 along with data protection regulations Excellent analytical, problem solving and decision making skills Strong communication skills with ability to influence and lead cross functional teams. Should have excellent presentation skills and should be able to present to senior management High attention to details and strong organizational skills Should be able to conduct and manage audits of different business units within the organization Should be able to manage vendors and possess good negotiation skills

About the Role: We are looking for a talented Visual Designer to join our team. you will be responsible for crafting brand assets and visually compelling designs that elevate our brand. You will collaborate closely with the design and marketing team to create high-impact visuals. Responsibilities: Create and design high-quality visuals for web, mobile, social media, emailer and print Design various marketing collaterals and support the design team with visual assets like icons and other necessary assets as needed Supporting branding, marketing, product design and HR initiatives with consistent and high-quality visual design Develop and maintain brand identity guidelines and design standards Ensure final designs and layouts are visually appealing and on-brand Collaborate with cross-functional teams within a small, agile setup to elevate and maintain high-quality visual design across the platform Desired Candidate Profile: 3+ years of Proven visual design experience Experience working with Web3/Crypto/SaaS/B2B products A full and fluent knowledge of Figma, Adobe CC (Photoshop, Illustrator etc..) Canva Good understanding of layout, color theory, typography, iconography The ability to meet deadlines, Team player, collaborative approach Keep pushing your work until details are attended to Basic understanding of crypto, financial products Strong written and verbal communication skills Hands-on experience in motion design. About Liminal : Liminal is a compliant and insured digital asset custody and wallet infrastructure provider. Launched in April 2021, Liminal Custody is a CCSS Level 3, SOC Type 2, and ISO 27001 & 27701 certified organization. Based in Singapore, Liminal has operations spread across APAC, MENA, and Europe, along with offices in Singapore,Taiwan , India, and UAE. The company has received an initial approval from VARA. Liminal takes pride in supporting businesses with its qualified and insured custody (self and institutional) that enables stress-free safekeeping of digital assets for institutions. It also provides a cutting-edge wallet infrastructure platform that is secure, compliant, and automated and comes with a plug-and-play architecture for faster onboarding of developers, business partners, and government agencies. Our website - https://www.liminalcustody. com/

About AiDASH AiDASH is making critical infrastructure industries climate-resilient and sustainable with satellites and AI. Using our full-stack SaaS solutions, customers in electric, gas, water utilities, transportation, and construction are transforming asset inspection and maintenance - and complying with biodiversity net gain mandates and carbon capture goals. AiDASH exists to safeguard critical infrastructure and secure the future of humanAIty . Learn more at www.aidash.com We are a Series C climate tech startup backed by leading investors, including Shell Ventures, National Grid Partners, G2 Venture Partners, Duke Energy, Edison International, Lightrock, Marubeni, among others. We have been recognized by Forbes two years in a row as one of America s Best Startup Employers. We are also proud to be one of the few climate software companies in Time Magazine s America s Top GreenTech Companies 2024 . Deloitte Technology Fast 500 recently ranked us at No. 12 among San Francisco Bay Area companies, and No. 59 overall in their selection of the top 500 for 2024. Join us in Securing Tomorrow! The Role We re looking for a Senior Engineering Manager, DevOps to lead our efforts in building secure, scalable, and resilient infrastructure. This role blends deep technical expertise with strategic leadership in DevOps and Compliance/DevSecOps. You llbe responsible for our cloud infrastructure and compliance programs - owning everything from infrastructure automation and observability to security and regulatory readiness. In this role, you will directly manage both the DevOps and Compliance teams, working cross-functionally to strengthen system reliability, support engineering velocity, and uphold the trust of our customers and partners. How you ll make an impact: Lead and grow a high-performing team spanning DevOps, Infrastructure, and Compliance Own the architecture, scalability, and security of our cloud infrastructure (AWS) Champion DevSecOps best practices by embedding security into every part of the development lifecycle Manage and evolve CI/CD pipelines to ensure fast, safe, and reliable software delivery Drive infrastructure automation and self-service tooling to empower developer productivity Oversee compliance programs (e.g., SOC 2, ISO 27001), working closely with auditors and internal stakeholders Implement and enforce controls to meet security and regulatory requirements Partner with Engineering, Product, Security, and Legal teams to align infrastructure and compliance efforts with business priorities Monitor system health and lead incident response and postmortem processes Track key metrics to assess infrastructure reliability, security posture, and compliance status What we re looking for: 10+ years of engineering experience with at least 3+ years in a DevOps or infrastructure leadership role Proven success leading both DevOps and Compliance or Security Engineering teams. Deep expertise in cloud infrastructure (AWS preferred), container orchestration (e.g., Kubernetes), and infrastructure as code (e.g., Terraform) Strong background in CI/CD systems, observability tooling, and SRE practices. Experience with compliance frameworks like SOC 2, ISO 27001, or FedRAMP and managing external audits Demonstrated ability to build cross-functional partnerships and drive organization-wide initiatives Excellent communication, leadership, and stakeholder management skills We are proud to be an equal-opportunity employer. We are committed to embracing diversity and inclusion in our hiring practices, and we promote a work environment where everyone, from any race, color, religion, sex, sexual orientation, gender identity, or national origin, can do their best work. We are committed to providing an inclusive and accessible interview experience for all candidates. Please let us know if you require any accommodation during the interview process, and we will make every effort to meet your needs.

The Business Analyst role is one of the most crucial roles in any organization and so is it in Gameskraft This role offers to take the initiative, deal with challenging problems, find insights from existing data and present it through the power of data visualization What youll do You ll be a part of the revenue/business function and will deal with key data sets like revenue trends, Arpu retention, reactivation, user cohorts, new vs old users etc You ll be involved in solving complex business problems which will directly impact the companys growth Solving these problems, will involve data analysis, and insights generation using tools like SQL, Python, Tableau, Excel etc You ll be involved in multiple cycles of data analysis - forming an initial hypothesis, extracting, analyzing, dissecting that data as per the hypothesis, presenting the insights in a crisp actionable manner; and then keep re-iterating the whole process till you reach the conclusion You ll also be responsible for fixing data issues in coordination with the data engineering team and conducting root cause analysis You ll also get a chance to coordinate and interact with multiple stakeholders from product, marketing and Cx teams What you will bring Well, apart from a few cookies every day, it d be great if you came with these Bachelor s degree in engineering, Operations Research, Maths, or related discipline 2-3 yrs experience in the data analytics domain preferably for a product-oriented company Candidate needs to exhibit structured thinking and strong analytical skills Hands-on experience with data manipulation tools like SQL, R, Python, Excel etc Exposure to visualization tools like Tableau, Power BI etc

Management Level Senior Manager & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC , you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. JOB DESCRIPTION Purpose of the Job /Role Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Roles and Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Certifications CISA/CISM/ISO will be added advantage Mandatory Skill Sets Strategy and Governance Preferred Skill Sets Cyber Strategy Years of experience required 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Cyber Risks Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance {+ 16 more} Travel Requirements Government Clearance Required?

The Information Security Manager is responsible for developing, implementing, and maintaining the organizations overall information security strategy. This includes ensuring the confidentiality, integrity, and availability of all information assets. What you'll do Implement Security policies & Standard operating processes (SOPs) : Create/ review, and update information security policies and SOPs, procedures, and standards to ensure alignment with industry best practices and RBI regulatory requirements. Risk Management: Identify, assess, and mitigate information security risks to the organizations assets, data, and systems. Compliance: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, NIST, PCI-DSS, and ISO 27001. Security Awareness: Develop and implement security awareness training programs for employees to promote a culture of security. Incident Response: Develop and manage incident response plans to ensure prompt and effective response to security incidents. Vulnerability Management: Implement vulnerability management processes to identify, classify, and remediate vulnerabilities in systems and applications. Security Architecture (Cloud and On Prime) : Design , review and implement secure architectures for systems, networks, and applications. Third-Party Risk Management: Assess and mitigate information security risks associated with third-party vendors and service providers. Budgeting and Resource Allocation: Manage the information security budget and allocate resources to ensure effective implementation of security measures. Reporting and Metrics: Provide regular reporting and Security metrics to stakeholders on information security performance and risk posture. Cloud Security Experience*: Experience with cloud security platforms and technologies. Programming Skills: Proficiency in programming languages such as Python, Java, or C++. Industry Certifications: Additional certifications such as CompTIA Security+, or ISO 27001 Lead Implementer. Operational & Reporting Tasks: Risk management: Identify, assess, and mitigate information security risks to the organization. Compliance: Ensure compliance with relevant laws, regulations, and industry standards. Budgeting: Manage the information security budget and allocate resources. Stakeholder Management: Communicate information security risks and mitigation strategies to stakeholders. Project Management: Manage information security projects, including project planning, execution, and delivery. Vendor Management: Manage relationships with information security vendors and service providers. Security Metrics: Develop and report security metrics to stakeholders. Compliance Reporting: Report on compliance with relevant laws, regulations, and industry standards. Risk Reporting: Report on information security risks and mitigation strategies. Incident Reporting: Report on security incidents and response activities. What experience you need bachelors Degree or Engineering with Information security certification like ISO 27001, CCNA, ITIL foundation Minimum 13 to 15 yrs of Information security Information / Security audits experience/Technology administration /Project management etc Education: Bachelors degree in Computer Science or computer engineering, Information Security, or related field. Certifications: CISSP, CEH, CISM, or CISA certification preferred. Experience: Minimum 5 years of experience in information security, with at least 2 years in a management role. Skills: Strong knowledge of information security principles, risk management, and compliance. Excellent communication, leadership, and project management skills. Soft skills: Time management - Effective time management and prioritizing Collaboration - Ability to work & collaborate with cross functional teams Adaptability: Ability to adapt to changing security landscapes and professional environment. What could set you apart People management skills Good Communication skill Passion to continuously learn and work to value add to the organization security environment Positive attitude

The Auditor, Global IT is responsible for assessing the adequacy of Global Information Technology security and controls for applications and infrastructure throughout Abbott s international and domestic organizations. The IT auditor will execute audit projects using a risk-based approach to help ensure effective testing coverage. They will identify control gaps and other areas of risk exposure related to controls within IT processes and deliver achievable, meaningful recommendations for management to mitigate the identified risks. The individual should have the demonstrated ability to communicate effectively, present professionally, and work we'll with the highest level of Corporate and Division management as we'll as his/her peer group. WHAT you'll DO Execute Information Systems audits throughout Abbotts international and domestic organizations. Assess the design and development of security solutions and their adherence to applicable policies and comply with information security requirements. Prepare and present audit findings to senior management. Maintain comprehensive historical audit work paper documentation that fully supports reported audit results, leveraging established department tools and standards. Proactively communicate with key stakeholders regarding audit status, findings and other relevant issues. Stay abreast of current and emerging security risks. Research new technologies, understand existing processes, and reference recognized standards and frameworks. Work collaboratively with others on the Corporate Audit team to proactively assess organizational IT risks and ensure effective audit coverage. Identify control gaps and other areas of heightened risk exposure related to governance, risk management and internal controls within IT processes. Design and deliver achievable meaningful recommendations for management to mitigate the identified risks. EDUCATION AND EXPERIENCE you'll BRING Required BA/BS degree in Business, Computer Science, Management Information Systems or related field, or equivalent practical experience. 1.5-3+ years of related experience with a top-tier consulting or public accounting firm in one of the following two areas required: Execution of Information Systems audits, including Application, Platform or General IT Controls; or conducting information security assessments or implementing information security controls. Strong interpersonal and communication skills are required. 0-10% travel to Abbotts International and Domestic locations required. Preferred Experience with auditing major ERP systems (ie SAP) Experience with auditing IaaS, PaaS, SaaS services and solutions Experience with SOX audits and compliance requirements Deep insight of best practice standards and frameworks, such as ISO 27001/2 and NIST. Understanding of network and system security technology and practices across major-computing areas. Experience with Technology Risk Management / IT Audit function in Enterprise organizations. Certifications such as HCISPP, CHPS, CISA, CISSP, CISM, CRISC, CIPP. Manufacturing and/or international business experience. Foreign language skills.

So, what s t he r ole all about As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What s in it for you Enjoy NICE-FLEX! Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor About NICE

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works on Vendor IT Security risk assessment/ Third Party Risk management Monitor Security posture and appraise Senior Leadership on the posture. Conduct phishing campaigns that includes analysis of phishing emails and develop reports. Experience in performing Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems. Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc. Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization. Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques JOB FUNCTIONS AND RESPONSIBILITIES Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed. Perform and oversee Information Security Policy Framework Recommend appropriate corrective actions and remediation plans for risks identified. Assist in developing the implementation of risk mitigation measures. Work with the Business functions to ensure security standards are in-line with Onity s risk management and information security policies. Plan and execute vendor IT and Security audit programs in-line with Onity s risk management policies. EDUCATION / EXPERIENCE 1-3 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles Bachelor s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage. Preferred Certifications CGEIT or CISM CISSP ISO 27001 Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders. Experience in Information Security or demonstrated knowledge on Information Security Operations. Demonstrated experience in a multi-vendor environment. Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc. WORK SCHEDULE OR TRAVEL REQUIREMENTS 2 PM to 11 PM

Roles and Responsibilities Greetings from GRM Technologies!!! Providing support in IT and Cyber Risk Advisory services offered by GRM Technologies to its clients in the following domains- Information regulatory compliance (ISO 27001, PCIDSS, RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, GDPR) Information risk management Information security and information assurance Information technology controls for financial and other systems Identifying processes and technologies to maintain and enhance the security architecture Disaster recovery and business continuity management Information privacy Have a fair understanding of Business Continuity Planning and DR Drills Should have conducted Information Life Cycle management reviews in the past Conducting Infrastructure Vulnerability Assessment and Penetration Testing Conducting Web and Mobile Application Security Assessment Conducting Secure Code Review Conducting Architecture Review Should have minimum 2-5 yrs. of experience into Cyber Security, including IT Risk, Cyber Risk & Compliance, IT Audit, Vendor Audit, VAPT, Application Security, Fraud Risk & Security. Knowledge of information security standards, principles and practices required Perform risk assessment, controls and documentation with expected standards (information technology/ business process) Conduct Infrastructure Vulnerability Assessment and Penetration Testing Conduct Web Application Security Assessment Conduct Mobile Application Security Assessment Conduct Source Code Review Perform SOX compliance audits, SOC 1 and SOC 2 audits, as well as testing and reporting Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2) Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.) Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable Ability to adapt to new scope areas and technologies Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more Ability to manage client communication and escalation Ability to make all attempts to guide the peers and self to improve client satisfaction scores Participate in proposal preparation Understanding of risk Appreciation for technological innovation Strong organization skills Curiosity and eagerness to learn Initiative to seek out opportunities and add value Tolerance for ambiguity and shifting priorities; appreciation of change. Should have certification on CCNA / CCNP / ITIL Exposure into ISO 27001 is mandate

Job View - Director-Cyber Security, Business Development Role Overview We are seeking an entrepreneurial BD & Partnerships Director Cybersecurity to lead the growth of cybersecurity risk advisory services portfolio for InCorp Global. This is a unique opportunity to build a new service line, leveraging your expertise in cybersecurity and business acumen to establish a market-leading practice. The ideal candidate will have prior experience in cybersecurity services, a strong client-facing background. We are looking for the ability to drive growth through offerings management, marketing, partnerships, and sales. This role is perfect for a self-starter who thrives in a dynamic environment and is passionate about creating innovative solutions for clients worldwide. Key Responsibilities Take ownership of building a global cybersecurity risk advisory portfolio, including defining service offerings, go-to market strategies, and growth plans. Act as a thought leader and innovator, identifying emerging trends and opportunities in the cybersecurity space to shape the service lines direction. Collaborate with senior leadership to align the cybersecurity portfolio with the firms overall strategic goals. Offerings Management: Develop and manage a comprehensive suite of cybersecurity services, including risk assessments, compliance advisory, and incident response frameworks. Continuously refine and enhance service offerings to address evolving client needs and market demands. Ensure the portfolio remains competitive and aligned with domestic and global cybersecurity standards and regulations. Marketing & Thought Leadership: Drive marketing initiatives to position the firm as a leader in cybersecurity advisory services. Create and promote thought leadership content, including whitepapers, blogs, and case studies, to establish credibility and attract clients. Represent the firm at industry events, conferences, and webinars to enhance visibility and build a strong brand presence. Partnerships & Alliances: Identify and establish strategic partnerships with technology providers, industry associations, and complementary service providers to enhance service delivery and lead generation. Build alliances with key stakeholders to expand the firms reach and influence in the cybersecurity domain. Leverage partnerships to co-develop solutions and drive joint go-to-market strategies. Business Development & Sales: Lead business development efforts to acquire new clients and expand the cybersecurity advisory practice globally. Develop and execute sales strategies to achieve revenue targets and drive growth. Engage with prospective clients to understand their cybersecurity needs and propose tailored solutions. Collaborate with cross-functional teams to prepare proposals, pricing strategies, and presentations for client engagements. Qualifications Degree in Computer Science / IT / Electronics OR Certifications in Cybersecurity-related courses. 4-10 years of experience in cybersecurity services, preferably in client-facing roles. Strong expertise in cybersecurity risk advisory, compliance, and / or business development. Knowledge of cybersecurity regulations, frameworks, and standards (e.g., GDPR, ISO 27001, NIST). MBA from Tier-1 or Tier-2 B-Schools would be an added advantage.

POSITION SUMMARY: This position will give an opportunity to work for Information Security Governance on information systems, processes, and technologies within the organization. This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines, and US This position will report to the Senior Manager, Information Security and is expected to work independently on tasks assigned. This position requires: Works on Vendor IT Security risk assessment/ Third Party Risk management Monitor Security posture and appraise Senior Leadership on the posture. Conduct phishing campaigns that includes analysis of phishing emails and develop reports. Experience in performing Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems. Knowledge about latest regulations, compliance, standards, and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, etc. Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization. Strong proficiency in Microsoft Office applications (MS Excel, Word, PowerPoint etc.) with a general understanding of data analysis techniques JOB FUNCTIONS AND RESPONSIBILITIES Perform IT security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed. Perform and oversee Information Security Policy Framework Recommend appropriate corrective actions and remediation plans for risks identified. Assist in developing the implementation of risk mitigation measures. Work with the Business functions to ensure security standards are in-line with Onity s risk management and information security policies. Plan and execute vendor IT and Security audit programs in-line with Onity s risk management policies. EDUCATION / EXPERIENCE 1-3 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles Bachelor s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage. Preferred Certifications CGEIT or CISM CISSP ISO 27001 Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders. Experience in Information Security or demonstrated knowledge on Information Security Operations. Demonstrated experience in a multi-vendor environment. Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc. WORK SCHEDULE OR TRAVEL REQUIREMENTS 2 PM to 11 PM

Bachelor s degree in computer science, Information Security, orrelated field 7+ years of experience in security engineering, cloud security, or compliance Strong knowledge of cloud security concepts, principles, and practices Familiarity with cloud security best practices and frameworks (e.g., CISv8, NIST, ISO, CSA) Experience in creating and maintaining security documentation, such as policies, standards, procedures, and guidelines. Experience with tool sets relevant to modern cloud operations like SIEM, WAF, vulnerability scans, pen tests, CIS benchmarking, etc. Working knowledge of OWASP Web/API vulnerabilities (CSRF, XSS, SQLI, etc.) and compensating controls. Knowledge of Web/API security architecture common authentication and authorization technologies (OIDC, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust). Solid understanding of applied cryptography fundamentals (Encryption, Authentication, Symmetric Cryptography, Asymmetric Cryptography etc.). Ability to translate complex technical concepts into clear and concise language for diverse audiences and Attention to detail with quality assurance. Hands-on experience with security tools, frameworks for cloud platforms (e.g., AWS, Azure, GCP) and technologies (e.g., firewalls, encryption, identity and access management, vulnerability scanning, penetration testing) Experience with security standards and regulations for cloud environments (e.g., ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR) Experience with scripting languages (e.g., Python, Bash, PowerShell) Excellent communication, collaboration, and problem-solving skills Certifications in cloud security or compliance (e.g., AWS Certified Security Specialty, Azure Security Engineer, CCSK, CCSP) are Mandatory. Basic Requirements - Effective verbal and non-verbal communication skills at all levels of the organization - Leadership teamwork and collaboration - Discretion - Problem solving - Critical Thinking - Self-initiated/sufficient - Motivated

Our Purpose Title and Summary Manager, Regulatory Relations & Market Compliance The Mastercard Technology Regulatory Relations & Market Compliance Team is looking for a Manager (Lead) Technology Risk Analyst to be part of the controls assurance program supporting various requirements to meet customer and regulatory obligations for the related region. The focus of the role would be around providing compliance support, monitoring, and reporting of the on-going operating effectiveness of Mastercard s internal control environment while ensuring compliance with regulatory requirements, internal policies and industry standards. Mastercard is committed to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes. The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices. Job Responsibilities Act as an advisory, a focal point for security and compliance-related activities and responsibilities that includes implementation of ISO 27001 standards within the organization. Identify and evaluate technology risks and any related potential security weaknesses through risk and control assessments across systems, application, infrastructure and processes in accordance with industry standards Establish and track remediation internally and externally through to resolution whilst improving design and operational effectiveness of controls. Collaborate with key internal stakeholders from Technology and Business to ensure required deliverables are accurate, complete, timely and within the level of expectations required. Proactive in providing suggestions in process related improvements and constantly be informed of evolving regulatory and cybersecurity related requirements Proficient in providing risk insights to the leadership team through risk dashboards for key initiatives, plans and audit tracking of the current processes as per management requirements. About You: Experience in working with digital and technology functions ideally in a technology and/or cybersecurity related compliance role including managing complex technology / cyber security related audit / regulatory projects. Strong understanding of IT general controls and technology and/or cybersecurity risk management frameworks such as NIST, ISO 27001/27002, GDPR, data privacy related regulations, Bachelor s degree or equivalent combination of education and experience/Bachelor s degree in Computer Science, Information Technology or related field preferred Possess one or more professional certifications (i.e. CISA or CISSPISO 27001 LEAD AUDITOR /Implementer (Desirable) Demonstrate proficiency in information security domains technical background inIT processes and systems related risks. Self driven with strong organizational and time management skills Experience in managing complex projects related to information security