776 Iso 27001 Jobs - Page 24

Worker Sub-Type: Regular Job Description: QNX is a trusted supplier of safe and secure operating systems, hypervisors, frameworks, and development tools, and provides expert support and services for building the world s most critical embedded systems. We are the embedded experts. QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware, and security solutions, all purpose-built for embedded systems. QNX software is trusted by more than 68% of the Electric Vehicle market by volume , 24 of the top 25 EV manufacturers and is running in 255 million vehicles globally. Our foundation products have been pre-certified to ISO 26262 ASIL D, and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions - from acoustic management to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates. Are you the person we are looking for? We are seeking a skilled and detail-oriented Security Operations Analyst to join our Hybrid Security Operations Center. This dynamic role encompasses responsibilities from both the Security Operations Center (SOC) and the Vulnerability Management domains. The ideal candidate will have strong analytical abilities, experience with security tools and technologies and a proactive approach to threat detection, incident response, and vulnerability management. Responsibilities: Monitor security alerts and notifications from various security tools and systems. Investigate and respond to security incidents, performing root cause analysis and document findings. Conduct real-time analysis of security incidents and escalate as necessary. Implement and manage security controls and measures to protect the organization s assets. Maintain and update incident response playbooks and standard operating procedures. Collaborate with IT and other departments to ensure timely resolution of security incidents. Generate reports on security incidents, trends (KRIs), and SOC performance metrics (KPIs). Conduct regular vulnerability assessments and scans across the organizations network, applications, and systems. Analyze and interpret scan results prioritize vulnerabilities based on risk and impact. Work with IT teams to remediate identified vulnerabilities and provide guidance on best practices. Develop and maintain vulnerability management policies, standards, and procedures. Stay updated on the latest vulnerabilities, exploits, and security trends. Skills & Qualifications: Bachelor s degree in Computer Science, Information Security, or related field; or equivalent work experience. 3+ years of experience in a SOC analyst role and/or vulnerability management role. Strong knowledge of security incident response processes and methodologies. Experience with security information and event management (SIEM) technologies. Proficiency with vulnerability assessment tools such as Nessus, Qualys, or Rapid7. Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS). Relevant certifications such as CISSP, GIAC, CEH, or CompTIA Security+, or equivalent are preferred. Additional Assets: Ability to work effectively both independently and as part of a team. High level of integrity, professionalism, and attention to detail. Excellent analytical, problem-solving, and communication skills. Scheduled Weekly Hours: 40

Implement and review IT security technologies in Infrastructure, applications and cloud platforms for effective enforcement of policies. Periodic review of user and privileged access management for infrastructure and applications. Maintaining updated information security documentation including standard operating procedures, review records. Design and implementation of security use cases in Security incident event management and end point security policies. Act as a first responder for cyber security incidents and part of cyber security incident response team by working in close coordination with IT infrastructure and application teams. Conduct vulnerability assessment with IT systems and collaborate with stakeholders for remediation of vulnerabilities. Implement and review IT security technologies in Infrastructure, applications and cloud platforms for effective enforcement of policies. Periodic review of user and privileged access management for infrastructure and applications. Maintaining updated information security documentation including standard operating procedures, review records. Design and implementation of security use cases in Security incident event management and end point security policies. Act as a first responder for cyber security incidents and part of cyber security incident response team by working in close coordination with IT infrastructure and application teams. Conduct vulnerability assessment with IT systems and collaborate with stakeholders for remediation of vulnerabilities. Educational Qualifications and experience: Bachelors degree in science, engineering discipline Minimum of 5 years experience IT operations with at least 2-3 years of hands-on experience with cyber security technologies. Competency in applying the cyber/information security frameworks and standards such as MITRE, NIST and ISO 27001

Manager, Regulatory Relations & Market Compliance The Mastercard Technology Regulatory Relations & Market Compliance Team is looking for a Manager (Lead) Technology Risk Analyst to be part of the controls assurance program supporting various requirements to meet customer and regulatory obligations for the related region. The focus of the role would be around providing compliance support, monitoring, and reporting of the on-going operating effectiveness of Mastercard s internal control environment while ensuring compliance with regulatory requirements, internal policies and industry standards. Mastercard is committed to balancing innovation while protecting the internal control posture. The team assesses internal controls to proactively identify risks, define remediation actions and track remediation efforts. We are looking for someone to join our team and help us meet these compliance goals. This person will be a technically savvy person who likes to solve issues and drive outcomes. The ideal candidate will have the ability to think and act both strategically and tactically while ensuring that the corporation remains compliant with required security, technology, and financial standards, as well as industry best practices. Job Responsibilities Act as an advisory, a focal point for security and compliance-related activities and responsibilities that includes implementation of ISO 27001 standards within the organization. Identify and evaluate technology risks and any related potential security weaknesses through risk and control assessments across systems, application, infrastructure and processes in accordance with industry standards Establish and track remediation internally and externally through to resolution whilst improving design and operational effectiveness of controls. Collaborate with key internal stakeholders from Technology and Business to ensure required deliverables are accurate, complete, timely and within the level of expectations required. Proactive in providing suggestions in process related improvements and constantly be informed of evolving regulatory and cybersecurity related requirements Proficient in providing risk insights to the leadership team through risk dashboards for key initiatives, plans and audit tracking of the current processes as per management requirements. About You: Experience in working with digital and technology functions ideally in a technology and/or cybersecurity related compliance role including managing complex technology / cyber security related audit / regulatory projects. Strong understanding of IT general controls and technology and/or cybersecurity risk management frameworks such as NIST, ISO 27001/27002, GDPR, data privacy related regulations, Bachelor s degree or equivalent combination of education and experience/Bachelor s degree in Computer Science, Information Technology or related field preferred Possess one or more professional certifications (i.e. CISA or CISSPISO 27001 LEAD AUDITOR /Implementer (Desirable) Demonstrate proficiency in information security domains technical background inIT processes and systems related risks. Self driven with strong organizational and time management skills Experience in managing complex projects related to information security

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

Job Title: Cyber Organization alignment Compliance Location: Remote Experience: 10 -15 Years Job Description: The Information Security Cyber Organization Alignment role is focused on the strategic alignment of information security practices with the bank s overall risk management strategy, compliance requirements, and governance frameworks. The role focuses on driving Information Security Governance, Risk, and Compliance (GRC) initiatives to strengthen the bank s security posture while ensuring alignment with regulatory and business objectives. through effective processes i.e., risk tracking, compliance monitoring, RCSA, evaluating exceptions, and ensuring accurate reporting. The role ensures the right level of governance is in place and drives continuous improvement in risk management processes. The role leverages automation to streamline processes and enhance risk visibility across Information Security Group through managing GRC solutions Key Responsibilites: Essential knowledge Have around 10+ years of experience in a Banking environment and over 3 years of experience in information security. Familiarity with information security technologies, risk, threat and vulnerability assessments, and security measures. Experience with governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, GDPR, PDPL). Hold professional certifications (e.g., CISA, CISM, CISSP, CRISC) Skills and Application Strong communication and interpersonal skills. Ability to manage multiple projects and priorities. Proficiency in security tools and technologies. Strategic Insight Foster a culture of security awareness and compliance within the organization. Continuously improve the information security posture of the organization. Ensure that information security risks are effectively managed and mitigated

Job Summary: The Security consultant will be responsible for end-to-end Incident Response which includes detecting, analyzing, and responding to security incidents to protect an organizations IT infrastructure and products. The role involves working with product teams, leveraging tools, and following structured incident response policies and process. Key Responsibilities: 1. Incident Detection Analysis - Monitor security alerts from SIEM, IDS/IPS, and endpoint detection tools. - Investigate security events to determine impact, scope, and root cause. - Analyze network traffic, logs, and forensic artifacts to detect malicious activity. - Utilize frameworks like MITRE ATTCK, NIST 800-61, and Cyber Kill Chain for attack analysis. 2. Incident Response Mitigation - Respond to security incidents and perform containment, eradication, and recovery. - Document incident response actions and maintain playbooks for future reference. - Collaborate with IT, Security, and DevOps teams to implement security fixes. - Conduct malware analysis and reverse engineering when required. 3. Threat Intelligence Hunting - Stay updated on emerging threats and vulnerabilities. - Perform proactive threat hunting to detect potential attacks before they escalate. - Work with Threat Intelligence teams to assess indicators of compromise (IoCs). 4. Security Automation SOAR - Automate security incident response tasks using SOAR platforms. - Develop and optimize playbooks for automated threat containment. 5. Compliance Reporting - Ensure compliance with regulatory standards such as ISO 27001, NIST, PCI-DSS, SOC 2. - Prepare detailed incident reports and post-incident reviews (PIRs). - Assist in security audits and tabletop exercises for incident preparedness. Required Qualifications Skills Technical Skills: - SIEM Platforms - Endpoint Security - Forensics Malware Analysis - Threat Intelligence Tools - Programming/Scripting: Python, PowerShell - Cloud Security: AWS, Azure security best practices Soft Skills: - Strong problem-solving and analytical thinking. - Effective communication skills for technical and non-technical audiences. - Ability to work in high-pressure situations and make quick decisions. - Strong collaboration skills to work with cross-functional teams. Preferred Certifications: - Certified Incident Handler (GCIH) GIAC - Certified Cyber Incident Responder (ECIH) EC-Council - Certified Information Systems Security Professional (CISSP) (Nice to have) - Microsoft Certified: Security Operations Analyst Associate (Nice to have) - AI/ML Knowledge (Nice to have)

Number of Openings 1 ECMS ID in sourcing stage 516886 Assignment Duration 12 Months Total Yrs. of Experience 10+experience in the Technology industry. Relevant Yrs. of experience 3+years Security Architecture Experience Experience 3+ years Security Architecture Experience 1+ years focusing on Cloud/SaaS Security. Banking/Finance experience (highly preferred) 3 rd party risk/supplier security management (desirable) Collaborate with cross-functional teams to define security-related processes and contribute by providing inputs to deliver enhanced vendor management, SaaS assurance and monitoring framework. Be a part of the workgroup to identify areas for improvement and process efficiencies. Assess and document existing SaaS applications in line with the enhanced vendor management framework to identify control gaps, security risks, and propose mitigation controls. Assess the source of control gap and provide practical and achievable recommendations to mitigate the risk. Influence domain architecture, business/technology owners to ensure alignment with security requirements. Manage significant decisions with senior management, Technology and Business owners to ensure secure outcomes and appropriate governance practices are adhered to. Proactively managing identified risk of the solutions risk posture within agreed Risk Appetite and ensure compliance. Prepare executive summaries to keep stakeholders informed of progress and seek guidance where and as applicable. Train other team members on the new framework and associated process. Banking/Finance experience (highly preferred) Decision Quality , Strategic Mindset, Situational Adaptability, Self-awareness, Courage, Ensures Accountability Other capabilities (technical) Strong understanding of security principles, including threat modelling, controls and risk assessment Expertise in cloud security, particularly SaaS applications and third-party solutions. Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and other industry best practices. Proven ability to collaborate with diverse teams, including development, operations, and compliance. Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences. Proven experience, strong business engagement , influencing skills with the ability to navigate complex topics with fact-based analysis. Mandatory skills Cloud/SaaS Security , GRC with TPRM Desired/ Secondary skills Group Security Executives and Leadership Teams Strategic Sourcing and Third-Party Risks teams Governance, Risk and Compliance Technology delivery teams / execs Architecture Strategy Advisory Business domain Execs, Product Owners Strong understanding of security principles, including threat modelling, controls and risk assessment Expertise in cloud security, particularly SaaS applications and third-party solutions. Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and other industry best practices. Proven ability to collaborate with diverse teams, including development, operations, and compliance. Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences. Proven experience, strong business engagement , influencing skills with the ability to navigate complex topics with fact-based analysis. Understand the trade-offs involved in security vs change while simultaneously delivering technical capability business benefit. Domain Security Max Vendor Rate in Per Day (Currency in relevance to work location) 8000 INR Work Location given in ECMS ID Gurgaon Only WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO No

As a Senior Technical Account Manager (TAM) at Imperva (Thales s Cybersecurity & Digital Identit y (CDI) Business unit), you will partner with enterprise customers leveraging Data Security product suite to ensure successful implementation and maximize return on investment. Through a white-glove experience, you will provide strategic guidance, proactive mentorship, and best practices, ensuring customer success and accelerated security maturity. You will be responsible for customer education, process adherence, technical advisory, and strategic planning, acting as a trusted advisor to key stakeholders, including CISOs, security architects, and compliance officers. Your expertise in data security, compliance frameworks, and industry best practices will be instrumental in supporting customers in meeting their security objectives. Key Responsibilities: Customer Success & Enablement: Serve as the primary technical advisor, helping customers navigate their data security journey. Conduct regular health checks and service reviews to optimize system performance and enhance security posture. Lead Executive Business Reviews (EBRs) to discuss security posture, risk management, and future roadmap planning. Improve CSAT response rate, ensuring 100% feedback survey completion for all engagements. Deliver at least one enablement session per customer or quarterly community webinar to educate customers on best practices and new features Process Adherence & Compliance: Ensure timely logging of customer interactions, configurations, and escalations. Maintain up-to-date customer contacts and weekly reports for all accounts. Track and log work hours in the time management system to ensure compliance with bi-weekly reporting requirements. Support customers during security audits and compliance assessments, aligning security strategies with regulations (eg, GDPR, HIPAA, PCI DSS, ISO 27001, NIST) Technical Expertise & Incident Management : Act as the technical escalation point for security incidents, breaches, and vulnerabilities, working closely with internal security teams and customer stakeholders. Analyze case trends to accelerate issue resolution and drive product enhancements based on real[1]world customer feedback. Provide feedback to Product and Engineering teams to influence new features and product development. Conduct training sessions, workshops, and documentation reviews to educate customers on database security technologies. Strategic Planning & Industry Knowledge Enhancement Develop and maintain tailored security roadmaps aligned with customer objectives. Stay ahead of emerging security threats, industry trends, and compliance requirements. Support new hire training programs by contributing to employee onboarding and technical enablement plans. Required Technical Qualifications: bachelors degree in computer science, Information Security, or a related field (or equivalent experience). 6+ years of experience in technical account management, database security, or information security. Expertise in database security technologies, including data encryption, access management, and threat detection tools. Strong knowledge of security frameworks and compliance standards (eg, NIST, ISO 27001, GDPR, HIPAA, PCI DSS, CCPA). Familiarity with SIEM, EDR, DLP, IAM, CASB, UEBA, and other security technologies. Strong understanding of cloud security environments (AWS, Azure, GCP). Strong stakeholder management and executive communication skills to engage technical and non-technical audiences. Strong problem-solving and analytical skills with the ability to manage multiple customer accounts. Industry certifications (CISSP, CISM, CEH, CCSP, etc) are a big plus

Overall Responsibilities: Logging all relevant incident/service request details, allocating categorization and prioritization codes Conducting full and through diagnostics with end users to enable first point of contact fault resolution Resolving incidents/service requests when first contacted whenever possible Handling user calls Provides user guidance by remote control support software to the end-user community on hardware, software, and network related problems, questions, and use. Responsible for the configuration, maintenance, and troubleshooting of end user computing devices, related applications and peripherals (will include desktops, laptops, mobile devices, workstation operating systems, and related network). Follow the onboarding and offboarding process to ensure the smooth transition of new hires and leavers. Work with senior staff and other groups to resolve technical problems. Provide timely responses to client and management requests. Status updates on such requests need to be provided on a regular basis. Follow set policies and procedures when assisting users to ensure proper handling of requests. Contribute knowledge and updated information to maintain the Service Desk SOPs and Training manuals for support. Delivers regular, ongoing preventative maintenance activity to desktop applications and hardware Work with simple to moderately complex Active Directory functions such as file share rights, manage permissions on the security groups, access of O365 applications. Coordinate with the other IT teams to complete the project related tasks. Work on other SOP driven tasks like Access modification on Mailbox, email forwarding, VDI Access, VDI Reset etc. Completing other duties as assigned outside of normal workload. Work in 24x7 rotational shift to provide support and resolve remote support tickets. Knowledge and Skills Minimum 2-3 years of relevant experience Excellent troubleshooting and critical thinking skills. Be ready to work in rotational shifts (24*7) Strong Conceptual skills Good Communication Skills Good team player Should have working experience on Manage engine Desktop central for desktop/laptop patching. Should understand the basic concept of windows domain environment and working experience on AD user provisioning. Should have working experience on level 1 administrative tasks on 0365 (email account, DL, creation, modification etc.) Working knowledge of Standard desktop software and functions (e.g. antivirus, encryption, browsers, plug-ins, audio / video functionality). Troubleshooting experience of MS Office suite. 1. Should be familiar with all the MS Office applications being used in office. 2. Should be able to identify the MS Office related issues. 3. Should be able to provide all relevant information to specialist team. 4. Good understanding of different add-ins and plugins. Working knowledge of Windows OS 1. Should have understanding of the different features of Windows. 2. Should be able to identify Windows related issues 3. Should be able to document the issue clearly with the complete details so that if required, the next level team can help on it further. Work Conditions - All specific company policies to apply without exception - Compulsory adherence of ISO/IEC 27001: 2013 guidelines Qualification & Attributes Experience: Minimum 1 of relevant experience from BPO F&A preferably voice process for U.S and U.K markets. Good English communications skills both written and verbal Proficiency and accuracy in high volume data entry and use of Microsoft Excel and Outlook Should have a good hand on Microsoft Office specially Education: Graduates (Any Stream) Personal attributes Must be well organized and able to juggle multiple tasks - dynamic, and action-orientated, which meets deadlines and makes it happen. Must have ability to build and maintain relationships and work confidently with people at all levels Must possess an enthusiastic and approachable personality. Must be an excellent communicator (written and verbal) with the ability to earn trust and credibility. Must have ability to demonstrate a high degree of confidentiality Must be willing to accept responsibility and make decisions based on experience, education and understanding of business/client needs. UnitedLex is committed to preserving the confidentiality, integrity, and availability of all the physical and electronic information assets throughout the organization. Consistent with the UnitedLex ISMS policy and the ISO 27001 standard, every employee is responsible for complying with UnitedLex information security policies and reporting all security concerns, weaknesses, and breaches.

We are seeking an experienced Information Security Manager to serve as our information security leader, advancing WorkSpans mature security program and building upon our 5+ year track record of successful SOC 2 compliance. Reporting directly to the CISO, you will have comprehensive ownership of our security operations while serving as the subject matter expert for GDPR, ISO 27001, and SOC 2 compliance frameworks. This role requires close collaboration with IT, Site Reliability Engineering, Product, and business stakeholders to translate regulatory requirements into actionable security practices and organizational standards. You will operate as a hands-on security practitioner while providing strategic guidance across the entire security landscape. Key Responsibilities Compliance & Risk Management Optimize and enhance existing SOC 2 Type II and ISO 27001 controls across the organization Conduct comprehensive security risk assessments, identify control gaps, and drive remediation to completion Evolve and maintain Information Security Management System (ISMS) policies and procedures Execute and refine established internal audit processes for various security domains Oversee annual SOC 2 Type II audits, leveraging our many years compliance history, and coordinate third-party penetration testing engagements Stakeholder Engagement Respond to customer security assessment questionnaires and RFPs with technical accuracy Conduct vendor security assessments and manage third-party risk evaluation processes Lead cross-functional security projects requiring coordination among multiple stakeholders Facilitate security awareness training programs for new hires and annual compliance education Operations & Documentation Participate in periodic security testing activities including penetration tests and disaster recovery exercises Lead security incident response activities and remediation efforts as the primary security point of contact Maintain comprehensive documentation of organizational security procedures and controls Ensure audit documentation remains current and compliant with regulatory requirements Monitor security tools and systems, analyzing alerts and implementing improvements Stay current with emerging threats and security technologies to continuously enhance our security posture Education & Experience Bachelors or Masters degree in Cybersecurity, Information Technology, Computer Science, Systems Engineering, or related discipline 6+ years of hands-on experience implementing and managing regulatory compliance frameworks (GDPR, ISO 27001, SOC 2, NIST, COBIT) Proven track record conducting internal audits and managing external security audit processes Demonstrated ability to work independently and manage multiple priorities in a fast-paced environment Strong hands-on experience with security tools, technologies, and platforms Technical Expertise Deep understanding of information security terminology, concepts, and IT controls across: Risk assessment methodologies and frameworks Identity and access management (IAM) systems Cloud/SaaS security architectures Application security and secure development practices Data loss prevention and classification Network security and systems operations Incident response and management processes Experience leveraging AI tools for information security operations, vendor assessments, and questionnaire automation Leadership & Communication Demonstrated ability to establish trust and credibility with technical teams, executives, and external stakeholders Excellent written and verbal communication skills with ability to translate complex technical concepts for diverse audiences Strong project management capabilities with experience leading complex, multi-stakeholder security initiatives Independent decision-making skills with ability to operate autonomously while maintaining organizational alignment Self-motivated with strong organizational and time management capabilities Ability to be the "go-to" security expert across all domains while building scalable processes for future growth

Security Lead Horizon ERP The Security Lead for the ERP program ensures robust governance and protection of ERP data and processes. This role includes maintaining managing data with privacy and accessibility best practices, and fortifying cybersecurity measures to protect sensitive information, ensuring the ERP system aligns with regulatory requirements and organizational values. As the ERP security lead, you will ensure the organization s ERP plan is in place and working. You will work in collaboration with other teams Globally to keep the data and systems safe from cyberattacks. You will also make sure the compliance and security practices are up to date and follow the best standards. ERP Security Lead Responsibilities Stay up to date with the latest industry trends, threats, and technologies to ensure that the organizations IT security measures are current and effective. Collaborate with team of compliance and security professionals, providing guidance, training, and support to ensure the effective execution of all initiatives. Maintain existing security mapping files and process with SailPoint for auto-provisioning in Production environment. Manage security load files at all Horizon conversions, including M&A Implement the organizations ERP compliance and security strategy, policies, and procedures. Maintain existing security mapping files and loads for test accounts in lower environments. Work with technical team on fine tuning and enhancing the SailPoint integration into Oracle Work with Infosys security team to document processes related to creation of new job roles, privilege assignments, environment refreshes. Ensure efficient, accurate processes and shortest possible implementation times Collaborate with other departments and regions to ensure that security requirements are integrated into the design and implementation of new systems and technologies. Review periodic exception access, AAC access for security team members, elevated access across modules, SOD conflicts across modules. Work hand in hand with management to prepare and present regular reports to senior management on the organizations ERP security posture, including insights, recommendations, and metrics Analyse and uphold appropriate security access controls to enforce least privilege policies Work with release teams on successful implementation of security defects and enhancements from Non-Prod to Production environments. Manage semi-annual security mapping review with GPLs, including job code to persona, persona to role, and abstract mapping. Work with Infosys security team lead to document service account uses and required access; perform semi-annual review Monitor and analyse security incidents, investigating any breaches or security incidents and implementing corrective actions as necessary. Ensure compliance with relevant regulatory requirements and industry standards, such as GDPR, HIPAA, ISO 27001, SOX (52-109) etc. ERP Security Lead Required Skills In-depth knowledge of IT security principles, best practices, and industry standards. Strong leadership and management skills, with the ability to motivate and inspire a Global team. Excellent problem-solving and analytical skills, with the ability to identify and mitigate compliance and security risks. Strong communication and interpersonal skills, with the ability to effectively communicate complex concepts to both technical and non-technical stakeholders. Proficiency in conducting risk assessments and vulnerability testing. Experience with security incident response and management. Familiarity with security tools and technologies, such as firewalls, intrusion detection and prevention systems, encryption, antivirus software, etc. Knowledge of network and system administration. Understanding of cloud computing security principles and best practices. Familiarity with regulatory requirements and industry standards related to IT security. Required Qualifications Proven experience in an IT security leadership role, with a track record of successfully implementing and managing IT security programs. Experience with risk management methodologies and frameworks. Familiarity with project management principles and practices. Excellent written and verbal communication skills. Strong attention to detail and the ability to prioritize and manage multiple tasks simultaneously.

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

Job Description: IT & Cyber Security Auditor Location- Andheri or any client Position: IT & Cyber Security Auditor Employment Type: Full-time Job Overview: We are seeking a highly skilled IT & Cyber Security Auditor to join our team. The ideal candidate will be responsible for conducting comprehensive audits of IT systems, applications, infrastructure, and cyber security protocols. This role involves assessing risks, evaluating security controls, and ensuring compliance with industry standards and regulatory requirements. The auditor will provide valuable insights and recommendations to enhance the organization's security posture. Key Responsibilities: Conduct IS, IT & Cyber Security Audits: Plan, execute, and report on audits of IT systems, applications, infrastructure, and cyber security protocols. Manage end-to-end audit engagements, including risk assessments, scope development, fieldwork, and reporting. Assess and test the effectiveness of information security controls and risk management practices. Ensure audits comply with relevant regulations, industry standards, and best practices (such as ISO 27001, NIST, PCI DSS, etc.). Identify gaps in processes, systems, and controls, providing actionable recommendations. Prepare audit reports highlighting key findings, risks, control weaknesses, and recommendations for remediation. Present findings to senior management, including executives, and provide support in remediation efforts. Qualifications: Bachelors/Masters degree in Information Technology, Cyber Security, or a related field. Relevant certifications such as CISA, CISSP, ISO 27001 Lead Auditor, or CEH are preferred. Strong knowledge of IT security frameworks, risk management, and compliance standards. Experience in conducting IT audits, vulnerability assessments, and security risk assessments. Experience with regulatory compliance in financial services (RBI, SEBI, IRDA) is highly preferred. Excellent analytical, problem-solving, and communication skills. Ability to work independently and collaboratively with cross-functional teams. How to Apply: Interested candidates are invited to submit their resume and cover letter to [Pallavi.kulkarni@anbglobal.com]. Please include "IT & Cyber Security" in the subject line. Equal Opportunity Employer: ANB is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. For more information about our company and culture, visit https://anbglobal.com/

A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001. 1. Regulatory Compliance Monitoring: o Ensure the technology department complies with relevant laws and regulations, such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. o Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement: o Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. o Regularly review and update policies to ensure they remain aligned with changing regulations and industry best practices. 3. Risk Management: o Assess risks related to technology operations, particularly data privacy and cybersecurity risks. o Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. o Conduct regular audits and reviews of IT systems to ensure they meet compliance standards. 4. Training & Awareness: o Educate and train technology teams and other employees on compliance-related matters, such as data security, privacy policies, and risk mitigation strategies. o Promote awareness of compliance issues, helping staff understand their responsibilities in maintaining compliance. 5. Audit & Reporting: o Prepare reports for management, regulators, or auditors, demonstrating compliance with relevant regulations and policies. o Coordinate internal and external audits related to technology compliance. o Implement corrective actions where necessary to address non-compliance findings. 6. Data Privacy Management: o Oversee data protection strategies and ensure proper handling of sensitive information, including encryption, access control, and data retention policies. o Manage consent collection and user privacy preferences in accordance with privacy regulations. 7. Incident Management: o Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. o Coordinate with relevant authorities if there is a need to disclose any breaches or security incidents.

Roles Responsibilities : About the Role We are seeking a Data Protection Expert to join our dynamic team. In this role, you will provide expert advice and support to solution-oriented departments and projects, ensuring data protection compliance across engineering projects, products, services, and enterprise IT systems. You will work closely with Security Managers and cross-border partners to align with global data protection standards, including Bosch s internal privacy regulations. Key Responsibilities: Ensure compliance with data protection standards for the processing of personal data. Advise on data protection requirements during product development and solution design. Coordinate with Security Managers to define technical and organizational data protection measures. Guide teams on implementing Privacy by Design and Privacy by Default principles. Draft, review, and negotiate information security and data protection documents and agreements. Collaborate with international data protection teams to ensure Data Protection compliance with target market of business. Manage data protection aspects during the entire product lifecycle from requirements analysis to deployment and end-of-life. Supplier assessment, vendor risk management and compliance checks for supplier scope. Support risk assessments, recommend mitigation measures, and participate in audits and quality gate (QG) reviews. Regularly update project master data and MIS reports for Data Protection compliance.

Information Security Assistant Manager Location: Remote. Apply at: ravi.kumar1@akmglobal.in | +91-7838872468 Seeking a highly skilled and experienced Information Security Assistant Manager to join our team. This role requires proficient experience in ISO 27001 and SOC 2 implementation and compliance , along with a strong understanding of global security standards. If you are passionate about information security and looking to advance your career in a dynamic, professional environment, we encourage you to apply. Total Experience: Relevant Experience in ISO 27001 Implementation: Relevant Experience in SOC 2: Current CTC: Expected CTC: Notice Period: Key Responsibilities Collaborate with the CISO to design, implement, and enhance the organizations cybersecurity framework. Maintain, update, and ensure adherence to information security policies in alignment with ISMS standards. Ensure compliance with ISO 27001, SOC 2, HIPAA, and related security and privacy regulations. Serve as the primary point of contact for internal and external audits related to information security. Work closely with technical teams and external clients to uphold robust security practices in all products and services. Develop and maintain comprehensive security documentation and reports. Monitor emerging threats, legal and regulatory changes, and adapt security practices accordingly. Lead and support company-wide security training, awareness initiatives, and best practice promotion. Play an active role in the end-to-end implementation and management of ISO 27001 controls and frameworks. Required Qualifications & Skills Hands-on experience in ISO 27001 implementation (mandatory). Strong familiarity with SOC 2 controls and reporting frameworks (mandatory). Working knowledge of HIPAA, GDPR (EU & UK), and U.S. data privacy laws. Prior experience in managing audits and ensuring regulatory compliance. Excellent written and verbal communication skills, with the ability to convey complex security concepts to diverse audiences. Ability to manage multiple projects and priorities under pressure. Proven leadership in executing information security projects. Experience working with international clients or in multicultural environments. Fluency in English (spoken and written) is essential.

Come, be a part of a growing team where you can make an impact! If tackling problems and designing disruptive solutions is your passion, we have the platform for you. Encouraging leadership and supportive mentors will give wings to your ideas. Join us and grow with us! Jobs SOC & ISO 27001 Compliance Specialist Role Remote 29th May 2025 Somnetics is looking for a SOC & ISO 27001 Compliance Specialist for Information Security / Compliance Department. The individual will report to Information Security Manager / Compliance Manager. Key Responsibilities : Compliance Management: Implement and maintain SOC 2 & ISO 27001 controls. Manage internal/external audits and remediation. Policy & Procedure Oversight: Develop and update security policies. Promote compliance awareness across teams. Risk Management: Conduct risk assessments and treatment planning. Monitor and report security risks and gaps. Collaboration & Training: Coordinate with IT, legal, HR for compliance efforts. Train staff on security and compliance practices. Continuous Improvement: Enhance security processes and controls. Stay updated on industry trends and regulations. Requirements: : Education & Experience: Bachelor s in InfoSec, CS, or related field. 3 5 years in compliance/information security. Hands-on with SOC 2 & ISO 27001 audits. Preferred Certifications: ISO 27001 Lead Implementer/Auditor CISA / CISM / CISSP Skills: Strong in SOC 2, ISO 27001, and risk management. Excellent documentation & communication skills. Familiarity with GRC and audit tools. Key Competencies: : Analytical Thinking Attention to Detail Problem Solving Project Management

Sr. Cyber Security Analyst POSITION PURPOSE: This role is responsible for assessing, managing, and enhancing the security measures of Bayer s systems, networks, and data. Especially using data analytics for monitoring of Bayers security systems and applications. YOUR TASKS AND RESPONSIBILITIES: Oversee security alerts and incidents, executing timely responses to mitigate potential risks and minimize operational impact. Collaborate with IT and security personnel to implement and verify the effectiveness of comprehensive security protocols. Remain updated on current cybersecurity developments, threats, and industry best practices to enhance the organizations security framework. Monitor and evaluate operational logs, event console activities, intelligence feeds, and pertinent data to detect security-related occurrences and trends, ensuring compliance with established industry standards and regulations such as ISO 27001, NIST, and GDPR. Develop and refine cybersecurity processes and protocols, ensuring adherence to relevant industry standards and regulatory requirements. Perform analysis and testing to identify vulnerabilities, misconfigurations, or other security exposures Conduct root cause analyses and investigations to recommend prevention strategies and configuration modifications. Execute penetration testing to identify vulnerabilities within infrastructure, web applications, and other systems, differentiating between vulnerability assessments and penetration testing methodologies. Investigate incidents and respond to events in real time. WHO YOU ARE: BS or MA in computer science, information security, cybersecurity, or a related field, though relevant working experience may be considered an equivalent with 8+years of experience Experience in IT audit, network operations, enterprise risk management, penetration testing, red team/incident response, or as a junior security operations analyst Experience with regulatory compliance and information security management frameworks, such as ISO 27000, COBIT, and NIST 800. Professional certifications such as CCP-SIRA (Senior), CISSP, and ISACA certifications, along with familiarity with standards like BSI ISO 27001 and PCI DSS Further certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA, EC-Council (CSA) SOC Experience monitoring SIEM systems and tools Experience with network and security technologies, such as firewalls, IDS/IPS Experience configuring and utilizing vulnerability assessment technologies Experience with monitoring networks, detecting threats, and responding to incidents Proficiency in report writing, investigational techniques, and communicating to large audiences Ever feel burnt out by bureaucracy? Us too. Thats why were changing the way we work- for higher productivity, faster innovation, and better results. We call it Dynamic Shared Ownership (DSO). Learn more about what DSO will mean for you in your new role here https: / / www.bayer.com / enfstrategyfstrategy Bayer does not charge any fees whatsoever for recruitment process. Please do not entertain such demand for payment by any individuals / entities in connection with recruitment with any Bayer Group entity(ies) worldwide under any pretext. Please don t rely upon any unsolicited email from email addresses not ending with domain name bayer.com or job advertisements referring you to an email address that does not end with bayer.com . For checking the authenticity of such emails or advertisement you may approach us at HROP_INDIA@BAYER.COM. Division: Enabling Functions Reference Code: 847153

Chief Information Security Officer (CISO) Job Description We are hiring a Chief Information Security Officer (CISO) with 10+ years of experience to lead our cybersecurity strategy. The ideal candidate will drive risk management, security architecture, compliance, and incident response across the organization.Key Responsibilities:Define and implement a company-wide information security strategy.Conduct risk assessments and ensure mitigation plans.Lead incident response and disaster recovery planning.Ensure compliance with ISO 27001, GDPR, Requirements Job Title: Chief Information Security Officer (CISO)Location: [City / Hybrid / Remote]Experience: 10+ yearsJob Type: Full-Time | PermanentRequired Skills & Experience:10+ years in information security, with 3+ years in leadership roles. Please, send your CV to sharath@poornamtech.com

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets IT Risk , ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets Stakeholder Management , Team Management Years of Experience Required 3 + Years Education Qualification BE, B.Tech , M.Tech , MCA, MBA graduates . Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration, Master of Engineering Degrees/Field of Study preferred Required Skills Information Technology (IT) Risk Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} No

Career Category Information Systems Job Description Join Amgen s Mission of Serving Patients At Amgen, if you feel like you re part of something bigger, it s because you are. Our shared mission to serve patients living with serious illnesses drives all that we do. Since 1980, we ve helped pioneer the world of biotech in our fight against the world s toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Role Description: Let s do this. Let s change the world. In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and standard processes with the team to continually enhance the organization s security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e. g. , GDPR, HIPAA) and industry standards (e. g. , ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree and 1 to 3 years of directly related experience OR Bachelor s degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills: Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e. g. Swimlane, Cortex XSOAR, etc. ) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Preferred Qualifications: Knowledge of cybersecurity frameworks, technologies, and standard methodologies Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Equal opportunity statement Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. Apply now and make a lasting impact with the Amgen team. careers. amgen. com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. .

Career Category Information Systems Job Description Join Amgen s Mission of Serving Patients At Amgen, if you feel like you re part of something bigger, it s because you are. Our shared mission to serve patients living with serious illnesses drives all that we do. Since 1980, we ve helped pioneer the world of biotech in our fight against the world s toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let s do this. Let s change the world. In this vital role you will be an integral part in driving growth & innovation, improving efficiency and creating enterprise value - supporting our mission To Serve Patients . The Manager-Information Security will be responsible for the oversight and hands-on leadership of the Directory Services (AD and LDAP) team within the Digital Identity Access Services (DIAS) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in Active Directory, Enterprise Unix LDAP and other Directory services. Candidate should have a deep understanding of security standard processes, and the ability to lead a team in a dynamic, global environment. Roles & Responsibilities: Manage Amgens Internal and External PKI Technologies Manage External PKI vendors like Sectigo and Entrust Develop and maintain the Directory and LDAP standards and architecture, ensuring that it meets industry standards and best practices Assess and select IAM technologies and tools that align with Amgen s IAM strategy Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations Develop and implement the IAM (Identity Access Management) strategy aligned with the organizations information security goals and regulatory requirements. Lead the design, implementation, and management of IAM solutions, including governance for Directory Services. Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights. Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information. Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks. Know the latest with industry trends, emerging threats, and standard methodologies in IAM. Collaborate with IT and security teams to integrate IAM solutions with other security and business systems. Develop and maintain key performance indicators (KPIs) to track service metrics and generate regular reports for management. Evaluate and implement IAM tools and technologies to enhance security and streamline processes. Participate in vendor proposals, contract negotiations, and support renewals. This role on occasion might have responsibilities outside of business hours. Travel: International and/or domestic travel up to 10% may be essential. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree with 4 to 6years of experience related field OR Bachelor s degree with 6 to 8 years of experience in related field OR Diploma with 8 - 12 years of experience in related field. Preferred Qualifications: Must-Have Skills: Strong knowledge of Internal and External PKI (Public Key Infrastructure). Strong knowledge of Directory Services and LDAP Services. Solid understanding of Active Directory Domain structure and security, Windows Operating Systems and Domain Controllers, Azure AD and Microsoft Entra ID. Strong knowledge of LDAP directories and managing LDAP Structure. Knowledge of LDAP Schema and configuration changes. Create and modify Shell Scripts for bulk LDAP operations. Creation and implementation of LDAP Business Continuity plans. Familiarity with security standards and regulations (e. g. , NIST, ISO). Experience with Authentication, Provisioning/De-provisioning, Role Management, Session Management and Directory Services. Experience in driving transformation initiatives using Scaled Agile methodology. Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization. Good-to-Have Skills: Work experience in the biotechnology or pharmaceutical industry. Degree in Computer Science, Information Systems, or Engineering. Familiarity with GxP standards, Information Security standards and policies like ISO 27001/27002, NIST and others. Strong problem-solving and analytical skills. Demonstrated ability to work effectively in a fast-paced, dynamic environment. Understanding of ITIL processes and implementation. Proficiency in scripting and automation (e. g. , Python, Bash) is a plus Professional Certifications CompTIA Security+ (preferred) Cloud Identity or Security Certification (preferred) Microsoft Azure Certification (preferred) Soft Skills: Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers. amgen. com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. .

Job Title : Business Continuity Specialist Qualification : Any Finance Graduate /LLB Experience : 3-5 Years Must Have Skills : > Knowledge of global regulations and industry standards, including ISO 22301, ISO/IEC 27001, and ISO 31000 ERM Standard and/or 2017 COSO ERM Framework > Experience on Business Continuity Management. Good to Have Skills : Strong understanding of risk management frameworks, internal controls, and compliance auditing. Experience with risk management software, data analytics tools, and reporting systems. Ability to identify patterns and evaluate complex regulatory risks and propose practical solutions. Excellent communication skills with the ability to present complex information to non-technical stakeholders. Strong attention to detail and a proactive approach to problem-solving. Quick adjustment to new tools, regulations, and client requirements in the fast-paced BPO environment. Ability to work effectively both independently and as part of a global team. Experience working with cross-functional teams in a global environment. Strong analytical and project management skills with the ability to manage multiple priorities simultaneously. Proven organizational planning and management skills; excellent communication skills; and proven emergency and incident management skills. Proficiency on windows applications Roles and Responsibilities : Develop and Maintain Business Continuity Plans: l Design, implement, and regularly maintain/update comprehensive and sustainable business continuity programs through regular review, updating, and development of BCM policies, guidelines, procedures, and plans to ensure critical business functions can continue during and after disruptions. Collaborate with departments to identify critical functions and recovery requirements. Business Continuity Plans per campaign/support group Emergency Preparedness and Response Plan Incident Management Plan Crisis Management Plan Disaster Recovery Plans, etc. Conduct Business Impact Analysis: l Perform regular analyses to assess the potential impact of various disruptions on business operations. l Prioritize essential functions and develop strategies to minimize downtime and ensure recovery. l Create analytics and reports based on these analyses, and provide strategic recommendations to the BCM Lead to enhance organizational resilience. Lead Continuity Testing and Exercises: l Organize and execute testing and simulation exercises of business continuity plans. l Evaluate the effectiveness of plans and make improvements based on test results and feedback. Manage Continuity Resources : l Oversee the acquisition and maintenance of necessary resources and tools for business continuity. l Drive internal awareness and understanding through various training, and engagements to team members and leaders. l Keep abreast of industry best practices and trends, sharing the same to the organization. l Ensure Compliance : l Maintain business continuity plans in accordance with contractual obligations, relevant regulations, industry standards, and organizational policies, with a strong emphasis on adherence to ISO 22301:2019 to ensure we follow global standards. Regularly review and update plans to reflect changes in regulations or organizational needs. In line with this, management reviews and internal audits are included for a complete end-to-end compliance to the standard. l Act as a subject matter expert for BCM related activities. Incident Management and Response: l Develop and implement incident management strategies, including incident identification, response coordination, and stakeholder communication. l Regularly lead training sessions to enhance staff readiness, document incidents, conduct post-incident evaluations, ensure regulatory compliance, prepare reports for senior management, and continuously improve processes based on best practices and emerging threats. l During incidents, provides guidance to identify, manage, and implement appropriate Business Continuity Plans. Identify and Assess Risks: l Provide inputs to the corresponding Risk Registers. l Conduct risk assessments to identify and evaluate potential threats and vulnerabilities. l Analyze the likelihood and impact of identified risks to business operations. Develop Risk Management Strategies: l Assist in formulating and implementing risk management strategies to mitigate identified risks. l Develop and document risk response plans and procedures. Monitor and Report Risks: l Continuously monitor the risk environment and track emerging risks. l Prepare and present risk assessment reports and recommendations to senior management and relevant stakeholders. Compliance Oversight: l Stay up to date with relevant laws, regulations, contractual obligations and industry standards to ensure compliance across the organization. l Develop and implement compliance programs and processes to ensure adherence to legal and regulatory requirements. l Conduct periodic compliance audits and reviews to identify potential compliance issues and recommend corrective actions Promote Risk Awareness: l Foster a culture of risk awareness and management across the organization. l Provide training and guidance to employees on effective risk management practices and procedures. Coordinate with External Partners: l Collaborate with external vendors, consultants, and regulatory bodies to address external risk factors andensure compliance with industry standards and regulations Location : Jaipur CTC Range : 10 lpa (lakh per annum) Notice period : Immediate - 15days Shift Timings : Rotational Shift Mode of Interview : Virtual Mode of Work : WFH (work from home) Mode of Hire : Permanent Note : NA Thanks & Regards, Thanks & Regards, HR Sneha Staffing Analyst Black and White Business Solutions Pvt Ltd Bangalore, Karnataka, INDIA. Direct Number: 8067432406| Whatsapp :8951047887|sneha.v@blackwhite.in | www.blackwhite.in ************************PLEASE REFER YOUR FRIENDS***********************

JD Server maintenance and optimization On-premises and Cloud infra-Administration M365/EMS/AWS - Administration Server/Service monitoring and maintenance Server/Storage patch management Server/Storage/Cloud asset management L2 L3 Technical support for end-users when required 3.2. Deliverables Daily and weekly system performance reports - NOC Tool Change Management IT Service Desk Monthly performance and availability reports - Service Desk Quarterly Infrastructure assessment reports Excel, PowerPoint Incident and resolution logs Service Desk 3.3. Assumptions The resource will work from the Acsia s Global Headquarters (GHQ) at Trivandrum, Kerala. Assigned resources are expected to adhere to the organization s compliance requirements, including ISO 27001:2022 and TISAX standards. Acsia s reserves the right to conduct technical interviews for all proposed candidates. Background verification of the selected candidates is mandatory. The organization will provide the required access and necessary resources to facilitate the work of the on-site engineer. An engineer with the appropriate expertise shall be assigned by [Vendor] from the bench until a permanent hire is recruited. 4. Objectives 4.1. Primary Objectives Ensure 99.5% IT Server/Service uptime yearly Enhance the server/storage/cloud monitoring by utilizing NOC tool Optimize server performance and reliability Provide timely and effective technical support Secure the server infrastructure by following compliance-recommended best practices Monitor and ensure 100% data backup and recovery by conducting periodic restore tests

Goldman Sachs Technology Risk leads threat and risk management initiatives that help to protect the firm and our clients from information and cyber security risks. Our team equips the firm with the knowledge and tools to measure risk, identify and mitigate threats, and protect against unauthorized disclosure of confidential client, employee and supply chain information. You will join a progressive Technology Risk team which continues to push the development of security controls within engineering functions and across the business. You will interact with all parts of the firm, giving you experience and knowledge to facilitate future career growth within the firm. We are looking for a self-motivated candidate with a strong technical background and data security or data risk management experience to join a team that drives the data protection strategy and adoption of technical controls across the firm s applications and platforms. RESPONSIBILITIES AND QUALIFICATIONS Plan, execute and support data protection and data risk management initiatives Drive adoption of data protection controls across applications and platforms and Develop scalable processes to ensure data protection controls are operating effectively Provide advice and guidance to engineering teams on applying relevant security policies and standards; and how to adopt security controls defined in the firm s Technology Risk and Control Framework Participate in global, regional and local Technology Risk initiatives aimed at improving our baseline on data protection, resiliency and controls of technology processes and services Provide clear and concise verbal and written recommendations and guidance to business and technology staff on matters of data protection or data risk management SKILLS AND EXPERIENCE WE ARE LOOKING FOR Bachelor s degree in Information/Cyber Security, Computer Science or Software Engineering 3 years of experience in a security or risk management function Strong background of data protection or data risk management concepts and practices Technical knowledge in technology architecture and infrastructure. Robust and hands-on data analysis experience with tools like Excel, PowerBI or Alteryx Proven analytical thinking abilities Excellent oral, written, and presentation communication skills Ability to document and explain technical details in a concise and understandable manner Good team player along with the ability to work independently PREFERRED QUALIFICATIONS Relevant industry certifications Experience with risk analysis and risk management frameworks and methodologies (ISO 27001, NIST etc) Understanding of relational database technologies (e.g. SQL) Knowledge of networking technologies, operating systems and software development lifecycle (SDLC). An understanding of the regulatory environment related to technology control requirements, including global data protection regulations.