776 Iso 27001 Jobs - Page 3

Grade G - Office/ CoreResponsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Entity: Technology IT&S Group Information Security Lead To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC). Passionate about identifying and crafting security solutions that make bp a cyber resilient organisation, the Information Security team partner with business teams to help them understand cyber risk and take personal ownership for cyber security! We re looking for curious minds who are driven by opportunities to build value and deliver secure digital products and services to advance the global energy transition. Role Synopsis In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of an Information Security Lead has never been more critical. Our partnership with the business is essential to ensuring the confidentiality, integrity, and availability of an organisations data and information systems. Offering insights that influence the development and deployment of secure, resilient solutions & services. Your expertise enables teams to innovate with confidence, knowing their solutions align with the highest standards of data protection and regulatory compliance. Key Accountabilities In this role you will be responsible for the delivery of security activities to ensure swift business value realization. This role focuses on information security and digital security risk activities with the following key accountabilities: Relationship and Customer management : Act as the main point of contact for all Digital Security enquiries within the relevant business portfolio. Build strong partnerships and influence positive change that serves the commercial ambitions. Security Expertise: Provide technical expertise, implementing digital security operating processes aligned to security standards across all value stream activities. Safety: Prioritize cyber and operational safety, improve digital security controls through architecture designs and process to maintain our cyber posture and react to new threats. You will: Monitor and Assess : Keep a vigilant eye on our digital domains, using innovative tools to detect and assess threats. This includes collaborating on the identification, assessment and management of risk Strategize and Protect : Develop and implement robust security measures, crafting a secure environment for our data and systems. Respond and Recover : Partner Customers during security incidents with a calm, calculated approach, minimising impact and guiding recovery efforts. Educate and Advocate : Champion security awareness across the organisation, encouraging vigilance and responsibility. Innovate and Guide : Provide strategic insights to teams, ensuring security is a cornerstone of product development and business operations. Protect & Defend: Proactively mitigate cyber risks and coordinate the remediation of findings from vulnerability scans, supplier assurance, compliance reviews, and support the digital Delivery teams in maintaining high levels of cyber hygiene. Education Degree Educated, preferably BSc in Information Security or equivelent. Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or working towards certification. Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework is highly advantageous. Desirable Experience and Capability Previous track record in similar roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies. Strong influencing skills that enable you to communicate technical information to both technical and non-technical audiences, clearly and concisely. Deep technical knowledge, and experience delivering security solutions and providing technical advice. A track record of delivering business benefits by balancing the need to protect the organizations commercial ambitions and maintain operations of the core value streams. Experience working within developing digital ecosystems, with multiple partners and environments, ensuring suitable digital security standards and practices delivered and maintained. Good understanding of enterprise and operational risk management, risk governance and compliance requirements. Excellent project management skills, with the ability to lead multiple projects simultaneously. Able to adapt to shifting priorities, demands, and timelines and keep customers abreast of impact (potential or actual) to defined delivery timescales and/or business impact. Ability to use technology, data, and insights to enable decision making. Travel Requirement Up to 10% travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism

Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure

Description Job Title: Information Security Analyst/ Analyst Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 2 4 years Employment Type: Full-time Key Responsibilities: Manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 2 4 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).

Description Job Title: Information Security Lead / Lead Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 5 7 years Employment Type: Full-time Key Responsibilities: Lead and manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 5 7 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).

Location: Pune Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Brand Go-to-Market and Eminence Conduct threat assessment for banking applications and cloud-native architectures. Collaborate cross-functionally with development, security, and cloud engineering teams to integrate security best practices. Identify and document security threats, vulnerabilities, and risks across application lifecycles. Recommend appropriate mitigation strategies and validate implementation of security controls. Maintain accurate and up-to-date security documentation and threat model repositories. Leverage industry-leading security platforms such as Tenable, Qualys, and Prisma Cloud for vulnerability assessment and monitoring. Ensure alignment with SDLC, DevSecOps practices, and regulatory compliance standards such as RBI, GDPR, and ISO 27001. Use tools like IriusRisk and ThreatModeler to create and manage automated threat models. Contribute to security awareness and threat assessment training for technical teams. Stay current with emerging threats, security trends, and best practices in application and cloud security. Desired qualifications Research, insights, content, and thought leadership Minimum 3+ years of hands-on experience in threat assessment or application/cloud security. Strong understanding of threat assessment methodologies such as STRIDE, DREAD, and PASTA. Solid knowledge of secure SDLC, CI/CD pipelines, and implementation of application/cloud security controls. Experience working with cloud platforms (AWS, Azure, GCP) and related security tools. Familiarity with threat assessment platforms like IriusRisk, ThreatModeler, or equivalent. Prior experience in banking or financial services domain is highly preferred. Relevant industry certifications such as CEH, CompTIA Security+, AWS/Azure Security Specialty, or equivalent. Strong analytical, documentation, and communication skills to collaborate with cross-functional teams. Ability to assess risks and recommend mitigations that align with business and compliance needs. Creative thinking Brainstorm with the team to ideate newer ways of representing content in a reader-friendly manner through presentations, infographics, videos, battle cards etc. Innovative content creation that captures attention and improves readability Ability to work with cross-functional teams, and business, market, and brand leaders within the firm Strong interpersonal communication skills Location and way of working Base location: Pune/Bangalore Professional is required to work from office Your role as an Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organization and the business area you re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https: / / www2.deloitte.com / in / en / careers /

Were looking for a Security Professional to join our growing team in Experian You will work with product teams to enhance the capabilities of our existing cloud platform, which powers our consumer products. Youll understand main parts of the platform architecture and propose, design, and promote improvements. A pragmatic approach and strong collaboration skills are important to achieving great outcomes.You will be reporting to a Senior Manager. Youll work for Hybrid (2 days WFO) from Hyderabad. What Were Looking For 5+ years of experience in Cloud Architecture and Security best practices , within AWS Hands-on experience with Microservices Architecture and Kubernetes Proficiency with Infrastructure as Code and DevOps tools such as Terraform, Git, Jenkins, Sonar, etc. Write high-quality code in Python or Java Solid experience in Public Key Infrastructure (PKI) design, cryptographic key management, and certificate management systems Experience with Privileged Access Management design, implementation, and support A hands-on, collaborative approach to embedding Security-First thinking into requirements and design Good to have: Experience participating in security audits such as SOC 2 or ISO 27001 Professional security certifications like CISSP , CISM , or AWS Cloud certifications Understanding of threats in the Financial Services sector and how to reduce them Experience developing internal security standards and policies for engineering teams Background working in large organizations across multiple teams or regions About Experian Experience and Skills AWS Cloud Architecture Terraform Python Programming Kubernetes Shift-left techniques Cryptographic Key Management Benefits Experian care for employees work life balance, health, safety and wellbeing. In support of this endeavor, we offer best-in-class family well-being benefits, enhanced medical benefits and paid time off. #LI-Onsite Find out what its like to work for Experian by clicking here

Identity and Access Management (IAM) Validate authentication and authorization systems, including MFA, SSO, and role-based access controls (RBAC). Implement and manage Identity Federation using SAML, OAuth, or OpenID Connect. Administer Privileged Access Management (PAM) solutions. Perform regular user access reviews, audits, and identity lifecycle automation. DNS Security Manage and secure enterprise DNS infrastructure (internal and external). Implement DNSSEC, DNS filtering, and threat intelligence integration. Monitor DNS traffic for anomalies and implement recursive DNS protection. Configure split DNS for segmented environments. Operating System Hardening Create security baselines to Windows and Linux environments Disable unnecessary services, enforce least privilege, and apply file and process-level protections. User Awareness and Phishing Protection Conduct regular phishing simulations and track user response metrics. Collaborate with HR and Training teams to roll out cybersecurity awareness programs. Enable phishing reporting tools and maintain metrics dashboard. Security Monitoring & Compliance Ensure compliance with internal policies, data protection regulations (e.g., GDPR), and security frameworks (ISO 27001, NIST). Job Family Information Technologies & Systems Renault Group is committed to creating an inclusive working environment and the conditions for each of us to bring their passion, perform to the full and grow, whilst being themselves. We find strength in our diversity and we are engaged to ensure equal employment opportunities regardless of race, colour, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, etc. If you have a disability or special need requiring layout of the workstation or work schedule, please let us know by completing this form. In order to follow in real time the evolution of your applications and to stay in touch with us, we invite you to create a candidate account. This will take you no more than a minute and will also make it easier for you to apply in the future.

Overview At Prolifics, we are currently implementing multiple solutions in Software Development, and we are looking to hire talented PCQA Consultant for our development centre in India. This position would be based out of Hyderabad and is a permanent position. If you are looking for a high growth company with rock-solid stability, if you thrive in the energetic atmosphere of high-profile projects, we want to talk to you today! Let\u2019s connect and explore possibilities of having you onboard the Prolifics team! Job Title: PCQA Consultant Primary skills: CMMI v 2.0, ISO 9001:2015, ISO 27001:2022 Secondary skills: GDPR, MSA/SOW, ESG Location: Hyderabad (Mindspace#12B) Educational Qualification: B.Tech/BE/M.Tech/MCA/M.Sc Experience: 5+ yrs Job Description: Very good implementation experience on CMMI v 2.0, ISO 9001:2015, ISO 27001:2022 Good Knowledge on GDPR Knowledge in Agile, SDLC and STLC Conduct monthly audit compliance checks for the assigned projects (Dev, MS and Testing) Facilitate and communicate with Project Managers on process implementation For any non-conformities in process compliance during the monthly audits/internal audits, liaise with the Project Managers and close the non-conformities Collate the project metrics, analyze those metrics and for any deviations from the defined objectives, ask the PMs to prepare corrective actions Review project specific documents viz., MSA/SOW, other technical documents etc. Timely preparation of status reports, metrics report Very good communication skills. ESG ( Environmental, Social and Governance) Knowledge in CMMi High Maturity concepts and implementation will be added advantage. About us: Prolifics Corporation Limited is a Global Technology Solutions Provider with presence across North America (USA and Canada), Europe (UK and Germany), Middle East & Asia. In India, we have offshore development centres: 2 in Hyderabad & 1 in Pune. For more than 40 years, Prolifics has transformed enterprises of all sizes including over 100 Fortune 1000 companies by solving their complex IT challenges. Our clients include Fortune 50 and Fortune 100 companies across a broad range of industries including Financial Services, Insurance, Government, Healthcare, Telecommunications, Manufacturing and Retail. We rank consistently in Dream Companies to Work for and Dream Employer of the Year ranking from World HRD Congress, ranked 7 in 2019. We encourage you to visit us on www.prolifics.com or follow us on Twitter, LinkedIn, Facebook, YouTube and other social media to know more about us. At Prolifics, we are currently implementing multiple solutions in Software Development, and we are looking to hire talented PCQA Consultant for our development centre in India. This position would be based out of Hyderabad and is a permanent position. If

eProductivity Software (ePS) is a leading global provider of industry-specific business and production software technology for the packaging and print industries. eProductivitys integrated and automated software offerings and point solutions are designed to enable revenue growth and drive operating and production efficiencies. With several offices worldwide, including in Bangalore, and over thirty-years dedicated to delivering best-in-class technology to the packaging and printing industries, it is our deeply held philosophy that eProductivity Software succeeds when our customers thrive. For more information, visit us at . Position Overview: We are seeking a skilled Cloud Engineer to design and implement scalable, high-performance, and cost-optimized infrastructure solutions to support the global delivery of our packaging software solutions. This role is pivotal in advancing our cloud-first strategy utilizing AWS, and on-premises infrastructurewith a strong emphasis on automation, container orchestration, and infrastructure-as-code (IaC) using Terraform and related technologies. Your mission is to engineer and orchestrate the cloud foundation that powers our global customer experiences. Position Description: Design and architect secure, scalable, and cost-efficient multi-cloud infrastructure solutions across AWS, and on-premises colocation environments. Build and maintain infrastructure-as-code (IaC) using Terraform, ensuring versioned, modular, and reusable code structures. Implement automation strategies to support rapid provisioning, configuration, and scaling of infrastructure resources. Utilize container orchestration platforms (e.g., Kubernetes, ECS, AKS) to support highly available and performant deployment environments. Define and enforce infrastructure governance, security, and compliance best practices across environments. Collaborate with software architects and cloud operations to align infrastructure with product delivery requirements and SLAs. Monitor infrastructure performance and cost metrics; make recommendations and implement optimizations. Stay abreast of evolving cloud technologies and recommend innovations to improve agility and efficiency. Position Requirements 5+ years of hands-on experience designing and implementing cloud infrastructure in multi-cloud environments (AWS, Azure, and hybrid/on-premises setups). Strong expertise with Terraform and infrastructure-as-code principles. Proficiency with container orchestration tools (e.g., Kubernetes, Helm, ECS, AKS). Deep understanding of cloud networking, compute, storage, and security architectures. Experience with automation tools and frameworks (e.g., Ansible, Python, or Bash scripting). Strong troubleshooting skills in complex cloud environments. Ability to evaluate performance and cost trade-offs in cloud resource design. Preferred Skills: Certifications in AWS and/or Azure cloud architecture (e.g., AWS Solutions Architect, Azure Solutions Architect Expert). Familiarity with hybrid cloud integration patterns and network design. Experience working in regulated or compliance-sensitive environments (e.g., SOC2, HIPAA, ISO 27001). Exposure to GitOps, policy-as-code, or FinOps practices is a plus. At ePS, we are a global team that solves unique business challenges for our customers worldwide. We believe in and are committed to fostering an inclusive workplace where our rich diversity fuels continuous innovation and success, valuing everyone\u0027s expertise and unique perspective. Our commitment to our customers and to an inclusive culture will be evidenced through our actions, outcomes, and the quality of our products and services. ePS Empowering Packaging and Print

Company RNTBCI PL Job Description Identity and Access Management (IAM) Validate authentication and authorization systems, including MFA, SSO, and role-based access controls (RBAC). Implement and manage Identity Federation using SAML, OAuth, or OpenID Connect. Administer Privileged Access Management (PAM) solutions. Perform regular user access reviews, audits, and identity lifecycle automation. DNS Security Manage and secure enterprise DNS infrastructure (internal and external). Implement DNSSEC, DNS filtering, and threat intelligence integration. Monitor DNS traffic for anomalies and implement recursive DNS protection. Configure split DNS for segmented environments. Operating System Hardening Create security baselines to Windows and Linux environments Disable unnecessary services, enforce least privilege, and apply file and process-level protections. User Awareness and Phishing Protection Conduct regular phishing simulations and track user response metrics. Collaborate with HR and Training teams to roll out cybersecurity awareness programs. Enable phishing reporting tools and maintain metrics dashboard. Security Monitoring & Compliance Ensure compliance with internal policies, data protection regulations (e. g. , GDPR), and security frameworks (ISO 27001, NIST). Job Family Information Technologies & Systems Renault Group is committed to creating an inclusive working environment and the conditions for each of us to bring their passion, perform to the full and grow, whilst being themselves. We find strength in our diversity and we are engaged to ensure equal employment opportunities regardless of race, colour, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, etc. If you have a disability or special need requiring layout of the workstation or work schedule, please let us know by completing this form. By submitting your CV or application, you authorise Renault Group to use and store information about you for the purposes of following up your application or future employment. This information will only be used by Renault Group companies as described in the Group Privacy Policy .

Role & responsibilities As a Cybersecurity GRC Specialist, this role plays a pivotal part in safeguarding the organization's information assets through comprehensive governance, risk management, and compliance initiatives. The focus is on ensuring adherence to regulatory requirements, industry standards, and cybersecurity best practices while supporting the design and documentation of cybersecurity control frameworks. Responsibilities include managing risk, evaluating third-party security postures, and ensuring that digital payment systems comply with relevant standards such as NIST, ISO27001, and ITGC. A strong understanding of cybersecurity frameworks and a proactive approach to aligning with global regulatory frameworks, industry best practices, and organizational goals is required to provide robust protection against cyber threats. Key Responsibilities Develop, implement, and manage a comprehensive risk management program to identify, assess, and mitigate cybersecurity risks across IT systems and processes. Continuously monitor the risk landscape, ensuring effective implementation and maintenance of mitigation strategies, while reporting on compliance with relevant laws, regulations, and industry standards. Lead audits and assessments to verify cybersecurity compliance, providing remediation guidance for identified gaps, and staying up to date with regulatory changes. Implement and maintain cybersecurity controls and frameworks, including NIST CSF, NIST 800-53, ISO/IEC 27001, and IT General Controls (ITGCs), ensuring alignment with industry standards and organizational needs. Manage the organizations ISO/IEC 27001 certification process, including the development and maintenance of an Information Security Management System (ISMS), conducting internal audits, gap analyses, and preparing for external audits. Develop and manage a third-party risk management program, including due diligence, risk assessments, and collaboration with other departments to ensure vendors meet cybersecurity requirements and contracts include appropriate clauses. Oversee digital payment system security, ensuring compliance with industry standards like PCIDSS, and collaborate with service providers and internal teams to protect against cybersecurity threats. Design, document, and regularly update a cybersecurity control framework that complies with relevant industry standards and regulatory requirements (e.g., NIST, ISO/IEC 27001, CIS, PCI DSS, RBI, SEBI, IRDA, DPDPA, GDPR, DORA). Conduct workshops with senior stakeholders to appraise them of cybersecurity frameworks and control requirements, ensuring continuous improvement of the organization’s cybersecurity posture. Qualifications Preferred candidate profile Desired qualifications Bachelors degree in information technology, Computer Science, or a related field (or equivalent experience). 3- 7 years of experience in information security, cyber security compliance, risk assessment or a similar role Good understanding of IT control frameworks (PCI DSS, NIST, COBIT, ITIL, CSF, ISO 27001, ITIL, COSO etc.) Good understanding and Indian and global cyber security regulations Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to work independently and as part of a team. Experience with risk management, compliance, and audit processes

We are looking for Manger Information Security - Noida with Broking Company Need ISO 27001 Certificate CTC 7-8 Lacs Interested candidate can share resume on sanjeevani.dupare@voicehr.in

7 years’ experience in IT SOX/ITGC, SOC1/SOC2, ITACs, and Information Security Audits Knowledge of IT infrastructure, preparation of Risk & Control Matrix Audit Knowledge of Emerging Technology-Cloud infrastructure, Regulatory compliance requirements Required Candidate profile IT SOX/ITGC, SOC1/ SOC2 and Information Security Audits. Certifications: CISA, CISM, ISO 27001 LA/ LI, CCSK, Certification son Data Privac

Were looking for a Security Professional to join our growing team in Experian You will work with product teams to enhance the capabilities of our existing cloud platform, which powers our consumer products. Youll understand main parts of the platform architecture and propose, design, and promote improvements. A pragmatic approach and strong collaboration skills are important to achieving great outcomes.You will be reporting to a Senior Manager. Youll work for Hybrid (2 days WFO) from Hyderabad. What Were Looking For 5+ years of experience in Cloud Architecture and Security best practices , within AWS Hands-on experience with Microservices Architecture and Kubernetes Proficiency with Infrastructure as Code and DevOps tools such as Terraform, Git, Jenkins, Sonar, etc. Write high-quality code in Python or Java Solid experience in Public Key Infrastructure (PKI) design, cryptographic key management, and certificate management systems Experience with Privileged Access Management design, implementation, and support A hands-on, collaborative approach to embedding Security-First thinking into requirements and design Good to have: Experience participating in security audits such as SOC 2 or ISO 27001 Professional security certifications like CISSP , CISM , or AWS Cloud certifications Understanding of threats in the Financial Services sector and how to reduce them Experience developing internal security standards and policies for engineering teams Background working in large organizations across multiple teams or regions About Experian Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money. We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com. Experience and Skills AWS Cloud Architecture Terraform Python Programming Kubernetes Shift-left techniques Cryptographic Key Management Additional Information Our uniqueness is that we truly celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what truly matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experians strong people first approach is award winning; Great Place To Work in 24 countries, FORTUNE Best Companies to work and Glassdoor Best Places to Work (globally 4.4 Stars) to name a few. Check out Experian Life on social or our Careers Site to understand why. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is a critical part of Experians DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, color, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Experian Careers - Creating a better tomorrow together Benefits Experian care for employees work life balance, health, safety and wellbeing. In support of this endeavor, we offer best-in-class family well-being benefits, enhanced medical benefits and paid time off. #LI-Onsite Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here

Description Job Title: Information Security Lead / Lead Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 5 7 years Employment Type: Full-time Key Responsibilities: Lead and manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 5 7 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).

AI Developer Are you passionate about building intelligent systems that make a real-world impactDo you enjoy working in a fast-paced and dynamic start-up environmentIf so, we are looking for a talented AI Developer to join our team! We are a data and AI consultancy start-up with a global client base, headquartered in London UK, and we are looking for someone to join us full time on-site in our vibrant office in Gurugram. About Uptitude Uptitude is a forward-thinking consultancy that specialises in providing exceptional AI, data, and business intelligence solutions to clients worldwide. Our team is passionate about delivering data-driven transformation and intelligent automation, enabling our clients to make smarter decisions and achieve remarkable results. We embrace a vibrant and inclusive culture where innovation, excellence, and collaboration thrive. As an AI Developer at Uptitude, you will be responsible for designing, developing, and deploying AI models and solutions across a wide range of use cases. You will collaborate closely with data engineers, analysts, and business teams to ensure models are well-integrated, explainable, and scalable. We are looking for a candidate who is not only technically skilled but also creative, curious, and excited about pushing the boundaries of AI in real-world business environments. Requirements 1 3 years of hands-on experience in developing AI/ML models in production or research settings. Proficiency in Python and libraries such as scikit-learn, Pandas, TensorFlow, PyTorch. Experience working with structured and unstructured data. Familiarity with model lifecycle management, MLOps, and version control (MLflow, DVC). Ability to communicate technical ideas to cross-functional teams. Experience with data cleaning, EDA, and feature selection. Creativity in applying AI to real-world business problems. Awareness of ISO:27001, ISO:42001 and data governance best practices is a plus. Role based in Gurugram, India. Head office in London, UK. Company Values At Uptitude, we embrace a set of core values that guide our work and define our culture: Be Awesome: Strive for excellence and keep levelling up. Step Up: Take ownership and go beyond the expected. Make a Difference: Innovate with impact. Have Fun: Celebrate wins and build meaningful connections. Benefits Uptitude values its employees and offers a competitive benefits package, including: Competitive salary based on experience and qualifications. Private health insurance. Offsite trips for team building and knowledge sharing. Quarterly outings to celebrate milestones. Corporate English lessons with a UK-based instructor. If you re ready to develop cutting-edge AI solutions and work on meaningful challenges with a global impact we d love to hear from you.

Position: Cloud Security Architect Experience: 6-12 Years 1 Lead and manage Hybrid Cloud security operations, providing guidance and direction to ensure operational excellence. 2 Oversee security incident response and mitigation efforts, ensuring quick and efficient handling of security breaches or threats. 3 Develop and implement comprehensive security strategies to safeguard all hybrid Cloud systems. 4 Facilitate incident management processes for security-related issues, ensuring timely resolution and minimization of impact. 5 Conduct regular security assessments and audits to identify vulnerabilities and implement corrective measures. 6 Collaborate with stakeholders to develop security roadmaps and participate in daily standups to align security initiatives with organizational goals. 7 Lead change management processes and ITSM, ensuring security protocols are integrated and adhered to. 8 Foster a culture of continuous improvement in network security operations, including process creation and implementation. 9 Demonstrate a deep understanding of security principles, particularly in isolating issues with machine/user validation. 10 Experience in managing Business Continuity and Crisis Management. 11 Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats. 12 Staying up-to-date on the latest cloud security technologies, trends, and best practices. Key Skills and Knowledge Areas: - Strong understanding of cloud computing technologies, including: - Infrastructure as a Service (IaaS) - Platform as a Service (PaaS) - Software as a Service (SaaS) - Knowledge of security frameworks such as: - ISO 27001 - NIST Cybersecurity Framework - CIS Controls - Familiarity with cloud platforms: - Microsoft Azure - Amazon Web Services (AWS) - Google Cloud Platform (GCP) - Preferred certifications: - Certified Cloud Security Professional (CCSP) - Certified Information Systems Security Professional (CISSP) - Certified Cloud Architect (CCA) - Experience in developing Cloud Security Frameworks using industry best practices such as: - Cloud Security Alliance (CSA) - NIST CSF - Regulatory requirements like HIPAA, HITRUST, PCI - Understanding of industry regulatory and compliance requirements: - FedRAMP - PCI-DSS - NIST - HIPAA - Skilled at interpreting compliance and security requirements into implementable and repeatable controls.

Senior Information Security Specialist - JD (You ll be the shield behind secure systems) Experience Required: 3-5 years Location: Bangalore, Hybrid Department : Compliance Reporting to: Global DPO About Us Augnito is the next gen Voice AI powering the healthcare industry. Augnito empowers medical professionals and streamlined clinical workflows with cloud-based, AI speech recognition that offers ergonomic data entry with 99% accuracy, without the need for voice profile training, from any device, anywhere. From the outset, Augnito was built in close partnership with clinicians, using human-centered design, to create an AI natural language processing engine to fit your needs not the other way around. As a result, Augnito offers excellent support for a wide variety of clinical vocabulary and workflows and can halve your clinical reporting and admin time, increase revenue, prevent physician burnout, eliminate transcription waiting delays, and enable you to focus your energy on patient care not documentation. Augnito is currently deployed at 300+ hospitals and health systems and has a growing presence in 20+ countries, including the US, UK and Canada Role Overview: We are looking for a detail-oriented and proactive Information Security Associate to assist in maintaining and improving our core compliance and information security standards. You will support the implementation and monitoring of ISO 27001:2022, SOC 2, and HIPAA requirements, working closely with internal SPOCs, external auditors, and the senior InfoSec team Key Responsibilities: Lead the implementation, continuous improvement, and certification of ISO 27001, SOC 2, HIPAA, ADHICS, and GDPR frameworks. Conduct risk assessments and maintain a comprehensive ISMS. Define and review security policies, SOPs, and compliance matrices. Interface with global clients and regulators to address InfoSec requirements, security posture, and data processing controls. Oversee responses to client RFPs, DDQs, and third-party security reviews. Supervise execution of VAPT, access reviews, incident response simulations, and audit closures. Draft standardized responses for client RFPs and security assessments. Help gather security documentation and artifacts for client due diligence. Guide junior team members in operational compliance tasks. Drive cost optimization across security tools and services. Maintain reusable templates, trackers, and compliance artifacts for audits. Plan for future frameworks like ISO42001 India DPDP Act, and industry-specific certifications. Advise on regional compliance nuances pertaining to SFDA, DOH and the like Requirements: 3 5 years of hands-on InfoSec experience, including leading audits and certifications. Deep knowledge of ISO 27001:2022, SOC 2, HIPAA, and ADHICS frameworks. Familiarity with GDPR and other international data privacy laws. Strong stakeholder and vendor management skills. ISO 27001:2022 Lead Implementer or Auditor certification is mandatory Good to Have: Experience in healthcare or AI-based SaaS/tech. Proficiency in cloud security, data flow mapping, and regional data laws. Ability to work independently in a high-growth environment Augnito India Pvt. Ltd. is an equal opportunities employer. We are committed to providing equal opportunities throughout employment, including in the recruitment, training and development of employees (including promotion, transfers, assignments and beliefs). Augnito will not tolerate any act of discrimination in the workplace including but not limited to: Gender, Gender identity, National or ethnic origins, Marital or Domestic Partnership status, Pregnancy Status, Carer s responsibilities, Sexual orientation , Race, Color, Religious belief, Disability, Age, Any other grounds of discrimination. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Augnito will be based on merit, qualifications, and abilities. Our objective is to attract job applications and applications for development from the best possible candidates and to retain the best people In accordance with Augnito s data retention policy, candidate details are retained in our database for a period of five years. This allows us to reach out to candidates in the future for any relevant opportunities within the organization.

Information Security Associate - JD (You ll be the shield behind secure systems) Experience Required: 1-2 years Location: Bangalore, Hybrid Department : Compliance Reporting to: Senior Information Security Specialist About Us Augnito is the next gen Voice AI powering the healthcare industry. Augnito empowers medical professionals and streamlined clinical workflows with cloud-based, AI speech recognition that offers ergonomic data entry with 99% accuracy, without the need for voice profile training, from any device, anywhere. From the outset, Augnito was built in close partnership with clinicians, using human-centered design, to create an AI natural language processing engine to fit your needs not the other way around. As a result, Augnito offers excellent support for a wide variety of clinical vocabulary and workflows and can halve your clinical reporting and admin time, increase revenue, prevent physician burnout, eliminate transcription waiting delays, and enable you to focus your energy on patient care not documentation. Augnito is currently deployed at 300+ hospitals and health systems and has a growing presence in 20+ countries, including the US, UK and Canada Role Overview: We are looking for a detail-oriented and proactive Information Security Associate to assist in maintaining and improving our core compliance and information security standards. You will support the implementation and monitoring of ISO 27001:2022, SOC 2, and HIPAA requirements, working closely with internal SPOCs, external auditors, and the senior InfoSec team Key Responsibilities: Assist in maintaining ISO 27001:2022 documentation including policies, procedures, risk registers, and audit logs Coordinate internal audits and evidence collection for SOC 2 and HIPAA compliance Track remediation plans and follow up with relevant stakeholders Help conduct periodic InfoSec awareness campaigns and training for employees Send regular security advisories and reminders across departments Support basic monitoring and access control reviews Requirements: 1 2 years of experience in information security or compliance support Familiarity with ISO 27001, SOC 2, or HIPAA. Strong documentation and organizational skills. Willingness to learn and grow under supervision. Mandatory ISO 27001:2022 Lead Implementer /Lead Auditor Preferred Qualifications: Experience in a healthcare or SaaS/AI-based environment Basic understanding of internal audits, access management, and data privacy Augnito India Pvt. Ltd. is an equal opportunities employer. We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees (including promotion, transfers, assignments and beliefs). Augnito will not tolerate any act of discrimination in the workplace including but not limited to: Gender, Gender identity, National or ethnic origins, Marital or Domestic Partnership status, Pregnancy Status, Carer s responsibilities, Sexual orientation , Race, Color, Religious belief, Disability, Age, Any other grounds of discrimination. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Augnito will be based on merit, qualifications, and abilities. Our objective is to attract job applications and applications for development from the best possible candidates and to retain the best people

RESPONSIBILITIES Perform penetration testing and vulnerability assessments on web, API, and mobile applications to identify security weaknesses Create new testing methods to identify vulnerabilities. Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses. Search for weaknesses in common software, web applications, and proprietary systems. Document and communicate findings as per ASVS checklist, risks, and recommendations in detailed reports for technical and non-technical stakeholders Review and provide feedback for information security fixes. Establish improvements for existing security services, including hardware, software, policies, and procedures. Identify areas where improvement is needed in security education and awareness for users. Be sensitive to corporate considerations when performing testing (i.e. minimize downtime and loss of employee productivity). Stay updated on emerging threats, security trends, and best practices in cybersecurity to improve testing methodologies REQUIRED 3-6 years of Security Vulnerable, Exploitation, and Penetration testing experience. Experience with OWASP testing Guide / Open-Source Security Testing Methodology Manual Experience deploying enterprise security testing solutions. Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration. Advanced understanding of security concepts and security best practices Understanding and familiarity with common code review methods and standards Experience with performing penetration testing and risk assessments against computer networks Background with Qualys, Tenable, and OpenVAS Vulnerability Scanners Ability to think analytically. Knowledge of technical systems and terminology. Proficiency in scripting languages. Ability to identify and exploit vulnerabilities. GOOD TO HAVE Relevant industry certifications like CEH, GPEN, OSCP, OSCE, CRTO, CRTP, PNPT, and experience working with frameworks like MITRE ATT&CK/D3FEND) and security-related legal and regulatory requirements (ISO 27001, NIST, PCIDSS etc.). Strong problem-solving skills and leadership abilities, with good interpersonal skills to build relationships and communicate findings professionally, with fluency in written and spoken English.

Associate Manager - Third Party Risk Management Associate Manager - Third Party Risk Management - 31404 - TMF Associate Manager - Third Party Risk Management We never ask for any kind of payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment or asked to make a purchase, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website. TMF Group is a leading provider of administrative services, helping clients invest and operate safely around the world. As a global company with 11,000+ colleagues based in over 125 offices across 87 jurisdictions, we actively seek out people with the talent and potential to flourish at TMF Group, whatever their background, and offer job opportunities to the broadest spectrum of people. Once on board, we nurture and promote talented individuals, ensuring that senior positions are open to all. Discover the Role The Assistant Manager, Third Party Risk Management, is primarily responsible for developing and managing a third-party risk management process that tracks third-party risks. Work directly with the Manager Third Party Risk Management and the CISO/CSRO Office team to define issues and information needs and translate them into implementable technical enhancements to the TPRM Program. Deliver reporting for the Overall TPRM Program. Employ the analytics features to compile and synthesize data to make grounded recommendations to assess and protect against risk exposure to guide decision making to advise the business with respect to TPRM.Champion and execute updates to the existing reporting and technology framework to reduce risk and enhance efficiency. Oversee and make recommendations about additional add-on features. Assess the Information Security posture of third parties (Sub-contractors and vendors), including their IT applications in the scope of the service provided to TMF, at the time of contracting their service and periodically thereafter. The resource is also responsible for assessing information security risks from third parties and specifying appropriate technical and organizational controls to address the risks to be formally included in the contract with the third parties. The incumbent will check the compliance of the third parties to the specified security requirements on an annual basis / or as and when required by conducting reassessments/audits. Key Responsibilities Review and maintain Third Party Risk Assessment procedure and assessment questionnaire. Review third party responses and ensure required controls are in place. Identify gaps and raise them with sponsors for resolution Identify technical and organisational measures / security controls that need to be included in the contract with the third party. Maintain an inventory of onboarded third parties, along with key contact personnel, and rate them based on access level / risk level / criticality level Conduct periodic (annual) reassessments to verify / validate the security posture of the vendor and compliance to the agreed security controls Share details of vulnerabilities that may affect the applications provided by the vendor and check if the vulnerabilities are remediated in a timely manner. Key Requirements The Candidate needs to possess strong technical and soft skills, as highlighted below: The ideal candidate should have a Computer Science Education Bachelor s or master s degree The candidate should have 5- 8 years of relevant work experience in Information Security, with third party risk management as a primary responsibility. ISO 27001 /ISMS Standard. ISO 31000 Standard / risk assessment Knowledge of security frameworks like NIST Cyber Security Framework and regulations such as GDPR, DORA etc. would be an added advantage Understanding of security in relation to compliance with local legislations and regulations Excellent interpersonal skills. Ability to connect with and communicate appropriately across junior to senior-level staff Excellent written and spoken skills in English. Knowledge of Spanish, Portuguese or any other foreign language would be an added advantage General Skills Requirement Attention to detail Good understanding of the business Ability to work with minimum supervision Ability to work under stress Sense of responsibility What s in it for you Work with colleagues and clients around the world on interesting and challenging work; We provide internal career opportunities so you can take your career further within TMF; Continuous development is supported through global learning opportunities from the TMF Business Academy. You ll be helping us to make the world a simpler place to do business for our clients; Through our corporate social responsibility programme, you ll also be making a difference in the communities where we work. Strong feedback culture to help build an engaging workplace; Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best. Anniversary & Birthday Leave policy Be part of One TMF Paternity & Adoption leaves Salary advance policy Work flexibility Hybrid work model Talk about growth opportunities (we invest in talent) Well-being initiatives We re looking forward to getting to know you!

Description Job Title: Information Security Analyst/ Analyst Identity Governance and Compliance Department: Information Security Governance, Risk & Compliance (GRC) Experience: Level: 2 4 years Employment Type: Full-time Key Responsibilities: Manage the Identity Governance and compliance activities, including periodic User Access Reviews (UAR) and RBAC activities. Ensure IAM practices comply with internal policies and external regulatory requirements. Maintain and enhance identity governance policies, standards, and procedures. Provide subject matter expertise on Active Directory (AD), including group policies and access provisioning/deprovisioning. Align identity governance practices with frameworks such as PCI DSS, ISO 27001, NIST CSF, and COBIT. Engage with IT, HR, and business units to enforce least privilege principles and maintain accurate access records. Conduct regular training sessions for the SM team on security controls and client requirements. Coordinate SME involvement in quarterly meetings and training initiatives. Maintain and organize SharePoint and Jira spaces for audit readiness and evidence management. Participate in incident management, change control meetings, and cloud migration initiatives. Engage in SOC operations and threat tracking. Drive continuous improvement initiatives in identity governance and GRC processes. Lead the annual review of security information presentations in collaboration with Compliance. Required Qualifications: Bachelor s degree in Information Security, Computer Science, or a related field. 2 4 years of experience in Information Security, with a focus on Identity Governance and Compliance. Strong understanding of User Access Review (UAR) processes and tools. Experience with Active Directory (AD) and identity lifecycle management. Familiarity with regulatory and compliance frameworks: PCI DSS, ISO 27001, NIST, COBIT. Excellent analytical, documentation, and communication skills. Ability to work independently and collaboratively in a fast-paced environment. Preferred Qualifications: Relevant certifications such as CISSP, CISA, CISM, CRISC, or GIAC. Experience with IAM tools (e.g., SailPoint, Saviynt, Okta, Azure AD). Prior experience supporting internal or external audits. Knowledge of GRC tools and platforms. Understanding of legal and regulatory standards such as FERPA, CIS, and data protection laws. Knowledge of Cloud Identity (AWS or Azure Identity).

About Us: Our purpose is to help clients exceed their financial health goals. Across the reimbursement cycle, our scalable solutions and clinical expertise help solve programmatic needs. Enabling our teams with leading technology allows analytics to guide our solutions and keeps us accountable achieving goals. We build long-term careers by investing in YOU. We seek to create an environment that cultivates your professional development and personal growth, as we believe your success is our success. ESSENTIAL DUTIES AND RESPONSIBILITIES: Note: The essential duties and responsibilities below are intended to describe the general duties and responsibilities of this position and are not intended to be an exhaustive statement of duties. This position may perform all or most of the primary duties listed below. Specific tasks, responsibilities or competencies may be documented in the Team Member s performance objectives as outlined by the Team Member s immediate Leadership Team Member. Role Overview: The Manager will lead and manage 24x7 cybersecurity and SOC operations, ensuring round-the-clock protection of the organizations critical infrastructure. This role demands deep expertise in network security, threat detection, and incident response , while also managing a team working in rotational shifts. Key Responsibilities: Oversee end-to-end SOC operations , including real-time monitoring, incident triage, and escalation. Lead network security strategy and governance including firewalls, intrusion detection/prevention systems (IDS/IPS) , and VPN infrastructure. Manage and mentor a 24x7 cyber defense team, ensuring effective shift coverage and performance. Drive threat intelligence integration and lead response to advanced persistent threats. Conduct regular audits, vulnerability assessments, and penetration tests. Ensure compliance with relevant cybersecurity regulations and frameworks (e.g., ISO 27001, NIST, HIPAA). Collaborate with IT, Risk, and Compliance teams for coordinated risk mitigation. Requirements: 8+ years in cybersecurity, with 3+ years in a leadership role. Experience running or managing a 24x7 SOC . Strong expertise in SIEM tools , threat detection, and mitigation strategies. Relevant certifications: CISSP, CISM, CEH , or equivalent. Excellent leadership and communication skills. PHYSICAL DEMANDS: Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions as described. Regular eye-hand coordination and manual dexterity is required to operate office equipment. The ability to perform work at a computer terminal for 6-8 hours a day and function in an environment with constant interruptions is required. At times, Team Members are subject to sitting for prolonged periods. Infrequently, Team Member must be able to lift and move material weighing up to 20 lbs. Team Member may experience elevated levels of stress during periods of increased activity and with work entailing multiple deadlines. A job description is only intended as a guideline and is only part of the Team Member s function. The company has reviewed this job description to ensure that the essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate. PHYSICAL DEMANDS: Note: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions as described. Regular eye-hand coordination and manual dexterity is required to operate office equipment. The ability to perform work at a computer terminal for 6-8 hours a day and function in an environment with constant interruptions is required. At times, Team Members are subject to sitting for prolonged periods. Infrequently, Team Member must be able to lift and move material weighing up to 20 lbs. Team Member may experience elevated levels of stress during periods of increased activity and with work entailing multiple deadlines. A job description is only intended as a guideline and is only part of the Team Member s function. The company has reviewed this job description to ensure that the essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

About the Opportunity Step into the forefront of the cybersecurity industry in a rapidly evolving environment where innovation in threat detection and endpoint protection is paramount. This role is tailored for high-performing professionals in the security engineering sector who thrive on managing advanced security solutions and ensuring resilient protection across critical infrastructures. Operating within a dynamic, on-site work culture in India, you will be challenged to refine and enhance security procedures using advanced SentinelOne EDR strategies. Role & Responsibilities Lead the deployment, configuration, and optimization of SentinelOne EDR solutions to secure endpoints across diverse environments. Monitor, analyze, and respond to security incidents, leveraging threat intelligence to rapidly mitigate risks and vulnerabilities. Collaborate with cross-functional teams to integrate EDR solutions with broader security infrastructure (including SIEM systems) and refine incident response protocols. Develop and implement security architecture strategies to ensure best practices and regulatory compliance across services. Mentor and guide junior team members by sharing expert knowledge on endpoint protection and evolving threat landscapes. Continuously assess and enhance security measures, participating in post-incident reviews and process improvements. Skills & Qualifications Must-Have: Strong hands-on experience with SentinelOne EDR administration, configuration, and troubleshooting in high-security environments. Must-Have: Proven expertise in endpoint security, incident response, and threat mitigation using advanced security tools. Must-Have: In-depth understanding of security best practices across Windows, Linux, and other operating systems. Preferred: Experience integrating EDR solutions with SIEM platforms and automating security incident workflows. Preferred: Familiarity with cybersecurity compliance frameworks such as NIST and ISO 27001. Preferred: Excellent analytical, communication, and leadership skills with a collaborative working style. Benefits & Culture Highlights Work on-site in a dynamic and innovative cybersecurity environment where vigilance and excellence are rewarded. Engage with cutting-edge security technologies and contribute to strengthening organizational cybersecurity frameworks. Collaborative, growth-oriented culture that values mentorship, continuous learning, and proactive problem solving. If you are an experienced security engineering professional passionate about leveraging SentinelOne EDR to transform endpoint security, we invite you to apply and become an integral part of our fast-paced, mission-driven team.

About the Opportunity In the dynamic cloud security and cybersecurity sector, a leading tech innovator in India is seeking a skilled Cloud Security Engineer to bolster its on-site security operations. This role involves working with advanced cloud solutions to protect critical digital infrastructure, ensuring compliance with industry standards and regulations. You will be part of a proactive, technology-driven team dedicated to safeguarding enterprise assets and driving secure business outcomes. Role & Responsibilities Design, implement, and manage robust cloud security solutions across major cloud platforms (AWS, Azure, GCP). Conduct risk assessments, vulnerability scans, and security audits to identify and mitigate potential threats. Collaborate with engineering and IT teams to integrate secure practices during cloud infrastructure deployments and migrations. Develop and enforce security policies, protocols, and incident response plans aligned with industry standards. Monitor cloud environments continuously, analyze security alerts, and respond promptly to security incidents. Stay updated on emerging threats and evolving cloud security trends, suggesting innovative improvements. Skills & Qualifications Must-Have Proven hands-on experience as a Cloud Security Engineer with a strong background in cloud platforms and security best practices. Deep understanding of security frameworks and regulatory standards (ISO 27001, NIST, GDPR, etc.). Expertise in vulnerability assessment, penetration testing, encryption technologies, and firewall configurations. Experience in developing and executing incident response plans and risk management strategies. Preferred Cloud certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer) to validate your expertise. Knowledge of automation and scripting languages such as Python or PowerShell to streamline security operations. Benefits & Culture Highlights Competitive salary package with performance-based bonuses. A collaborative, inclusive, and innovation-driven work environment. Opportunities for continuous learning and professional growth in a rapidly evolving tech landscape.