776 Iso 27001 Jobs - Page 30

We are looking for a highly motivated and detail-oriented individual with 2 to 7 years of experience to join our team as a Portfolio Compliance Enablement Specialist in Bengaluru. The ideal candidate will have a strong foundation in Cyber Security, Information Security, or a related field. ### Roles and Responsibility Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies.### Job Requirements At least 2 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Understanding of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills, and the ability to work effectively within a team environment.

We are looking for a highly skilled and experienced Manager-TMT-Assurance-ASU - TR - Technology Risk to join our team in Gurgaon. The ideal candidate will have 6 to 11 years of experience in IT Audits and advisory work, with a strong background in technology risk management. ### Roles and Responsibility Manage multiple clients independently, providing regular status updates to both clients and EY management. Conduct IT audits on ERP systems like SAP and Oracle, identifying risks and challenges. Develop and implement effective audit plans, ensuring compliance with regulatory requirements. Collaborate with cross-functional teams to provide comprehensive solutions to clients. Identify and mitigate potential risks associated with technology use. Provide expert guidance on technology risk management best practices. ### Job Requirements Strong understanding of IT Audits and advisory work, including FAIT, SOCR (SOC1, SOC2), SOX 404, ISO 27001, etc. Experience working with ERP systems such as SAP and Oracle. Excellent written and verbal communication, interpersonal, networking, and problem-solving skills. Ability to manage complex projects and prioritize tasks effectively. Strong analytical and critical thinking skills, with attention to detail. Familiarity with cyber security principles and practices is beneficial. A Sc. in Computers, B. Tech/ B.E. in Computers, BCA in Computers, MCA in Computers, MS/ Sc. (Science) in Computers, or M. Tech in Computers is required. Chartered Accountant with experience in handling technology risk-related engagements. Hands-on experience with SAP/Oracle/DevOps-like environments. Cyber Security Professional with hands-on experience in implementing and reviewing cyber security solutions to identify and manage cyber security risks (VA, PT, Secure configuration review, OWASP Top 10, IT Infrastructure Assessments, etc.).

We are looking for a skilled Security Consultant Lead with 9 to 14 years of experience in information security, preferably in cloud security. The ideal candidate will have advanced knowledge of computer science and experience in managing significant Information Security risk management functions. ### Roles and Responsibility Review security architectures and provide pragmatic security guidance that balances business benefits and risks. Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on implementation. Perform threat modeling and risk assessments of information systems, applications, and infrastructure. Maintain Information Security Policies and Compliance standards and enhance InfoSec risk assessment and certification methodologies. Define security configuration standards for shared and multi-tenant platforms and technologies. Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit. Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stakeholders. Provide knowledge sharing and technical assistance to other team members, acting as a Subject Matter Expert (SME) in responsible technologies with a deep technical understanding of services and technology portfolios. ### Job Requirements Advanced degree in Computer Science or a related discipline; or equivalent work experience. Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or CISSP, CISM, or CISA, or similar cloud-security oriented certifications. Minimum 9 years of experience in managing a significant Information Security risk management function. Experience in managing communication of security findings and recommendations to IT project teams, business leadership, and technology management executives. Strong working knowledge of cloud security, infrastructure security, application security, Agile & DevSecOps methodologies, and operational security. Knowledge of common information security standards such as ISO 27001/27002, CSA and CIS Controls, NIST CSF, PCI/DSS, FEDRAMP is preferred. Experience with Azure Active Directory (AAD) based Identity and Access Management and Authorization design and integration with API, IDaaS, and Federation technologies is preferred.

We are looking for a highly motivated and detail-oriented individual with 2 to 7 years of experience to join our team as a Portfolio Compliance Enablement Specialist in Bengaluru. The ideal candidate will have a strong foundation in Cyber Security, Information Security, or a related field. ### Roles and Responsibility Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies. ### Job Requirements At least 2 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or an interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Understanding of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills, and the ability to work effectively within a team environment.

We are looking for a skilled Senior Manager TPRM with 10 to 12 years of experience to join our team in Bengaluru. The ideal candidate will have a strong background in information security, risk management, and controls concepts. ### Roles and Responsibility Provide guidance and share knowledge with team members on complex, judgmental, and specialized issues. Brief the engagement team on client's environment and industry trends, maintaining relationships with client management to manage expectations of service. Demonstrate a thorough understanding of complex information systems and apply it to client situations, using extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Manage client engagements, determining and deploying the right team with adequate skill sets for executing engagements and periodically reviewing status updates. Contribute to thought leadership documents and develop new methodologies, facilitating discussions/knowledge sharing with key client personnel. Plan and schedule client engagements, staying abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Identify buyers, influencers, and stakeholders in existing client engagements and build strong relationships. Display teamwork, integrity, and leadership, working with team members to set goals and responsibilities for specific engagements and fostering teamwork and innovation. Drive performance management for self and team, managing the performance management process for direct reportees as per organizational policies. Train and mentor project resources, participating in organization-wide people initiatives. ### Job Requirements Strong knowledge of information security concepts, risk, and controls is required. Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc., and regulations like FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, OSI layer, networking, and security concepts, along with sound familiarity with OWASP and Secure SDLC standards/frameworks. Experience in LAN/WAN architectures and reviews, cryptography, physical and environmental security, asset security, and identity and access management. CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer certifications are preferred. A BE/BTech degree with a sound industry experience of 10 to 12 years is required.

We are looking for a highly skilled and experienced Chartered Accountant (CA) or Master’s degree in management, Information Systems/Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline with 5 to 10 years of experience to join our team as a Senior Manager in Risk Consulting - Protect Tech. The ideal candidate will have a passion for technology and an ardent desire to work in risk management. ### Roles and Responsibility Consistently deliver quality client services, driving high-quality work products within expected timeframes and on budget. Foster relationships with client personnel to analyze, evaluate, and enhance information systems, developing and improving security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, communicating this information to the engagement team and client management through written correspondence and verbal presentations. Demonstrate deep technical capabilities and professional knowledge, quickly assimilating new knowledge. Identify strategic, IT, and business risks, control gaps, weaknesses, and areas of improvement. Design IT Risk Controls frameworks and RACMs, and implement IT general controls, application controls, and business process controls. Conduct IT internal control reviews and review SOC1 or SOC2 reports. Perform IT Risk and Controls assessment with exposure to technologies such as SAP, Oracle, Workday, MS Dynamics, or emerging technologies like Cloud, RPA, AI/ML. Possess knowledge of IT risk, information security, or cyber security frameworks such as COSO, COBIT, ISO, NIST, etc. Understand IT regulatory compliances such as IT SOX, GDPR, ISO, PCI DSS, etc. Have strong exposure working in client-facing roles and collaborating with cross-functional teams including internal audits, IT security, and business stakeholders to assess control effectiveness and facilitate remediation activities. Exhibit excellent communication, documentation, and report writing skills. Relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001 are a plus. ### Job Requirements A Chartered Accountant (CA) or Master’s degree in management, Information Systems/Technology, Computer Science, Business Analytics, Cybersecurity, or a related discipline is required. Minimum 5 years of experience in risks & controls, preferably in a Big 4 or professional firm. Passion for technology and a desire to work in risk management. Strong understanding of IT risk, information security, or cyber security frameworks such as COSO, COBIT, ISO, NIST, etc. Experience in conducting IT internal control reviews and reviewing SOC1 or SOC2 reports. Excellent communication, documentation, and report writing skills are essential. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001.

We are looking for a skilled professional with 10 to 15 years of experience to join our team as an EY Data Protection & Privacy – Technology Consulting Manager in Bengaluru. ### Roles and Responsibility Develop, deliver, and lead cybersecurity and IT risk client engagements globally. Identify potential business opportunities for EY and GDS within existing engagements. Anticipate and identify risks within engagements and escalate them to senior management. Ensure high-quality work by following EY's quality standards. Foster teamwork and lead by example, contributing to people-related initiatives. Maintain an educational program to continually develop personal skills of staff. ### Job Requirements BE - B. Tech / MCA / M. Tech / MBA with a background in computer science and programming. More than 10 years of relevant experience in data protection and privacy. Strong Excel and PowerPoint skills, along with excellent analytical skills and knowledge of data analytics methods. Demonstrated leadership abilities and excellent interpersonal, written, verbal, communication, and presentation skills. Experience in managing large teams to deliver Cyber services or complex projects. Review of Data Protection & Privacy engagements during different phases of the lifecycle – assess, design, and implementation. Develop strategic and tactical Data security remediation recommendations / cyber risk roadmap to address identified security gaps. Hands-on experience with key components of Cyber Security including (but not limited to): Information Security concepts related to Governance, Risk & Compliance DLP/Data Classification/CASB/DAM, Encryption, Tokenization, PKI, CLM Technology support and Event Handling Regulations/standards such as ISO 27001, PCI DSS, HIPAA, HITRUST, GDPR, CCPA Extend required support for any reported data protection and privacy incidents such as information breaches and leakages. Ability to guide teams through the design and implementation of Data security solutions that reduce vulnerability, strengthen controls and optimize organizational efficiency In-depth knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, etc. Develops budget, scope, and staffing recommendations based on understanding of client budget and project economics

We are looking for a highly skilled and experienced Senior to join our team in Bengaluru. The ideal candidate will have 4 to 8 years of experience in Risk Management, specifically in Third-Party engagement lifecycle. ### Roles and Responsibility Lead and collaborate with the manager on delivering Third-Party Risk Management (TPRM) engagements. Design and implement TPRM operating models, identifying, evaluating, and providing solutions for complex business and technology risks. Develop and maintain effective relationships with clients to achieve exceptional service. Contribute to identifying opportunities to improve engagement profitability and assist leadership in driving business development initiatives. Participate in building strong internal relationships within EY Consulting Services and across the organization. Assess application of legal and regulatory requirements to clients' TPRM practices. ### Job Requirements Strong understanding of TPRM framework, Risk Management, and Information Security practices. Hands-on exposure to TPRM tools and technology solutions, such as GRC enablement solutions. Demonstrated knowledge of standards like ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations like GDPR, CCPA, etc. Familiarity with TCP/IP, OSI layer, networking, and security concepts. Experience in LAN/WAN architectures and reviews. Knowledge of incident management, disaster recovery, and business continuity management, cryptography. Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. Maintain an educational program to develop personal skills continually. Continuously upskill according to market trends. Understand and follow workplace policies and procedures. Attend L&D programs and demonstrate thorough knowledge of consulting methodology and consulting attributes. Exhibit initiative and participate in corporate social and team events.

We are looking for a highly skilled and experienced Senior to join our team in Bengaluru. The ideal candidate will have 4 to 8 years of experience in Third-Party Risk Management, with a strong background in risk management across the third-party engagement lifecycle. ### Roles and Responsibility Lead and deliver Third-Party Risk Management (TPRM) engagements, ensuring high-quality results and client satisfaction. Collaborate with cross-functional teams to identify and mitigate risks associated with third-party vendors and suppliers. Develop and implement effective TPRM strategies, policies, and procedures to ensure compliance with regulatory requirements. Conduct thorough risk assessments and provide recommendations for improvement. Work closely with clients to understand their business needs and develop tailored solutions. Perform quality checks on work products to ensure accuracy and attention to detail. Assist or mentor team members in vendor calls/client interactions by providing delivery updates. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients' TPRM practices. Lead/participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offerings or industry projects. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within GMS Services and with other services across the organization. ### Job Requirements Strong understanding of Third-Party Risk Management principles and practices. Experience with risk management frameworks, including ISO 27001/2, ISO 22301, ISO 27018, PCI-DSS, HITRUST, etc. Knowledge of privacy regulations, such as GDPR, CCPA, etc. Familiarity with TCP/IP, OSI layer, networking, and security concepts. Understanding of OS (Windows/Linux) security, database security, IT infrastructure, and security architecture design and review. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Project Management skills. Exposure to tools like ProcessUnity, ServiceNow, Archer. Maintain an educational program to continually develop personal skills. Continuously upskill according to market trends. Understand and follow workplace policies and procedures. Exhibit initiative and participate in corporate social and team events.

Bachelor's degree and a minimum of 2 years of professional experience in an IT-related field (Information Security, Network Security, IT Infrastructure).Experience on Network Security, Firewall Security, and Web Security (including web application firewalls and proxies)Directory services (Microsoft Active Directory), SCCM, Vulnerability Assessment (infrastructure, server, workstation, and *application). Experience on SIEM, PIM, Content Filtering, and Cisco Firewalls.CompTIA Security+ certification, CEH, CHFI, or equivalent, preferred.Experience on Change Management Review and Security Audits/Reviews. Experience on Linux and hacking tools (Kali Linux, Backtrack.Excellent interpersonal and communication skills, Self-driven, quick learner with attention to details and quality. Knowledge of ISO 27001, HIPAA, SOX will be an advantage.Good knowledge of security programs, process, and metric.Good knowledge of IT Security Infrastructure and related applications and toolsets. Examples include firewalls & Network.

A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001. 1. Regulatory Compliance Monitoring: o Ensure the technology department complies with relevant laws and regulations, such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. o Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement: o Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. o Regularly review and update policies to ensure they remain aligned with changing regulations and industry best practices. 3. Risk Management: o Assess risks related to technology operations, particularly data privacy and cybersecurity risks. o Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. o Conduct regular audits and reviews of IT systems to ensure they meet compliance standards. 4. Training & Awareness: o Educate and train technology teams and other employees on compliance-related matters, such as data security, privacy policies, and risk mitigation strategies. o Promote awareness of compliance issues, helping staff understand their responsibilities in maintaining compliance. 5. Audit & Reporting: o Prepare reports for management, regulators, or auditors, demonstrating compliance with relevant regulations and policies. o Coordinate internal and external audits related to technology compliance. o Implement corrective actions where necessary to address non-compliance findings. 6. Data Privacy Management: o Oversee data protection strategies and ensure proper handling of sensitive information, including encryption, access control, and data retention policies. o Manage consent collection and user privacy preferences in accordance with privacy regulations. 7. Incident Management: o Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. o Coordinate with relevant authorities if there is a need to disclose any breaches or security incidents.

Define and drive the cybersecurity tools and technology roadmap aligned with organizational security objectives Evaluate, select, and lead the deployment of cybersecurity tools (SIEM, SOAR, EDR, DLP, CASB, IAM, vulnerability management, etc) Manage the lifecycle of cybersecurity tools including onboarding, configuration, optimization, upgrades, and decommissioning Collaborate with SOC, Threat Intelligence, Incident Response, and IT teams to understand needs and implement appropriate solutions Lead PoC (Proof of Concept) and pilot programs for emerging cybersecurity technologies Optimize tool integration, automation, and orchestration across the cybersecurity ecosystem Work with vendors and partners to ensure product support, licensing, and issue resolution Manage cybersecurity tools budget, vendor negotiations, and renewal processes Establish metrics and reporting to measure the effectiveness and ROI of cybersecurity tools Mentor and guide engineering and operations teams on best practices for tool usage Ensure cybersecurity tool architecture adheres to security compliance frameworks (ISO 27001, NIST, GDPR, etc) Stay updated on market trends and emerging cybersecurity technologies Qualifications:Bachelor s or Master s degree in Cybersecurity, Information Technology, Computer Science, or a related field

IT audit experience in Domain like ITGC, Cyber Security, SOC 2, Application and IT security Infrastructure and IT Regulatory compliance Familiarity with IT regulatory requirements related to IS of regulators such as RBI, SEBI and other IT Standards

Job Summary: We are seeking an experienced Cybersecurity Strategy & Security Engineer to develop and implement security policies, frameworks, and architectures that align with organizational goals. This role is critical for defining security roadmaps, evaluating current capabilities, and ensuring robust protection across networks and cloud environments. We are looking for immediate joiners or a notice period less then a month is preferrable. Work from office and will have rotational shifts. Key Responsibilities: Develop and maintain IT security policies and standards for infrastructure components (firewalls, routers, VPNs, etc.) Design and implement cybersecurity strategies and roadmaps aligned with business objectives Conduct risk and maturity assessments and recommend security improvements Evaluate and integrate new security technologies and authentication protocols Provide expertise in network security architecture and cloud security across AWS, Azure, or GCP Collaborate with stakeholders to identify critical business functions and ensure alignment of security initiatives Reference and implement industry-standard frameworks like NIST 800-53, CIS Controls, ISO 27001, SOC 2 Mandatory Skills: Proven experience in security policy & standards development Deep understanding of security frameworks : NIST, CIS Controls, ISO 27001, SOC 2 Expertise in security strategy and roadmap development Strong background in network security architecture Cloud security knowledge in AWS, Azure (preferred), or GCP Familiarity with tools like Firewalls, WAF, VPN, EDR/XDR , and cloud-native tools (e.g., Prisma, Microsoft Defender for Cloud Apps, Azure Firewall ) Strong grasp of security reference architectures across domains like application, network, and data security Preferred Qualifications: Experience with security risk assessments, cost analysis, and security maturity evaluations Knowledge of security standards and compliance requirements (e.g., PCI-DSS)

Due to our continued growth, we are hiring for a Senior Decipher Survey Programmer at M3 Global Research , an M3 company. This is a long-term contract position and fully remote. This person must reside in Romania Job Overview The Qualitative Research Analyst will be responsible for analysing qualitative transcripts from interviews, focus groups, and other qualitative research methods. This role is crucial for uncovering key themes and insights from qualitative data that inform strategic healthcare decisions. The ideal candidate must have a background in healthcare or life sciences, with a strong focus on qualitative analysis. Key Responsibilities Transcript Analysis : Analyze qualitative transcripts, identifying recurring themes, insights, and patterns relevant to healthcare, pharmaceutical, and medical device sectors. Data Interpretation : Synthesize findings from transcripts into clear and actionable insights, contributing to reports and presentations for internal teams and clients. Content Grid Development : Transform Qual transcripts into high-quality content grids to be used as final deliverables. Proficiency in creating Qual Content Grid structures and organizing transcripts into the content grids. Report Development : Assist in drafting sections of research reports based on transcript analysis, providing concise and insightful summaries of findings. Collaboration : Work closely with research managers and other analysts to ensure that insights from transcripts align with project goals and client needs. Quality Control : Ensure the accuracy and consistency of data interpretation and analysis throughout the research process. Healthcare Expertise : Apply knowledge of healthcare industry trends, patient pathways, and stakeholder perspectives to enrich the analysis. Experience : 1-3 years of experience in qualitative research, with a focus on transcript analysis. Previous work in Pharma Qual research is essential. Technical Skills : Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint). Communication : Strong written communication skills for summarizing qualitative insights and contributing to research reports. Detail-Oriented : High attention to detail in transcript review and analysis. Healthcare Knowledge : Solid understanding of healthcare industry, patient care journeys, and healthcare professionals perspectives. Preferred Qualifications Experience analyzing transcripts from patient or healthcare professional interviews. Familiarity with qualitative research within the pharmaceutical or medical device sectors. Ability to understand complex healthcare terminology and issues. What We Offer Competitive salary and benefits package. Opportunity to work with leading healthcare organizations. Professional growth and development in the healthcare research field. A collaborative and supportive team environment. Qualifications Education : Bachelor s or Master s degree in Public Health, Life Sciences, Healthcare, Sociology, or a related field

A Snapshot of Your Day Each day, you ll collaborate with product management and development teams to define, prioritize, and deliver high-impact features that keep our cloud infrastructure and applications resilient. You ll design and automate CI/CD pipelines, implement robust security controls, and respond to security incidents ensuring our systems are always ahead. Your expertise will directly support Siemens Gamesa s mission for clean, reliable energy, all within a culture that values your ideas, empowers your growth, and celebrates your commitment to excellence. How You ll Make an Impact Create, develop, and implement solutions to address infrastructure and security requirements. Identify the needs for build automation, designing, and implementing CICD solutions. Create, develop, and implement automation and system integration for various build platforms. Build or maintain CICD building blocks and shared libraries proactively for app and development teams to enable quicker build and deployment. Design action plans to address CICD platform/tools/solutions shortcomings and difficulties. Trouble shoot, identify, and fix problems in the DevSecOps domain. Secure Infrastructure: Design, implement, and maintain secure infrastructure and environments, including FedRAMP-compliant environments, consisting of applications, containers, virtual machines, and cloud infrastructure. Vulnerability Management: Collaborate with teams to remediate and mitigate identified vulnerabilities, work with the security team to assess vulnerabilities, and identify potential security risks and weaknesses in the system. Security Automation: Develop and maintain security automation tools and scripts to streamline security processes and patch management, ensuring consistent application of security controls across deployment pipelines and infrastructure. Incident Response: Respond to security incidents promptly, perform root cause analysis, and implement measures to prevent future occurrences. Security Audits and Compliance: Assist in security audits and compliance assessments to ensure alignment to industry standards and regulations, collaborating with internal and external auditors to address any security-related findings. Collaboration and Documentation: Work closely with developers and security teams to identify security requirements and implement appropriate solutions, maintaining clear and comprehensive documentation of security practices, standards, and guidelines. What You Bring You have 8-10 years of proven experience as a Data Security Engineer, with a strong background in DevSecOps and cloud technologies. You are proficient in programming and scripting languages such as Python, C#, and PowerShell. You understand secure coding practices, common vulnerabilities (OWASP Top 10), and security frameworks (ISO 27001, NIST, PCI DSS). You have hands-on experience with security tools, vulnerability management, and cloud platforms (AWS, Azure, Google Cloud). You are skilled in containerization (Docker, Kubernetes) and infrastructure-as-code tools (Terraform, CloudFormation). You bring experience with security automation, incident response, and compliance audits. Exposure to tools like SonarQube, Coverity, Dependency Track, Trivy, or ZAP is a plus. About the Team For our Onshore Execution Digital Product Development team, we are seeking an experienced Product Owner with 9+ years of expertise in defining and prioritizing product features and requirements for SAFE/Agile teams. You will work closely with product management team and development teams to ensure alignment and delivery of business objectives to bring highest value.. Who is Siemens Energy? Siemens Gamesa is part of Siemens Energy, a global leader in energy technology with a rich legacy of innovation spanning over 150 years. Together, we are committed to making sustainable, reliable, and affordable energy a reality by pushing the boundaries of what is possible. As a leading player in the wind industry and manufacturer of wind turbines, we are passionate about driving the energy transition and providing innovative solutions that meet the growing energy demand of the global community. At Siemens Gamesa, we are constantly seeking versatile individuals to join our team and support our focus on energy transformation. Find out how you can make a difference at Siemens Energy: https: / / www.siemens-energy.com / employeevideo Our Commitment to Diversity Lucky for us, we are not all the same. Through diversity, we generate power. We run on inclusion and our combined creative energy is fueled by over 130 nationalities. Siemens Energy celebrates character - no matter what ethnic background, gender, age, religion, identity, or disability. We energize society, all of society, and we do not discriminate based on our differences. Rewards/Benefits All employees are automatically covered under the Medical Insurance. Company paid considerable Family floater cover covering employee, spouse and 2 dependent children up to 25 years of age. Siemens Energy provides an option to opt for Meal Card to all its employees which will be as per the terms and conditions prescribed in the company policy as a part of CTC, tax saving measure https: / / jobs.siemens-energy.com / jobs

to assist in catering to the needs of management and accounts function. The ideal candidate will play a key role in daily finance tasks and cross-functional coordination. Key Responsibilities: Manage customer invoicing and accounts receivable processes Handle customer correspondence related to invoicing, payments, and receipts Accurately input financial data into internal systems Perform ad-hoc finance and administrative tasks as required Assist with intercompany transaction management and account reconciliations Requirements: Atleast 6-12 months of relevant experience Bachelor s degree in accounting, Finance, BBA, or BSc in a related field Strong English language skills with excellent written and verbal communication High attention to detail and ability to work independently in a fast-paced environment We have an amazing team of 700+ individuals working on highly innovative enterprise projects & products. Our customer base includes Fortune 100 retail and CPG companies, leading store chains, fast-growth fintech, and multiple Silicon Valley startups.

Confiz is hiring: Software Engineer - .Net We are seeking a skilled .NET Backend Engineer to develop and maintain APIs and integration solutions on Azure. The ideal candidate will have expertise in .NET backend engineering, design patterns, databases, and services within the Azure ecosystem. Responsibilities: Implement APIs and microservices in .NET. Deploy serverless solutions using Azure Functions, Logic Apps and API Management. Document integration processes and provide technical support for deployed solutions. Collaborate with cross-functional teams to align technical solutions with business objectives. Monitor and optimize performance using Azure Monitor and Application Insights. Requirements: Proficiency in C#, .NET. Expertise of RESTful APIs, Excellent problem-solving and communication skills. Familiarity with cloud integration patterns and practices will be a plus. Good to have Azure Functions, Azure Logic Apps and APIM. We have an amazing team of 700+ individuals working on highly innovative enterprise projects & products. Our customer base includes Fortune 100 retail and CPG companies, leading store chains, fast-growth fintech, and multiple Silicon Valley startups.

About Us At SBI Card, the motto Make Life Simple inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work. What s in it for YOU SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees Dynamic, Inclusive and Diverse team culture Gender Neutral Policy Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits Commitment to the overall development of an employee through comprehensive learning & development framework Role Purpose To effectively execute Enterprise Risk Management framework, interact with senior management team, highlight gaps in processes/ controls through effective risk assessment and governance of risk management processes in the organization. Role Accountability Organize and manage Enterprise Risk Management Committee (ERMC), Operational Risk Management Committee (ORMC), Information Security Committee(ISC) and New Product Introduction (NPI) meetings and highlight new material risks for the company and to ensure they are discussed at appropriate forums Prepare agenda/documentation/ minutes/ for ERMC, ORMC, NPI and ISC meetings and ensure adequate follow up of the issues/ recommendations of the committees and perform independent validation of closed items, highlight gaps to committee, if any Monitor Enterprise Risk Management practices to identify, analyze and report enterprise wide risk Ensure effective implementation of organization s risk management policy in accordance with risk appetite/ risk objectives and ISO 31000 framework and ensure its compliance with regulations and alignment with SBI policy strategically Design and maintain risk management tools like Key Risk Indicators, loss database, scenario analysis, stress test, etc. Report performance of KRI against management approved thresholds to risk committee Review KRI library including risk thresholds annually and recommend for update to VP ERM, wherever required Policy governance - Track policy approval due date, align documents with parent policy and regulatory guidelines, discuss gaps with policy owner and ensure document is updated before submission to board for approval and obtain stakeholder inputs before policy submission to policy review committee Develop frameworks and risk management programs to build risk proficiency and enhance organization risk culture Assist in strengthening ORM Framework, participate in Risk and Control Self-Assessment (RCSA) exercise, identify vulnerabilities and potential control gaps, discuss and formulate action items with process owners to bridge gaps and track action items for timely closure Perform independent testing to evaluate efficacy of internal controls, process, procedures or systems and consult with first line to open issues related to control failures, implementation plans and timelines to implement recommended actions Manage OR incidents, liaise with business for RCA, resolution and corrective action plan and report OR incident report to senior management Prepare ISO 27001 risk register and ensure it is current and updated Ensure adherence to regular process documentation practices in compliance with the process guidelines Measures of Success Completeness and timeliness in Board documentation, Timely reporting to SBI Monthly ORMC and quarterly ERMC are held in time and minutes circulated and tracked for implementation Effective Policy Management and Risk policy implementation Product governance and reviews are held as per schedule and in line with NPI process RCSA testing is done as per the process defined No adverse regulatory/audit findings Timely design and implementation of Risk awareness programs Timely and accurate updation of process documentation Process Adherence as per MOU Technical Skills / Experience / Certifications Extensive knowledge of Enterprise Risk Management frameworks and principles Experience in preparing deliverables for Management Committees and Board reporting Ability to apply Risk Management techniques for risk identification, assessment, measurement and the monitoring of exposures that may threaten the organization, come up with recommendation for result-oriented solutions Understanding of COSO Internal Controls Framework and ISO 31000 framework Understanding of Basel III Operational Risk Competencies critical to the role Team Player and ability to operate with tight deadlines Strong Communication & Interpersonal Skills with ability to effectively communicate across all levels of an organization and outside company boundaries Qualification CA/MBA Finance Preferred Industry BFSI, Any

This role will lead efforts in identifying, tracking, and remediating weak encryption ciphers and protocols across our organization. This role is critical in supporting remediation plans for finding by managing a project that identifies non-compliant cryptographic implementations and coordinates with the appropriate stakeholders to get them in compliance. Key Responsibilities: Weak Encryption Analysis and Remediation: Identify and assess weak encryption algorithms, cipher suites and protocols used across enterprise application and infrastructure. Work on releases to remain up to date with strong and compliance cipher suites, protocols along with replacing weak encryption mechanism with strong industry-recommended alternatives (eg TLS 1.2/1.3, AES-256, SHA-256). Monitor and audit encryption practices for compliance with regulatory standard (eg NIST, PCI-DSS, HIPPA, ISO 27001). Conduct encryption Risk Assessment and implement mitigation strategies. Configure TLS/SSL protocols and cipher suites to ensure secure communication across networks and applications. Document encryption policies, standards, and technical procedures for internal and external compliance audits. Provide encryption solutions for cloud platforms such as AWS, Azure and Google cloud. Mandatory skills PKI, Cipher Governance Desired/ Secondary skills PKI, Cipher Governance

& Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive Network Security, Cloud Security, ITGC Reviews, Compliance Reviews, ISO 27001 Reviews, Purpose of the Job /Role Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security, Threat and Vulnerability Management, Identity and access management, Technology controls, process controls, and governance, risk and compliance elements, IT General Controls. Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Mandatory Skill Strategy and Governance Preferred Skill Cyber Strategy Education Qualifications Minimum Qualification BE/ BTech Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CISA/CISM/ISO will be added advantage Education Degrees/Field of Study required Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred Required Skills Strategic Governance Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture

As a R&D engineer in the Common Software Foundation team, you will contribute to delivering secure open-source components across various PaaS environments, including NCS, AWS, Azure, and GCP. In this role, you will enhance security by analyzing and prioritizing vulnerabilities in Rocky and Redhat OS, conducting scans, and implementing appropriate remediation. You will also work on developing and testing Rocky OS, leveraging expertise in microservices, containers, and CI/CD DevOps practices. Your proficiency in secure protocols, encryption methodologies, and vulnerability assessment tools will help strengthen system security. Additionally, you will contribute to SBOM generation, security design, and threat analysis, ensuring compliance with industry standards. You Have: Engineering Graduate or equivalent degree with 3-8 years of experience in Development and Testing, with expertise in Rocky and Redhat OS, and Python programming. Hands-on experience with Microservices, Containers (Docker, Kubernetes, Helm), and CI/CD DevOps practices. Proficient in secure protocols (TLS, SSH), encryption methodologies, and security hardening practices. Skilled in vulnerability scanning, penetration tests, and using tools like Anchore, Tenable, and Nmap. It would be nice if you also had: Knowledgeable in SBOM generation, Design for Security & Privacy, and Threat & Risk analysis. Understanding of Zero Trust architecture, compliance frameworks (NIST, CIS, ISO 27001), and experience with AI-driven security analytics tools. Familiarity with tools like Terraform, Ansible, and cloud-native security practices across AWS, Azure, and GCP. Deploy and manage open-source components across various PaaS environments (NCS, AWS, Azure, GCP) while ensuring compliance with security and performance standards. Analyze, prioritize, and remediate Common Vulnerabilities and Exposures (CVEs) in Rocky and Redhat OS, collaborating with development teams for effective resolution. Conduct security scans (e.g., Burp, Anchore, Malware, Codenomicon), analyze reports, and assess severity based on open-source software usage. Develop and test Rocky OS as per CSF specifications, leveraging expertise in Linux-based OS, Python programming, and automation. Work with microservices, containers (Docker, Kubernetes, Helm), and CI/CD pipelines to enhance software delivery and deployment efficiency. Implement secure communication protocols (TLS, SSH), encryption methodologies, and security hardening practices to safeguard applications. Perform penetration testing, vulnerability assessments using tools like Anchore, Tenable, and Nmap, and contribute to security risk analysis and mitigation strategies. Contribute to Software Bill of Materials (SBOM) generation, threat modeling, and secure design principles to ensure compliance with industry security standards.

We are seeking a skilled and proactive Cyber Security Engineer to protect our organizations systems, networks, and data from cyber threats. The ideal candidate will be responsible for developing security measures, responding to incidents, and ensuring compliance with industry regulations. You have: Bachelor s degree in cyber security, Computer Science, Information Technology, or related field. 1-2 years of experience with security tools (SIEM, IDS/IPS, EDR, firewalls). Knowledge of network security, encryption, authentication, and cloud security. Understanding of ethical hacking, penetration testing, and forensic analysis. It would be nice if you also had: Experience with cloud security (AWS, Azure, Google Cloud). Knowledge of secure coding practices and DevSecOps. Familiarity with security frameworks and regulatory requirements. Industry certifications preferred (CISSP, CISM, CEH, CompTIA Security etc.). Monitor, detect, and respond to cyber threats, vulnerabilities, and attacks. Implement security measures such as firewalls, encryption, and endpoint protection. Conduct security assessments, penetration testing, and risk analysis. Develop and enforce security policies, procedures, and best practices. Ensure compliance with industry standards (ISO 27001, NIST, GDPR, HIPAA, etc.). Investigate security incidents and provide incident response and forensic analysis. Collaborate with IT and other departments to strengthen cybersecurity posture. Provide cybersecurity awareness training to employees. Stay up to date with the latest security threats, trends, and technologies.

Job Title: Collection Specialist Job Overview: We are looking for a Collections Specialist who is responsible for managing billing, and collecting all the outstanding accounts receivables from customers. In addition, you will be responsible for resolving customer billing problems,reducing the amount of accounts receivables, and tracking and reporting account receivable regularly. About Us Scrut Automation is an information security and compliance monitoring platform, aimed at helping small and medium cloud-native enterprises develop and maintain a robust security posture, and comply with various infosec standards such as SOC 2, ISO 27001, GDPR, and the like with ease. With the help of the Scrut platform, customers reduce their manual effort for security and compliance tasks by 70%, and build real-time visibility of their security posture. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is built out of India for the world, with customers across India, APAC, North America, Europe and the Middle East. Scrut is backed by Lightspeed Ventures, MassMutual Ventures and Endiya Partners, along with prominent angels from the global SaaS community Job Responsibilities: Partner with the sales team and customer success teams for customers to understand the contract and project status, and issue invoices to customers based on their billing milestones. Proactively communicate with customers over phone, email and/or chat to collect outstanding balances. Collaborate with sales, finance and customer success teams to resolve billing issues Monitor accounts on a daily basis to identify outstanding account receivables, and take necessary actions in order to encourage timely payments. Review Weekly Aging Reports and collect customer payments in accordance with payment due dates Assist with ad-hoc projects as needed Assist with month-end, quarter-end and year-end closing duties Required Skill Sets: Fluent in English and Hindi, including written and conversational abilities. Experience with software / SaaS businesses is strongly preferred. 4-5 years of proven experience as a Collection Specialist or similar role with the responsibilities above required. Bachelors Degree or equivalent Documented track record of continuous learning in a related field, a plus. Excellent knowledge of billing procedures Knowledge of various collection techniques Working knowledge of MS Office, Google Workspace, Zoho Comfortable working with targets . Why should this job excite you? Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India Flat-hierarchy, performance-driven culture Rapid growth and learning opportunities Comprehensive medical insurance coverage A high-performing action-oriented team Competitive package, benefits and employee-friendly work culture Note : Due to a high volume of applications, only the shortlisted candidates will be contacted by the HR team. We appreciate your interest and effort.

Job Description: Content Writer Role Details Position : Content Writer Location: Remote About SCRUT Automation Scrut Automation is an information security and compliance monitoring platform, aimed at helping small and medium cloud-native enterprises develop and maintain a robust security posture, and comply with various infosec standards such as SOC 2, ISO 27001, GDPR, and the like with ease. With the help of the Scrut platform, customers reduce their manual effort for security and compliance tasks by 70% and build real-time visibility of their security posture. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is built out of India for the world, with customers across India, APAC, North America, Europe and the Middle East. Scrut is backed by Lightspeed Ventures, MassMutual Ventures and Endiya Partners, along with prominent angels from the global SaaS community. About the Job: We re looking for a sharp, versatile, and B2B-savvy Content Marketing Writer with 3-4 years of experience crafting compelling, high-performing content for SaaS audiences. You ll play a key role in fueling our inbound engine by producing content that engages, educates, and converts, builds the brand, and establishes Scrut as a thought leader in the Infosec compliance space. This role requires strategic thinking, flawless execution, and a deep understanding of the B2B buyer journey. You should be able to take ownership of deliverables, produce work quickly and efficiently while integrating feedback at various stages, have a knack for experimenting with content formats and themes, and in planning future content based on audience responses. Responsibilities Own end-to-end content production : Write and edit blog posts, eBooks, case studies, whitepapers, landing pages, email sequences, video scripts, and newsletters, among other content marketing material. SEO-driven content creation : Use keyword research tools and SEO best practices to create optimized content that ranks and converts. Thought leadership and storytelling : Translate complex product and industry insights into clear, compelling narratives that position our brand as a category leader. Campaign support : Partner with the Demand Gen team to create content assets that support lead gen, nurture, and sales enablement. Content repurposing : Atomize long-form content into social snippets, infographics, and other formats to extend reach and lifecycle. Editorial excellence : Maintain brand voice, tone, and editorial guidelines across all assets. Performance-driven iteration : Track performance of published content and continuously refine strategy based on data and evolving SEO best practices.. Required Skills and Qualifications : Educational background in Communication/ Journalism. Proven ability to write long-form and short-form content across multiple formats and for different stages of the buyer s journey. Excellent communication skills, both written and oral. Sharp editing skills that ensure content is more engaging for the target audience. Strong attention to detail. Working understanding of SEO and content marketing strategy. Comfortable conducting interviews with Subject Matter Experts and turning technical topics into digestible content. Basic knowledge of keywords, meta tags, SEO and its implementation in writing. Experience in SaaS companies, followed by a publication, a brand team, or an agency, is preferred. Why should this job excite you? Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India A high-performing action-oriented team Immense exposure to the founders and the leadership Opportunity to shape the future of B2B SaaS Technology team with YOUR innovative ideas The competitive compensation package, benefits, and employee-friendly work culture