776 Iso 27001 Jobs - Page 4

About the Opportunity Operating within the Technology and Cybersecurity sector, our organization is a high-growth, on-site leader in cloud and security innovations in India. Focused on providing cutting-edge cloud security solutions, we drive secure digital transformation in dynamic environments, offering customized strategies to address complex security needs. This position seeks motivated professionals deeply engaged in advancing security postures for intricate cloud infrastructures and spearheading dedicated teams proactively. Role & Responsibilities Lead and manage multidisciplinary cloud security engineering teams to design, implement, and maintain robust and adaptable cloud infrastructures. Define and execute multiphase security strategies and technology roadmaps aligned with overarching business goals and dynamic regulatory standards. Collaborate across departments to embed security protocols seamlessly into cloud deployments and development lifecycles. Conduct thorough evaluations of emerging threats to select and deploy appropriate security tools, while innovating on processes to enhance protection and compliance. Develop, document, and validate comprehensive incident planning and response frameworks ensuring preparedness and minimized downtime. Advocate for governance rigor, promoting a culture of vigilance and adherence to industry standards and benchmarks. Skills & Qualifications Must-Have Proven leadership in directing cloud security engineering functions within dynamic and high-stakes environments. In-depth mastery of deploying and managing cloud security frameworks across leading platforms (AWS, Azure, GCP). Expertise in risk analysis, remediation planning, and navigating regulatory oversight, involving frameworks like NIST and ISO 27001. Demonstrated ability to synthesize complex projects with strategic leadership, delivering secure infrastructure solutions under tight deadlines. High interpersonal and communication skills for effective collaboration among technical and business leaders. Preferred Advanced certifications such as CISSP, CISM, or other recognized credentials demonstrating deep technical acumen. Hands-on experience with leveraging modern cloud-oriented security tooling for automating and optimizing security operations. Exposure to innovative approaches in adapting cloud security for evolving business and technical landscapes. Benefits & Culture Highlights Highly competitive compensation structure, including rewarding performance bonuses. Dynamic and inclusive work atmosphere prioritizing breakthrough innovation and knowledge growth. Leadership roles in impactful projects fostering significant advancements in the realm of cloud security operations. Ready to redefine boundaries in cloud securityJoin our ambitious team to protect and empower businesses through pioneering solutions tailored for the rapidly transforming digital era.

Roles & Responsibilities: Consultancy and Support towards Security and compliance controls with respect to various Bosch/Industry regulations Conduct compliance assessments and provide consultation on security frameworks, including ISO 27001:2022. Engage with stakeholders, including managers, application owners, and technical teams, to assess security controls and document security compliance. Conduct and consult on gap analyses for security policies, controls, and procedures. Assist in developing and maintaining Business Continuity Management Plans (BCMP). Provide guidance on security best practices, including penetration testing, vulnerability scanning, encryption, and backup/storage security. Ensure security documentation is complete, accurate, and up to date. Assist in the implementation of security standards, policies, and regulatory requirements. Follow the roadmap as aligned with customer unit in completion of Policy implementations and controls in the Applications Prepare reports and documentation to demonstrate compliance with relevant standards Ensure the customer KPIs, quality and deliverables are met Skills: Know-how in IT systems Experience in Application Management Processes, Governance and Policies Knowledge of security concepts, including penetration testing, vulnerability scanning, encryption, backup and storage security, business continuity management, and application security. Overview and Experience in Information, Project, IT Security and/or IAM and GRC Processes Work experience with GRC tools will be an added advantage Good working knowledge in MS office (Excel, word and PPT). Knowhow in excel functions (E. g. , Pivot table, charts , lookup functions, etc. , ) Professional oral and written communication skills Know-how on ITIL service management processes will be an added advantage Should be a good team player, flexible and deadline oriented Good verbal and written communication in English and German

Roles & Responsibilities: Consultancy and Support towards Security and compliance controls with respect to various Bosch/Industry regulations Conduct compliance assessments and provide consultation on security frameworks, including ISO 27001:2022. Engage with stakeholders, including managers, application owners, and technical teams, to assess security controls and document security compliance. Conduct and consult on gap analyses for security policies, controls, and procedures. Assist in developing and maintaining Business Continuity Management Plans (BCMP). Provide guidance on security best practices, including penetration testing, vulnerability scanning, encryption, and backup/storage security. Ensure security documentation is complete, accurate, and up to date. Assist in the implementation of security standards, policies, and regulatory requirements. Follow the roadmap as aligned with customer unit in completion of Policy implementations and controls in the Applications Prepare reports and documentation to demonstrate compliance with relevant standards Ensure the customer KPIs, quality and deliverables are met Skills: Know-how in IT systems Experience in Application Management Processes, Governance and Policies Knowledge of security concepts, including penetration testing, vulnerability scanning, encryption, backup and storage security, business continuity management, and application security. Overview and Experience in Information, Project, IT Security and/or IAM and GRC Processes Work experience with GRC tools will be an added advantage Good working knowledge in MS office (Excel, word and PPT). Knowhow in excel functions (E. g. , Pivot table, charts , lookup functions, etc. , ) Professional oral and written communication skills Know-how on ITIL service management processes will be an added advantage Should be a good team player, flexible and deadline oriented Good verbal and written communication in English and German

Hiring for IT audit and compliance. Compliance, DPDP, IT Audit, ISO 27001, RBI regulation, Excellent communication Loc- Andheri- Marol Exp- 3+ years Kindly share below details : Name: Contact number: Email ID: Skill expertise: Total Exp: Relevant Exp: CTC: Exp CTC: Offer: Current Location: Preferred Location: Notice Period: Current Company(payroll/ permanent): Reason for Change: Availability for Interview: Apply/share resume to preethi.kumar@harjai.com

Cloud Security EngineerCloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Information Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Information Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

Senior Cloud Security Engineer Experience: 6 - 10 Years Exp. Salary : INR 40-60 Lacs per annum Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Remote Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, GDPR, Remediation, vulnerabilities AND cloud, Cloud Security Posture Management, CSPM AlphaSense (One of Uplers' Clients) is Looking for: Senior Cloud Security Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Sr. Cloud Security Engineer Location: IND About AlphaSense: AlphaSense is a market intelligence platform used by the worlds leading companies and financial institutions. Since 2011, our AI-based technology has helped professionals make smarter business decisions by delivering insights from an extensive universe of public and private contentincluding company filings, event transcripts, news, trade journals, and equity research. Our platform is trusted by over 5,000 enterprise customers, including a majority of the S&P 500. Headquartered in New York City, AlphaSense employs over 1,500 people across offices in the U.S., U.K., Finland, and India. For more information, please visit www.alpha-sense.com. About the Role As a Sr. Cloud Security Engineer youll be working to improve the security of AlphaSenses cloud environments as part of the cloud security team. The team has strong independence to plan, drive and develop security improvements and controls. You will have room to select your focus within the responsibilities of the team. To be successful in this role you should have solid experience on containerised environments, infrastructure as a code and kubernetes. You will have autonomy and are expected to think independently and take ownership of your work. Ideal candidate has strong cloud security background with ability to work hands on with the infrastructure. We also welcome applicants with devops/infrastructure engineering background and keen interest in developing their skills in cloud security space. Responsibilities Develop and automate security controls for cloud infrastructure. Maintain, integrate and scale cloud security tooling. Investigate and remediate security vulnerabilities in cloud infrastructure. Building access controls across the cloud infrastructure. Partner with incident response teams to build detections for cloud infrastructure. Analyze and mitigate security incidents affecting products. Develop security standards for other engineering teams. Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR. Conduct architecture reviews, threat modeling, and code reviews to identify security risks. Collaborate with engineering and product teams. Qualifications Required 5+ years experience in cloud security 3+ years hand-on experience working with containerized environments Excellent understanding of AWS, k8s and IaC solutions Proficiency in one or more programming language Experience working with cloud security posture management tooling Nice to have Experience with Azure and GCP Experience in integrating security into CI/CD pipelines and DevOps workflows. Hands-on experience on threat modeling and security architecture reviews. Hands-on experience of working with compliance requirements and turning them to technical controls. Contributions to security communities, open-source projects, or security research. Relevant security certifications (e.g., CKS). Why Join Us? Work on cutting-edge security challenges in a fast-growing company. Opportunity to shape and drive product security strategy. Collaborative and security-minded engineering culture. Competitive compensation, benefits, and career growth opportunities. If you're a hands-on security leader passionate about building secure products, wed love to hear from you! How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: We envision a future where innovation seamlessly integrates into every aspect of life, elevating the way businesses operate, professionals create, and customers connect. At our core, we follow the motto of continuous learning and growth to drive us forward. About Uplers: Uplers is the #1 hiring platform for SaaS companies, designed to help you hire top product and engineering talent quickly and efficiently. Our end-to-end AI-powered platform combines artificial intelligence with human expertise to connect you with the best engineering talent from India. With over 1M deeply vetted professionals, Uplers streamlines the hiring process, reducing lengthy screening times and ensuring you find the perfect fit. Companies like GitLab, Twilio, TripAdvisor, and AirBnB trust Uplers to scale their tech and digital teams effectively and cost-efficiently. Experience a simpler, faster, and more reliable hiring process with Uplers today.

The Senior Manager Information Security is responsible for leading the security automation product team and driving the development, integration and continuous improvement of a security automation platform. This role combines strong leadership, technical acuity, and product ownership skills to supervise a growing team responsible for automating security workflows, integrating tools, improving operational efficiency, and strengthening the overall cybersecurity posture. As the product owner of the security automation platform and service, the Senior Manager Information Security collaborates with collaborators to deliver impactful automations and maintain a scalable, secure, and resilient automation infrastructure. Key aspects of the role include aligning automation projects with organizational security goals, fostering innovation in machine learning applications, and ensuring the adoption of industry-leading practices by staying ahead of with evolving threats and trends. Roles & Responsibilities: Lead and mentor a team of security automation engineers, data engineers, and data scientists, fostering a collaborative and high-performance culture Oversee the security automation service, ensuring effective operations, prioritization, and continuous alignment with business and security goals Oversee the security automation product team to ensure adherence to SAFe/Agile methodologies and definitions of done, maintaining high-quality standards in deliverables Oversee the seamless operation, scalability, and efficiency of a cloud-based security automation solution, ensuring continuous enhancement of security controls and automation capabilities Develop strategies to streamline incident response, threat detection, and remediation processes using automation capabilities Drive and manage the seamless integration of new and existing security tools, platforms, and workflows to ensure a cohesive and optimized automation ecosystem Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST) Collaborate with collaborators to establish and supervise critical metrics related to SAFe implementation Generate and maintain security reports, metrics, and dashboards for management review Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations Build and deliver knowledge sharing presentations and documentation to educate developers and operations teams on application security standard methodologies and secure coding techniques Triage and assess findings from tools, external reports, and tests to determine real risks and prioritize remediation efforts Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues What we expect of you We are all different, yet we all use our unique contributions to serve patients. The professional we seek is a senior manager with these qualifications. Basic Qualifications: Master s degree and 8 to 10 years of Scrum teams management or related field experience OR Bachelor s degree and 8 to 10 years of in Scrum teams management or related field experience OR Diploma and 12 to 14 years of in Scrum teams management or related field experience. Preferred Qualifications: Experience managing and scaling security automation platforms and tools (e.g., SOAR) Demonstrated success in leading high-performing technical teams in an agile environment Strong understanding of integrating security tools and data platforms (SIEM, EDR, IAM, etc.) In-depth knowledge of cybersecurity frameworks, technologies, and best practices Experience in risk management, incident response, and security governance Strong knowledge of security architecture frameworks and principles Strong understanding of common software and web application security vulnerabilities Excellent communication, stakeholder management, and analytical skills. Good-to-Have Skills: Experience with network security, endpoint protection, and incident response Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) CISSP (preferred) TOGAF (preferred) Certified Scrum Product Owner (CSPO), or equivalent (preferred) Soft Skills: Initiative to explore alternate technology and approaches to solving problems Skilled in breaking down problems, documenting problem statements, and estimating efforts Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team-oriented, with a focus on achieving team goals

Let s do this. Let s change the world. In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and best practices with the team to continually enhance the organization s security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST) Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations Triage issues found by tools, external reports, and various tests, to accurately assess the real risks Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree and 1 to 3 years of directly related experience OR Bachelor s degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience Preferred Qualifications: Functional Skills: Must-Have Skills (Not more than 3 to 4): Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e.g. Swimlane, Cortex XSOAR, etc.) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Good-to-Have Skills: Knowledge of cybersecurity frameworks, technologies, and best practices Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications (please mention if the certification is preferred or mandatory for the role): CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Equal opportunity statement What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Let s do this. Let s change the world. In this vital role you will Guide and support junior team members by offering technical advice, conducting code reviews, and sharing knowledge to promote their professional development. Perform security testing (e.g., penetration testing, code reviews) and ensure continuous security monitoring across the organization s IT landscape. Identify vulnerabilities in networks, systems, applications, and infrastructure through hands-on penetration testing. Attempt to exploit discovered vulnerabilities to demonstrate their impact and prove their existence (e.g., retrieving sensitive data, elevating user privileges, or gaining access to admin functionality). Perform assessments on web applications, cloud environments, and network infrastructure. Use automated tools and manual techniques to identify security weaknesses. Conduct advanced post-exploitation tasks to simulate real-world attack scenarios. Work with third-party security vendors for audits, product testing, and external assessments when required. Use automated tools (e.g., Burp Suite, OWASP ZAP, or Acunetix) to identify common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and others. Document identified vulnerabilities in detail, explaining how they were found, their severity, and their potential impact. Include proof-of-concept (PoC) for critical vulnerabilities. Offer actionable, practical solutions for fixing the vulnerabilities, such as secure coding practices, configuration changes, or security controls. Use risk-based prioritization, categorizing issues by their severity and business impact (e.g., high, medium, low) to help the organization focus on the most critical issues. Continuously learn about the latest vulnerabilities, exploits, and security trends. Present the findings to stakeholders, security teams, and management, explaining the business risk and potential impacts of the vulnerabilities discovered. Familiarity with industry standards and compliance requirements (e.g., PCI-DSS, NIST, ISO 27001) and their relevance to penetration testing. What we expect of you We are all different, yet we all use our unique contributions to serve patients. This role has a strong focus on ensuring the organizations infrastructure, applications, and systems are secure from external and internal threats. This role is responsible for conducting authorized security tests on IT infrastructure to evaluate the strength of its systems against potential cyberattacks. A variety of automated tools and manual techniques are leveraged to simulate real-world attacks. The penetration tester then works with the organization to prioritize, remediate and report on identified issues, strengthening the overall security posture. Basic Qualifications: Bachelor s degree with 6 - 8 years of experience in Computer Science, Cybersecurity or Information Systems related field . Preferred Qualifications: Must-Have Skills: Strong knowledge of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25), network protocols, encryption standards, application security and common penetration testing methodologies (ISSAF, OSSTMM, PTES). Familiarity with tools like Burp Suite, OWASP ZAP and Metasploit. A deep understanding of web application architecture, databases, and authentication mechanisms. Ability to think critically and creatively when testing and attempting to exploit vulnerabilities. Good-to-Have Skills: Experience with threat intelligence and incorporating emerging threats into penetration testing practices Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications (please mention if the certification is preferred or mandatory for the role): Preferred: eJPT, eCPPT, eWPT, OSCP, OSWA, GWAPT What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Let s do this. Let s change the world. In this vital role you will be responsible for the oversight and hands-on leadership of the Access and Privileged Access Management (PAM) team within Digital Identity Access Services (DIAS) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in Okta, Microsoft Entra and PAM technologies like CyberArk, SSO, MFA, Password Vaulting and Privileged Account Management. Candidate should have a deep understanding of security standard processes, and the ability to lead a team in a dynamic, global environment. Roles & Responsibilities: Develop and maintain the Access and PAM standards and architecture, ensuring that it meets industry standards. Assess and select IAM technologies and tools that align with Amgen s IAM strategy. Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations. Develop and implement the IAM (Identity Access Management) strategy aligned with the organizations information security goals and regulatory requirements. Lead the design, implementation, and management of IAM solutions, including governance, access management, and privileged access management. Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights. Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information. Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks. Stay ahead of with industry trends, emerging threats, and standard processes in IAM. Collaborate with IT and security teams to integrate IAM solutions with other security and business systems. Develop and maintain key performance indicators (KPIs) to track service metrics and generate regular reports for management. Evaluate and implement IAM tools and technologies to enhance security and streamline processes. Participate in vendor proposals, contract negotiations/renewals. This role on occasion might have responsibilities outside of business hours. Travel: International and/or domestic travel up to 10% may be important. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications and Experience: Master s degree with 4 years of experience related field OR Bachelor s degree with 6 of experience in related field OR Diploma with 8 years of experience. Functional Skills: Strong knowledge of Privileged Access Management, Session Management and Vaulting technologies. Working knowledge of Web Access Management and SSO technologies (Okta, Azure, Ping Federate, SAML, OAuth, and OpenID/Connect). Experience and background of B2B concepts and architecture, application and reverse proxies, SSO, and multi-factor authentication. Familiarity with security standards and regulations (e.g., NIST, ISO 27001). Experience with Authentication, Provisioning/Deprovisioning, Role Management, Session Management and Privileged Account Management. Experience in driving transformation initiatives using Scaled Agile methodology. Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization. Good-to-Have Skills: Work experience in the biotechnology or pharmaceutical industry. Degree in Computer Science, Information Systems, or Engineering. Familiarity with GxP standards, Information Security standards and policies like ISO 27001/27002, NIST and others. Strong problem-solving and analytical skills. Demonstrated ability to work effectively in a fast-paced, dynamic environment. Understanding of ITIL processes and implementation. Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications CompTIA Security+ (preferred) Cloud Identity or Security Certification (preferred) Okta Certification (preferred) CyberArk Certification (preferred) Soft Skills: Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams. High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Let s do this. Let s change the world. In this vital role you will be an integral part in driving growth & innovation, improving efficiency and creating enterprise value - supporting our mission To Serve Patients . The Manager-Information Security will be responsible for the oversight and hands-on leadership of the Directory Services (AD and LDAP) team within the Digital Identity Access Services (DIAS) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in Active Directory, Enterprise Unix LDAP and other Directory services. Candidate should have a deep understanding of security standard processes, and the ability to lead a team in a dynamic, global environment. Roles & Responsibilities: Manage Amgens Internal and External PKI Technologies Manage External PKI vendors like Sectigo and Entrust Develop and maintain the Directory and LDAP standards and architecture, ensuring that it meets industry standards and best practices Assess and select IAM technologies and tools that align with Amgen s IAM strategy Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations Develop and implement the IAM (Identity Access Management) strategy aligned with the organizations information security goals and regulatory requirements. Lead the design, implementation, and management of IAM solutions, including governance for Directory Services. Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights. Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information. Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks. Know the latest with industry trends, emerging threats, and standard methodologies in IAM. Collaborate with IT and security teams to integrate IAM solutions with other security and business systems. Develop and maintain key performance indicators (KPIs) to track service metrics and generate regular reports for management. Evaluate and implement IAM tools and technologies to enhance security and streamline processes. Participate in vendor proposals, contract negotiations, and support renewals. This role on occasion might have responsibilities outside of business hours. Travel: International and/or domestic travel up to 10% may be essential. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree with 4 to 6years of experience related field OR Bachelor s degree with 6 to 8 years of experience in related field OR Diploma with 8 - 12 years of experience in related field. Preferred Qualifications: Must-Have Skills: Strong knowledge of Internal and External PKI (Public Key Infrastructure). Strong knowledge of Directory Services and LDAP Services. Solid understanding of Active Directory Domain structure and security, Windows Operating Systems and Domain Controllers, Azure AD and Microsoft Entra ID. Strong knowledge of LDAP directories and managing LDAP Structure. Knowledge of LDAP Schema and configuration changes. Create and modify Shell Scripts for bulk LDAP operations. Creation and implementation of LDAP Business Continuity plans. Familiarity with security standards and regulations (e.g., NIST, ISO). Experience with Authentication, Provisioning/De-provisioning, Role Management, Session Management and Directory Services. Experience in driving transformation initiatives using Scaled Agile methodology. Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization. Good-to-Have Skills: Work experience in the biotechnology or pharmaceutical industry. Degree in Computer Science, Information Systems, or Engineering. Familiarity with GxP standards, Information Security standards and policies like ISO 27001/27002, NIST and others. Strong problem-solving and analytical skills. Demonstrated ability to work effectively in a fast-paced, dynamic environment. Understanding of ITIL processes and implementation. Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications CompTIA Security+ (preferred) Cloud Identity or Security Certification (preferred) Microsoft Azure Certification (preferred) Soft Skills: Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Jul 21, 2025 Location: Mumbai Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant/ AM/ DM in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities & Desired qualifications Relevant 2 to 8 years experience in Cloud Security Strong understanding of cloud technologies and platforms: Azure/AWS/GCP/OCI Understanding of cloud security architecture Understanding of Zero trust principle, security technologies and controls: AWS/Azure/GCP/OCI cloud native security controls, Identity Access Management, Data Security, IDS/IPS, SIEM, web application firewall, cryptography, Kubernetes, container security etc. Should have conducted cloud security assessments and configuration reviews as per industry best practices Familiarity with industry-leading standards and frameworks such as ISO 27001, NIST, CSA CCM, CIS benchmarks to help clients adhere to compliance requirements Knowledge and experience of Risk Management Lifecycle (Risk Identification, Risk Assessment, Risk Response, & Reporting) Experience with cloud security tools and services Knowledge and experience in developing/creating cloud security policies and frameworks for organizations Effective written and communication skills Strong sense of ownership, urgency, and drive Demonstrate teamwork and collaborate with other teams to ensure client s cloud environment is secure Location and way of working Base location: Mumbai, Delhi, Pune, Hyderabad and Bangalore Professional is required to work from office

Jul 21, 2025 Location: Pune Designation: Deputy Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Develop, implement, and manage a comprehensive risk management program to identify, assess, and mitigate cybersecurity risks across IT systems and processes. Continuously monitor the risk landscape, ensuring effective implementation and maintenance of mitigation strategies, while reporting on compliance with relevant laws, regulations, and industry standards. Lead audits and assessments to verify cybersecurity compliance, providing remediation guidance for identified gaps, and staying up to date with regulatory changes. Implement and maintain cybersecurity controls and frameworks, including NIST CSF, NIST 800-53, ISO/IEC 27001, and IT General Controls (ITGCs), ensuring alignment with industry standards and organizational needs. Manage the organization s ISO/IEC 27001 certification process, including the development and maintenance of an Information Security Management System (ISMS), conducting internal audits, gap analyses, and preparing for external audits. Develop and manage a third-party risk management program, including due diligence, risk assessments, and collaboration with other departments to ensure vendors meet cybersecurity requirements and contracts include appropriate clauses. Design, document, and regularly update a cybersecurity control framework that complies with relevant industry standards and regulatory requirements (e.g., NIST, ISO/IEC 27001, CIS, PCI DSS, RBI, SEBI, IRDA, DPDPA, GDPR, DORA). Conduct workshops with senior stakeholders to appraise them of cybersecurity frameworks and control requirements, ensuring continuous improvement of the organization s cybersecurity posture. Desired qualifications Bachelor s degree in information technology, Computer Science, or a related field (or equivalent experience). 1-8 years of experience in information security, cyber security compliance, risk assessment or a similar role Good understanding of IT control frameworks (PCI DSS, NIST, COBIT, ITIL, CSF, ISO 27001, ITIL, COSO etc.) Good understanding and Indian and global cyber security regulations Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to work independently and as part of a team. Experience with risk management, compliance, and audit processes.

Experience in defining supplier audit process, KPIs/OKR s specific to Audits Determine supplier audit scope and develop annual plans Ability to develop and implement effective audit plans and strategies Perform and manage the supplier audit cycle Prepare and present reports that reflect audit s results and document Maintain regular communication with management and audit committee, suppliers Prepare and publish the audit findings along with the Auditor panels Strong analytical skills to identify gaps and propose process improvements Experience in collaborating with cross-functional teams to drive continuous improvement Excellent communication skills to maintain regular interaction with management, audit committees, and suppliers Capability to assess operational effectiveness and ensure compliance with regulations Knowledge and experience in ISO21434 and ISO 27001 standards and UNR 155 / 156 or equivalent to AIS - 189 & AIS - 190 requirements Experience in performing risk assessments, understanding security requirements and security concepts Capability to assess operational effectiveness and ensure compliance with regulations Proactive approach to developing a cyber security and safety culture within the organisation Experience in analysing audit patterns and driving process improvements across departments Engagement in continuous knowledge development in best practices, tools, techniques, and standards Job Family Governance Renault Group is committed to creating an inclusive working environment and the conditions for each of us to bring their passion, perform to the full and grow, whilst being themselves. We find strength in our diversity and we are engaged to ensure equal employment opportunities regardless of race, colour, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, etc. If you have a disability or special need requiring layout of the workstation or work schedule, please let us know by completing this form. In order to follow in real time the evolution of your applications and to stay in touch with us, we invite you to create a candidate account. This will take you no more than a minute and will also make it easier for you to apply in the future.

" Security Operations (SecOps) Engineer Location: Bangalore Team: Security & Compliance Reports to: Engineering Manager Platform & Security About Josys Josys is on a mission to redefine enterprise IT operations through automation, visibility, and security. As we continue to scale globally, securing our cloud-native infrastructure and application ecosystem is more critical than ever. We are looking for a passionate Security Operations Engineer to join our security team and help strengthen our defenses and practices across the cloud. Job Summary As a Senior SecOps Engineer , youll lead the design and implementation of security controls across cloud infrastructure, CI/CD pipelines, and application layers. You ll act as a subject matter expert in both preventive and detective controls, vulnerability management, and compliance enforcement. We are looking for someone hands-on with a deep understanding of cloud and application security especially across AWS, data privacy, and regulatory frameworks . Key Responsibilities 1. Cloud Security Monitoring & Compliance Configure and optimize AWS-native security tools like Security Hub, GuardDuty, Config, CloudTrail for real-time detection and compliance. Drive Cloud Gap Assessments and security posture reviews across multi-account AWS environments. Ensure alignment with standards like CIS, ISO 27001, SOC 2 , and regulatory requirements including GDPR and data residency controls . 2. Incident Response & Remediation Lead investigation and remediation efforts in partnership with L1 support and SRE teams . Perform root cause analysis , implement fixes, and establish preventive controls. Build runbooks, define escalation processes, and improve incident response automation . 3. Secure DevOps & CI/CD Integration Integrate automated security tools in CI/CD for both infrastructure and applications (e.g., SAST, DAST, IaC scanning). Implement IaC policy enforcement using tools such as tfsec, Checkov, or OPA . Embed security gates and practices early in the software development lifecycle. 4. Penetration Testing & Vulnerability Management Conduct or coordinate regular penetration testing using tools like Burp Suite, OWASP ZAP , or via third-party assessors. Manage end-to-end vulnerability lifecycle , from discovery through remediation. Translate findings into developer-friendly guidance and track fixes to closure. 5. Continuous Improvement & Security Awareness Stay current with cloud security trends, vulnerabilities, and threats . Drive security awareness training and contribute to improving engineering security hygiene. Influence architectural decisions by embedding security principles into project planning. Required Qualifications 5 8 years of experience in cloud security, application security, or security operations roles. Deep knowledge of AWS security architecture, IAM, networking, and encryption practices . Hands-on experience with security testing tools like Burp Suite, OWASP ZAP , Nmap, and cloud-native monitoring tools. Strong grasp of compliance frameworks including GDPR, SOC 2, ISO 27001 , and data residency considerations . Solid scripting or automation skills (e.g., Python, Bash, Terraform). Must hold at least one relevant certification: AWS Certified Security Specialty CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional) Nice to Have Experience with container security (e.g., EKS, Docker) and runtime protection tools . Familiarity with security operations platforms (e.g., Splunk, ELK, or SIEM tools ). Experience working in fast-paced SaaS or DevOps-centric environments . Why Join Us Work on a global SaaS platform at the cutting edge of IT automation and cloud security. Lead initiatives that shape how modern enterprises manage risk. Join a culture of ownership, innovation, and collaboration. Remote-friendly work culture with high-impact opportunities.

" Who We Are Nirvana is on a mission to harness the power of data to revolutionize commercial insurance and enable a safer world. We are bringing much-needed innovation into the legacy, trillion-dollar commercial insurance industry. We have developed cutting-edge predictive models that use real-time IoT data from billions of connected devices, allowing us to better understand and price risk. Our AI-driven platform fundamentally changes the way an insurance company operates with personalized risk scoring, faster underwriting, modernized claims, and proactive, data-driven insights to help customers prevent accidents. We ve already proven the scale reaching well over $100 million in premiums and more than doubling year over year. Our data moat is growing exponentially with more than 20 billion miles of telematics data, leading to more predictive models and new insights into how we can better understand and reduce risk. Altogether, our loss ratio, efficiency, and customer experience are redefining what can be done in the industry. With $170+ million raised, including an industry-leading Series C round in January 2025, we re only accelerating our growth, with strong support from top-tier VCs including Lightspeed, General Catalyst, and Valor. Nirvana s leadership team has previously helped scale multi-billion-dollar companies from scratch, including Samsara, Rubrik, and Flexport, and includes industry veterans from Hiscox, The Hartford, and RLI. About the Role Your work will power the infrastructure behind every product line and engineering team at Nirvana. By keeping our systems performant, reliable, secure, and cost efficient, you will enable faster delivery, smoother developer workflows, and a consistently excellent experience for customers company wide. Set the strategy: Own the infra roadmap, make buy vs build decisions, and align investments with Nirvana s product goals. Lead the team: Grow and mentor a high performing group of builders, foster a culture of ownership and experimentation. Build critical systems: Design, ship, and operate the cloud native foundations that every engineering team relies on. Champion best practices: Drive security, reliability, and cost efficiency through automation and clear standards. Own Core Systems: Architect, build, and operate Nirvana s cloud-native data and compute infrastructure, ensuring scalability, security, and reliability as we continue to integrate and process billions of events per day. Drive Platform Excellence: Partner closely with product, data, and engineering teams to deliver a robust developer experience, high-availability services, automated deployments, and observability across the stack. Elevate Team & Culture: Help shape a high-performing, collaborative engineering culture. Mentor engineers and champion best infra practices as we scale. Build vs Buy decisions: You will be involved in critical decisions that will define & shape up the future of our Infrastructure involving buying vs build it in-house decisions What You ll Work On Platform Reliability & Automation: Build automation for cloud resource provisioning, CI/CD pipelines, end-to-end monitoring, and incident response. Lead efforts to improve reliability, latency, and system self-healing. Cost Optimization & Observability: Develop strategies and tools to optimize for performance, cost, and resource efficiency. Define SLOs/SLAs, implement metrics & dashboards, and drive root-cause analysis. Workflow Orchestration: Level up our in house Temporal style engine with rich features, frictionless devX, and zero downtime upgrades. ML & Compute Foundations : GPU/CPU pools and one click model rollouts that let data scientists push to production in hours. Observability & Reliability : Unified metrics/traces/logs, SLO dashboards, and automated chaos/self healing to keep everything fast and stable. Developer Experience Tooling: Golden path templates, GitOps workflows, and bespoke CLI/IDE plugins that turn infrastructure into a superpower. About You You are an owner. You take end-to-end responsibility for mission-critical infra and are comfortable making architecture decisions with long-term impact. You ship . You thrive on delivering reliable infra improvements into production and enabling others to move faster and safer. You are a craftsman . You take pride in building high-quality, resilient systems and automating toil wherever you see it. You love simplicity. You favor elegant, maintainable solutions to complex scaling challenges, and push for automation and standardization. You re a lifelong learner . You excel at picking up new infra technologies, cloud stacks, and approaches and relish driving continued technical evolution. You value clear, open communication whether through code reviews, runbooks, architecture docs, or incident retrospectives. Requirements 7+ years building large-scale backend and infrastructure systems (e.g., with Golang, Scala, Java, or C++), including significant time designing, operating, and improving distributed systems and stateful services. Deep experience with cloud-native infrastructure (AWS, GCP, or Azure) and containerization/orchestration (Docker, Kubernetes, etc.). Demonstrated ability to decompose complex systems into reusable modules, design APIs/interfaces, and drive adoption of platforms or shared tooling. Experience with infrastructure-as-code, CI/CD, monitoring, and incident management for production systems at scale. Passion for developer productivity, automation, and working cross-functionally to deliver robust, scalable platforms. Nice-to-have Security & Compliance: Implement robust cloud security practices, automate compliance (SOC2, etc.), manage identities/roles, and ensure data privacy across multi-tenant environments. Cloud native security chops least privilege IAM, secrets management (Vault/KMS), container runtime hardening, OPA/Kyverno policy as code, and automated vulnerability scanning. Experience building ML infrastructure (GPU scheduling, feature stores, model serving, experiment tracking). Background in compliance automation (SOC 2, ISO 27001) and incident response/threat modeling. Familiarity with high throughput streaming systems (Kafka, Kinesis) and time series databases for telemetry. What You ll Get from Us Competitive compensation & meaningful equity Medical insurance Monthly stipend for anything that gives you joy Hybrid culture and reimbursement for home office equipment Flexible vacation policy & work-life balance A culture of transparency, autonomy, and positive energy #LI-Hybrid " , "directApply":true , "identifier":{"@type":"

Jul 19, 2025 Location: Pune Designation: Assistant Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Brand Go-to-Market and Eminence Conduct threat assessment for banking applications and cloud-native architectures. Collaborate cross-functionally with development, security, and cloud engineering teams to integrate security best practices. Identify and document security threats, vulnerabilities, and risks across application lifecycles. Recommend appropriate mitigation strategies and validate implementation of security controls. Maintain accurate and up-to-date security documentation and threat model repositories. Leverage industry-leading security platforms such as Tenable, Qualys, and Prisma Cloud for vulnerability assessment and monitoring. Ensure alignment with SDLC, DevSecOps practices, and regulatory compliance standards such as RBI, GDPR, and ISO 27001. Use tools like IriusRisk and ThreatModeler to create and manage automated threat models. Contribute to security awareness and threat assessment training for technical teams. Stay current with emerging threats, security trends, and best practices in application and cloud security. Desired qualifications Research, insights, content, and thought leadership Minimum 3+ years of hands-on experience in threat assessment or application/cloud security. Strong understanding of threat assessment methodologies such as STRIDE, DREAD, and PASTA. Solid knowledge of secure SDLC, CI/CD pipelines, and implementation of application/cloud security controls. Experience working with cloud platforms (AWS, Azure, GCP) and related security tools. Familiarity with threat assessment platforms like IriusRisk, ThreatModeler, or equivalent. Prior experience in banking or financial services domain is highly preferred. Relevant industry certifications such as CEH, CompTIA Security+, AWS/Azure Security Specialty, or equivalent. Strong analytical, documentation, and communication skills to collaborate with cross-functional teams. Ability to assess risks and recommend mitigations that align with business and compliance needs. Creative thinking Brainstorm with the team to ideate newer ways of representing content in a reader-friendly manner through presentations, infographics, videos, battle cards etc. Innovative content creation that captures attention and improves readability Ability to work with cross-functional teams, and business, market, and brand leaders within the firm Strong interpersonal communication skills Location and way of working Base location: Pune/Bangalore Professional is required to work from office Your role as an Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte

Responsibilities Date posted 07/21/2025 End Date 08/04/2025 City Noida State/Region Uttar Pradesh Country India Location Type Onsite Calling all innovators find your future at Fiserv. Job Title Specialist, Risk Assurance What does a successful Risk and Compliance Specialist do at Fiserv: Fiserv is seeking a skilled risk and compliance professional to join its Enterprise Risk and Controls team. This dynamic role spans multiple responsibilities, including Third Party Risk Assessments for vendors and support for PCI and SOC audits as part of the organizations Third-Party Audit initiatives. The position is ideal for professionals who are adaptable and eager to contribute across various risk programs within the department. The role primarily centers on contributing to the Third Party Risk Management (TPRM) function. It involves gaining a comprehensive understanding of security policies, standards, and related processes within the scope of the TPRM program. Leveraging strong assessment capabilities, you will ensure that vendor-related risks are effectively identified, evaluated, mitigated, and continuously monitored to uphold the highest standards of security and compliance. What you will do: Developing detailed understanding of security policies, standards, and associated processes as it pertains to third party risk management program. 5-8 years of experience in the domains such as risk and compliance, information security Driving collaboration between cross-functional stakeholders and facilitating strong partnership with Fiserv Business Units Capability of contributing to TRPM Risk transformation projects in alignment with organization strategy. Responsible for independently conducting third-party risk assessment in line with security standards, practices encompassing people, process and technology controls Proficient in reviewing documentation including but not limited to security policies, processes, SOPs, third party audit/assurance reports including SOC 2, PCI AOC/ROC/ROV/SAQ, ISAE, ISMS, penetration testing, vulnerability scanning reports to identify gaps/exceptions Responsible for monitoring, tracking risks through closure by collaborating with multiple constituents including internal and external stakeholders; ensuring auditable results are maintained throughout the engagement. Ensure accurate and timely review; responsible for well-written observations, and walking stakeholders through the process lifecycle as needed Lead and participate in regional and global TPRM governance forums and liaise with business stakeholders. Document and maintain the relevant documentation. Establish trust and credibility with key partners; develop and foster constructive professional relationships with multiple stakeholders including but not limited to executive and line management, risk officers, risk contacts and third-party contacts Work on vendor events, liaison with business stakeholders and follow-up with vendors Mentor and train Junior team members on Vendor Risk Assessment program. What you will need to have: Bachelor s Or Master s degree from an accredited university is preferred, equivalent work experience will be considered. 5- 8 years of experience in IT Risk and Compliance Management or Information Security domain Good interpersonal, written/verbal communication, and organizational skills Ability to handle internal and external discussions/interactions issues in a professional, assertive, and proactive manner Ability to work effectively within a matrixed organization Strong organizational and time management skills with Global stakeholder management Strong MS office skills (Microsoft Excel, Word, PowerPoint, and SharePoint) Exposure to GRC ( Governance, Risk and Compliance tools) What would be great to have: Financial services experience, including working in highly regulated environments Knowledge of IT audit, ISO 27001, ITIL, Vendor Risk Management process Ability to interact across all levels of management Attention to detail with a commitment to high-quality standards A successful track record for delivering results in a timely manner Industry Certifications: CISA, CRISC, CTPRA, ISO 27001 LA/LI or equivalent etc.) Thank you for considering employment with Fiserv. Please: Apply using your legal name Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable). Our commitment to Diversity and Inclusion: Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. Note to agencies: Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions. Warning about fake job posts: Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address. Share this Job Email LinkedIn X Facebook

Lead and execute ISO 27001 implementation and audit projects , including risk assessments, gap analysis, and compliance checks- Drive the implementation of NIST cybersecurity frameworks (e-g-, NIST CSF, 800-53, 800-171) for clients across industries- Provide strategic guidance on security best practices, governance, risk, and compliance (GRC) initiatives- Perform internal audits and prepare clients for certification audits in alignment with ISO standards- Create and maintain Information Security Management System (ISMS) documentation and support continual improvement processes- Collaborate with cross-functional teams and manage end-to-end client engagements - Mentor and lead a team of junior consultants; review deliverables and ensure timely project delivery- Conduct security awareness sessions, training, and workshops for clients and internal stakeholders- Stay updated on evolving threats, industry standards, and compliance regulations- Should be open to travel and work at client premises as and when required by project or business demands is essential- Requirements 5 to 8 years of professional experience in Information Security consulting- Proven experience with ISO 27001 implementation & auditing- Experience in NIST framework implementation and controls assessment- Experience in auditing cloud environments across platforms such as AWS, Azure, or Google Cloud - Strong understanding of GRC practices and cybersecurity principles- ISO 27001:2013/2022 Lead Auditor Certification is mandatory- Prior team management or leadership experience is required- Excellent communication, documentation, and presentation skills- Ability to work independently and manage multiple client engagements- Exposure to other frameworks and standards like SOC 2, HIPAA, GDPR, PCI DSS is a plus- Experience working with clients from BFSI, IT/ITES, or Healthcare sectors- Additional certifications such as CISA, CISM, or CISSP are advantageous- Benefits Competitive salary and benefits Medical Insurance - Self & family Parental Support - Maternity Leave Retirement Benefits - PF Contribution Opportunities for professional growth Collaborative and inclusive work environment

Company RNTBCI PL Job Description Experience in defining supplier audit process, KPIs/OKR s specific to Audits Determine supplier audit scope and develop annual plans Ability to develop and implement effective audit plans and strategies Perform and manage the supplier audit cycle Prepare and present reports that reflect audit s results and document Maintain regular communication with management and audit committee, suppliers Prepare and publish the audit findings along with the Auditor panels Strong analytical skills to identify gaps and propose process improvements Experience in collaborating with cross-functional teams to drive continuous improvement Excellent communication skills to maintain regular interaction with management, audit committees, and suppliers Capability to assess operational effectiveness and ensure compliance with regulations Knowledge and experience in ISO21434 and ISO 27001 standards and UNR 155 / 156 or equivalent to AIS - 189 & AIS - 190 requirements Experience in performing risk assessments, understanding security requirements and security concepts Capability to assess operational effectiveness and ensure compliance with regulations Proactive approach to developing a cyber security and safety culture within the organisation Experience in analysing audit patterns and driving process improvements across departments Engagement in continuous knowledge development in best practices, tools, techniques, and standards Job Family Governance

Jul 21, 2025 Location: Bengaluru Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile A Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: A Security Operations Center (SOC) Manager, with expertise in SOC, UEBA, networking, and infrastructure, is needed to lead a team of 40 security professionals. This role requires strong leadership, technical proficiency, and the ability to manage a large team while ensuring effective threat detection and incident response. Key Responsibilities: Team Leadership & Management: Lead, mentor, and manage a team of SOC analysts, engineers, and specialists. Foster a collaborative and high-performing team environment. Service Delivery Oversight: Oversee all aspects of SOC operations, including monitoring, detection, analysis, and incident response. Incident Response: Manage and prioritize incident response activities, acting as a senior escalation point for critical security incidents involving network infrastructure and other enterprise systems. Threat Management: Develop and implement strategies for proactive threat hunting, threat modeling, and the development of use cases for security monitoring. Technical Expertise: Possess strong knowledge of SIEM technologies, UEBA, network security, and infrastructure management. Policy & Procedure Development: Develop and implement security policies and procedures for incident response, vulnerability management, and security compliance. Client Engagement: Serve as the primary point of contact for client engagements, ensuring SOC services are aligned with client needs and objectives. Reporting & Communication: Create reports, dashboards, and metrics for SOC operations and present them to senior management. Desired qualifications Required Skills & Experience: Proven experience in managing and leading a SOC team, preferably with a team size of 40+ members. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). Proficiency in using SIEM tools and UEBA solutions. In-depth knowledge of network security principles and infrastructure management. Experience with incident response methodologies and best practices. Excellent communication, interpersonal, and leadership skills. Experience in threat hunting and threat modeling. Relevant certifications Preferred (e.g., CISSP, CISM, SANS certifications) are highly desirable. Location and way of working Base location: Bangalore Professional is required to work from client location. Your role as a Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you ll grow

Grade H - Office/ CoreResponsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Entity: Technology IT&S Group To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC). Are you passionate about protecting what matters mostWere seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security. Were looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bps strategy. Role Synopsis In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with the Supply Trading and Shipping (ST&S) business areas, you will support the protection of IT systems and business data that are important to bps energy production capabilities. You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that ST&S teams can operate with confidence, knowing their systems and processes are secure. Ready to make a real impact in energy trading securityJoin us in safeguarding the people, processes and systems that power our transition to net zero! Key Accountabilities In this role you will deliver security activities to support the ST&S business areas. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities: Security Assessments : We need someone that can conduct comprehensive assessments of systems, identify risks and issues while recommending appropriate remediation measures. Technical & Non-Technical Risk Advisory : Youll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly. Cyber Behaviour Promotion : We strive to build a strong cyber security culture. Youll assist with the development and promoting good cyber behaviours in day-to-day operations. Incident Management Support : When security incidents happen, we need you to provide specialist security expertise. Youll support incident response activities and improvement recommendations. Customer Support : We want you to act as the go-to point of contact for information security. Youll provide timely and accurate expertise on security matters affecting their systems or data. You will: Assess and Evaluate : Youll perform regular security assessments of ST&S systems. We use established methodologies to identify potential risks, weaknesses and security gaps. Respond and Advise : We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements. Analyse and Report : Youll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences. Support and Collaborate : We work closely with ST&S teams to implement security measures. Youll help maintain a robust security posture while aligning with operational needs. Promote and Educate : We nurture positive cyber security behaviours! Youll work within P&O teams through targeted awareness activities, training support, and expert guidance. Monitor and Review : We want someone who understands the security landscape affecting ST&S systems and stay ahead of emerging threats and industry standard methodologies. Education Bachelors degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering. Working towards professional certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or CompTIA Security+. Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework. Desirable Experience and Capability Previous track record in information security roles, preferably with some exposure to trading technology (OT) or financial regulated environments. Ability to explain security concepts to a variety of audiences in the ST&S domain. Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments. Attention to detail and ability to work independently while balancing multiple activities. Ability to adapt security recommendations to different operating environments. Ability to use technology, data, and insights to enable decision making. Travel Requirement Up to 10% travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism

Job Overview: Are you ready to drive excellence in risk management and assurance at a globally respected technology leaderAt Arm, our ISO Internal Audit team is essential in ensuring compliance, continuous improvement, and the effectiveness of our quality, information security, and environmental management systems. Our audit function not only provides ISO compliance assurance but also contributes to the organization s processes by finding opportunities for improvement. Responsibilities: Deliver assigned audit activities under direction of audit lead. Complete and document internal audits aligned with ISO 9001. Collaborate with audit action owners to ensure audit recommendations are effectively implemented. Prepare detailed audit reports, clearly articulating findings, risks, and corrective actions. Support Arm during external audits and certification processes. Provide guidance to internal teams on ISO compliance requirements and best practices. Stay current with evolving ISO standards and industry regulations, proactively applying this knowledge within the audit process. Evaluate compliance with ISO 27001 and ISO 14001 standards, delivering insights and recommendations for continuous improvement. Required Skills and Experience: Certified ISO 9001 Lead Auditor. Bachelor s degree in Engineering, Science or a related field. 2 - 4 of years of experience conducting internal audits, with significant expertise auditing ISO 9001 management systems. Demonstrated experience within the semiconductor or closely related industries. Clear communicator with strong analytical, communication and interpersonal skills. Ability to work independently and demonstrate a growth mindset, drive collaboration across diverse functions, and actively contribute to shaping Arm s risk and quality culture. Nice To Have Skills and Experience: ISO 27001 and/or ISO 14001 certifications. Familiarity and experience with Institute of Internal Auditors (IIA) methodologies and standards. Proven ability to lead improvement initiatives in a complex technology environment. In Return: Arm is a global organization powered by a diverse community of high-impact collaborators. By enabling a dynamic, inclusive, meritocratic, and open workplace where everyone can grow and succeed, we encourage our people to share their outstanding contributions to Arm s success in the global marketplace. Equal Opportunities at Arm: #LI-PC1 Accommodations at Arm At Arm, we want to build extraordinary teams. . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Equal Opportunities at Arm

Job Description : Information Security Officer About Open: OPEN is a leading connected finance platform that empowers finance teams to manage their cashflow better by managing all their business finance systems, right from banking to accounting ERP, payments,CRM, HRMS etc. - in one place. OPEN, Indias 100th Unicorn, has been awarded the Best Workplace 2024 by IEEE in 2024. And was recognised by Forbes India and D Globalist s as Top 10 companies among 200 Companies and was featured in IDFC FIRST Private Hurun Indias Top 200 Self-made Entrepreneurs of the Millennia 2023. OPEN was also the recipient of Best Digital Banking Solution from the Global Fintech Fest in 2022 and had won the Most Innovative Neo Bank & the Most Innovative Digital Bank at the Indian Fintech Awards in 2021 & Internet andMobile Association of India (IAMAI) respectively. We are currently home to some of the smartest & brightest 500+ minds in the fintech space. OPEN is a Series D funded startup backed by leading international funds like Temasek, Google, Tiger Global, IIFL Finance Ltd.,SBI Holdings Japan, 3one4 Capital, Speed Invest, Beenext, Tanglin Venture Partner Advisors & Angellist to name a few. And to build and strengthen this superpower, we re on the lookout for an amazing Information Security Officer. Experience : 9+ years Location: Bangalore Responsibilities: Maintain and update information security related compliances such as ISO 27001, GDPR, SOC 2 ,, PCIDSS, RBI SAR on PAPG and DL Conduct periodic risk assessments and internal audits and vendor risk assessments Maintain compliance related documents across all scoped functions; Provide continuous support to the teams in their compliance journey. Perform ongoing refactoring of implemented controls. Liaise closely with the IT and Engineering team to implement best in class information/data security/privacy controls. Identify opportunities to adopt innovative technologies and best practices. Be the information security SPOC for our Regulatory Body ( RBI) external banking clients for cyber security related queries and closure. You should be able to prepare detailed data flow diagrams and documents for both clients and internal Addressed and remediated audit findings through process improvements, policy updates, and technical controls to ensure compliance and reduce risk Build a team of security officers to dedicatedly work for each of our banking clients for maintaining compliance and supporting banks queries. Requirements 9+ years of experience in implementation and maintenance of information security related compliances. Excellent understanding of IT , SDLC ,Devops processes. Develops and delivers security awareness training and conducts phishing simulations to reduce user risk Very good understanding of cloud architecture/technologies like kubernetes,docker, infrastructure as a code etc is a plus. Understanding of cloud platforms like AWS is a must. You should be able to communicate efficiently with devops teams. Should be proficient conducting internal audits. Understanding of security engineering ( VAPT, devsecops etc ) and tools CSPM,DLP,WAF,EDR,SIEM,ASM ) is required. Should be able to lias with security engineering teams, vendors ,incident response teams for smooth implementation of compliances. Why work at Open You will be part of the early tribe that is changing the way business banking rolls. Every atom of your work will impact the way millions of businesses are run. You will work with some of the brightest minds who will celebrate your quirks. You will find growth & fun to be two-way streets - how you thrive and the way you jive, in turn drives Open.