776 Iso 27001 Jobs - Page 6

Job Description We are seeking a motivated and detail-oriented Compliance Analyst I to join our Governance, Risk, and Compliance (GRC) team at Grazitti Interactive. In this role, you ll be responsible for supporting compliance initiatives, assisting in audits, maintaining documentation, and promoting regulatory awareness across departments. This is a great opportunity for someone looking to build a career in information security compliance and gain exposure to global standards like ISO 27001, ISO 27701, and NIST. If you are process-driven, curious about compliance, and eager to learn in an ever-growing environment, this role is for you. Key Skills 1 2 years of experience in compliance, risk management, or a related role. Understanding of ISO 27001, ISO 27701, and NIST frameworks. Strong documentation, record-keeping, and organizational skills. Excellent verbal and written communication. Ability to work collaboratively with different teams. Basic knowledge of compliance principles and regulatory frameworks. Prior experience assisting in internal audits or compliance reviews. Familiarity with regulatory standards like GDPR, HIPAA, or CCPA. Exposure to drafting compliance documentation or audit reports. Proficiency in MS Office tools (Word, Excel, PowerPoint). Roles and Responsibilities Assist in creating, updating, and maintaining compliance policies and procedures. Collect and analyze data to support internal audits and risk assessments. Help identify compliance risks and assist in developing mitigation plans. Maintain detailed documentation and audit records for GRC processes. Contribute to compliance training, awareness sessions, and documentation rollouts. Work closely with various departments to ensure alignment with compliance goals. Communicate progress, updates, and findings with relevant stakeholders regularly. Life at Grazitti Share Your Profile We are always looking for the best talent to join our team

Job Purpose Responsible for overseeing and executing all accounting activities within the Birla White Kharia plant to ensure the smooth and efficient operation of the finance and accounting functions. This includes providing senior management with timely and reliable financial data that supports strategic decision-making, optimizes cost management, and contributes to the overall financial health and growth of the organization Job Context & Major Challenges Job Context: Birla White (BW) is White Cement division of UltraTech Cement Limited and is a P&L centre. In India, BW is leader in White Cement and Wall Care Putty with WC installed capacity of 680,000 MT per annum and Wall Care Putty capacity of 8,00,000 MT per annum. The overall volume would increase from 14,76,000 MT per annum to 20,86,000 MT per annum with the installation of Nathdwara plant. During last 10 years Birla White has grown from a single commodity product to significant value added and specialty products, such as Wall Care Putty, Textura, Level Plast, Birla White liquid primer, Distemper, GRC, 4 variants of fragrance putty, Bio Shield Putty, Waterproofing putty, etc. Further these products are offered in 80 + varied SKUs ranging from 01 kg pack to 1500 kg pack, with multiple packing requirements. Birla White plant is fully integrated and automated processing. The plant is accredited with ISO 9002, ISO 14001, SA 8000, and ISO45000 and ISO 27001. Finance & Accounting- Finance and Accounting of Birla White are centralised at Kharia Khangar. The thrust area for the position is to ensure correct and timely Marketing and manufacturing accounting, finalisation of Books of accounts, legal compliances (Excise, Customs, Taxation, Audits, etc), implementation of established financial discipline, fund management, cost control, minimise stores inventory carrying cost, ensuring timely preparation of MIS reports, Planning & Budgeting, review & updating SOPs, functional support for IT system development and effective utilisation of Man power. The job involves ensuring consolidation of data / information of depots / sales areas apart from product wise plant accounting. Continuous improvement in quality of the services and in internal control process & procedures is desirable from the position. The increasing complexity requires in-depth knowledge, communication and influencing skills as the incumbent has to deal across geography, functions and hierarchy. Key Challenges Ensuring Accounting as per latest Accounting Practices and Accounting Standards issued by ICAI. Develop and implement improved systems and controls to ensure proper internal controls. Establish Finance & Accounting set up for new Green field & Brown field projects Keeping abreast with the new enactments / amendments to protect company s interest and maximize tax benefits with minimum cost impact within the framework of relevant enactments so as to get competitive advantage. To device mechanism to ensure full compliance of statutory enactments concerning direct and indirect taxes minimizing cost impact in view of the increasing enactments and frequent amendments therein. People management Key Result Areas KRA (Accountabilities) (Max 1325 Characters) Supporting Actions (Max 1325 Characters) KRA1 Finance & Accounting Drive finance and accounting activities for Birla White s manufacturing including BW Katni & Nathdwara plant. Ensure accurate and timely closure and reconciliation of all accounts across the unit Review of P & L a/c and Balance sheet. On line monitoring of expenses and deviations for effective control. Drive the adoption of CFD policies and review and correct implementation of Ind. AS across Birla White Review and discussion with auditors to ensure periodic financial audits in line with statutory requirements. Monitor the accounting of cooperative stores and the colony school and books of accounts of subsidiary company. KRA2 MIS Ensure preparation of correct information & its collation for MIS/Budgeting . Support the preparation of the 3 year rolling budget of Birla White; review expenses against budgets on a periodic basis. Review and rationalize revenue and cost components with the concerned department heads Drive the maintenance of related MIS systems and the development of reports on a periodic basis to support the decision-making process of the organization. Review Sensitivity and other cost and financial parameters. Review of areas of Cost reduction. KRA3 Internal Control Establish and review systems and procedures to prevent irregularities and to ensure proper usage of resources. Establish guidelines governing accounting processes, payments and documentation across Birla White Plan and implement periodic internal audits, flagging areas of concern and taking corrective action where necessary Identify areas of excess spending and bring them to the attention of department heads, recommending methods of controlling these costs To formulate and develop the process for Review/ updating of Internal control procedures and documentation / Updating of manuals and SOP documents where ever needed. KRA4 Fund Management Monitoring cash flow accounts and banking activities, ensuring optimum fund utilization and compliance with statutory requirements Review Birla White s cash flow status on a regular basis Build relationships with banks and review financing options to optimize Birla White s cost of funds KRA5 Direct & Indirect Taxation(Excise & Service Tax) To ensure full compliance with minimum cost impact within the framework of corporate taxation Unit Level. Minimum Cost Impact within the framework of enactments. Devising mechanism to ensure full compliance. Identify studies Conduct field visits. Collect data & field measurement Analysis. Evaluation & recommendation. Ensure implementation. Recommend external agency for the studies. KRA6 People Development and Management Ensure the development, guidance and motivation of subordinates so as to ensure superior performance and employee satisfaction thereby achieving departmental objectives Identify training needs for subordinates and ensure the execution of the required training programs in a timely manner Carry out performance assessments and provide feedback to subordinates with a view of improving performance

We are seeking a highly skilled and proactive Cyber Security Analyst with 5 to 7 years of experience to join our IT Security team. In this role, you will be responsible for designing, implementing, and managing enterprise-level cybersecurity measures, conducting risk assessments, and ensuring compliance with industry standards such as ISO 27001. You will play a key role in enhancing the organizations security posture by mitigating threats, managing security tools, and responding to incidents effectively. What Will You Be Doing? Install, configure, and maintain firewalls , intrusion detection systems (IDS/IPS) , and other cybersecurity tools. Utilize tools like Wireshark , Nmap , Nessus , Burp Suite , and Splunk for threat analysis and vulnerability scanning. Strong knowledge on networking device Configuration and network setup Strong knowledge on Linux/Windows/Mac systems , and security tools Manage and enforce Office 365 security policies , DLP, and email security rules . Deploy and operate EDR tools (e.g., Sophos, Kaspersky, crowd strike) across endpoints and servers. Perform vulnerability assessments , network security testing , and web application testing and other tools Conduct security audits and assist with risk assessments and mitigation planning. Respond to and analyze security incidents and data breaches , coordinating containment and recovery efforts. Develop and maintain security documentation , SOPs, reports, and audit logs. Familiarity with incident response , root cause analysis , and forensics . Basic scripting for automation (e.g., PowerShell, Bash, Python). Monitor and analyze network traffic and security logs to detect and respond to potential security threats. Foundations to pursue certifications like CEH, Security+, or OSCP Implement and enforce security measures, such as firewalls, encryption, and access controls, to protect sensitive data and systems. Support ISO 27001 implementation and compliance, including: Information Security Risk Management Training and Awareness Programs Conduct Internal Audits Staff Training & Awareness

. . . We embrace all candidates that will contribute to the diversification and enrichment of ideas and perspectives at AHEAD. Principal Technical Consultant are seasoned experts in information security and information security related technologies. Successful candidates support the Security team in Delivery, Business Development, and Practice Development. Principal Technical Consultant collaborate with a diverse team of consultants with varying skills to meet and exceed client expectations through scoped engagements. They effectively facilitate and lead client engagements remotely by guiding engagements toward scoped objectives and troubleshooting to effectively resolve project risks or issues. Principal Technical Consultants effectively lead client delivery engagements by executing the necessary project tasks, producing expected collateral, and presenting artifacts at any time throughout an engagement, while acting in a leadership capacity to the project team(s). Principal Technical Consultant also support business development activities alongside a sales specialist to qualify client needs and expectations or demonstrate a capability or skillset. They may be directly engaged in client-facing interactions to identify client needs and to produce and/or present sales proposals, leading client-visioning, or discovery sessions. Principle Technical Consultant may also collaborate with other AHEAD Practice areas to identify complex, cross-practice solution sets to achieve a client s desired state or outcome. Lastly, AHEAD Principal Technical Consultant also leverage their visibility and experience to contribute to the continuous improvement and maturation of in-practice service offerings and capabilities by proposing ideas for change and executing on ideas that are committed. This includes positively impacting our service portfolio and individuals on the team through thought leadership and mentorship. Key Responsibilities The following are the expectations of a Principal Technical Consultant: Client Delivery Support sessions of strategy, roadmap, design, and planning workshops for small to medium sized service engagements Execute on project objectives, requirements gathering, project tasks/milestone, project status, dependencies, and timelines, to ensure engagements are delivered successfully and on time while meeting the business objectives Creation and finalization of project deliverables, may perform peer review for collateral developed by others on a delivery team Effective presentation of deliverables to project team members. Knowledge of AHEAD s project lifecycle management activities to effectively support delivery engagements throughout the duration of a project Technical Mastery Proficiency in technical troubleshooting; the ability to critically think about a problem and generate a creative solution with minimal oversight. Deep knowledge of scripting, particularly with PowerShell and/or Python, and the ability to troubleshoot developed code. Ability to effectively communicate aspects of a technical solution to a non-technical individual. Capability to conduct research and utilize available resources to fill in technical knowledge gaps where ambiguity presents itself. Business Development Represent service offerings during the sales cycle, including project scoping, proposal development, and presenting proposals to clients Knowledge of AHEAD s sales management lifecycle to effectively support sales opportunities throughout the duration of a proposal Lead client discovery and/or visioning workshops to identify opportunities for cross-practice collaboration Practice Development & Thought Leadership Participate in the development, enhancement, and standardization of AHEAD in-practice service offerings Owns and/or enables more than one service capability Process-focused technology thought leader and evangelist Maintain a broad knowledge and understanding of current and future state IT trends, technologies, and standards Lend support and mentorship to others Skills Required Proficient in working technically with Identity Providers (IdPs), specifically Active Directory / Entra ID / IAM Working knowledge of identity lifecycle management processes and challenges Expertise in understanding Enterprise Architecture and the impact security decisioning will have on client environments Experience running and managing project outcomes, timelines, and budgets Ability to lead a team of individuals and provide mentorship where necessary Hands-on experience with the major cloud platforms (AWS, Azure, and/or GCP) Broad familiarity with governance, risk, and compliance (GRC) as well as industry standard compliance frameworks (e.g., NIST 800-53, NIST CSF, ISO 27001/2, etc.) Hands-on experience with cybersecurity tools that function in the following spaces: PAM / PIM / IAM, DLP, SOAR (XSIAM), Microsoft Security, AWS Security, Red Teaming / AppSec, Isolated Recovery Environments (IREs) Qualifications Previously worked in a leadership or program director role Minimum of: 10 years consulting experience, or commensurate work experience 3 professional and/or technical certifications, including industry-recognized certifications which align to AHEAD s Security service portfolio Excellent verbal and written communication skills Comfortable addressing groups of people in virtual settings Ability to solve complex, abstract problems Excellent interpersonal skills, good listener, ability to connect with different personalities Exhibit Executive presence with leadership characteristics Demonstrated experience as a technology change agent Why AHEAD: . . - 401(k) - Paid company holidays - Paid time off .

Job Description We are looking for a detail-oriented and motivated Compliance Trainee to join the Information Security Group (ISG) at Grazitti Interactive. In this entry-level role, you will support our Governance, Risk, and Compliance (GRC) initiatives by assisting with documentation, regulatory research, and audit coordination. This position offers an excellent learning opportunity for candidates aspiring to build a career in compliance, with exposure to frameworks like ISO 27001, ISO 27701, and NIST. Key Skills Strong attention to detail, organization, and analytical thinking. Excellent verbal and written communication skills. Basic understanding of compliance, risk management, or regulatory requirements. Familiarity with data privacy regulations such as GDPR, CCPA, HIPAA, and ITGC. Ability to collaborate across teams and communicate effectively with internal stakeholders. Exposure to ISO 27001, ISO 27701, or NIST frameworks (via coursework, internship, or certification). Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint). Prior internship or academic project experience in compliance or audit functions. Roles and Responsibilities Assist in maintaining and updating compliance documentation, policies, and records. Support internal audits and compliance reviews with proper coordination and follow-ups. Collect and organize data for compliance reporting and help with preliminary risk assessments. Participate in training sessions and team meetings to develop subject-matter knowledge. Collaborate with internal teams to ensure adherence to policies and external standards. Communicate GRC updates and progress to relevant stakeholders in a clear, timely manner. Life at Grazitti Share Your Profile We are always looking for the best talent to join our team

Key Responsibilities: Monitor, triage, and document security incidents; escalate them based on severity and business impact. Conduct daily log reviews and analyze event data to detect potential security threats. Assist in vulnerability scanning activities and coordinate with internal/external teams for Vulnerability Assessment and Penetration Testing (VA/PT). Track and follow up on open vulnerabilities to ensure timely remediation. Maintain accurate documentation, dashboards, and reports related to incident response activities. Support internal audits and compliance initiatives aligned with standards such as ISO/IEC 27001, GDPR, and PDPA. Contribute to the development and maintenance of security policies, procedures, and operational checklists. Stay informed on the latest trends, threats, and advancements in cybersecurity tools and practices. Monitor and analyze alerts from security platforms such as SIEM, IDS/IPS, firewalls, and endpoint protection systems. Required Skills Qualifications: Bachelor s degree in Computer Science, Information Security, or a related field. 0 2 years of relevant experience in a cybersecurity role (including internships). Technical Knowledge: Familiarity with security monitoring tools (e.g., SIEM, EDR, IDS/IPS). Understanding of basic networking and security concepts (TCP/IP, firewalls, proxies). Exposure to vulnerability assessment tools and methodologies (e.g., Burp Suite, Nessus, OpenVAS). Awareness of information security standards and regulatory frameworks (e.g., ISO 27001, NIST, GDPR). Experience with ticketing systems and managing the incident response lifecycle. Additional Skills: Basic scripting knowledge (Python, Bash, PowerShell) is an advantage. Strong written and verbal communication skills.

We are seeking a proactive and knowledgeable Information Security Officer to support the business across all aspects of information security. This role is essential in maintaining and strengthening our security posture, ensuring compliance with our regulatory and legal requirements, including maintaining our ISO/IEC 27001 certification. Reporting to the Head of Information Security, you will play a key role in advising teams on security best practices, assisting with the implementation and continuous improvement of our Information Security Management System (ISMS), and supporting, audits, risk assessments, and incident response activities. You will collaborate with stakeholders across IT, risk, legal, and operations to ensure security is embedded in business processes and projects from the outset. The ideal candidate will have strong working knowledge of ISO 27001, an understanding of risk-based approaches to security, and experience in supporting security governance, awareness, and compliance efforts. A practical, solution-oriented mindset and the ability to communicate technical risks in a business context are essential. This is a hands-on, business-facing role suited to someone passionate about helping teams operate securely while enabling the business to move with agility and confidence.

Information Protection Senior Advisor - HIH - Evernorth (Cyber S ecurity Architect) Position Summary: This role is for a highly motivated Security Architect, with a background in cloud and DevOps security. The Security Architect (PSA) works closely with architecture, development, product, and other teams across the enterprise to design and integrate security into the solution lifecycle from design through deployment. This person will be responsible for defining security requirements, performing security design assessments, and providing teams with remediation and mitigation guidance and advice. Security Architects engage on strategic initiatives, programs, and projects throughout the enterprise including cloud, AI/ML, etc., as well as provide on-going guidance on security best practices. Experience Required: 13-16 years experience in information technology Min 8+ years experience in an information security architecture Min 5+ years application development and/or administrating and managing cloud solutions Practical experience in the application of security controls in security engineering, design, or developing reference architectures: NIST 800-53r(4/5), ISO 27001 Annex A / ISO 27002, Cloud Security Alliance Cloud Controls Matrix (CCM v4), Center for Internet Security Critical Security Controls (v7/8) Solid understanding of services and capabilities delivered by mainstream cloud service providers. Job Description Responsibilities : Translate business priorities into information security requirements to ensure protections regarding the confidentiality, integrity, availability, and privacy of the enterprise s technologies and its data. Monitor current and future security trends, changes in the business and business environment, as well as the evolving regulatory landscape and incorporate emerging trends into architecture engagements and strategic planning. Produce written technical reports and documentation; develop presentations on security approaches and solutions. Work directly with program and project teams to ensure that all relevant security risks are identified, evaluated, and appropriate security solutions are implemented to help manage risks to the enterprise. Provide strategic and technical security guidance for cloud programs and projects deploying in cloud environments. Responsible for the identification and documentation of architectural gaps and inefficiencies in existing solutions; support remediation and mitigation efforts through appropriate planning and roadmap development. Solid understanding of services and capabilities delivered by mainstream cloud service providers. Solid understanding of DevOps processes and associated security requirements and capabilities. Contribute to the Security Architecture guidance library including the development of reference architecture, security standards, security baselines, and other reference material. Strong work ethic and sense of urgency Ability to influence technical discussions and decisions. Ability to interact with a broad cross-section of personnel throughout the global enterprise to explain and compel adoption of security requirements. Other job duties as assigned. Experience Desired: Certification GIAC Defensible Security Architecture (GDSA) or other security architecture certification (ex. SABSA). Familiarity with Security life cycle, design review across concept, development through deployment Experience with threat modeling (all OSI layers), security analysis Education and Training Required: BE degree in MIS/Computer Science or related degree required. Professional Certification such as (any one): Certified Information Systems Security Professional (CISSP) SANS GIAC Certification(s) AWS/Azure Cloud Engineering Certifications Primary Skills: Written Communication Produce written technical documentation and reports that will be consumed by partners in the U.S. and throughout the global enterprise. Verbal Communication Ability to communicate with and influence a broad cross-section of personnel throughout the global enterprise to explain and compel adoption of security requirements. Time Management Relationship Management Self-Starter About Evernorth Health Services

Key Responsibilities Security Strategy & Compliance Define and enforce compliance to security policies, standards, and best practices for the ServiceNow platform in alignment with ServiceNow recommended Platform security shared responsibility model. Ensure service now platform is compliant with internal and external infosec requirements and industry best practices Establish governance frameworks for secure development, data protection, and risk mitigation. Access Control, Authentication, and authorization -Design and manage role-based access control (RBAC), ACLs, and authentication mechanisms in ServiceNow. Responsible for Single Sign-On (SSO), Multi-Factor Authentication (MFA), and enterprise IAM solutions based on Infosec standard Regular review of access control & entitlement based on the job function and refinement using the principle of least privilege, Security Operations & Incident Management Oversee the implementation and optimization of ServiceNow Security Operations (SecOps), including: Security Incident Response (SIR) streamline incident detection, triage, and resolution. Vulnerability Response (VR) automate vulnerability identification and remediation workflows. Threat Intelligence integrate threat feeds and security insights for proactive defense. Coordinate with cybersecurity teams to detect, investigate, and respond to threats affecting ServiceNow. Data Privacy, Security & Encryption Defining Service Now data classification, data retention & data discovery strategy in alignment with Ameriprise data management policies /standards Implement data encryption strategy at rest, in transit & encryption key management Determining the data collection, storage, usage, sharing, archiving, and destruction policy of data processed in ServiceNow instances. Monitor access patterns and system activity to identify potential security threats. Secure Integrations & Automation Design and enforce secure API management for integrations between ServiceNow and third-party security tools (e.g., Active Directory, CyberArk and Aveksa, Azure AD, RIM, IAM). Leverage IntegrationHub, Automation Engine, and Orchestration to streamline security workflows. Ensure secure data exchange and prevent unauthorized access to ServiceNow instances. Risk & Compliance Management Deploy and manage ServiceNow Governance, Risk, and Compliance (GRC) solutions to assess security risks. Participate regular security audits, risk assessments, and penetration tests on the ServiceNow platform. Define and implement security controls to mitigate risks and enhance compliance. Required Skills & Qualifications Technical Expertise: ServiceNow Security: Deep understanding of SecOps, GRC, RBAC, ACLs, and platform security best practices. Cybersecurity & Compliance: Strong knowledge of security frameworks (NIST, ISO 27001, CIS), regulatory compliance, and risk management. Integration & Development: Experience with REST APIs, JavaScript, OAuth, and secure integration practices. Cloud Security: Understanding of SaaS security, encryption methods, and cloud-based security models. Certifications ServiceNow Certifications: Certified System Administrator (CSA) Certified Implementation Specialist SIR or VR Preferred Qualifications: Experience securing large-scale ServiceNow implementations in regulated industries (finance, healthcare, government). Strong problem-solving, analytical, and communication skills to interact with technical and non-technical stakeholders. Knowledge of emerging security trends, zero trust architecture, and AI-driven security solutions. Cybersecurity Certifications Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Experience Required: 14-18 years of IT security experience, with 14+ years in ServiceNow security architecture, administration, or operations. Hands-on experience in security automation, incident response, and risk management using ServiceNow. Prior experience working with cybersecurity, risk management, and IT governance teams.

Location: Mumbai Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities : Threat Modelling : Conduct threat modelling sessions to identify potential security risks to applications, networks, and infrastructure. Utilize various threat modelling frameworks (e.g., STRIDE, PASTA) to evaluate the risk associated with business processes and IT systems. Vulnerability Assessment & Penetration Testing : Perform regular vulnerability assessments and penetration testing on applications, systems, and networks to identify weaknesses and misconfigurations. Security Risk Analysis : Analyse vulnerabilities identified in VAPT engagements and prioritize them based on risk to the business. Provide recommendations for remediation and mitigation. Incident Response : Assist in responding to security incidents by analysing threat patterns, supporting forensic investigations, and recommending preventative measures. Collaboration with Teams : Work closely with developers, DevOps, and other stakeholders to design and implement secure development practices and advise on secure code development practices. Reporting : Document findings from threat modelling, vulnerability assessments, and penetration tests, and present them to management and other key stakeholders. Security Awareness : Promote awareness of cybersecurity risks within the organization and provide guidance on secure coding and risk mitigation strategies. Required Skills and Qualifications: Strong knowledge of Threat Modelling methodologies and tools (e.g., Microsoft Threat Modelling Tool, OWASP Threat Dragon). Hands-on experience in performing Vulnerability Assessment and Penetration Testing (VAPT) using tools like Nmap , Burp Suite , OWASP ZAP , Nessus , and Metasploit . Solid understanding of common vulnerabilities (e.g., SQL injection, Cross-Site Scripting, Buffer overflows) and security protocols (e.g., TLS/SSL, OAuth, OpenID). Familiarity with network security (firewalls, IDS/IPS, VPNs, etc.) and web application security . Experience in performing risk analysis, writing security reports, and presenting findings to both technical and non-technical audiences. Knowledge of OWASP Top 10 , CVE , and vulnerability databases. Proficiency in one or more programming languages (e.g., Python, Java, C, or scripting languages) is a plus. Understanding of security frameworks and compliance requirements (e.g., NIST, ISO 27001, GDPR, SOC 2) is desirable. Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) is a plus. Strong problem-solving skills and the ability to work independently and in a team. Prior experience in BFSI would be preferred. Preferred Qualifications: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar penetration testing certifications. Certified Information Systems Security Professional (CISSP) or similar information security certifications. Previous experience in threat hunting, incident response, or application security. Understanding of security in Agile/Scrum development processes. Location and way of working Base location: Pune Professional is required to work from office. Your role as Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation. Committed to creating purpose - Creating a sense of vision and purpose. Agile - Achieving high-quality results through collaboration and Team unity. Skilled at building diverse capability - Developing diverse capabilities for the future. Persuasive / Influencing - Persuading and influencing stakeholders. Collaborating - Partnering to build new solutions. Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization. Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities. Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems. Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive. How you ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report a nd ou r India Impact Report . Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more abou t Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. A t Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more abou t Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you re applying to . Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https: / / www2.deloitte.com / in / en / careers / advisory - for - career - aspirants.html?icid=wn_

Job Description Business Unit Mission : All Global, part of M3 Inc., provides the most comprehensive and highest quality market research recruitment and support services available to the industry with relationships reaching respondents in more than 70 countries worldwide. All Global maintains ISO 26362 and ISO 27001 certifications with the highest quality data collection and project management capabilities that cover the spectrum of quantitative and qualitative techniques utilized today. All Global services incorporate all the most advanced statistical and attitudinal methodologies allowing clients to provide world-class offerings and support services to their end-client customers throughout multiple industry sectors. Role Mission: The mission of the Senior Project Manager is to be a communication and relationship liaison between All Global, our clients, and other teams involved in the project s completion. The Senior Project Manager is responsible for managing all aspects of the project, ensuring excellent client service and delivering projects on time and within budget. This is the ideal role for someone who has experience in international market research and management of complex projects, with a strong focus on healthcare, fieldwork, and collaboration with all teams involved in the project. Essential Duties and Responsibilities: Including, but not limited to the following: Manage international market research projects through entire project lifecycle, ensuring client satisfaction and project financial goals are at core of decision making, keeping ownership of all aspects of the project, including: Project specifications review, project set up, resource planning, fieldwork and timelines planning Coordination of project kick-off meetings to ensure all involved parties understand project specifications, client needs, timelines, and responsibilities Programming, translations, overlays and testing, ensuring quality standards and timelines are met Project launch execution and analysis, with detailed feedback to clients with a solution approach Fieldwork management, delivering timely and high-quality client updates, proactively managing and monitoring project recruitment to ensure smooth and timely delivery via maximisation of internal sample, custom recruitment and partner onboarding, controlling project budget and achieving project financial goals Ensure market research participants have a positive project experience by following sampling practices, ensuring incentive approvals and project queries are handled in timely manner Provide to client the agreed deliverables within expected timelines and quality Meet billing deadlines and goals, ensuring high adherence to internal processes Timely & effective communication with clients, ensuring they are kept fully informed on the progress of their projects Comply with All Global operating procedures, and ensure all practices and systems follow the ISO Accreditation and All Global policies Responsible for guiding and mentoring junior staff Manage and leverage relationships with vendors to facilitate accurate and timely deliverables, communications, and issue resolution. Partner with Sales and Client Service teams to address issues and/or make recommendations to improve performance in a timely manner, on market research studies. Support the execution client service improvement plans on allocated accounts, ensuring collaboration with sales and other members of the team, and providing a consistent and solution-oriented approach across each touch point of the client journey Qualifications Bachelor s Degree or equivalent work experience Must have 2-3 years experience in market research project management, preferably in healthcare Be a self-motivated indivi

India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Manager in our Cyber Team you ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities : Working knowledge in one or more security and privacy domains such as: Governance, Risk and Compliance - Information Security and Compliance management, Cryptography Governance, Risk Management. Experience in leveraging industry standards and frameworks such as PCI-DSS, ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc. Demonstrates in-depth knowledge of security and risk management processes. Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc. Desired qualifications IT education or related fields PCI-DSS, ISO 27001 LA, CISA, PRINCE 2, ITIL v3, MCSE, MCPIT- EA or equivalent certification preferred CISSP, GSEC, GCIH, CEH, LPT, CCSK certifications would be preferred Location and way of working Base location: Pune This profile involves frequent/occasional travelling to client locations Your role as Senior Analyst We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.

Location: Bengaluru Designation: Deputy Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 4-7 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Jul 15, 2025 Location: Bengaluru Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 2 years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Jul 16, 2025 Location: Bengaluru Designation: Manager Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Your work profile: Professional should be able to work in hybrid model from office/client office. Strong knowledge of IT audits- ITGC, ITAC and SOC report understanding Conduct process walkthroughs and test the controls. Ensure timely closure of audit tasks. Collaborate with teams to ensure timely completion of audit activities. Desired qualifications Graduation / B.E/ B. Tech in Any Specialization. Work experience: Minimum 8+ years. Role Summary: Takes ownership of client deliverables and leads modules end-to-end. Responsibilities: Lead modules or small-scale engagements and supervise fieldwork execution for ITGC, ITAC, and SOC reviews. Manage stakeholders for walkthroughs, data requests, and clarifications. Take ownership of modules within larger audits and assist in engagement planning, resource allocation, and quality control. Document control testing results, observations, and evidence clearly and accurately for high-risk areas. Liaise directly with client teams for walkthroughs and issue discussions. Conduct quality review of testing documentation and ensure completeness. Coach and guide junior team members; assist in team capability development. Contribute to audit planning, control design analysis , and remediation support. Must Have: Hands-on experience with ERP-based control testing (SAP/Oracle preferred). Working knowledge of audit standards and control frameworks (SOX, SSAE, ISO 27001). Deep working knowledge of ITGC, ITAC , and regulatory requirements. Experience in reviewing control design and effectiveness . Strong grasp of business process controls and their ERP mapping. Capability to lead teams and manage deliverables . Good analytical and documentation skills. Preferred Qualifications: Relevant certifications (CISA, CISSP, CRISC) are a plus. Knowledge of TPRM Experience working with IT audit processes and compliance frameworks. Experience in risk management and compliance reporting. Experience in risk management, compliance reporting, and IT audit. Prior experience working with ITGC frameworks and SOC report evaluations. Location and way of working: Base location: Bengaluru How you ll grow Connect for impact. Our exceptional team of professionals across the globe are solving some of the world s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead. You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude, and potential each and every one of us brings to the table to make an impact that matters. Drive your career. At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone s welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here s a glimpse of things that are in store for you.

Designation - Information Security Specialist Location - Bangalore Job Type: Full Time Job Summary: We are seeking a skilled and proactive Information Security Specialist to join our Internal IT team. This role will be pivotal in developing, streamlining, and maintaining the organizations Information Security Management System (ISMS) and leading the implementation of ISO 27001 standards and the regulations that the business needs to comply with, like GDPR, DPDP Act. The ideal candidate will have a strong understanding of information security frameworks, risk management, and compliance requirements. Key Responsibilities : Lead the development, implementation, and maintenance of the organizations ISMS in alignment with ISO 27001 standards. Conduct gap analysis and risk assessments to identify vulnerabilities and recommend mitigation strategies. Collaborate with cross-functional teams to define and document security policies, procedures, and controls. Drive ISO 27001 certification readiness, including internal audits, corrective actions, and continuous improvement initiatives. Monitor compliance with internal security policies and external regulatory requirements. Provide training and awareness programs to employees on information security best practices. Stay updated with the latest security trends, threats, and technologies to ensure proactive risk management. Support incident response planning and execution, including post-incident analysis and reporting. Maintain documentation and evidence required for audits and certification processes. Develop and maintain a risk register and ensure timely mitigation of identified risks. Coordinate with external auditors and consultants during certification and surveillance audits. Evaluate and implement security tools and technologies to enhance the organizations security posture. Perform regular vulnerability assessments and penetration testing coordination. Ensure secure configuration and hardening of IT infrastructure and applications. Support data classification and data protection initiatives across the organization. Assist in business continuity and disaster recovery planning from a security perspective. Track and report key performance indicators (KPIs) and metrics related to information security. Participate in change management processes to assess security impacts of new projects and technologies. Desired Profile : Bachelors degree in information technology, Cybersecurity, Computer Science, or a related field. Professional certifications such as ISO 27001 Lead Implementer, CISSP, CISM, CISA, or equivalent. Minimum 5 years of experience in information security, with at least 2 years focused on ISMS and ISO 27001 implementation. Strong understanding of security governance, risk management, and compliance frameworks. Experience conducting internal audits and managing external audit processes. Familiarity with regulatory requirements such as GDPR, HIPAA, or other relevant standards. Hands-on experience with security tools and technologies (e.g., SIEM, DLP, vulnerability scanners, endpoint protection). Understanding of firewalls, proxies, SIEM, antivirus, and IDS/IPS concepts. Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Knowledge of cloud security principles and controls (Azure, MS Purview, MS Defender). Strong analytical and problem-solving skills. Excellent communication, presentation, and documentation abilities. Ability to manage multiple projects and priorities in a dynamic environment. Experience in developing and delivering security awareness training programs. Sound knowledge of identity and access management and deploying tools to manage single sign-on. Sound understanding of IT infrastructure with significant hands-on experience in cloud platforms. Ability to work effectively & guide technical team members. Highly self-motivated; able to operate autonomously in a dynamic environment Why Join Us: Be part of a fast-paced, customer-focused IT team. Gain hands-on experience with leading enterprise SaaS and endpoint management tools. Opportunity to grow your skills and advance your career through continuous learning. About the Company:Ample is a 28 years old organisation. What does it mean for you? We are a stable organisation with with over 28 years of experience in SI / IT - in an environment where companies rarely cross 10.• We have built trusting relationships - with team members, customers and partners, several of them for over a decade, and many over two decades.• We have navigated diverse challenges, disruptions and have navigated them all, and emerged triumphant. The foundation for future growth is on the following foundations: Globally revered brands in partnerships with Ample - in the enterprise and retail industry• You would be representing a brand that the market has revered and valued over two decades• We aspire to grow at a trailblazing pace over the next 5 years, and reach USD 1 Billion . This will need leaders who can take the mantle of responsibility towards this opportunity. • Our current enterprise base of 1500 customers is spread across the country and will become the core of our growth engine We live our vision and values: Our customers and team members experience this every day, making it a place to be for anyone engaging with us We have an open culture where people are expected to focus on what-is-right instead of who-is-right. Feedback, suggestions and comments are encouraged, and acted upon. Anyone can speak to anyone in the organisation. https://ample.co.in/

Essential Responsibilities include (but are not limited to): - Help to plan and carry out the organizations information security strategy. Prepare and execute actions based on an ISMS calendar. - Develop a set of security standards, policies and best practices for the organization. - Regularly monitor computer networks and systems for security issues, breaches, or intrusions. - Conduct regular monitoring and review of the information security in engineering projects and all functions/departments. - Responsible for vulnerability & risk assessment of all information assets. - Work with the IT & security team to perform tests and uncover network vulnerabilities. - Fix detected vulnerabilities to maintain a high-security standard. - Develop company-wide best practices for IT security. - Perform penetration testing, to find any information security weaknesses in the systems. - Support IT team to install security measures and software to protect systems and information infrastructure, including firewalls and data encryption programs, results/logs of mobile code, malicious code, and anti-virus software, to notify any intrusions, and scan for irregular system behaviour. - Support IT team to install required end-point security products and procedures on employees computers, projects & departments systems. - Develop strategies to respond to and recover from any security breach. - Investigate security breaches and other cybersecurity incidents and assess the extent of damage. - Document security breaches and assess the damage they cause. Initiate incident response actions to minimize the impact. - Stay up to date on information technology security trends, news, best practices and relevant security standards. - Keep a watch on published and identified infosec threats and mitigations across the industry. - Research security enhancements and make recommendations to management. - Ensure required mitigation and preventive actions are taken to protect the company's information assets. - Conduct periodic trainings, sessions, activities to increase employee awareness about maintaining information security. - Increase the pool of internal auditors by identifying employees and training them as internal auditors. - Conduct and participate in meetings of the various groups and forums such as EDRT, IRT, ISMF, etc. - Review company contracts (MSA & NDA documents) with customers, vendors, contractors and other entities from a information security coverage perspective. - Review and maintain the AIC and RART data of all departments and engg project groups. - Ensure regular fire and evacuation drills are conducted to train the employees for actions during an emergency. - Conduct call tree checks and scenario based table top exercises for reviewing preparedness for BCP / DR actions. - Conduct periodic internal ISMS audits to review the effectiveness of information security in the organization. - Consolidate and assess the results of all internal audits. Closure of non-conformities and required actions to strengthen the information security implementation of the organization. - Liason, plan and proactively support the external auditors from ISMS certifying body in conducting the ISO 27001 surveillance and re-certification audits. - Respond to customer's ISMS questionnaires in a timely and effective manner. - Support the customer's ISMS auditors for conducting audits (if required). - Ensure timely verification and closure of all audit findings (internal & external). - Prepare reports of ISO activities and audits findings for informing the leadership team on quarterly basis. - Initiate the Management Review meetings and present the status of information security to the leadership team to seek inputs and make recommendations for improvement. - Maintain effectiveness of the ISMS with continual improvements. Candidate must possess: - Candidate should be based out of Pune location - Bachelor's degree in computer science or related field - Strong knowledge of ISO 27001 standard and prior experience with ISO 27001 - Strong knowledge of Cybersecurity, information security - Knowledge of risk assessment tools, technologies, and methods. Strong understanding of endpoint security solutions - Knowledge of disaster recovery, system and network security scanning tools, technologies, and methods - Understanding of firewalls, proxies, SIEM, DLP, antivirus, content filtering and IDPS concepts - Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact - Experience planning, and developing security policies, standards, and procedures. - Ability to communicate handle security incidents. - Good experience in planning and conducting ISMS internal audits - Experience in liasoning with external auditors from certifying bodies - Ability to conduct trainings on information security - A team player who shall able to technically guide the team and also work independently as individual contributor

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITGC Knowledge about regulators RBI, IRDA, SEBI Fresher 2023 /2024 in B. Tech or Cybersecurity

To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital venturesand business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What Youll Do The Global Information and AI Security Senior Manager provides internal BCG technical consulting around information security architecture and security design measures for new projects, ventures and systems. The architect defines the desired end state to meet solution Security Goals and overall business goals. The Security Architect ensures the digital applications, tools, and services protect our data, our clientsdata, and our intellectual property; are resilient to cyber-attack; meet BCG policy and standards, regulatory requirements, and industry best practices; while using a risk-based approach to meeting BCG business needs and objectives. The Global Information and AI Security Senior Manager works with teams inside BCG to secure the building and maintenance of complex computing environments to train, deploy, and operate Artificial Intelligence/ML systems by determining security requirements; planning, implementing and testing security systems; participate in AI/ML/LLM projects as the Security Subject Matter Expert; preparing security standards, policies and procedures; and mentoring team members. What Youll Bring Bachelors degree (or equivalent experience) required. CSSLP certification required; additional certifications such as CISSP, CCSP, or CCSK strongly preferred. 7+ years of progressive experience in information security, specifically focused on secure architecture, secure development practices, and cloud-native security. Proven expertise supporting software engineering, data science, and AI/ML development teams, specifically with secure model lifecycle management, secure deployment practices, and secure data engineering. Expert understanding of the Secure Software Development Lifecycle (SSDLC), including secure architecture, threat modeling frameworks (e.g., MAESTRO, PASTA, STRIDE), penetration testing, secure coding practices, vulnerability management, and incident response. Demonstrated technical proficiency across multiple security technologies, platforms, and frameworks, with strong hands-on experience implementing secure cloud-native infrastructures (AWS, Azure, GCP). Familiarity with data warehouse and data lake environments such as Databricks, Azure Fabric, or Snowflake, including security best practices in managing and securing large-scale data ecosystems. In-depth knowledge and practical experience with AI and machine learning model security, ethical AI frameworks, secure handling of data, and comprehensive understanding of CI/CD pipelines specifically tailored for data science workloads. Extensive experience conducting security assessments, vulnerability triage, intrusion detection and prevention, firewall management, network vulnerability analysis, cryptographic implementations, and incident response analysis. Exceptional communication skills (written and oral), influencing capabilities, and ability to clearly articulate complex security concepts to stakeholders across various levels of the organization. Proactive professional development, continuous learning, active participation in industry forums, professional networks, and familiarity with current and emerging security trends and standards. Additional info YOURE GOOD AT The Senior Manager, Security and AI Architect excels at: Collaborating closely with software engineering, data science, data engineering, and cybersecurity teams to design, implement, and maintain secure solutions in agile environments leveraging cloud-native technologies and infrastructure. Defining security requirements by deeply understanding business objectives, evaluating strategies, and implementing robust security standards throughout the full Software Development Life Cycle (SDLC). Leading security risk assessments, threat modeling (utilizing frameworks such as MAESTRO, PASTA, STRIDE, etc.), security architecture reviews, and vulnerability analyses for client-facing digital products, particularly involving complex AI/ML-driven solutions. Advising development teams, including AI engineers and data scientists, on secure coding practices, secure data handling, secure AI/ML model deployment, and related infrastructure security considerations. Providing specialized guidance on secure AI model development lifecycle, including secure data usage, ethical AI practices, and robust security controls in Generative AI and large language model deployments. Actively participating in the APAC Dex process for managing digital builds, ensuring alignment with regional requirements, standards, and best practices. Staying ahead of emerging security trends and technologies, conducting continuous research, evaluation, and advocacy of new security tools, frameworks, and architectures relevant to digital solutions. Ensuring robust compliance with regulatory frameworks and industry standards, including ISO 27001, SOC2, NIST, and GDPR, particularly as they pertain to data privacy and AI-driven product development. Developing and delivering training programs on secure development, AI security considerations, and incident response practices. Partnering with internal stakeholders, articulating security risks clearly, influencing technical directions, and promoting comprehensive secure architecture roadmaps. Conducting vendor and market assessments, guiding tests, evaluations, and implementation of security products that address enterprise and client-specific information security requirements. Advising teams on compensating controls and alternative security measures to facilitate business agility without compromising security posture. Leading the implementation and continuous improvement of security tooling and practices within CI/CD pipelines, infrastructure-as-code (IaC), and model deployment automation. ",

About Us : DIGITAP.AI is a cutting-edge provider of AI/ML solutions tailored for the modern, internet-driven business landscape. Our advanced technologies empower businesses with reliable, fast, and fully compliant customer onboarding, automated risk management, and big data-enabled services, including Risk Analytics and Customised Scorecards. Our proprietary machine learning algorithms and modules boast some of the highest success rates in the market. Partnering with the largest digital lenders in India, our team is a vibrant mix of expertise in Fintech Product & Risk Management, Fraud Detection, and Big Data Analytics. Key Responsibilities: Design, build, and maintain scalable infrastructure for cloud (AWS, Azure, or GCP) and/or on-prem environments. Implement and maintain CI/CD pipelines using tools like Jenkins, GitHub Actions, or GitLab CI. Set up monitoring, alerting, and observability systems (Prometheus, Grafana, ELK/EFK, CloudWatch, etc.). Automate infrastructure provisioning using Infrastructure as Code (IaC) tools like Terraform, Ansible, or Pulumi. Ensure security, compliance, and backup policies are enforced across infrastructure. Collaborate closely with development, DevOps, and security teams to support deployment and operational readiness. Troubleshoot infrastructure issues, perform root cause analysis, and implement preventive solutions. Optimize cost, performance, and reliability of systems and cloud usage. Participate in on-call rotation and disaster recovery planning. Required Skills: 1-4 years of experience in managing cloud and/or hybrid infrastructures. Strong hands-on experience with AWS, GCP or Azure. Highly proficient in scripting languages like Bash, Python, or Go. Solid understanding of networking, DNS, load balancing, firewalls, and VPNs. Experience with Docker and Kubernetes (EKS, AKS, or GKE preferred). Familiarity with Linux system administration. Knowledge of version control (Git) and working in agile environments. Additional Qualifications: Experience with cloud cost optimization tools and strategies. Certification in AWS/Azure/GCP (e.g., AWS SysOps, Solutions Architect). Exposure to logging frameworks and security compliance standards (ISO 27001, SOC2, etc.). Previous experience in a fast-paced startup or product company. What We Offer: Innovative Start-up Environment: Enjoy the flexibility to design, implement, and influence the development of cutting-edge solutions. Transparency and Meritocracy: We value clear communication, eschew politics, and promote an open culture where contributions are recognized and rewarded. Ownership and Impact: We encourage team members to take ownership, think beyond their roles, and contribute to the companys success in meaningful ways. Competitive Compensation : We offer a competitive salary and a potential equity package, aligning your success with the companys growth.

We re on a mission to change the future of clinical research. At Perceptive, we help the biopharmaceutical industry bring medical treatments to the market, faster. Our mission is to change the world but to do this, we need people like you. Apart from job satisfaction, we can offer you: HEALTH: - Medical plan for you and your dependents. - Personal Accident Insurance - Life Insurance - Critical illness cover WEALTH: - Salary structure and Flexi basket - Provident fund of 12% - Gratuity scheme YOURSELF: Internal growth and development programs & trainings Key Responsibilities Endpoint Security Administer and monitor endpoint protection platforms Configure policies, detection rules, and containment mechanisms for malware, ransomware, and other endpoint threats. Investigate suspicious activity or endpoint alerts and work with incident response teams when necessary. Ensure security agent deployment across Windows, Mac, Linux, and mobile devices is maintained with complete coverage. Vulnerability Management Schedule and run regular vulnerability scans across endpoints, servers, and network assets. Analyze scan results, assess criticality based on CVSS, threat intelligence, and exploitability. Track remediation progress, follow up with system owners, and report status to leadership. Collaborate with patch management teams to ensure timely rollout of fixes aligned with SLAs. Security Configuration & Baselines Enforce CIS or NIST-based hardening standards across endpoints and workstations. Validate that GPOs, MDM policies (e.g., Intune), and configuration baselines meet security requirements. Contribute to the development of golden images or build scripts for secure provisioning. Security Reporting & Risk Reduction Provide regular reporting on endpoint health, agent status, patch compliance, and top unresolved vulnerabilities. Support audit and compliance requests by providing evidence or explanations related to endpoint or vulnerability controls. Functional Competencies (Technical knowledge/Skills) Strong understanding of endpoint protection platforms Hands-on experience with vulnerability management tools for scanning, prioritization, and remediation tracking. Proficiency in interpreting CVSS scores, threat intelligence feeds, and exploit databases to assess true business risk. Working knowledge of Windows and Linux system internals, OS hardening techniques, and secure configuration management. Familiarity with MDM tools (e.g., Microsoft Intune) and policy enforcement across distributed endpoints. Knowledge of patch management processes, automated remediation workflows, and change control coordination. Ability to write and interpret security alerts, detection logic, and playbooks related to endpoint threats. Understanding of Active Directory, GPO, and Azure AD security controls impacting endpoint posture. Awareness of compliance frameworks (ISO 27001, CIS, NIST) and their technical control mappings. Behavior Competencies Mandatory Success Factors: Accountability Adaptability Customer Focus Optional Success Factors: Willingness to Learn Time Management Analytical Thinking Results Orientation Conflict Management Business Acumen Dealing with Ambiguity Experience, Education, and Certifications 2+ years of experience in cybersecurity operations or security administration. Bachelor s degree in computers, Information Technology, or a related field. Certifications such as CompTIA Security+, CEH, or equivalent preferred. Experience working with email security solutions and incident response processes. Knowledge of cloud security in AWS, Azure, or GCP is an advantage. Come as you are.

Innovation is and will always be the core of SAP Fioneer, and it is the promise of why we were spun out of SAP: agility, innovation, and delivery. SAP Fioneer builds on a heritage of outstanding technology and a deep understanding of corporate and consumer demands. At the heart of it all it is simple: We bring financial services to the next level with innovative software solutions and platforms. We are helping companies in the financial services industry to achieve speed, scalability, and cost-efficiency through digital business innovation, cloud technology, and solutions that cover banking and insurance processes end-to-end. A global company, with rapid growth, innovative people, and a lean organization makes SAP Fioneer a place where you accelerate your future! About the Role: We are seeking a highly skilled and motivated Cyber Defense Engineer to join our cybersecurity team. This role is critical in managing and optimizing our security platforms, including Microsoft Azure, Zscaler, Microsoft Sentinel, and Microsoft Defender. You will play a key role in enhancing our threat detection, response, and prevention capabilities across a complex enterprise environment. Responsibilities: Platform Management & Optimization Administer and maintain security configurations across Microsoft Azure, Zscaler, Microsoft Sentinel, and Microsoft Defender. Ensure seamless integration and interoperability between platforms to support a unified security posture. Monitor platform performance, conduct health checks, and implement improvements. Threat Detection & Response Develop and fine-tune detection rules, alerts, and playbooks in Microsoft Sentinel. Investigate and respond to security incidents using Microsoft Defender XDR and Sentinel. Collaborate with SOC teams to ensure timely and effective incident response. Security Policy & Compliance Implement and enforce security policies using Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA). Ensure compliance with internal and external security standards and frameworks (e.g., ISO 27001, NIST, GDPR). Automation & Scripting Automate repetitive tasks and workflows using PowerShell, KQL, or other scripting languages. Develop custom dashboards and reports for visibility and compliance tracking. Collaboration & Support Work closely with IT, Security Engineering, Development and Business functions, and Risk teams to align security controls with business needs. Provide technical guidance and training to team members and stakeholders. Bachelors degree in computer science, Information Security, or related field (or equivalent experience). 3+ years of experience in cybersecurity engineering or security operations. Hands-on experienc

Senior Security Systems Engineer 3 Positions Job Code - SSSESY001 About the Role: We are seeking an accomplished Senior Security Systems Engineer with a minimum of 10 years of professional experience. The ideal candidate will have a comprehensive background in IT Security, Cybersecurity strategies, and securing complex systems, including Building Automation, Industrial IoT, and Digital Twins. Your role will involve creating and managing security frameworks, conducting risk assessments, and leading incident response initiatives. Key Responsibilities: Design, implement, and manage comprehensive security policies and frameworks for diverse IT environments. Oversee security measures for Building Automation Systems, Access Control Systems, Digital Twins, and Industrial IoT devices. Conduct vulnerability assessments, penetration testing, and risk analyses to identify and mitigate security threats. Develop, document, and enforce robust security protocols and incident response procedures. Integrate security best practices into system architectures and development lifecycles. Monitor systems for security breaches, respond to incidents, and conduct forensic investigations when necessary. Collaborate with cross-functional teams to ensure compliance with industry standards and regulatory requirements. Provide mentorship to junior security engineers, fostering a culture of continuous learning and security awareness. Stay abreast of emerging threats, security trends, and technological advancements. Required Qualifications: Bachelor s or Master s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Minimum of 10 years of professional experience in security systems engineering or related cybersecurity roles. Proven expertise in IT Security, Cybersecurity frameworks, Industrial IoT security, and digital infrastructure. Strong knowledge of security standards such as NIST, ISO 27001, CIS Controls, and regulatory compliance requirements. Possession of relevant industry certifications such as: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Offensive Security Certified Professional (OSCP) CompTIA Security+ or equivalent certifications Key Skills: IT Security Architecture and Policy Development Network Security and Advanced Threat Protection Building Automation and Access Control System Security Digital Twin and Industrial IoT Security Frameworks Risk Assessment, Mitigation, and Compliance Incident Response Planning and Cyber Forensics Cloud Security (AWS, Azure, GCP) Penetration Testing Tools and Secure Coding Practices Interested candidates can send their updated CV to info@pvminnvensys.com or apply via our company website at https: / / www.pvminnvensys.com / jobs-at-pvm-innvensys /

We are seeking an experienced Senior Cyber Security Engineer with a minimum of 10 years of professional experience in the field. The ideal candidate will have a strong background in securing complex IT environments, a thorough understanding of industry standards, and relevant industry certifications. Position: Senior Cyber Security Engineer Location: Hyderabad, Telangana. India Key Responsibilities: Design, implement, and manage security measures to safeguard information systems, networks, and data. Conduct vulnerability assessments, penetration testing, and security audits to identify potential risks. Develop and enforce security policies, procedures, and protocols. Monitor security systems for anomalies and respond to security incidents promptly. Collaborate with IT teams to integrate security into the development lifecycle. Provide expert analysis and recommendations for security enhancements. Stay updated on the latest cybersecurity threats, trends, and technologies. Mentor junior security team members and share best practices. Required Qualifications: Bachelors or Masters degree in Computer Science, Information Technology, or related field. Minimum of 10 years of professional experience in cybersecurity roles. Proven expertise in network security, application security, threat analysis, and incident response. Strong knowledge of security frameworks such as NIST, ISO 27001, and CIS Controls. Possession of relevant industry certifications such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) Offensive Security Certified Professional (OSCP) CompTIA Security+, or equivalent Key Skills: Network Security and Firewalls Intrusion Detection and Prevention Systems (IDS/IPS) Security Information and Event Management (SIEM) Penetration Testing Tools and Techniques Risk Assessment and Mitigation Incident Response and Forensics Cloud Security (AWS, Azure, GCP) Employment Type: Full-Time Interested candidates can send their updated CV to info@pvminnvensys.com or apply via our company website at https: / / www.pvminnvensys.com / jobs-at-pvm-innvensys /

The position will be primarily responsible for implementation and / or assessment of ISO 27001:2022, 27002, SOC 2 standard for clients. The position will work independently or with senior consultants for the implementation and management of information security compliance and/or other best practices. Key Performance Indicators Experience in ISO 27001/27002 controls verification and compliance: Assist Clients to get ISO 27001 certification by identification and implementation of appropriate controls in the Audit scope. Conduct Risk assessment of activities and coordinate with stakeholders till closure signoff / risk acceptance. Define, Develop and review information security policies, procedures, guidelines, forms and templates as per best practice Create and review baseline standards for OS, Database, webservers and applications and recommend improvements Support post implementation and continuous audits for ISO 27001:2013 and ensure compliance. Create organizational information security awareness program and conduct awareness. Assist and recommend measures to ensure compliance with Security standards (ISO, NIST, CIS, PCI DSS etc) or any best practices. Skills: Information Technology and/or Cybersecurity skills: Information Technology and/or Cybersecurity skills a solid IT foundation, ability to communicate technical information verbally and through written documentation, Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred Presales skills: Excellent communication, problem-solving, client-facing, ability to work as a team Competence: ISO 27001 / Cybersecurity Certifications. Willingness to obtain the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designations.