110 Iso27001 Jobs

Role Overview: The Infrastructure Platform Engineering (IPE) team, part of Infrastructure and Cloud business division, is responsible for the engineering and operation of the Group Engineerings core infrastructure services, including data centers, storage, private cloud, platforms, databases, and middleware. The mission of the team is to modernize infrastructure, drive automation, and enable scalable, secure infrastructure products that support business operations and future transformation. Key Responsibilities: - Identify and assess operational, regulatory, and compliance risks across the IPE teams. - Support the Risk and Control Self-Assessment (RCA) process. - Collaborate with Infrastructure and GRC teams to design and document effective control procedures. - Conduct Design Effectiveness Testing (DET) and Operating Effectiveness Testing (OET) to evaluate control performance. - Work closely with cross-functional teams across Operations, Risk, Compliance, and IT to embed robust risk management practices. - Provide guidance and training on risk and control frameworks to ensure consistent understanding and application across the organization. - Recommend continuous improvements to control processes and risk mitigation strategies. - Monitor industry trends and regulatory developments to ensure risk practices remain current and effective. Qualifications: - Bachelor's degree in engineering, Computer Science, or a related field. - 8-12 years of hands-on experience in Operational risk management, internal controls, IT audit, or compliance. - Strong understanding of IT Governance framework and familiarity with IT industry standards e.g. ISO27001 and COBIT. - Experience with control testing, audit practices, and compliance assessments. - Familiarity with cybersecurity principles and enterprise IT environments. - Professional certifications such as CISA, CRISC, CISM are preferred. - Proficiency in data analysis, reporting tools, and project management software. - Strong analytical, problem-solving, and communication skills. - Ability to work collaboratively and manage relationships with stakeholders at all levels. About LSEG: At LSEG, creating a diverse and inclusive organization is fundamental to delivering on the promise of creating essential partnerships and open opportunities. The open culture at LSEG is central to driving financial stability, empowering economies, and enabling customers to create sustainable growth in everything the organization does. You will be part of a dynamic organization of 25,000 people across 70 countries, where individuality is valued, and true self is encouraged to enrich the diverse workforce. LSEG is committed to sustainability and helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Tailored benefits and support are offered, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives.,

ITGC with Control Design Liaise with Central Information Risk Management (CIRM) - Compliance Monitoring Office (CMO) team with regards to the clients Internal Testing schedules Compliance monitoring tracking and ensuring control execution is on schedule with timely completion, remediate if any deficiency and escalate to SOM Manager and Lead/Senior Compliance Specialist, when necessary. Support Management Tester and Auditors (Clients Internal) in coordinating evidence gathering, performing Quality Assurance (QA) check before submitting evidence for operational effectiveness. Perform risk impact analysis, propose and drive remediation plans for any control failures/deficiency.

Roles & Responsibilities [IT HelpDesk Call-Coordinator] Attend user calls for issues and assign it to the available IT executive Oversee the day-to-day operations of the IT helpdesk team Follow ISO27001 processes and procedures. Monitor the progress of support requests and ensure that they are resolved in a timely and efficient manner Identify and implement areas for improvement in the helpdesk process Manage the helpdesk team's budget and resources Compile and report on helpdesk metrics Collaborate with other IT teams to resolve complex support issues Provide training and support to helpdesk team members Follow up will users for their feedback on the resolved issue Updating all asset records and filing of documents. Follow-up with vendors for product pricing, first level negotiation and preparing Purchase Orders. Liaising with accounts team for bills and payment. Timely processing of all IT invoices. Keeping records of page count of all printers and follow-up with the print service provider for supplies and issues. Sending the call-record list on a daily basis to the team. Assisting the reception with guest Wi-Fi access. Maintaining register of people accessing the server and hub room. Ensure IT responds satisfactorily to all users. Good communication skills both oral and written Operate asset management solution and ensuring all IT asset records are updated. Work from All Mumbai offices OWC, EmpireMills (Parel) and OneForbes (CST) office. Technical Competencies 1. User Support User calls / requests to be attended immediately. Incident management (as per ISO27001 processes) 2. Asset Management Asset inventory AMC management (of all IT equipment) Asset disposal with proper records 3. System sourcing RFP Procurement Vendor management Desired Skills and Experience Experience with IT helpdesk management software Experience with ITIL or other IT service management frameworks Experience with project management Experience with technical writing and documentation Qualifications and Requirements Bachelor's degree in IT or a related field 5+ years of experience in an IT helpdesk role Strong technical knowledge of IT systems and software Excellent customer service and communication skills Ability to work independently and as part of a team Ability to multitask and manage multiple projects simultaneously.

As a VP/AVP AV/ADAS Delivery at iMerit, you will be leading the delivery organization supporting autonomous vehicle and ADAS clients. Your role will involve ensuring delivery excellence across a portfolio of enterprise clients by maintaining consistent quality, scalability, and efficiency of operations. Here is a breakdown of your key responsibilities: - **Delivery Leadership & Client Management:** - Own delivery for a portfolio of enterprise clients in AV/ADAS programs. - Drive robust delivery governance including QBRs, client health reviews, RCA/CPA, and CSAT improvement plans. - Establish SLA frameworks and ensure adherence across clusters. - Act as a strategic escalation point and lead issue resolution. - **Multi-Account Oversight:** - Supervise concurrent delivery across 36 large enterprise accounts. - Ensure optimization of resource allocation, schedule adherence, productivity, and profitability across all accounts. - Maintain a balance between portfolio-wide visibility and periodic account-level immersion. - **Operational Excellence:** - Define and drive KPIs for quality, turnaround time, throughput, and cost of delivery. - Collaborate with WFM, L&D, Tech, and QA for integrated delivery planning and optimization. - Cultivate a culture of continuous improvement, automation, and reuse of delivery accelerators. - **Team Leadership & Talent Development:** - Lead a matrixed team of 300-800 labelers, reviewers, specialists, and managers through Cluster/Sub-cluster heads. - Identify high-potential leaders, enable succession planning, and career progression. - Align team structure with business demand cycles and client commitments. - **Solutioning and Innovation Enablement:** - Work with Solutions and Pre-sales teams on client RFPs, PoCs, and pilots. - Stay updated on trends in multi-sensor data annotation, synthetic data, and ML-assisted labeling. - Drive pilot-to-production transitions and institutionalize best practices. In terms of qualifications, the key requirements for this role include: - 15+ years in AI/ML Data Services/Digital Operations, with 5+ years in AV/ADAS delivery. - Previous experience managing multiple concurrent enterprise accounts. - Deep understanding of annotation workflows, tools, and quality frameworks. - Proven experience in managing large-scale teams with a cluster or business unit structure. - Strong client-facing presence with stakeholder management experience. Additionally, exposure to Generative AI applications in AV/ADAS, experience with automation-led delivery transformation, and familiarity with security standards like ISO27001 and SOC2 would be advantageous. Your success in this role will be measured by metrics such as Client Satisfaction (CSAT > 95%), Delivery Quality (Accuracy %, Rework %, SLA Adherence), Financial Metrics (Utilization %, Margin %, Revenue per FTE), People Metrics (Attrition %, Internal Mobility %, Bench %), and Operational Efficiency (Automation %, Productivity Index).,

As an I&A On-boarding Information Security Analyst, Associate at Deutsche Bank in Pune, India, you will play a crucial role in the Access Lifecycle On-boarding global family. Your responsibilities will include access management for application end user recertification On-boarding, user access request & approval, user provision On-boarding, Functional Taxonomy SoD On-boarding & maintenance, as well as IDAHO (Access concept) SME services for central DB. You will need to quickly grasp complex application set ups for Identity & Access Management, supporting the Information Security Officer (ISO) and IT Application Owner (ITAO) throughout the central solution On-boarding process. **Key Responsibilities:** - Perform On-boarding assessments for IT assets applicable for end user application access - Gather business requirements and identify future user provisioning setups in adherence to Information Security (IS) internal and regulatory requirements - Engage, manage, and influence stakeholders including Information Security Officer, IT Application Owner, Engineering, and Operations teams - Provide process improvement inputs, identify issues, and develop successful solutions - Report and escalate potential risks to management - Work with distributed teams across different locations - Develop key operational procedures and ensure adherence to policies - Comfortable with Security Policy and Governance in the banking domain - Strong presentation and communication skills - Structured and methodological approach to deliver high-quality results - Proactively address performance issues and ensure alignment with organizational needs - Pro-active and flexible working approach with a team spirit **Qualifications Required:** - Minimum 5 years of experience in Identity & Access Management, Governance, Risk and Control - Experience in team management - Knowledge or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, COBIT, ITIL - Understanding of IT Service Management, IT Governance, IT Delivery Management, IT Project Management, IT Delivery background, IT Security - Knowledge of Database Systems, application interactions, and server operating systems - Excellent Excel knowledge **Competencies:** - Self-motivated and flexible to work autonomously in virtual and multicultural teams - Strong communication skills in English (written/verbal) - Good analytical and problem-solving abilities - Detail-oriented with a continuous improvement mindset - Ability to transfer knowledge and expertise to stakeholders and team members Deutsche Bank offers a comprehensive benefits package including leave policy, parental leaves, childcare assistance, sponsorship for certifications, Employee Assistance Program, insurance coverage, and health screening. You will also receive training, coaching, and support to excel in your career within a culture of continuous learning and collaboration. For further information about Deutsche Bank and our teams, please visit our company website: [Deutsche Bank Company Website](https://www.db.com/company/company.htm),

The Job in short - As an IT Governance, Risk and Compliance (GRC) Manager, you enable Backbase in conducting its business in full compliance with all relevant national and international laws and regulations. This also includes professional standards, accepted business practices, internal policy standards and IT Security frameworks such as SOC2, ISO27001 and PCI-DSS etc. requirements. There is both an ethical component and a pragmatic approach to compliance that this role would require in helping the organization manage risk and build trust with its Customers. IT GRC Manager must present a good understanding of the highly innovative and dynamic environment of a FinTech organisation. Meet the job Functional/ Technical Skills Support design, implementation and management of IT Controls & Compliance Frameworks for an international organisation. Ensure compliance with the industry best security practices within SaaS environments. Manage and coordinate customer and independent third-party attestations as part of the contractual obligations and certification requirements. Support Third-Party Risk assessments and regular assurance program Prior experience working with GRC tools and platforms Ability to analyse and translate laws, regulations and technical requirements into commercially focussed business processes Ability to execute and report status on Risk Assessment and Risk Mitigation Program metrics. Proficient at maintaining policies and procedures as part of the Policy Governance Framework and coordinating that with other departments. Business, product and industry knowledge Ability to integrate in an Agile/Scrum working environment to drive teams. Knowledge of Secure-SDLC tooling and Application Security Knowledge of Open Banking / PSD2 is an added advantage Knowlege of multiple security and privacy frameworks, Third-party risk, outsourcing and banking regulations, etc. Knowledge of modern cloud technologies (AWS, Azure) and risks associated with Software-as-a-Service model. Knowledge of the requirements of ethics & compliance programs in international business Complexity & Problem Solving Proven ability to lead tactical compliance setup and operations SME with the ability to give concise and to-the-point compliance advice Proactive & analytical program management approach. Strategic problem solver who can take issues and find practical business solutions Collaborations and Interactions Internal & external stakeholder management Collaboration and interaction with colleagues from all relevant departments, vendors, partners and customers. How about you - Minimum of 6-8 years of relevant working experience in the practical implementation of Compliance programs in an international environment Bachelors degree required; - Acedemic degree desired in the area of IT Security, Risk Management, Cyber Security, Information Security. Fluent English - written and spoken required (mandatory) Professional certifications (e.g. ISC2 or CompTIA certifications) desired or willingness to obtain them Experience with managing in a functional way (not hierarchical)

As an Information Risk Analyst at ACA, you will play a crucial role in coordinating and managing the execution of the information security framework, policies, and programs. Your responsibilities will include working closely with ACA teams, department managers, staff, and vendors to develop, execute, and enforce information security standards that support ACA's robust security program. Your duties will involve guiding the development and ensuring compliance with corporate security policies, standards, and procedures. You will manage the annual review cycle and sign off of policies, propose changes to enhance operating efficiency and regulatory compliance, and oversee outsourced vendors providing information security functions for compliance with service-level agreements. Additionally, you will recommend and coordinate the implementation of managerial and technical controls to support and enforce defined security measures. You will be responsible for managing the annual Information Security management program, which includes Risk Assessments, Penetration tests, disaster recovery plans, and employee communication tests. Ad-hoc projects to support ACA on various client and internal initiatives will also fall under your purview. To qualify for this role, you must hold a Bachelor's Degree in a related field and have at least two years of professional hands-on experience in an Information Security role. Experience in Information Security Governance, Compliance, and Risk Management is essential, along with a solid background in evaluating threat/risk landscapes and establishing best practices for security operations, governance, compliance, and audit. Familiarity with industry security concepts/frameworks and regulatory standards such as ISO-27001, NIST, HIPAA, PCI DSS, and CIS frameworks is highly desirable. Demonstrating professional integrity, flexibility, adaptability, and the ability to collaborate effectively in a fast-paced environment are key attributes for success in this role. Strong communication, presentation, client service, critical thinking, organizational, and problem-solving skills are crucial. Your commitment to upholding high-quality standards and customer service focus, along with a proactive approach to education and career progression, will be highly valued at ACA. At ACA, we offer a competitive compensation package based on performance, along with a comprehensive Total Rewards package that includes medical coverage, Maternity & Fertility programs, wellness initiatives, insurance benefits, employee discount programs, and various leave options to support your overall well-being. Join us at ACA and be part of a dynamic team dedicated to reimagining GRC and helping clients protect and grow their businesses.,

You have a strong knowledge and hands-on experience in conducting vulnerability assessments and penetration testing for web applications and devices. You are proficient in using security assessment tools like Nessus, NMAP, OWAPS, NICTO, KALI LINUX, etc. You excel in preparing detailed reports, submitting them, and ensuring follow-up for closure of security issues. Your expertise extends to understanding and working with SIEM, WAF, Firewall, log server, and Cloud Security. You are familiar with File Server, network devices, and Firewall access control lists. Knowledge of ISO27001 requirements will be an added advantage. Possessing certifications such as CEH and LA-ISMS showcases your commitment to security practices. Your skills include a strong understanding of Security audit questionnaires and actively participating in Security audits. You are well-versed in Business Continuity Planning (BCP) and Disaster Recovery (DR) processes. Acquaintance with DC, ADC, AD, Group Policy, IIS, DNS, DHCP, Mail Server, and Linux demonstrates your diverse expertise. You have a track record of completing tasks and projects within specified timelines. Ensuring meticulous documentation and knowledge sharing are part of your routine. Your ability to multitask, effective communication skills, teamwork, and ITIL knowledge make you a valuable asset to the organization. Your educational background includes a Graduate degree with 3-4 years of relevant experience. The job location for this opportunity is in Mahape, Navi Mumbai.,

Role & responsibilities Preferred candidate profile Required Skills & Qualifications: Bachelors degree in information security, IT, or a related field. 1+ years of experience in Information Security, IT Security, or Compliance. Strong proficiency in Microsoft Word, Excel and PowerPoint. Knowledge of compliance frameworks such as ISO 27001, NIST, CIS Controls. Basic understanding of security risk assessments, audit processes, and vulnerability management. Strong attention to detail, documentation skills, and ability to manage compliance related tasks efficiently. Excellent communication and coordination skills for interacting with auditors, IT teams, and leadership.

Marriott Tech Accelerator is a division of Marriott International, a renowned global leader in the hospitality industry. Marriott International, Inc. is a prominent American multinational corporation with a diverse portfolio of lodging brands, encompassing hotels and residential properties worldwide. With a presence in over 141 countries and territories, Marriott International boasts more than 30 well-established brands and nearly 8,900 properties. As a Senior Manager, Security Architecture at Marriott, you will play a pivotal role in overseeing Security Data Lakes (SDL) environments and AI/ML Security Technologies. Your primary responsibility will involve spearheading the development and management of a comprehensive SDL strategy to bolster Marriott's cybersecurity capabilities and ensure compliance with regulatory mandates. The ideal candidate for this role should possess a fervor for data, business intelligence (BI), SDL, AI/ML, and emerging technologies, coupled with a visionary outlook towards crafting next-generation capabilities and a tenacious drive for achieving success. In this capacity, you will serve as a subject matter expert and lead architect for data lakes within the Data Platform team, with a special focus on the SDL domain. Your duties will encompass conducting research, analysis, design, and development across a broad spectrum of cutting-edge data capabilities and products. Specifically, you will be tasked with establishing technical standards, designing the semantic data modeling layer, and defining metrics within the SDL domain. Furthermore, you will be instrumental in setting data modeling standards to ensure uniform and efficient data models across all data products. Taking ownership of technical aspects and support for Service Provider deliverables, you will guide their technical personnel to ensure the delivery of high-quality outputs adhering to our technical standards and best practices, while also ensuring scalability. Additionally, you will explore emerging technologies that promise future capabilities and seek solutions for intricate technical challenges, making informed decisions on complex, non-routine requests to aid analytics-driven decision-making by Marriott's business units. The role demands 8-10 years of progressive architecture and engineering experience across various domains like Security SDL, Machine Learning, AI, SIEM Technologies, and familiarity with security tools such as Splunk, Cribl, and AWS. You should exhibit a strong aptitude for conducting Proof of Concepts (POCs) and delivering demos to leadership, possess exceptional communication skills, and demonstrate the ability to plan resource requirements based on high-level specifications. Experience in data management, data analytics, data science in a regulated global enterprise setting, as well as information protection and security, are crucial aspects for this role. Moreover, candidates should have a track record of 2+ years in direct management or team leadership roles within technical teams, coupled with 3+ years of experience involving responsibilities related to data pipeline management, security architecture, cybersecurity incident response, compliance, or investigative processes. Additional qualifications such as AWS Solutions Architect or Developer certification, proficiency in agile methodologies, familiarity with security standards and regulatory requirements related to AI and data protection, and knowledge of AI/ML frameworks and platforms are highly desirable. Education-wise, a Bachelor's degree in computer/data sciences, information management, or a related technology or security field, or equivalent experience/certification, is required for this position. The work location for this role is Hyderabad, India, with a hybrid work mode in place.,

As the Lead Security Engineer, you will need to have a Bachelor's degree or equivalent and possess at least 10-12 years of experience in the field. Your expertise should include a deep understanding of AWS Cloud security, NIST, ISO27001, and PCI DSS Compliance. You should have hands-on experience with PCI-compliant environments and managing vulnerability cycles for OS and Non-OS Patch. Your proficiency should extend to TSL/SSL and Cryptographic Standards, with the ability to identify and mitigate risks from deprecated algorithms or vulnerabilities. In addition, you should have a solid grasp of DevSecOps practices and integrating security measures into the software development lifecycle, including secure coding and automated deployment using CI/CD pipelines, preferably with Jenkins. Experience with GitFlow and familiarity with monitoring tools like CloudWatch, Dynatrace, Splunk, as well as vulnerability scanning tools such as SonarQube and Qualys, will be essential for this role. A basic knowledge of Java applications and network basics, particularly from a PCI segmentation perspective and an understanding of firewall rules, are also required. Furthermore, having some exposure to WAF Management and configuration, particularly with Akamai solutions, will be considered advantageous for this position. Your role will involve ensuring the security of systems and applications, implementing best practices, and proactively identifying and addressing security risks to safeguard the organization's assets and data.,

As a passionate member of Advarra, you will play a crucial role in overseeing the information security compliance program for the relevant region. Your responsibilities will include identifying areas of non-compliance and directing corrective action while serving as a consultant and advisor to regional site leadership on information security and related matters. You will take the lead in initiating, facilitating, and promoting activities that enhance information security awareness within your area of responsibility. Your role at Advarra will involve fostering a culture of cybersecurity within the organization, driving behavioral changes for the business, and providing insightful reports and communications to regional and site-level leadership on security trends and statistics. You will also be instrumental in assisting the Chief Information Security Officer (CISO), Security Operations Lead, Privacy, and Compliance in responding to regional security incidents and potential breaches of electronic protected health information (ePHI) and electronic personally identifiable information (ePII). In addition to these duties, you will be responsible for developing and implementing risk management strategies and corrective action plans for your designated region or business area. This will involve conducting risk assessments, analyzing potential risks, and implementing mitigation and remediation measures. You will also coordinate both external and internal security and privacy audit controls to monitor activity on electronic systems containing sensitive information. Furthermore, you will ensure that disaster recovery, business continuity, risk management, and access control needs are documented and addressed for your region or business area. You may also lead strategic projects with regional and national scope, such as Data Leak Protection, Vulnerability Management, and Phishing Simulation reporting. This individual contributor role does not involve managing direct reports and requires a Bachelor's degree in computer science, information systems, or a related field, along with 5-10 years of experience leading an information security program. A CISSP or CISM certification is preferred, and experience in regulated industries such as Life Science, Health Care, or manufacturing is beneficial. Your ability to lead audits and assessments related to ISO27001, HIPAA, and HITRUST, as well as experience in vendor and product selections, will be valuable in this role. Located in Bengaluru, India, this position offers a hybrid work option. While CRISC, CGEIT, CISA GSEC, and GCIH certifications are helpful, they are not mandatory. The role may involve sitting or standing for extended periods, carrying objects, and focusing on tasks with verbal communication skills being essential for effective collaboration.,

Join us for a role in "CCO Functions" at Barclays, where you'll spearhead the evolution of our digital landscape, driving innovation and excellence. You'll harness cutting-edge technology to revolutionize our digital offerings, ensuring unparalleled customer experiences. To be successful as a Tech Assurance AVP SOX, you should have experience with testing IT Application Controls (ITAC) / IT General Controls (ITGC) / Cyber Security Assessments and hands-on experience in IT Audits / IT Assessments and GRC (Governance, Risk & Controls), specifically SOx Review. It is essential to have a good understanding of industry frameworks such as COSO, COBIT, NIST, ISO27001, and control frameworks used in IT SOx. A Bachelor's degree in information systems / technology, Computer Science, Information Security, Computer Applications, or a similar field; or a Bachelor's degree in accounting / finance / business with relevant experience in IT Audit is required. Additionally, a relevant professional certification (CISA, CISSP, CRISC, CISM, ISO 27001) or equivalent, extensive knowledge of technology risk and control, including relevant tools and techniques, and an understanding of programming/ database languages such as C++, Java, COBOL, SQL / Cyber Security Frameworks, Standards, and Principles are necessary. Understanding of key ITAC categories and depth of knowledge of technology risk areas are also important. Proficiency in Advanced Excel skills and experience using data analysis or CAATs would be advantageous. Some other highly valued skills may include understanding of Identity Access Management, Privileged Access Management, and Cloud Security, practical experience in managing Technology Risks & Controls in Banking/ NBFC domains, and practical experience in design and development of SharePoint or similar tools. You may be assessed on key critical skills relevant for success in the role, such as risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, as well as job-specific technical skills. Location - Chennai. Purpose of the role: To partner with the bank, provide independent assurance on control processes, and advise on improvements to ensure the efficiency and effectiveness of the bank's internal controls framework. Accountabilities: - Collaboration across the bank to maintain a satisfactory, robust, and efficient control environment through the execution of ad-hoc assessments and testing on the design and operational effectiveness of internal controls aligned to control policies and standards. - Development of detailed test plans and procedures to identify weaknesses in internal controls and other initiatives aligned to the bank's control framework to mitigate potential risks and issues. - Communication of key findings and observations to relevant stakeholders and business units to improve overall control efficiency and provide corrective actions to senior managers. - Development of a knowledge center containing detailed documentation of control assessments, testing on design and operational effectiveness of procedures, findings, and distribution of material on internal controls to train and upskill colleagues within the bank. Assistant Vice President Expectations: - Consult on complex issues, provide advice to People Leaders to support the resolution of escalated issues. - Identify ways to mitigate risk and develop new policies/procedures in support of the control and governance agenda. - Take ownership for managing risk and strengthening controls in relation to the work done. - Collaborate with other areas of work, engage in complex analysis of data from multiple sources, communicate complex information, and influence or convince stakeholders to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship and the Barclays Mindset to Empower, Challenge, and Drive.,

As a Senior Engineering Manager (Hotel Ops) at Marriott Tech Accelerator, you will be responsible for ensuring the reliability, availability, and performance of mission-critical cloud and on-prem services that cater to millions of Marriott customers worldwide. Your role will involve overseeing incident management, driving automation efforts, and collaborating with cross-functional teams to align SRE strategy with business objectives. You will work closely with Product Teams, Applications teams, Infrastructure, and other delivery teams to enhance application stability, availability, and performance by developing key metrics and KPIs. Your primary responsibilities will include implementing best practices for monitoring, alerting, and incident management to maintain the reliability of cloud services, managing high-severity incidents to ensure quick resolution and root cause analysis, automating operational processes for scalability, and optimizing cloud and on-prem infrastructure. Additionally, you will be expected to develop and execute the SRE strategy aligned with business goals and communicate service health, reliability, and performance metrics to senior leadership. You will play a key role in driving Applications Performance Management and Monitoring by assessing application architectures, identifying Key Performance Indicators, developing reporting metrics, and ensuring adherence to monitoring standards. Building successful relationships will be crucial as you collaborate with various teams to improve processes, liaise with vendors and service providers, and manage projects and priorities effectively. To excel in this role, you should have 8-10 years of experience in information technology process and technical project management, including at least 4 years as a Site Reliability Engineer (SRE) with expertise in building and managing highly available systems. You should also have proven automation and programming experience, deep understanding of SRE practices, and familiarity with modern development techniques and pipelines. Proficiency in containerization orchestration engines, deployment, monitoring, and troubleshooting of large-scale applications in cloud environments is essential. Moreover, your experience with security frameworks, SaaS, IaaS, PaaS offerings, and global team collaboration will be valuable. Your educational background should include an undergraduate degree in Computer Science or a related technical field, along with relevant certifications. Your strong analytical abilities, leadership skills, technical acumen, and interpersonal skills will be critical for success in this role. If you are a self-starting, innovative individual with a passion for operational excellence and driving change in a fast-paced environment, we encourage you to apply for this position at our Hyderabad, India location in a hybrid work mode.,

MTX Group Inc. is looking for a dedicated Senior Consultant - IT Support to become a valuable part of our team. As a global technology consulting firm, MTX specializes in facilitating digital transformation for organizations worldwide. Our focus is on leveraging data as the new currency to drive strategic outcomes related to happiness, health, and the economy. By collaborating with leading cloud technologies, MTX empowers clients to enhance decision-making processes with speed and precision. We offer expertise in a wide range of platforms and technologies, including Google Cloud, Salesforce, artificial intelligence/machine learning, data integration, data governance, data quality, analytics, visualization, and mobile technology. Your responsibilities will include configuring network devices, firewalls, access points, routers, and switches for system and network monitoring. You will also be involved in deploying, installing, configuring, and administering Linux Systems and Servers, providing end-user support, managing IT assets and devices, administering G-Suite, configuring Biometric and HID access, and maintaining licenses for MTX Applications. Additionally, you will engage with employees globally at a technical level, conduct regular audits of IT assets and applications, assist in scaling IT systems and networks for growth, address hardware and software issues, and contribute to defining best practices and support procedures. To excel in this role, you should possess 6-9 years of experience in IT support and system administration, with a strong background in network administration, Linux server deployment, Ubuntu, tools like Jenkins and Docker, as well as proficiency in Windows and macOS. Holding a Cisco CCNA Certification and having experience in cybersecurity, G-Suite Administration, Biometric and HID access, and knowledge of leading Infrastructure platforms such as GCP, Azure, and AWS will be advantageous. Familiarity with IT audit processes and standards like HIPAA, SOC-2, SSAE18, and ISO-27001 is also desirable. In addition to technical skills, key soft skills such as flexibility with tasks, teamwork, problem-solving abilities, analytical thinking, interpersonal skills, and effective communication are essential for success in this role. We offer a comprehensive benefits package that includes group medical insurance, maternity cover, personal accident policy, food wallet option, internet reimbursement, and professional development opportunities through MTX-sponsored certifications across various technology stacks like Salesforce and Google Cloud. If you are ready to contribute your expertise to a dynamic and innovative team, we invite you to apply for the Senior Consultant - IT Support position at MTX Group Inc.,

The Risk Consulting Senior Consultant in Digital Risk, IT Internal Audit and Controls at EY in Belfast will play a crucial role in providing assurance and consulting services to major organizations in the digital risk domain. The focus will be on strengthening the IT Internal Audit and IT Controls fields, including SOCR, SOX, and Digital Risk Consulting. As a dynamic individual, you will be an essential part of the team, contributing to the growth targets set for this area. Your responsibilities will include collaborating with clients to plan engagements, conducting fieldwork, drafting findings for review, presenting reports to Audit Committees, contributing to business development, and supporting junior team members. To excel in this role, you must have a strong background in IT Internal Audit and Control Services, a minimum of 3 years of IT Audit experience, and the ability to motivate and lead a team. Key requirements for the role include experience in cybersecurity, resiliency, data protection, IT project management, and IT controls such as SOX, SOCR, ISO, and PCI-DSS. Ideally, you will have a background in a professional services environment and hold certifications like Certified Information Systems Auditor, CISSP, CRISC, CISM, or ISO27001. EY is looking for highly motivated individuals with excellent communication skills who can translate technical content into business language. The firm offers a competitive remuneration package, flexible working arrangements, career development opportunities, and a range of benefits including pension, health insurance, wellness programs, and more. At EY, you will be supported in enhancing your skills, continuous learning, and career progression. The firm values diversity and inclusion, fostering an environment where all individuals are respected and empowered to contribute their unique perspectives. Embracing a hybrid working model, EY provides flexibility and autonomy to its employees, enabling them to make a meaningful impact in their own way. As a global leader in assurance, tax, transaction, and advisory services, EY is committed to building a better working world through inclusivity, diversity, and equity. By joining EY, you will have the opportunity to be part of a culture that values innovation, strong relationships, and delivering the best solutions for clients. If you meet the criteria and are interested in joining EY, please apply to be a part of a team dedicated to creating a better working world through inclusivity, diversity, and innovation.,

HMH is a learning technology company committed to delivering connected solutions that engage learners, empower educators and improve student outcomes. As a leading provider of K12 core curriculum, supplemental and intervention solutions, and professional learning services, HMH partners with educators and school districts to uncover solutions that unlock students" potential and extend teachers" capabilities. HMH serves more than 50 million students and 4 million educators in 150 countries. HMH Technology India Pvt. Ltd. is our technology and innovation arm in India focused on developing novel products and solutions using cutting-edge technology to better serve our clients globally. HMH aims to help employees grow as people, and not just as professionals. For more information, visit www.hmhco.com. The Senior Manager of Information Security (External Role Description Application/Product Security Architect) will report to the Chief Information Security Officer. As a leader in the Information Security organization, this role will lead the task of refining, managing, and executing a strategic product/application security roadmap based on industry-standard software security frameworks. The responsibilities include planning, implementing, and tracking key initiatives focused on product/application security strategy, metrics, compliance, policy, developer awareness, training, and stakeholder engagement, collaborating closely with multiple teams including Information Security, Product Management, Engineering, Legal, Risk, and Compliance. The aim is to improve product/application security controls and drive impactful change within the team and its members. Responsibilities: - Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas. - Lead a team of high-performing individuals creating remediation plans, performing security reviews, and recommending security solutions to meet current and future needs for HMH products and applications. - Drive the development and implementation of product and application standard security review processes to reduce security risks before product releases effectively. - Influence project and portfolio stakeholders, communicate relevant security information to executive leaders and individual contributors. - Provide input into the Information Security strategy aligning future security investments with business requirements, industry threat landscape, and risk appetite of HMH. - Collaborate closely with the Architecture teams to ensure alignment. - Track policy exceptions and remediation dates through active engagement with development and operations teams. - Stay updated on the latest cyber security threats internally and externally. - Oversee projects, program delivery, daily monitoring, response, review cloud and physical infrastructure, alerts through incident response, and threat landscape for ongoing security controls maturity. - Drive operational efficiency and excellence leveraging tools, processes, and automation with appropriate visibility and metrics meeting SLAs/SLOs. - Support and implement controls and visibility to meet third-party attestations (SOC2, ISO27001, GDPR, SOX). - Balance collaboration with being firm on security policies and facilitating progress and compromise. What You Should Have: - 5 to 6+ years hands-on experience in application security utilizing SAST, DAST, IAST, RASP, and WAF. - 5+ years of application engineering, architecture, or development management experience. - Proficient in analyzing problems, compelling communicator, translating security risk to business risk, and driving actionable decisions. - Experience in leading application security remediation work and mitigation initiatives. - Proficient experience with common web application attack vectors and mitigation strategies. - Highly organized with strong organizational skills for yourself and the team in a fast-moving company.,

At EY, you will have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help them become even better. Join EY and build an exceptional experience for yourself, contributing to creating a better working world for all. As part of the EY- Technology Risk team, you will contribute technically to IT Risk and Assurance client engagements and internal projects. You will actively establish, maintain, and strengthen internal and external relationships. Identifying potential business opportunities for Ernst & Young within existing engagements and escalating them as appropriate will be a crucial part of your role. Additionally, you will anticipate and identify risks within engagements and share any issues with senior members of the team. We are looking for an Analyst to join the leadership group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities will include evaluating a portfolio of controls for design effectiveness, operating effectiveness, and/or risk management outcomes. You will ensure that assigned control assessments are accurate, effective, abide by policy, procedures, and templates, and meet quality control requirements, delivering them on time according to the assessment plan. Testing and supervising the delivery of assigned controls will involve various areas such as ITGC, ITAC, System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management, ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies and Standards Assessment, and Software Development Lifecycle (SDLC). Managing control owners and stakeholders, applying judgment and risk management concepts to identify findings, provide valuable insights to clients, reviewing IT Policies and Standards, working closely with cross-functional teams, and staying current with regulatory standards and industry best practices are all key aspects of the role. Skills and attributes for success include providing guidance, sharing knowledge, conducting information security assessments, maintaining client relationships, demonstrating a thorough understanding of complex information systems, utilizing extensive knowledge of the client's business/industry, and demonstrating excellent project management skills. To qualify for this role, you must be a Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with at least 2-7 years of experience. Your significant experience in applying relevant technical knowledge in engagements such as ISO assessments, NIST assessments, Data privacy audits, Network and Infrastructure audits, Cyber Maturity Assessment, IT Policies and Standards Assessment, IAM and IT Asset Management, and IT Health Check is required. Ideally, you will also have a robust understanding of program and project management practices and familiarity with a typical IT systems development life cycle. EY offers support, coaching, feedback, opportunities for skills development and career progression, as well as freedom and flexibility in handling your role. Working at EY provides opportunities to work with inspiring and meaningful projects, with a focus on education, coaching, and personal development within an interdisciplinary environment that emphasizes high quality and knowledge exchange. EY exists to build a better working world, creating long-term value for clients, people, and society, and building trust in the capital markets. Across assurance, consulting, law, strategy, tax, and transactions, EY teams in over 150 countries provide trust through assurance, help clients grow, transform, and operate, by asking better questions to find new answers for the complex issues facing our world today.,

Dentsu is a network designed for what's next, assisting clients in predicting and planning for disruptive future opportunities and creating new paths to growth in the sustainable economy. Embracing a people-centered approach to business transformation, insights are utilized to connect brand, content, commerce, and experience, all underpinned by modern creativity. Dentsu Security oversees the scope and delivery of cyber security and business continuity activities across all dentsu offices in 145 countries globally. As a part of the Technology & Security Governance, Risk & Compliance team, you will directly report to the Head of Third-Party Security, playing a pivotal role within the expanding Global Third-Party Security team. Your primary responsibility will involve leveraging your existing information security and/or third-party risk management experience to support the Third-Party Security function in establishing relationships with internal stakeholders and suppliers globally. This ensures that third parties undergo appropriate assessments, onboarding, monitoring, and offboarding procedures with due diligence. This role offers a hybrid work arrangement, combining remote work with office presence. The position is open to candidates based in Kuala Lumpur, Malaysia, or India. Responsibilities: - Conduct security risk and control assessments for technology and business third parties at global, practice area, and market levels. - Develop relationships with business third-party relationship owners during onboarding processes. - Engage directly with suppliers during onboarding and continuous monitoring. - Monitor control remediation to ensure timely responses from third parties. - Collaborate with key third-party risk management stakeholders, including procurement, legal, and data privacy functions. - Maintain risk and control assessment schedules using the enterprise strategic Vendor Risk Management platform. - Support internal Third Party Security Assurance (TPSA) activities and drive process enhancements. - Develop and maintain reporting mechanisms to monitor control effectiveness and business performance in managing third-party risk. - Ensure continuous documentation and review of processes and procedures. - Support and drive continuous improvement initiatives across third-party security and broader Security teams, including GRC, Cyber Security, Client Security, Security Architecture, and Security Programme teams. Candidate Profile: - Experience in security compliance initiatives within an enterprise technology environment (e.g., ISO27001, NIST, CIS, PCI DSS, Cyber Essentials). - Comprehensive knowledge of security domains covering people, processes, and technology. - Experience in third-party security risk management and assurance within medium or large-sized organizations. - Proficiency in third-party risk and control assessment for IaaS, PaaS, SaaS cloud service providers. - Ability to communicate technical concepts effectively to non-technical audiences. - Familiarity with IT assurance functions and auditing techniques. - Experience with Cyber Security Rating Platforms (desirable). - Proficiency in using Vendor Risk Management assessment platforms (desirable). - Proficient in using Microsoft Excel, Microsoft Forms, and Microsoft PowerBi. - Self-motivated, proactive, and action-oriented in meeting deadlines. - Interest in personal development within TPSA and other Security functions. - Actively seeks trending knowledge and skills within the information security community. - Possessing or working towards an information security qualification (CISSP, CRISC) is desirable but not essential. - Experience in developing and administering SharePoint environments is desirable but not essential. Location: Kuala Lumpur Brand: Global Technology Time Type: Full-time Contract Type: Permanent,

As a Security Compliance and Assurance Auditor at Lenovo, you will have the opportunity to work with Lenovo Product teams globally to ensure alignment with various security standards and regulations. You will collaborate with top security teams in the industry to assess risks, implement remediation strategies, and work closely with business executives and other stakeholders to mitigate security issues. Your role will involve assessing security requirements, advising on cyber risk management, developing security strategies, and maintaining security policies and practices. Your responsibilities will include providing guidance to design, service, and operations teams on security implementation, collaborating with IT and stakeholders to ensure a multi-layered approach to cybersecurity, identifying and managing cyber threats, supporting other business functions as a subject matter expert, and ensuring that information security solutions align with business risks. You will also need to create, develop, and uphold security policies while possessing strong communication skills, stakeholder management experience, and a broad technical security background. To excel in this role, you should hold certifications such as CISSP, CISM, CISA, CEH, or similar qualifications, have experience in security management within a Managed Service provider environment, and possess knowledge of standards like ISO27001, NIST, and CIS. Your operational experience in managing cybersecurity, familiarity with security tools and technologies, and ability to think strategically while also resolving immediate issues will be key to your success. Additionally, your problem-solving skills, critical thinking abilities, and decision-making capabilities will be crucial in this role. Lenovo follows strict policies and legal compliance throughout the recruitment process, including role alignment, employment terms discussion, final selection, and offer approval. Interviews may be conducted via audio, video, or in-person, and you will always meet with an official Lenovo representative. To verify job offers, please refer to the official Lenovo careers page or contact IndiaTA@lenovo.com to stay informed and protect yourself from recruitment fraud. If you encounter any suspicious activity, please report it to local authorities.,

As the Manager - Data Protection at our organization, you will play a crucial role in overseeing the data protection and privacy management functions. Based in Mumbai, you will report to the Head Compliance MS India and be responsible for ensuring compliance with the DPDP Act, 2023. Knowledge or exposure to GDPR will be an added advantage. Your primary responsibilities will include developing policies, procedures, and checklists related to data protection and privacy. You will monitor compliance with various data protection regulations at an enterprise level and provide guidance to the security organization on data protection matters. Additionally, you will review business arrangements and internal processes to ensure compliance with data privacy and protection standards. To excel in this role, you should hold a Bachelor's or Master's degree in IT, IT Security, Engineering, or a related field. Possessing a security certificate such as CISA, CISM, CRISC, CISSP, or CIPP would be beneficial. With a minimum of 5-10 years of experience in information security, security risk management, or cyber security, you should have a strong understanding of security frameworks like ISO27001 and PCI. We are looking for a results-driven individual with excellent analytical skills and attention to detail. Strong communication and presentation abilities in English, both verbal and written, are essential. A multicultural mindset, flexibility to work in an international environment, and a persistent attitude are qualities we value in our team members. In return, we offer a competitive salary, 25 days of annual leave, private medical insurance, an attractive pension scheme, and a flexible benefits scheme. We are committed to your professional development and have comprehensive training programs in place to support your career growth. At Worldline, we recognize that our success is driven by the talents and diversity of our team members, making your contribution integral to our achievements. If you are ready to take on this challenging role and contribute to our organization's success, we encourage you to apply. Join us at Worldline and be part of a global leader in digital transformation.,

You will be responsible for managing the IT infrastructure, which includes installing, configuring, and managing network equipment such as routers, switches, and firewalls. Your role will involve maintaining day-to-day IT operations and monitoring the network to maximize performance. You will be required to create accurate network diagrams and documentation for designing and planning network communication systems. Additionally, configuring and managing access lists, DHCP IP Sec tunnels, VLANs, and routing & switching will be part of your responsibilities. You will also handle the configuration and maintenance of MPLS technology and oversee IT asset & inventory management. As an ideal candidate, you should have a minimum of 5 years of experience in IT management, specifically in network and servers. A strong command of English is necessary as you will be interacting with offshore users. Hands-on experience with Cisco routers, Cisco switches, SonicWALL firewall, and Barracuda firewall is required. Knowledge of hardening network devices and the ability to implement, administer, and troubleshoot network infrastructure devices like firewalls, routers, and switches are essential. Familiarity with routing protocols such as BGP, RIP, IGRP, and EIGRP is important. You should be willing to work in a 24*7 environment and have knowledge of ITIL, ISO27001, and PCI framework. Your duties will also include managing Helpdesk & Service Desk, as well as overseeing the Helpdesk & Engineer Team. Ensuring the implementation of IT security policies and procedures, establishing proper documentation processes, and adhering to IT Securities policies will be part of your daily tasks. This is a full-time position in the Information Technology category based in Pune, India.,

Design, implement & manage enterprise InfoSec solutions. Handle IAM lifecycle, SSO/MFA, access certifications, threat detection, SIEM, security automation, compliance (SOX, GDPR). Support audits & incident response. Required Candidate profile 4–7 yrs in InfoSec/IAM. Expertise in IAM platforms, SSO/MFA, SIEM, scripting, compliance. Strong coding in Python/Java/Go. Certifications like CISSP, CISM, or Security+ preferred. Cloud IAM exposure

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As an IT risk consultant, you'll contribute technically to risk assurance client engagements and internal projects. An important part of your role will be to perform IT audits, document good quality assessment reports, and issue opinions. You'll anticipate and identify risks within engagements and share any issues with the audit stakeholders. You'll also identify potential business opportunities for EY within existing engagements and facilitate integration as appropriate. In line with EY's commitment to quality, as an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for seniors with 3 to 6 years of hands-on experience in IT Risk/Audit, Assurance, and Advisory to join our FS Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities as a senior are to: - Lead and execute IT Audit and Risk Assurance engagements - Perform client walkthroughs, understand key IT processes and risks - Request and review the audit evidence. Draft control and risk review reports and documentation - Plan team schedules and utilization. Divide tasks amongst the staff and manage final delivery - Develop and maintain productive working relationships with clients and onshore stakeholders Skills and attributes for success: - Work effectively as a team leader - collaborate and share responsibility, coach, and support team members to succeed - Maintain an educational program to continually develop personal skills of self and staff - Conduct performance reviews and contribute to performance feedback for staff To qualify for the role, you must have: - Preferably B.E/B.Tech (Computers, Electronics, Data Analytics), BCA/MCA, B.Sc/M.Sc. (computers major), MBA, CA. - Must Have - 3-6 years of hands-on internal/external IT Audits - At least One - IT General Controls, IT Automated Controls, and Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting - Able to perform an independent security configuration review of common operating systems and databases - Windows, Unix, DB2, AS400, SAP R3ECC/HANA, Mainframe, SQL, Oracle. - Knowledge of documentation and data analysis tools like Word, Excel, Access, - Strong English verbal and written communication skills. - Nice to have - CISA, CISM, CRISC, ISO27001, Data privacy certifications - IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX - Data analytics/automation tool - SQL, Monarch, BluePrism, Alteryx, PowerBI - German/Dutch/French language is an added advantage. What we look for: We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies - and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around - Opportunities to develop new skills and progress your career - The freedom and flexibility to handle your role in a way that's right for you EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

HMH is a learning technology company committed to delivering connected solutions that engage learners, empower educators, and improve student outcomes. As a leading provider of K12 core curriculum, supplemental and intervention solutions, and professional learning services, HMH partners with educators and school districts to uncover solutions that unlock students" potential and extend teachers" capabilities. HMH serves more than 50 million students and 4 million educators in 150 countries. HMH Technology India Pvt. Ltd. is our technology and innovation arm in India focused on developing novel products and solutions using cutting-edge technology to better serve our clients globally. HMH aims to help employees grow as people, and not just as professionals. The Senior Manager of Information Security (External Role Description Application / Product Security Architect) will report to the Chief Information Security Officer. As a leader in the Information Security organization, this role will lead the task of refining, managing, and executing a strategic product/application security roadmap that is based on industry-standard software security frameworks. You will plan, implement, and track key initiatives focused on product/application security strategy, metrics, compliance, policy, developer awareness, training, and stakeholder engagement. You will work closely with multiple teams that make up Information Security, Product Management, Engineering, Legal, Risk, and Compliance to improve product/application security controls and drive impactful change to the team and its members. Responsibilities: - Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas. - Lead a team of high-performing individuals who create remediation plans, perform security reviews, and recommend security solutions to meet current and future needs for HMH products and applications. - Drive the development and implementation of product and application standard security review processes that result in effective methods for reducing security risks before product releases. - Demonstrate an ability to influence all project and portfolio stakeholders; communicate relevant security information to both executive leaders and individual contributors in an effective manner. - Provide input into the Information Security strategy to ensure that future security investments are aligned appropriately when considering key priorities such as business requirements, industry threat landscape, and risk appetite of HMH. - Collaborate closely with the Architecture teams. - Demonstrated experience handling the demand/supply of project and program resources and tracking allocation. - Track policy exceptions and remediation dates through active engagement with development teams and operations teams. Partner with Audit teams to periodically audit controls and secure coding practices being followed by development teams. - Staying abreast of the latest cybersecurity threats both internal and external. - Oversee projects, program delivery, daily monitoring, response; review of cloud infrastructure, physical infrastructure, and the full life cycle of alerts through incident response; and the threat landscape to ensure ongoing and continued maturity of the organization's security controls in addition to service support. - Drive operational efficiency and excellence leveraging tools, process, and automation with appropriate and transparent visibility and metrics that can meet SLAs/SLOs. - Support and implement controls and visibility to meet third-party attestations (SOC2, ISO27001, GDPR, SOX). - Balance being collaborative, open, and approachable while still being firm on security policies and in facilitating progress and compromise. What you should have: - 5 to 6+ years hands-on experience in application security utilizing SAST, DAST, IAST, RASP, and WAF. - 5+ years of application engineering, architecture, or development management experience. - Proficient in analyzing ambiguous problems, compelling communicator with the ability to receive and analyze information, translating security risk to business risk to driving actionable decisions across multiple levels and departments. - Experience in leading application security remediation work, leading the mitigation initiative to accommodate the developer community priority. - Proficient experience with common web application attack vectors and related mitigation strategies that translate to controls within the organization. - Highly organized. With many people doing many things in a fast-moving company, strong organizational skills both for yourself and for the team will be required.,