60 Iso27001 Jobs - Page 2

As the TISO - Information Security Compliance VP at Deutsche Bank, you will be responsible for enforcing Information Security compliance within your area of responsibility in alignment with the CISO mandate and strategy, as well as the bank's risk appetite. You will serve as the expert and point of escalation for all IT security-related aspects of the IT assets under your purview. Your role will involve providing guidance on implementing technical control aspects, achieving compliance with Information Security controls, and ensuring proper handling of any relevant exceptions. Collaborating closely with the respective Chief BISOs, you will support the business divisions and COO IT counterparts in complying with Security Controls. You will work as a part of a cross-functional agile delivery team, bringing innovation to software development by utilizing the latest technologies and practices. Your focus will be on delivering business value through a collaborative and supportive environment, engaging in all stages of software delivery from initial analysis to production support. Key Responsibilities: - Aligning standards, frameworks, and security with overall business and technology strategy - Identifying and communicating current and emerging security threats - Creating solutions that balance business requirements with information and cyber security requirements - Deriving the IT Security strategy from the CISO strategy and translating it into an operational plan for delivery within your area of responsibility - Driving integration of Chief Information Security Office Initiatives and ensuring alignment with divisional portfolios - Managing IT audits and preparing remediation plans in cooperation with COO IT management - Partnering with key stakeholders to act as a mediator and subject matter expert on Information Technology Security topics Skills and Experience: - 8-12 years of experience in security considerations of cloud computing, identity and access management, and technical elements required for building security - Knowledge of ISO27001, COBIT, and Windows and UNIX environments - Exceptional communication skills, critical thinking, and analytical skills - Ability to present information security topics to senior committees and drive decision-making - Good understanding of Findings Management, Control Inventory, and Anti-Financial Crime Functions in Corporate Banking - Ability to lead, mentor, and influence in a complex multi-matrix organization Education/Certification: - Degree in Information Security or a comparable education At Deutsche Bank, you will receive training and development opportunities, coaching from experts in your team, and a culture of continuous learning to support your career progression. Join us in striving for a culture of empowerment, responsibility, commercial thinking, and collaboration as part of the Deutsche Bank Group, where we celebrate the successes of our people and promote a positive, fair, and inclusive work environment.,

As a Technology Risk and Control Analyst within the Infrastructure Platform Engineering (IPE) team at the London Stock Exchange Group (LSEG), you will play a crucial role in identifying, assessing, and mitigating operational, regulatory, and technology-related risks across the organization. Working under the Infrastructure and Cloud business division, your responsibilities will involve supporting the implementation and maintenance of risk and control frameworks, conducting control testing, and collaborating with various teams to ensure compliance with internal policies and external regulations. Your key responsibilities will include identifying and assessing operational, regulatory, and compliance risks within the IPE teams, supporting the Risk and Control Self-Assessment (RCA) process, designing and documenting effective control procedures in collaboration with Infrastructure and GRC teams, as well as conducting Design Effectiveness Testing (DET) and Operating Effectiveness Testing (OET) to evaluate control performance. Additionally, you will work closely with cross-functional teams across Operations, Risk, Compliance, and IT to embed robust risk management practices, provide guidance and training on risk and control frameworks, recommend continuous improvements to control processes and risk mitigation strategies, and monitor industry trends and regulatory developments to ensure the effectiveness of risk practices. To qualify for this role, you should hold a Bachelor's degree in engineering, Computer Science, or a related field, along with 8-12 years of hands-on experience in Operational risk management, internal controls, IT audit, or compliance. A strong understanding of IT Governance framework and familiarity with IT industry standards such as ISO27001 and COBIT is essential. Experience with control testing, audit practices, compliance assessments, cybersecurity principles, and enterprise IT environments will be beneficial. Professional certifications such as CISA, CRISC, CISM are preferred, while proficiency in data analysis, reporting tools, and project management software is required. Strong analytical, problem-solving, and communication skills, as well as the ability to work collaboratively and manage relationships with stakeholders at all levels, are key attributes for success in this role. As part of LSEG, a leading global financial markets infrastructure and data provider, you will be contributing to driving financial stability, empowering economies, and enabling sustainable growth. With a diverse and inclusive organizational culture, you will have the opportunity to bring your true self to work, contribute to a collaborative and creative environment, and help re-engineer the financial ecosystem to support and drive sustainable economic growth. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives to ensure the well-being and development of its employees.,

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITGC Knowledge about regulators RBI, IRDA, SEBI Fresher 2023 /2024 in B. Tech or Cybersecurity

Innovation is and will always be the core of SAP Fioneer, and it is the promise of why we were spun out of SAP: agility, innovation, and delivery. SAP Fioneer builds on a heritage of outstanding technology and a deep understanding of corporate and consumer demands. At the heart of it all it is simple: We bring financial services to the next level with innovative software solutions and platforms. We are helping companies in the financial services industry to achieve speed, scalability, and cost-efficiency through digital business innovation, cloud technology, and solutions that cover banking and insurance processes end-to-end. A global company, with rapid growth, innovative people, and a lean organization makes SAP Fioneer a place where you accelerate your future! About role: We are committed to safeguarding our digital assets and ensuring the highest level of security for our clients. As we continue to grow, we are seeking an experienced Senior Cyber Security Engineer to join our dynamic team. The ideal candidate will bring extensive expertise in managing and securing complex environments, with a focus on O365 Security Tools, zScaler, MS Sentinel, SIEM, and Azure Security. This role requires a comprehensive skill set in incident response, vulnerability management, data protection, and cloud security, enabling us to securely empower our development and product teams. The successful candidate will have a proven track record in implementing and overseeing security solutions that protect organizational assets and improve security posture. Responsibilities: Security Infrastructure: - Design, implement, and manage security solutions leveraging O365 Security Tools, zScaler, MS Sentinel, and SIEM in support of the Security Architecture of Fioneer. - Develop and maintain comprehensive security strategies for cloud and on-premises environments. Data Protection and Leakage Prevention: - Establish the DLP and DRM program at Fioneer beyond just the deployment of the technology, but also drive data protection processes into the business and the organization. - Implement and manage data protection and leakage prevention controls. - Develop and enforce policies to safeguard sensitive information and prevent data breaches. Insider Risk Management: - Implement and manage insider risk management programs. - Monitor and analyze user activities to identify and mitigate insider threats. Security Frameworks: - Ensure compliance with security frameworks such as SOC2 and ISO27001. - Contribute to the continuous improvement of security policies and procedures. Azure Security: - Provide expertise in Azure Security, including Infrastructure as Code (IaC), Privileged Identity Management (PIM), Identity and Access Management (IAM), and Kubernetes security. - Collaborate with cloud teams to ensure secure cloud environments. Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - Proven experience as a Cyber Security Engineer with expertise in O365 Security Tools, zScaler, MS Sentinel, SIEM, incident response, vulnerability management, and data protection. - Proven experience in creating business user focused communication guides to implement Data Protection Technologies. - In-depth knowledge of security frameworks, particularly SOC2 and ISO27001. - Extensive experience in Azure Security, including Infrastructure as Code, PIM, IAM, and Kubernetes security. - Certifications such as CISSP, CISM, or relevant Azure certifications are highly desirable. Requirements: - Minimum of 5 years of experience in security engineering or operations in an enterprise environment. - First-hand experience with programming languages required, development experience in any cloud environment is a plus. - Excellent communication and people-focused skills. - Eager to learn and improve your cloud application security skills. - Ideally, initial professional experience of DevSecOps in the cloud, secure cloud configuration, secure cloud operations, vulnerability management. - Fluent in English and open to other cultures and ideas. - A sense of humor. Benefits: You will have the opportunity to collaborate with some of the brightest minds in the industry on an incredibly ambitious project to shape the ever-evolving financial sector. This is an environment where you can have it all - the agility, enthusiasm and dynamism of a start-up, combined with the established expertise, solid market presence, and extensive customer network of a more established organization. At SAP Fioneer, you will benefit from a flexible work environment that encourages creativity and encourages you to think outside the box, bring new ideas to the table, and challenge the status quo. You will become part of a diverse and global team that we are proud of and are constantly growing and reinventing. As an employee, you will have the chance to chart your own career path and take advantage of competitive compensation packages and progression opportunities based on merit. We offer a comprehensive benefits package that includes occupational pension provisions, support for health and wellbeing, various mobility options like bike leasing and transportation allowances, as well as additional perks such as celebration rewards, meal programs, jubilee recognition, and relocation reimbursement.,

As a Technology Information Security Officer (TISO), your primary responsibility is to ensure effective and efficient communication, coordination, and implementation of CISO IT Security requirements and decisions. You will play a crucial role in guiding the ITAO team and addressing security considerations related to cloud computing, such as data breaches, broken authentication, hacking, account hijacking, and more. Your key responsibilities include aligning standards and security frameworks with the overall business and technology strategy, identifying and communicating emerging security threats, and creating solutions that balance business requirements with information and cyber security needs. You will also be responsible for training users in system implementation and deriving the IT Security strategy from the CISO strategy for operational delivery. In addition to driving the integration of CISO initiatives and ensuring compliance with security controls, you will be expected to be the recognized expert in DB Information Security Policies and procedures. Proactively managing IT audits, planning remediation activities, and spearheading independent reviews of IT Security Controls are also crucial aspects of your role. Your skills and experience should include a minimum of 14-20 years of experience in security considerations of cloud computing, identity and access management (IAM), ISO27001 specifications, COBIT, and working in Windows and UNIX environments. Knowledge of technical elements such as VB.NET, Java/J2EE, ColdFusion, API/web services, scripting languages, and relational database management systems like MS SQL Server or Oracle will be necessary for successfully building security into the organization. Overall, your role as a TISO will require you to be a proactive leader in ensuring information and cyber security within the organization, collaborating with key stakeholders, and driving the adoption of security solutions while maintaining compliance with security controls and regulations.,

Cybersecurity Engineer + Analyst (Hybrid Chandigarh / Mohali) Infinity Healthcare Solutions, LLC is expanding its cybersecurity operations and is actively seeking a highly skilled and motivated Cybersecurity Engineer + Analyst to join our team. This role is designed for professionals who bring both deep technical engineering expertise and analytical skills to secure enterprise infrastructure, identify vulnerabilities, and respond to evolving cyber threats. This position will work at the intersection of IT security architecture, incident response, risk management, and compliance operations to ensure the security and integrity of our organizations data and systems. Key Responsibilities: Security Operations & Monitoring: Monitor infrastructure, networks, and cloud environments using SIEM tools (e.g., Splunk, Microsoft Sentinel) Identify, investigate, and respond to real-time alerts and security incidents Analyze logs and network traffic to detect anomalies and unauthorized activities Perform deep-dive forensic analysis and root cause investigations on security events Incident Response & Threat Management Lead and execute end-to-end incident response processes including containment, eradication, and recovery Maintain incident response playbooks, runbooks, and documentation for various threat scenarios Collaborate with cross-functional teams to remediate vulnerabilities and improve incident readiness Stay up to date with the latest threats, vulnerabilities, zero-day exploits, and malware campaigns Security Engineering & Hardening Manage and configure endpoint protection, firewalls, IDS/IPS, and other security controls Assist in the secure deployment and configuration of cloud environments (AWS, Azure, GCP) Evaluate and implement security tools and automation for risk mitigation Apply industry best practices to harden systems and reduce attack surfaces Governance, Risk & Compliance Perform routine risk assessments, internal security audits, and gap analysis Ensure adherence to regulatory and compliance standards: ISO 27001, NIST, SOC 2, GDPR Support internal and external audits by preparing documentation and evidence Develop and maintain security policies, procedures, and technical documentation IAM & Access Controls Manage Identity and Access Management (IAM), including user provisioning, role-based access, MFA Enforce least privilege and zero-trust principles across all systems and environments Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field Minimum 3 years of hands-on experience in cybersecurity operations, security engineering, or threat analysis Proficient with SIEM, IDS/IPS, EDR, antivirus, and endpoint security platforms Solid understanding of network protocols, firewalls, routing, and segmentation Practical knowledge of security for cloud platforms (AWS, Azure, or GCP) Experience working with IAM, RBAC, MFA, VPNs, and secure access controls Strong documentation and reporting skills; ability to communicate technical issues clearly Preferred Skills & Tools: Familiarity with MITRE ATT&CK, CIS Controls, OWASP Top 10 Experience using tools such as Wireshark, Nmap, Nessus, CrowdStrike, Qualys Scripting or automation experience (e.g., PowerShell, Python, Bash) is a plus Familiarity with DevSecOps practices is desirable Preferred Certifications (Any): CEH Certified Ethical Hacker CompTIA Security+ CISSP Certified Information Systems Security Professional CISA, CISM, or other GIAC certifications Why Join Us: Opportunity to work in a security-first environment with global impact Collaborative, forward-thinking team culture Exposure to enterprise-grade cloud security architecture and compliance frameworks Career development.

Role Overview We are seeking a highly experienced CloudOps & InfoSecurity Lead/Manager to take ownership of our cloud infrastructure, security posture, and compliance initiatives. This role will be responsible for overseeing mission-critical CloudOps functions on AWS, leading InfoSec initiatives including VAPT, DR drills, and ISO27001/SOC 2 compliance, and ensuring smooth and secure technology operations across the organization. The role also involves liaising with Vendors to manage on prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc, This is a hands-on leadership role that requires deep expertise in AWS infrastructure, DevOps pipelines, security frameworks, and experience collaborating with engineering, operations, and compliance teams. Key Responsibilities Cloud Operations (AWS) Manage and maintain core AWS services including: EKS (Kubernetes), EC2, RDS, S3, CloudWatch, Glue, Kinesis Own and optimize DevOps pipelines built on GitLab CI/CD. Implement cost-optimized, secure, and highly available cloud architectures. Ensure system monitoring, alerting, scaling, and backup strategies are effective and well-documented. Manage Disaster Recovery (DR) environments and conduct periodic DR drills. Information Security & Compliance Lead Vulnerability Assessment & Penetration Testing (VAPT) cycles and remediation efforts. Drive and maintain ISO27001 and SOC2 compliance: Work with external auditors and internal teams to ensure readiness. Own documentation, policy updates, and evidence collection. Implement and monitor security controls, incident management protocols, and regular access audits. Prepare and share weekly/monthly infosec and infra reports with leadership. Platform & SaaS Administration Oversee GCP Workspace (formerly G Suite) including Gmail, Drive, user provisioning, storage planning, and backup policies. Ensure data retention and security across productivity tools. Team & Vendor Collaboration Work with external vendors (e.g., for security testing, DR hosting, cloud services), Infra services Collaborate with engineering and QA teams for security reviews and infrastructure needs. Support procurement and vendor evaluation for infra and security tooling. Manage Vendors who manage on-prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc and governance aspects related to regular reporting, auditing etc of IT infrastructure. Required Skills & Experience 8-10 years of experience in cloud infrastructure and information security domains. Proven expertise in AWS services like EKS, EC2, S3, CloudWatch, RDS, Kinesis, Glue, etc. Hands-on experience with DevOps pipelines (GitLab preferred). Strong understanding of infosec frameworks , compliance processes, and experience managing ISO27001 / SOC2 audits. Experience conducting and managing VAPT assessments and DR drills . Familiarity with Google Workspace (GCP) administration for email, storage, and access management. Strong communication and reporting skills with experience preparing stakeholder-ready documents. Experience managing or working with cross-functional teams and external vendors. Good to Have Certifications such as AWS Certified Solutions Architect , CISSP , CISM , or ISO27001 Lead Auditor . Exposure to container security , SAST/DAST tools , IAM best practices , and cloud cost optimization . Experience in a regulated domain such as Fintech/NBFC is a plus.

As a Technology Information Security Officer (TISO), your primary responsibility will be to ensure effective and efficient communication, coordination, and implementation of CISO IT Security requirements and decisions. You will play a crucial role in guiding the ITAO team. Your expertise will be instrumental in addressing security considerations related to cloud computing, such as data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss, and DoS attacks. Furthermore, you will be tasked with overseeing Identity and Access Management (IAM), which involves implementing a framework of security policies and technologies to restrict and monitor access to sensitive technology resources within the organization. Your familiarity with ISO27001 specifications and Control Objectives for Information and Related Technologies (COBIT) will be essential in defining and enforcing security policies and procedures that encompass legal, physical, and technical controls for managing organizational risks. In this role, you will be expected to align standards, frameworks, and security measures with the overarching business and technology strategies. It will be imperative for you to stay abreast of current and emerging security threats and devise solutions that strike a balance between business requirements and cybersecurity needs. Additionally, you will be responsible for training users on system implementation and conversion, ensuring that the IT Security strategy aligns with the CISO strategy, and translating this alignment into an operational plan for your area of responsibility. Your role will also involve integrating Chief Information Security Office initiatives, programs, and central solutions, ensuring compliance with security controls, and maintaining technical security documentation. You will act as an expert in DB Information Security Policies and procedures, manage IT audits, and collaborate with key stakeholders to address Information Technology Security risks effectively. For this position, we are seeking a candidate with 14-20 years of experience in security considerations related to cloud computing, IAM, VB.NET, Java/J2EE, ColdFusion, API/web services, scripting languages, RDBMS (e.g., MS SQL Server or Oracle), ISO27001, COBIT, and familiarity with Windows and UNIX environments. Your expertise in these areas will be vital for building and maintaining a secure IT environment and mitigating potential risks effectively.,

Control Testing in automated controls is must Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts

Key Responsibilities: Cybersecurity & SOC Operations: Monitor security alerts and events across IT and cloud infrastructure using SIEM tools. Investigate and respond to security incidents including phishing, malware, unauthorized access, etc. Develop and maintain incident response procedures and escalation protocols. Conduct threat intelligence and vulnerability assessments on-prem and in the cloud. Cloud Security: Implement and monitor cloud security best practices (AWS, Azure, GCP). Manage IAM (Identity and Access Management), encryption, security groups, and cloud firewall rules. Perform security assessments on cloud applications and infrastructure. Ensure compliance with shared responsibility models across different cloud service providers. GRC & Compliance: Develop, implement, and audit security policies based on frameworks like ISO 27001, NIST, SOC 2, and GDPR. Conduct risk assessments and internal audits to identify and address security gaps. Ensure cloud and on-prem infrastructure aligns with regulatory and client compliance requirements. IT Audits & Reporting: Prepare for and support external audits such as ISO 27001, SOC 2, and client-specific reviews. Document processes, create audit trails, and present risk mitigation plans. Maintain detailed records of audit findings and remediation actions. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. 2-5 years of experience in cybersecurity, cloud security, GRC, or IT audits. Working knowledge of major cloud platforms: AWS, Azure, or GCP. Experience with SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel) and endpoint security solutions. Understanding of cloud compliance standards: ISO 27017, CSA, CIS Benchmarks. Familiar with GRC platforms such as RSA Archer, ServiceNow GRC, etc. Strong documentation, reporting, and communication skills.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY- Technology Risk team, you'll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with members of the team. We're looking for a Manager to join the leadership group of our EY- Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities are to: - Evaluate a portfolio of controls for design effectiveness, operating effectiveness, and/or risk management outcomes, raising issues as appropriate. - Ensure that assigned control assessments are accurate, effective, abide by policy, procedures, and templates, and meet quality control requirements and are delivered on time, in accordance with the assessment plan. - Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management, ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies and Standards Assessment, and Software Development Lifecycle (SDLC); using experience and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. - Manage control owners and other stakeholders, ensuring the success of each assigned review, minimizing contention where possible and requesting support where deemed necessary. - Apply judgment and risk management concepts to identify, formulate findings, and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. - Review IT Policies and Standards and ensure that they are as per the different industry standard. - Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. - Stay current with and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Familiar with IT industry frameworks such as ISO27001, NIST, PCI-DSS, SOX, FDA, HIPAA: Privacy, HIPAA: Security, and HITECH Act. - Third-party reporting standards (particularly SSAE16), other reporting and industry-specific standards, and, if applicable, trust-based standards such as SysTrust and WebTrust. Skills and attributes for success: - Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental, and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. - Experience in conducting information security assessments including business continuity plan audits, network security audits, and infrastructure audits. - Perform NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. - Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. - Bring and utilize extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. - Understand EY and its service lines and actively assess what the firm can deliver to serve clients. To qualify for the role, you must have a Graduate (CS/IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with at least 6 years of experience. Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments, (b) NIST assessments, (c) Data privacy audits, (d) Network and Infrastructure audits, (e) Cyber Maturity Assessment, (f) IT Policies and Standards Assessment, (g) IAM and IT Asset Management, (h) IT Health Check. Ideally, you'll also have a robust understanding of program and project management practices and familiarity with a typical IT systems development life cycle. What we look for: A team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment. Opportunities to work with EY technology risk practices globally with leading businesses across a range of industries. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer support, coaching, and feedback from some of the most engaging colleagues around, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As an Information Security Analyst at Lionbridge, you will collaborate with the security and privacy team to establish and enhance information security and privacy management processes. Your responsibilities will involve working across various departments within the organization to conduct regular audits and reviews to ensure compliance with industry standards and regulations. You will oversee monthly and quarterly audits with business teams to assess security controls, ensuring they align with required standards, regulations, and customer specifications. Additionally, you will assist in gathering evidence for security compliance reviews and customer audits, while also contributing to the development of company-wide best practices based on audit outcomes. Proactively identifying and addressing information security risks within the organization will be a key aspect of your role. By utilizing the Lionbridge Risk Management Framework, you will evaluate events and processes for compliance with laws, regulations, and standards. Staying updated on emerging legislation and security technologies will also be essential in this position. To excel in this role, you should possess strong written and verbal communication skills in English, along with a basic understanding of internet technologies, operating systems, and networking concepts. A high level of motivation, attention to detail, and investigative skills are crucial attributes. A Bachelor's Degree in IT or a related field is required. While experience in Information Security Governance, Compliance, or Risk Management is preferred, it is not mandatory. Relevant security certifications such as ISO27001, CEH, and knowledge of industry trends and technologies are advantageous. In return, you can expect support from peers, access to cutting-edge technology, and leadership backing for your initiatives. Lionbridge is a global organization that empowers leading brands to expand their international reach and enhance customer engagement. If you are intrigued by the responsibilities and opportunities presented by this role, we encourage you to apply and be part of our dynamic team.,

As a Cyber Assurance Assistant Vice President (AVP) at Barclays in Pune, you will play a crucial role in partnering with the bank to provide independent assurance on control processes and offer advice on enhancements to ensure the efficiency and effectiveness of the bank's internal controls framework. Your responsibilities will include collaborating across the bank to maintain a robust control environment by conducting ad-hoc assessments and testing the design and operational effectiveness of internal controls aligned with the bank's policies and standards. You will develop detailed test plans and procedures to identify weaknesses in internal controls and other initiatives within the bank's control framework to mitigate potential risks and issues that could disrupt bank operations, lead to losses, or impact reputation. In this role, you will communicate key findings and observations to relevant stakeholders and business units to enhance overall control efficiency and provide corrective actions to senior managers. You will work closely with other control professionals to address complex issues and ensure consistent testing methodologies across the bank. Additionally, you will establish a knowledge center containing detailed documentation of control assessments, testing results, findings, and distribute material on internal controls to train and upskill colleagues within the bank. As an Assistant Vice President, you are expected to advise and influence decision making, contribute to policy development, and take responsibility for operational effectiveness. You will lead a team in performing complex tasks, set objectives, coach employees, appraise performance, and determine reward outcomes. If the position involves leadership responsibilities, you will demonstrate a clear set of leadership behaviors to create an environment for colleagues to excel. Your role may involve collaborating on assignments, guiding team members, identifying new directions for projects, and consulting on complex issues. You will identify ways to mitigate risks, develop new policies and procedures to support the control and governance agenda, and take ownership of managing risk and strengthening controls related to your work. Furthermore, you will engage in complex data analysis, communicate complex information effectively, and influence stakeholders to achieve desired outcomes. It is essential for all colleagues to uphold the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as demonstrate the Barclays Mindset of Empower, Challenge, and Drive in their behavior.,

As a Cloud Architect - AVP, you will be instrumental in defining and executing our AWS cloud strategy to ensure the effective deployment and administration of AWS cloud solutions. Your role will involve leading a team of AWS cloud engineers and architects, collaborating with diverse stakeholders, and utilizing your extensive expertise to promote AWS cloud adoption and innovation throughout the organization. Your primary responsibilities will include formulating and executing the company's AWS cloud strategy in alignment with business objectives, overseeing the design, architecture, and deployment of AWS cloud solutions with a focus on scalability, security, and reliability, collaborating with various teams to seamlessly integrate AWS services, evaluating and selecting appropriate AWS services and technologies, managing the migration of on-premises applications and infrastructure to AWS, establishing and enforcing AWS cloud governance, security policies, and best practices, providing technical leadership and guidance to the AWS cloud team to promote innovation and continuous enhancement, staying abreast of the latest AWS technologies and industry trends to incorporate relevant advancements into the AWS cloud strategy, and effectively communicating AWS cloud strategy, progress, and challenges to senior leadership and stakeholders. To qualify for this role, you should possess a Bachelor's or Master's degree in computer science, Information Technology, or a related field, along with a minimum of 15 years of IT experience, with at least 10 years dedicated to cloud architecture and implementation, particularly with AWS. Additionally, you should have experience with AWS cloud services SOC 2, ITIL, PCI-DSS, SAE16, ISO27001, Cobit, and/or HiTrust, cloud-native architectures, leading large-scale AWS cloud transformation projects, AWS cloud security, governance, and compliance, infrastructure as code (IaC) and automation tools such as AWS CloudFormation and Terraform, networking, storage, databases, and application development in AWS, exceptional problem-solving abilities, innovative design skills for AWS cloud solutions, strong leadership and communication capabilities, and a track record of managing and mentoring teams effectively. Preferred qualifications include being an AWS Certified Solutions Architect - Professional, experience with multi-cloud and hybrid cloud environments, familiarity with DevOps practices and tools like AWS CodePipeline and Jenkins, and knowledge of emerging technologies such as AI, ML, and IoT in relation to AWS cloud computing.,

Job Description: Azure AD & MS SQL Server Administrator Experience: 10 to 12 Years Location: Faridabad, Haryana, India Job Summary/Objective: Set up & Maintain Azure Hybrid Cloud Core Infrastructure Install, maintain & upgrade MS SQL Server Database on Azure Cloud in a Secure, HA & DR Environment Qualifications: BE/MCA 10th Standard, 12th standard & Graduation/Post Graduation marks should be 60% or more. Skills: Azure Cloud Administration Active Directory (AD), ADFS Administration Azure Devops CI/CD Pipelines Security setup Skill MS SQL Server Administration Window Server Administration, Proficient PowerShell Scripting /.NET Programming Knowledge of Project Management Documentation Artifacts for SDLC & Change Management Good Document writing Skill on Microsoft Excel & PowerPoint Preparation Programming Experience in .NETEnvironment (Nice to Have) Work Experinece on Azure Security Centre, Azure Defender, and Azure Sentinel (nice to Have) Experience on Hyper-V Admin, Backup Tools (Nice to Have) Work Experience in ISO27001/SOC2/GDPR Compliant Organization(Nice to Have) Certifications: Exam AZ-800: Administering Windows Server Hybrid Core Infrastructure Exam AZ-801: Configuring Windows Server Hybrid Advanced Services SC-300: Microsoft Identity and Access Administrator Microsoft Certified: Azure Database Administrator Associate (DP-300) MCDBA/Microsoft Certified IT Professional (MCITP) Database certification Experience: Relevant 8-10 Years Personal attributes: Good Communication skills specially written, Excel and PowerPoint Preparation Team Leader, Effectively articulation of ideas, convey information. Addresses customer inquiries or issues promptly & professionally. Clear and concise communication is essential for understanding requirements & expectations. Work Environment: 5 Days in-office working, Posting at Faridabad/Greater Noida, May have to travel Chennai & Overseas

Position Overview Job Title - Divisional Risk & Control Specialist CB, VP Location Mumbai, India Role Description CB Divisional CISO (D-CISO) Office The Divisional CISO has the ultimate responsibility for the operational aspects of ensuring compliance to Deutsche Banks Information Security Principles. The Divisional CISO Office supports the Div. CISO in this task. In this role the candidate will assist all of our business divisions by evaluating and mitigating information security risks in order to meet both audit and regulatory requirements. What Well Offer You As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Information Security Officer (ISO) The ISO is a manager aligned to an application (Application ISO) both together hereafter referred to as area of responsibility. The ISO has the responsibility for ensuring the compliance with the Group Information Security requirements in their area of responsibility. Key responsibilities comprise but not limited to: ISO: Understand and analyze business setting from an information security perspective Perform risk assessments on complex applications, vendors, processes and projects from an information security perspective Identify security gaps, evaluate options for remediation, define and implement check points and compensating controls. Provide sufficient information related to the business context, information sensitivity and nature of usage of an application, including identification and implementation of controls for identified Information Security risks in their area of responsibility To cooperate with the D-ISO / D-CISO to address requests for policy interpretation, guidance and advice, to ensure creation of divisional policies in accordance with the IS Policy Governance and to support policy authors by raising questions to the policy advisory team Present assessments results and options to the business and discuss steps for resolution. Initiate and track risk acceptance process if required. Analyze and redesign access management processes (request and approval). Define and implement Segregation of Duties rules (details outlined below) Identifying applications and roles which allow access to PSI and assess appropriateness of access controls. Review of roles and application role concepts. Support on inquiries from internal and External Audit, regulators and clients. Advisory and support projects on information security questions. Advisory vendor relationships. Interact with and educate the business on information security risks and controls and handling sensitive data. Assist in assessing and determining appropriate controls on unstructured data hosted on internal and external data rooms. Conduct information security awareness sessions for stakeholders in CB. Assist in designing and implementing control framework for third party applications. Analyze the root cause for delays or incorrect processing and propose sustainable solutions Generate MIS for multiple IS topics and to assist senior management identify risks Support the wider D-CISO office where required including any adhoc analysis and presentations The Segregation of Duties (SoD) Manager acts as the single point of contact for the Divisions or Functions or other stakeholders with regard to any SoD related questions or issues in their area of responsibility. Key responsibilities of the SoD Manager comprise: To design and implement SoD Rules (for applications) in close collaboration with the ISO as well as other SoD Managers or stakeholders who may be affected by these rules. This includes the regular review of these rules and any necessary amendments To assess and remediate any SoD violations detected within their area of responsibility by either revoking inappropriate access or ensuring adequate compensating controls or exception handling procedures To assess the impact of inappropriate access on business operations and identify if there are indications for improper use of this access To act as the single point of contact for the Divisions or Functions or other stakeholders with regard to any SoD related questions or issues in their area of responsibility Liaise and coordinate with Central SoD Governance team and attend SoD forums Special Projects support on ongoing remediation projects. Your Skills And Experience Skills Profile: Experience as IT and/or IS analyst ideally in a Corporate Banking environment Proficiency in Microsoft Office applications (Excel, PowerPoint, Word, etc.) Excellent communication skills in English (verbal and written) with ability to articulate / engage with Senior management stakeholders (a must) Strong analytical skills and ability to transform complex issues into efficient solutions Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs Management Skills: Strong operational and people management skills, including the ability to operate within a diverse team. Excellent partnering skills and stakeholder management. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with business and management teams and with other control functions. Comprehensive management / leadership skills, including the ability to motivate teams through demonstrable commitment to CB and DBs success. Experience/qualifications: Good university graduate or post-graduate degree with Information Security, Risk Management and Governance Prior experience in a risk environment (e.g. in BISO, ORM, Audit, Data Privacy) Good understanding of major business and operational risk processes. Certifications such as ISO27001-LA/LI, CISM, CISSP etc. Experience in banking industry with a strong sense of accountability and integrity Advanced presentation/interactive skills sufficient to convey complex conceptual information/ideas on issues requiring interpretation and opinion. Desire to work in a fast paced, challenging multi-cultural environment and with ability to work in a global team Self-motivated, critical thinking and good understanding of major business and risk processes How Well Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.,

KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Role detail 4 to 8 years of experience in vendor/ supplier/ third party risk assessment Expertise in IT internal audit, Information Security/cybersecurity, IT SOX, Third Part Risk Assessment Reporting e.g., SOC1, SOC 2. Relevant expertise on CSA STAR requirements, ISO control, NIST Standards, PCI DSS and GDPR requirements. Experience in performing control testing, IT / infosec risk assessments. Knowledge of technical domains such as cloud security and application security. Certification: CISA, CISSP, CEH, ISO, PCI DSS, NIST.

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

Open Source COE Security Architect This role has been designed as Onsite with an expectation that you will primarily work from an HPE partner/customer office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: HPE Operations is our innovative IT services organization. It provides the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. Our teams collaborate to transform insight into innovation. In today’s fast paced, hybrid IT world, being at business speed means overcoming IT complexity to match the speed of actions to the speed of opportunities. Deploy the right technology to respond quickly to market possibilities. Join us and redefine what’s next for you. What you will do: Expert in IT/Cyber Security field. Should be CISSP/CISM/CCSP and CCSK and ISO27001 Certification are desired. Should have good knowledge of security assessment against different global Frameworks like NIST, MITRE and cloud security alliance etc. Should have good understanding of Compliance and regulatory requirements. Working with information security and DevSecOps teams in a CI/CD environment as well as comprehensive understanding of cloud security systems. Programming experience in C/C++, Python, JavaScript, Bash & PowerShell Scripting is desired. Hands-on expertise, Linux, Kernel, threads, processes, API etc. is desired. Provide Security Vision & Strategy to the Organization, strategic direction, development, and implementation of information security programs and projects to address risks relevant to the attainment of organizational strategic security goals based on open source tool/framework. Experience in advising leadership team regarding evolving of open source Security Technology landscape, product issues, security mitigations for identified risks and possible improvements Expertise in providing executive roadmaps for continual improvement in teams, technology, and processes, process across various security & DevSecOps teams based on open source tool/framework. Experienced in Information Security Risk Management, gap analysis, Audits. Hands-on Experience in formulating Cyber Security Policies, design and implementation of Security Technologies, DevSecOps. Working Knowledge in implementation of Cyber Security Solution in Open Source, Open Stack environment. Ability to provide strategies to increase the ability to withstand cyber-attacks, as measured by annual sophisticated attack simulations. Experience in upgrading, troubleshooting and tuning of Cyber Security Solutions. Thorough understanding and good knowledge of latest Cyber Security technologies, security Architectures, vulnerabilities, security threats. Ability to setup PoC for latest open source security solutions. Good understanding of Open-Source Technologies, Cloud security technologies. What you need to bring: BE/B.Tech with 10+ years of experience in the IT industry and 6+ years of experience in Information Security / Cyber Security field. Expert-level knowledge in the IT/Cyber Security field, with a thorough understanding of the latest security technologies, architectures, vulnerabilities, and threats. Desired certifications include CISSP, CISM, CCSP, CCSK, or ISO 27001. Strong knowledge of global security assessment frameworks like NIST, MITRE, and the Cloud Security Alliance (CSA). A deep understanding of compliance and various industry regulatory requirements. Proven experience in developing security vision, strategy, and executive roadmaps for an organization based on open-source tools. Hands-on experience in Information Security Risk Management, conducting gap analysis, managing audits, and formulating Cyber Security Policies. Comprehensive understanding of cloud security systems and working with DevSecOps teams in a CI/CD environment. Working knowledge of implementing, upgrading, troubleshooting, and tuning Cyber Security Solutions, particularly in Open Source and OpenStack environments. Desired programming and scripting experience in C/C++, Python, JavaScript, Bash, and PowerShell. Hands-on expertise with the Linux operating system, including its Kernel, threads, processes, and APIs. Experience advising leadership teams regarding the evolving security landscape, product issues, and risk mitigation strategies. Ability to provide strategies to withstand sophisticated cyber-attacks and experience with annual attack simulations. Proven ability to set up Proof of Concepts (PoCs) for new and emerging open-source security solutions. Additional Skills: Accountability, Accountability, Active Learning (Inactive), Active Listening, Bias, Business Growth, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Customer Relationship Management (CRM), Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more} What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #operations Job: Services Job Level: TCP_04 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Roles and Responsibilities Ensure compliance with ISO 27001 standards by implementing and maintaining an Information Security Management System (ISMS). Conduct IT audits to identify vulnerabilities and provide recommendations for improvement. Develop and implement policies, procedures, and controls to ensure data privacy and protection. Collaborate with cross-functional teams to integrate security into business operations. Provide training on ISMS best practices to employees. Desired Candidate Profile 6-11 years of experience in IT Compliance or related field. B.Tech/B.E. degree in Any Specialization. Strong knowledge of SOC, SOX, IT Audit, ISO27001 standards.

6 months Contract Work Location: Remote Description of Duties: Prepare and maintain all mandatory documentation for SOC 2 (Type 1 or Type 2) and ISO 27001 compliance, ensuring everything is audit ready.

DWS Group operates in a business environment with an almost complete dependence on information, which is processed and transmitted by information systems and interconnected computer networks and stored physically and electronically. Information security risk and threat landscape are dynamic and requirements for security are constantly growing. It is essential for DWS that confidentiality, integrity (authenticity) and availability of information are protected, and risk is managed according to DWS Risk Appetite and in accordance with legal and regulatory requirements. The role of the DWS Information Security Officer (ISO) is aligned to the DWS COO divisional unit and will report into the Divisional Information Security Officer (D-ISO). DWS ISO assumes ownership for the assigned IT Assets from an information security (IS) perspective. Your Key responsibilities To assume ownership and responsibility for assigned IT assets, in line with the Group Information Security management processes and the DWS ISMS To execute IS Risk assessments and compliance evaluations for assigned IT assets To assign accurate information classification to assigned IT assets based on confidentiality of Information To maintain the Information Security related documentation of assigned IT assets in the Groups asset inventory To establish a good working relationship with Business Application Owners (BAO) and other Subject Matter Experts (SME) of the divisions and functions of the assigned assets and develop profound knowledge of the supported processes and data To support key role holders such as ITAOs and TISOs to develop a secure environment by evaluating the Information Security requirements as early as possible in the system development life cycle to select the applicable Information Security Controls for implementation To give guidance to ITAOs and TISOs on the implementation of compensating Controls in case of deviations from the applicable Information Security Controls To execute and document periodical recertification of user access rights in their area of responsibility in compliance with the Groups identity and access processes To support implementation of Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach To deliver all items requested during regulatory and internal Information Security related audits To remain fully trained and skilled by completing the required Information Security trainings provided by CSO or as requested by the Divisional CISO or the Divisional ISO. Your skills and experience Essential Candidate should have proven experience of working in Information Security and/ or Information Technology, ideally in a regulated financial institute Strong communication (written and verbal) skills with the ability to effectively communicate with different stakeholders within IT and business functions with excellent command of the English language. Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within a financial organization Positive attitude and a team player Proactive and ability to work independently in a global team Open to learn, adapt and work with new technologies Outstanding problem solving, analytical and project management skills Proficiency with Microsoft Office programs Fluent English and communication skills Education / Certification Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security General understanding of current security industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, OWASP

Identifying, assessing, and mitigating potential risks across various areas of the organization, including IT security, business processes, and regulatory compliance. Developing, implementing, and maintaining GRC programs and processes to support compliance and risk management efforts. Assisting with internal and external audits, responding to audit findings, and ensuring corrective actions are implemented. User Access review Creating and maintaining policies and procedures related to governance, risk, and compliance. Conducting gap analysis and implementing frameworks and standards such as ISO 27001, GDPR, NIST, and SOX. Developing and revising policies, standards, processes, and guidelines for the organization. Conducting vendor risk assessments against organizational security requirements. Continually testing and monitoring the effectiveness of security controls. Conducting research to aid threat assessment or risk mitigation activities. Assist the department in responding to inquiries from the business units about ongoing operational compliance Working with various teams and departments to ensure GRC practices are integrated into business operations. Required Skills and Qualifications: Technical Skills & Experience: 5+ years of direct experience in information security, with a main emphasis on risk and compliance 3+ years of expertise conducting ISO 27001 and SOC 2 audits, as well as handling audit responses Thorough understanding of market structures, including relevant regulatory compliance requirements (ISO27001, SOC 2 , NIST, PCI, GDPR, etc.) Preferred Certification : CISA Knowledge of identity management standards, storage, and disaster recovery in the cloud and On-Premise Knowledge of GRC tool techniques and best practices Proven track record of organizing and carrying out several risk and compliance projects Ability to successfully manage third-party audits, compile evidence, and organize audit responses Effective written communication skills to develop & maintain the policies and procedures; the capability to communicate with cross-functional teams. Proven analytical and problem-solving abilities for managing initiatives that advance corporate goals Education Bachelors degree in computer science, information systems, or Cybersecurity

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills. Specially for Managers Experience of writing proposal and responding to RFP’s Handling team of 4-5 people Profiles from consulting background to be preferred.

Years of experience : 5- 10 years Team management experience mandatory Bachelors degree in Computer Science, Information Technology, or a related field. Immediate to 30 days notice Key Responsibilities: Lead and manage the end-to-end ISO27001 certification process. • Develop and implement information security policies, procedures, and controls. • Conduct internal audits and coordinate external audits for ISO27001 and SOX compliance. Support and guide the organization through SOX readiness and ongoing compliance. Perform risk assessments and security gap analyses; recommend corrective actions. • Collaborate with cross-functional teams to enforce security and compliance practices. • Maintain documentation and evidence required for audits and certifications. • Administer IT systems including identity and access management, system configurations, and patch management. • Provide Azure administration support, including resource provisioning, security configurations, and monitoring. • Offer guidance and training to internal teams on security and compliance best practices. Technical Skills Required: Deep knowledge of ISO/IEC 27001 standards and implementation methodology. • Experience with SOX compliance controls and audit processes. • Strong understanding of information security principles and risk management. • Hands-on experience with Azure administration and Microsoft 365 security features. • Familiarity with ITIL practices and IT operational controls. • Experience in vulnerability management, endpoint protection, and incident response. • Proficiency in preparing and maintaining compliance documentation Qualifications: • Bachelor’s degree in Computer Science, Information Technology, or a related field. • ISO27001 Lead Implementer or Auditor certification is highly desirable . • Azure Administrator certification (e.g., AZ-104) preferred. • Minimum 5 years of experience in IT security, compliance, or IT administration. Strong written and verbal communication skills. • Ability to work independently and manage multiple priorities in a fast-paced environment.