5 It Risks Jobs

The Software Developer, DevSecOps team member is expected to have a thorough understanding of complex IT systems, embedded devices, applications, and cloud systems. You are required to stay up to date with the latest security standards, systems, authentication protocols, best practices, and emerging technologies. The ideal candidate will possess knowledge of industry security frameworks such as OWASP SAMM and have strong communication skills. Your responsibilities will include detecting product and application security threats, identifying areas of weakness for improvement, and supporting global and regional engineering groups. You will primarily work at Skyone Park, Pune, INDIA office, operating under the guidance of the global security team. It is expected that you will utilize your knowledge and experience to enhance internal secure processes and procedures. In addition to anticipating security threats and weaknesses, you will act as a Security Engineer, supporting daily development and operational activities. You will also assist in building tools and processes for business and engineering teams, utilizing software development skills, and coding practices such as OOPS. Furthermore, you will manage code through DevOps and CI/CD pipelines, ensuring thorough Gitlab usage, maintenance, and support for internal security team efforts. As a Software Developer, DevSecOps team member, you must serve as the primary contact for regional engineering teams, enforcing secure best practices and processes. Your role will involve following internal product security program and vulnerability management processes diligently, mentoring junior team members, and providing regional and global support. Requirements for this position include a bachelor's degree in information technology, Computer Science, or a related Engineering field, along with 4 to 7 years of relevant experience in Software Development, Coding, DevOps, and CI/CD. Additional qualifications like CISSP certification or CEH are ideal, and you should have a good understanding of Software Development environments and IT risks. You must possess excellent communication skills, business acumen, technical documentation abilities, and leadership qualities. Your role will involve establishing partnerships, influencing change, and achieving results within a dynamic environment. Preferred knowledge and experience include software development in various applications, embedded systems, web-based applications, and familiarity with Linux kernel, networking stack, and security features. You should have experience with source code management tools, operating system configurations, and low-level development and analysis tools. This position does not offer sponsorship for work authorization, and only those legally authorized to work in the United States will be considered. Individuals requiring sponsorship or holding temporary visas are not eligible for hire. Vertiv is an Equal Opportunity Employer, committed to promoting diversity and inclusion in the workplace.,

Expert in IAM (Identity & Access Management) SAP authorization (role and user management) and Governance Risk and compliance (both functional and technical) Broad and deep knowledge and experience with relevant technology platforms and multiple systems: CFIN (Fiori application authorization), BI, SRM, Treasury, ERPs, GRC Access Control and their specificities. SAP HANA and Cloud authorization knowledge a plus. Experience with CSI a plus. Ability to read and to resolve segregation of duties conflicts. Strong understanding of Business risks and IT risks related to authorization.

As a global leader in assurance, tax, transaction and advisory services, EY is dedicated to hiring and nurturing passionate individuals to contribute towards building a better working world. We prioritize establishing a culture that emphasizes on providing you with the necessary training, opportunities, and creative freedom to grow. At EY, we are not only interested in who you are at present but also in who you aspire to be. We firmly believe that your career is yours to shape, offering limitless potential, along with motivating and enriching experiences throughout your professional journey to support you in becoming the best version of yourself. The role of SAP GRC - Senior Manager / Manager / Senior Consultant at EY Consulting under CNS - Risk - Risk Management in PAN India presents an exciting opportunity to shape businesses for a better working world by leveraging the power of people, technology, and innovation. Our client-centric approach is centered around delivering long-term value by addressing the most critical challenges faced by our clients. EY Consulting comprises three key sub-service lines: Business Consulting (encompassing Performance Improvement and Risk Consulting), Technology Consulting, and People Advisory Services. In this role, you will be assisting clients in identifying and managing both upside and downside risks to enable informed decision-making that aligns with their long-term business strategy and objectives. The focus areas include Enterprise Risk, Technology Risk, and Financial Services Risk, each aimed at enhancing business resilience and growth while ensuring compliance and control. Some key responsibilities for this role include: - Demonstrating a strong understanding of Authorization management, Role design, and Build experience in SAP - Contributing to or independently creating authorization matrix for various SAP solutions such as SAP ECC, S4 HANA, SAP BW, FIORI, and other solutions in the SAP portfolio - Developing and building role matrix in alignment with business requirements, compliance/SOX requirements, and security standards - Troubleshooting authorization issues related to various SAP solutions and analyzing SAP Security-related tables and reports - Knowledge of Segregation of Duties risks and implementation of SOD free roles - Gathering requirements for role design and build, SOD review, and understanding IT risks and functional risk - Developing test cases, performing unit testing, and providing client demos To qualify for this role, you must possess: - Qualifications: Qualified CA or B.Tech or master's degree in Science, Arts, Business, Accounting, Finance, or related discipline - Experience: 5-8 years for Senior Consultant, 8-12 years for Manager, 12-15 years for Senior Manager EY is seeking individuals who can collaborate effectively across multiple client departments, adhere to commercial and legal requirements, and demonstrate a practical approach to problem-solving. We value agility, curiosity, mindfulness, positive energy, adaptability, and creativity in our team members. EY is committed to creating an inclusive work environment that enables our employees to deliver exceptional client service while focusing on their career development and well-being. If you believe you meet the criteria mentioned above, we encourage you to apply and be a part of building a better working world with us at EY.,

The position you are applying for aims to ensure the continuity of the overall Advanced Metering Infrastructure (AMI) deployment and Operations & Maintenance (O&M) in accordance with the contract requirements. Your role will involve safeguarding all information assets and systems under the AMI project, identifying vulnerabilities that could impact availability, integrity, and confidentiality, and implementing necessary controls as per Utility / Apraava Energy Information Security Policies (based on ISO 27001 & CEA framework). Furthermore, you will be responsible for reviewing cyber security measures during the implementation of AMI projects and promoting end user engagement to enhance cyber security awareness. Your key responsibilities in this role will include: - Implementing Cyber Security initiatives and managing IT Risks & Compliance - Providing training and development for yourself and end users - Ensuring proper reporting and documentation of cyber security measures - Conducting audits and ensuring compliance with relevant regulations To qualify for this position, you should have: - A Bachelor's degree in IT/Computer/Electronics/Electrical (B. Tech./ B.E.) - Certification in cyber security Ideally, you should possess 3-5 years of experience as a Cybersecurity Analyst, preferably in the Power industry.,

The Enterprise Security Engineer plays a critical role in ensuring the security of software products, collaborating with development teams, and implementing best practices to protect against threats. Designing and implementing tools to automate security processes is a key responsibility. The role necessitates excellent communication and organizational leadership abilities. Understanding network security architecture and its development is crucial. Knowledge of wireless security, including routers, switches, and VLAN security, is essential. Familiarity with DNS security principles such as routing, authentication, VPN, proxy services, and DDOS mitigation technology is also important. As an Enterprise Security Engineer, you must stay informed about the latest security standards, recent security systems, and authentication protocols. Ensuring that all employees adhere to corporate security policies and procedures is necessary for a seamless workflow. You will be responsible for establishing standards for various IT assets like routers, firewalls, LANs, WANs, VPNs, and other network devices, evaluating their effectiveness and efficiency. Enhancing the security team's accomplishments and competencies by planning solution deliveries and addressing technical queries is part of your role. Planning, researching, and designing security architecture for IT systems, as well as reviewing and approving installation requirements for various network devices, are important tasks. You will need to determine security protocols based on business strategies and requirements, respond to security incidents, conduct post-event analyses, and develop project timelines for system upgrades. To qualify for this role, you need an Engineering degree in Computer Science, Network Security, or a related field, along with a CISSP (Certified Information Systems Security Professional) certification. In-depth knowledge of firewalls, intrusion detection and prevention systems (IDS/IPS), network access controls, and network segmentation is required. Proficiency in Windows, Linux, and MacOS environments, familiarity with ISO 27001/27002, COBIT, and ITIL frameworks, and the ability to conduct thorough third-party audits and assessments are also necessary. Experience in cloud risk assessment methodologies, IT risk, cybersecurity, operating systems, security protocols, cryptography, and general security practices will be beneficial for this role.,