341 It Security Jobs - Page 2

Position Lead : Summary of Role: Archer IRM Lead with experience to configure and develop solutions on the Archer IRM platform and extend the capabilities of existing RSA Archer use cases Will be responsible for the Leading/Guiding and configuration of use cases supporting the development of GRC requirements in a dynamic environment. Follow organizations implementation methodology Implement best in class solutions including out of the box configuration, custom development, integrations and identify opportunities for future needs. Role Responsibilities: Understand the business requirement and provide solution Contributes to the development and achievement of organizational goals and objectives. Develop new RSA Archer use cases and extend the capabilities of existing RSA Archer use cases Create supporting documentation for new product offerings Interact with stakeholders in teams outside of Engineering Participate and Contribute in design sessions Understands and adheres to cost/delivery/quality targets established during each phase in SDLC. Experience and skills required GRC / IRM Domain Knowledge Experience in GRC / IRM solution implementation Ability to clearly articulate the customer requirements and transform those to Engineering requirements Ability to drive the project and deliver with high quality and predictability Cross functional team interactions and collaboration Java Script / API Integration skills Programming skills (any language) and Exposure to DB 10+ year s experience with Archer IRM across all use cases, including Archer Engage, Engage for Vendor, Third Party Risk Management, ESG Management, Enterprise and Operational Risk Management, IT Security Risk Management, Compliance, Audit, Governance, etc.

Req ID: 328728 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Tech Solns. Arch. Specialist Advisor to join our team in Bangalore, Karn taka (IN-KA), India (IN). EDUCATION: (Minimum educations & certifications required) Bachelor s degree or equivalent business experience is required. Security certification is desirable. Experience with securing enterprise-wide applications and databases required. Good to have Azure Security Engineer Certificate or Azure Administrator level of certification or equivalent. EXPERIENCE: (Years of experience) Eight to Nine years of experience in IT and min five years in Information Security with a broad range of exposure of IAM tools specifically in Azure AD/Entra ID and Azure AD B2C tools. Demonstrated competency in developing effective security solutions to diverse and complex business problems in a cross-functional environment. Has successfully developed and implemented new security technologies. Working knowledge of security controls in multiplatform environments . SKILL REQUIREMENTS: (Include interpersonal skills) Requires a strong working knowledge of security controls of web and database application environments. Requires an understanding of the role of information security within business. Requires strong team-oriented interpersonal skills; ability to effectively interface with a wide variety of people. Effectiveness in all aspects of the core business skills including analysis, communication, writing and negotiations. Requires the ability to effectively communicate with staff, management, project teams, IS department and various software vendors. Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a high-pressure environment. Good written, oral, and interpersonal communication skills. Ability to conduct research into IT security issues and products as required. Ability to present ideas in business-friendly and user-friendly language. Highly self motivated and directed. Keen attention to detail. Team-oriented and skilled in working within a collaborative environment. The employee must understand many complex technological subjects and be able to communicate effectively with others regarding these subjects.

•knowledge of LAN/WAN, routers, switches, firewalls •End to-end IT security operations including endpoint security, VAPTand compliance •SAP technical coordination, system performance optimization •Windows/Linux and virtualization platforms management

Core Responsibilities Assist with technical control design, implementation and monitoring, support incident responses and assist with providing root cause analysis support for incidents. Monitor for attacks, intrusions, and un-usual, unauthorised or illegal activities when the Security Analysts are finding the instance challenging. Keep an eye on the alerts from systems including SEIM solutions and vulnerability monitoring services and check if the Analysts are able to handle the flow appropriately, if not then jump in and investigate if there are any abnormality in the inflow. Monitor identity and access management, including monitoring for abuse of permissions by authorised systems users if the stats are fluctuating or when you see a spike in the alerts. Assist with Information Security Reporting and metrics, providing input into improving information security reporting and metrics. Identify/recommend improvements on internal investigation capabilities via tool and process building/automation. Provide support to recovering from security breaches; participate in investigation and remediation of security incidents, which may include working as part of a team Assist in perform deep-dive incident analysis, determining if critical systems or data sets has been impacted. Assist with the definition and configuration of compliance policies for security technologies. Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases. Support the incident response of minor incidents by advising on remediation actions, escalating major incidents to the designated parties. Recording lessons learnt whilst supporting on improving existing processes and procedures. Providing support of new analytic methods for detecting threats. Continuously seeking to identify potential service and process improvements. Participate in the implementation of technologies and platforms supporting the corporate infrastructure. Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility. Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility. Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations. Monitoring technical controls that are in place Addressing quires raised by the Security Analysts during investigation or other BAU. Assist Security Analysts in decision making and help in setting up standards. Will be responsible to suggest new fine tunings in the environment to the vendor or to the technical counterparts. Process review and upgradation recommendation when required. Setting up simplified and effective steps in BAU that in turn improves the quality of the work Implementation of new process based on business requirements and communicating the same with the team Team building and team management activities will be one of the key responsibility.

About Us: Paytm Money is a leading digital investment platform dedicated to providing secure and innovative financial solutions to our users. We prioritize the protection of our customers' data and assets through robust security practices. Role Overview: We are seeking an experienced Information Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. 1.Should take care of Infosec functions by coordinating with various stakeholders 2.Drive VAPT activity end to end 3.Attend all cyber security compliance directions issued from time to time by the regulator 4.Coordination with SOC & CISO team to follow up the incidents till closure 5.Follow escalation matrix for delayed issues 6.Assist in Internal and External Audits (Regulatory) and work towards closure of observations if any 7. Prepare and review new/existing policies, procedures 8. Should possess technical skills and knowledge to handle/manage security solutions if required 9. Exposure to Cloud Environment 10. Knowledge of Application Security is a plus. Qualifications: * Experience: 7+ years of experience in information security or related fields, with a proven track record in managing security programs. * Technical Skills: Strong understanding of security frameworks, tools, and technologies, including firewalls, intrusion detection systems, and encryption. * Certifications: Relevant security certifications such as CISSP, CISM, or equivalent are highly desirable. * Analytical Skills: Excellent analytical and problem-solving skills to assess complex security issues and develop effective solutions. * Communication: Strong communication skills to effectively convey security concepts and collaborate with cross-functional teams. * Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred. What We Offer: A dynamic and innovative work environment. Opportunity to make a significant impact on the security landscape of a leading fintech platform. Competitive salary and comprehensive benefits package.

What is the Role? As an ITGC Testing Advisor, you will support management in assessing the IT control environment. You will identify and report control weaknesses, track remediation action plans, and monitor the quality of remediation efforts. More specifically, your role will include: Quality Review : Review ITGC and ITC testing for quality, completeness and correctness of outcome. ITGC Testing : Conduct testing of IT General Controls (ITGCs) to ensure compliance and effectiveness. ITC Testing : Perform testing of IT Components (ITCs) to validate data integrity and accuracy. Not Effective Discussions : Support testers in conversation with Line 1 to align on the decision. Test Scripts : Developing and executing test scripts, documenting test procedures, and evaluating results to identify control gaps. Documentation : Maintain detailed documentation of testing procedures, findings, and recommendations. Reporting : Ensure adherence to the approved assurance plan and provide regular updates on progress. Issue Management : Review quality of remediation and documentation of the same before issue closure. Collaboration : Work with the offshore testing team to assess the design and effectiveness of IT controls. Stakeholder Communication : Communicate effectively with stakeholders to ensure understanding and alignment with assurance processes and risk management strategies. Tool Management : Oversee tools and reports used by the team and stakeholders, ensuring accuracy and updates based on business needs. What We Need from You? Experience: IT Audit Expertise : 5+ years of experience in IT audits or ITGC testing. Education: Academic Background : Bachelors Degree in Technology is highly desirable. Certifications : Preferred certifications include those in IT security and Risk Management. Technical Skills: IT Audit and Risk Management : Good knowledge of IT audit processes, risk management, and control testing. Security Standards : Familiarity with internal and external IT security standards such as ISO 27001 and COBIT. Certifications : Relevant certifications like ISO 27001, CISA, CISM, CRISC is desired. Information Risk Management : Strong understanding of information risk management and associated processes. Application Proficiency : Experience with widely used applications such as SAP, Power Platform, and Cloud technologies is desirable. Continuous Improvement : A mindset geared towards continuous improvement and project management experience. Soft Skills: Leadership : Demonstrated ability to deliver through others, is essential. Team Collaboration : Highly motivated team player who volunteers support and collaborates effectively. Proactive Problem-Solving : Skilled in identifying potential challenges and proposing effective solutions. Learner Mindset : Demonstrates professional curiosity and a strong desire to learn. Prioritization : Capable of managing multiple tasks simultaneously with strong prioritization skills. Interpersonal Communication : Strong communication skills, with the ability to build strong relationships with stakeholders. Work Schedule: Mid-Shift : Working hrs will be IST 12 noon to 9 pm. Shift allowance will be eligible per organization policy.

Department: Technology Vertical: Information & Cybersecurity Designation: Information & Cybersecurity Intern Type: Paid Internship Duration: 3- 6 months Position Overview: We are seeking a highly motivated Information & Cybersecurity Intern to join our team and gain practical experience in the field of cybersecurity. This internship offers an excellent opportunity to learn from experienced professionals and contribute to projects that are critical to our organization's security posture. Key Responsibilities: Assist with Security Monitoring: Monitor and analyse security logs and alerts from tools such as SIEM, EDR (Endpoint Detection and Response), and DLP (Data Loss Prevention) systems to identify potential threats and vulnerabilities within the organizations network and systems. Support Incident Response: Assist in incident response activities, including analysis of security incidents, coordination with stakeholders, documentation, and participation in post-incident reviews. Security Awareness Training: Contribute to developing and delivering security awareness training materials to educate employees on best practices for safeguarding company information, including responsible use of AD (Active Directory), endpoint security, and mobile devices. Vulnerability Management: Assist in performing vulnerability scans, analysing findings, and supporting remediation efforts using various tools and processes to secure systems, applications, and infrastructure. Participate in Security Projects: Contribute to ongoing security projects such as implementing DLP policies, configuring EDR solutions, deploying MDM (Mobile Device Management) for secure mobile access, managing access controls in Active Directory, and supporting risk assessments and governance initiatives. Documentation and Reporting: Help maintain accurate security documentation, compile reports on security metrics, and support compliance and audit-related activities related to AD, DLP, EDR, and MDM toolsets. Qualifications: Currently pursuing a degree in Information Security, Cybersecurity, Computer Science, or a related field. Understanding of cybersecurity fundamentals such as network security, cryptography, and secure software development practices. Familiarity with security tools and technologies such as SIEM, IDS/IPS, vulnerability scanners, EDR, DLP, Active Directory, and MDM platforms. Strong analytical and problem-solving skills with a keen attention to detail. Excellent written and verbal communication skills. Ability to work well in a team and collaborate with colleagues from diverse technical backgrounds. A passion for cybersecurity and a willingness to learn and adapt in a dynamic environment. Benefits of the Internship: Hands-on experience in a professional cybersecurity environment. Exposure to a wide range of security technologies and practices, including AD, EDR, DLP, and MDM. Mentorship and guidance from experienced cybersecurity professionals. Opportunity to contribute to real-world cybersecurity initiatives and projects. Potential for long-term career growth and development within the organization. Join us in our mission to protect and secure our organizations information assets while gaining invaluable experience in the ever-evolving field of cybersecurity.

Vulnerability Assessment & Penetration Testing & configuration review for network, web app, mobile app & thick-client app Configuration reviews for OS ,DB, Firewall, routers, Switches Prepare Threat Intelligence reports Cyber-attack simulations Required Candidate profile Vulnerability Assessment Penetration Testing (PT) Web App Security Knowledge of security assessment tools e.g, Nessus, Acunetix, Appscan, nmap, etc Knowledge of OS -Linux/ UNIX Perks and benefits +++ 10% Perf Bonus + Mediclaim + 30% Company Bonus

Job Head IT \u2013 Regional Operations Responsible for IT Operations of Eastern region Minimum Experience 8 to 10 years Responsible for Regional Office/ Area Office, Retail Outlets, Ware House IT-Systems. WAN Connectivity with Corporate, Area Offices and Factories. Co-ordinate with Regional Business Head, Regional Business Managers of various divisions, Commercial Manager, HOD\u2019s for IT-requirements at Region. Responsible for ensuring IT Systems are implemented for New Retail Outlets. Plan and execute hardware replacement at existing Retail outlets. Play key role in Software roll-out for the Retail Stores in the Region. Co-ordinate with Vendors, Partners for implementation of Software, physical stock verification of IT assets, e-waste disposal at the Region. Co-ordinate for IT-budget for the Region and manage the IT assets including software, equipment maintenance, external service and license renewals pertaining to the region. Manage the Regional Server, connectivity, HDVC etc. at Regional Office. Manage the Regional-IT team of 2-3 members. Ensure IT security Ensure Software license Project Management POC (Proof Of Concept) & new technology for reducing cost Work Experience B.E in IT, or MCA or M.Sc IT or Degree with Post Graduate Diploma in Computer Science/GNIIT or any other recognized qualification on Computer applications Able to manage IT-Network, understand Retail Software developments, Software licenses, IT-asset management. With minimum of 5-6 years of work experience in IT in FMCG/Retail set up A sound understanding of retail business drivers and updated on Retail IT \u2013 technologies. Team Player and good in verbal and written communication Minimum 3 Yr. Managerial Experience handling team Infrastructure Domain Willing to work with extended hours for closing the critical calls. An ability to learn new technologies quickly Strong documentation skills

Whats the role As a Cyber Threat Prevention Advisor in the CyberDefence SecOps team, you'll join the Vulnerability team to manage and oversee vulnerability processes, ensuring they are trackable and measurable with robust tool support. Your team will lead the implementation of these processes within ServiceNow Security Operations (SecOps), establishing standard workflows and integrating them with IT service management processes executed by Line of Defence 1 within IRM. This role leverages market-standard tools and practices to streamline the architecture by reducing dependency on Collective. What youll be doing Asset Discovery: Set-up and lead adequate discovery of new Shell IT assets in Shell's legacy IT network, RES & Portfolio companies, Cloud environments and PCD and Retail environments. Ensure visibility in new areas such as Internet of Things and Cloud and investigate possibilities to keep track of IT assets. Automated Vulnerability Scanning: Maintain a portfolio of tools for automated vulnerability scanning with a focus on Business-Critical systems and systems that are available from the public Internet. Set-up regular scanning and make results available for further analytics in IRM investigation platform. Take appropriate action on vulnerabilities where required. Security Posture Reporting: Use the results from asset discovery, vulnerability scanning, penetration testing and attack simulation to provide an overview of vulnerabilities in Shell IT landscapes for different stakeholders including IRM LT and IDSO LT. Create specific reports for Business, Business Critical applications, IDSO service lines, External perimeters etc. Act as a Subject Matter Expert on implications of a vulnerability in an IT system and establishing the priority of applying security patches. Help creating prioritized overviews of Cyber vulnerabilities and putting these in a context of IT services and Business applications. Take mitigating actions coming out of identified threats or vulnerabilities either directly by the team or agree the actions with other parties in Shell. What you bring Bachelors degree in Computer Science, Information Technology, or related field 5-8 years of total experience in IT Security including at least 3-4 years of experience in Vulnerability Assessment Proficient in analysing network traffic using tools such as tcpdump or wireshark Strong experience in using open-source scanning tools such as nmap, nessus, metasploit and/or commercial tools such as Rapid7 or Qualys Knowledge in integrating Vulnerability Management into modern CI/CD Pipelines with 'shift-left' strategy Understanding of Network Security, Cloud Security, Endpoint Security, Application Security Understanding Cyber Threat Landscape and analyzing Threats from various sources. Assess new threats, rate threat per Shell ratings and collaborate with Threat team on new threat criticality Understanding of CVE id CVSS score and metrics Familiar with application of Cybersecurity Benchmarks, NIST controls, PCI controls Lead security research proposals and Proof Of Concepts for Emerging Technologies and assessing Fit-For-Purpose Tools. Understanding of Cloud Security Posture Management (CSPM) Expertise in operating Application security tools like Rapid7 Appspider, Netsparker Knowledge on CI/CD pipeline able to understand the integration of security tools and guide the developers Understanding of Application security design and providing guidance to developers on secure design. Good understating of SAST/DAST concepts and process Knowledge of Mobile DAST scanning and vulnerabilities and remediation consultation Knowledge of Splunk, SecOps VR, basic querying and creating dashboards Additional Skills (Good to have): PCI-DSS Compliance Scan. SecOps VR Module in ServiceNow. Linux environment experience. Azure/AWS Cloud Console. Wiz.io tool knowledge. Advanced Splunk skills.

End Date Monday 23 June 2025 We Support Flexible Working - Click here for more information on flexible working options Flexible Working Options Hybrid Working Job Description Summary Software Engineer will lead technical development and delivery at Team and sometimes Lab level. They can be a Line Manager who will act as co-lead with the Team PO for overall delivery. In these cases, they will be responsible for overall tech delivery, line management & app ownership alongside their own software engineering output.. Others will operate as Individual Contributors, who are specialists in particular technology areas and will be narrower and deeper in focus. Job Description Grows own capabilities by pursuing and investing in personal development opportunities and develops the capabilities of direct reports by working within existing development framework; provides specialised training or coaching in area of expertise to others throughout the organisation. Identifies shortcomings and suggests improvements to existing processes, systems and procedures, then delivers a plan for a small element of a change management programme with guidance from a project/programme manager. Highlights shortcomings and suggests improvements in current IT Security processes, systems and procedures within assigned unit and/or discipline. Delivers prescribed outcomes for area of responsibility by working within established knowledge management systems. Delivers outcomes by managing others and working within established systems. Sets short term objectives and helps manage the performance of direct reports by working within performance management systems. Sets short term objectives and helps manage the performance of direct reports by working within performance management systems. Explores issues and/or needs to establish potential causes, related issues and barriers. Defines, delivers, and adapts specialized products/services to meet customer needs by selecting the best possible approaches available within established systems. Delivers prescribed outcomes for a designated area, using risk management systems to ensure the organisation is not exposed to undue risks. Analyses specified problems and issues to find the best technical and/or professional solutions. Develops product specifications while designing testing procedures and standards. Delivers prescribed outcomes for area of responsibility by working within established strategic planning systems.

Service Delivery Manager At Ferring Pharmaceuticals, we help people around the world build families and live better lives. We are entrepreneurial and innovative, with a global team focused on scientific advances in the areas of reproductive and womens health, gastroenterology and urology. Ferring + You is all about working together and sharing ideas, so that we can bring science to life for patients around the world. Every person at Ferring works together to change lives and help people build families. Our corporate teams offer empowering, innovative, challenging and rewarding careers we are motivated to make a difference. To reach our full potential we collaborate, and respect and value diverse contributions so that we can grow as an organization and as professionals. Together we can influence the world around us to make life and work better. Ferring + you You will be responsible for services delivery for Ferring affiliates in APAC region. The role is responsible for the execution of the service delivery and compliance to a regional level. Capturing the need for new and improved IT services and ensuring overall business satisfaction with regard to business facing IT support services delivered by supplier or internal IT. You will ensure technology standardization across sites, monitoring and aligning with the business needs. You will become the single point of contact for escalations between the business and IT supplier(s) to ensure technology is implemented as expected with value agreed and as per service satisfaction. You will also be part of the team that coordinate new demands and IT projects within the regional responsibility with the relevant IT business partner and local IT teams. You will become part of the Global Service Desk & OSS organization, overseeing a group of contractors visiting Ferring entities on ad-hoc basis and a team of five on-site supports split in Japan, China, and India. Besides overseeing day-to-day activities, you will act as a main point of contact for escalation from the sites. You will also monitor and manage the vendors suppling the contractors and manage the financial side of this. As Service Delivery Manager you will also become part of a team of SDM peers consisting of five other Service Delivery Managers covering different regions or sites. We take pride in our collaboration and proactiveness in ensuring that we, as a function, meet current and future Service Delivery needs. Your day at ferring Oversee the day-to-day operation of IT services, ensuring they are delivered according to established SLAs and KPIs. Allocate and manage IT resources, including personnel, hardware, software, and budget, to support service delivery. Oversee supplier invoices and manage vendor contracts, negotiations, and relationships to optimize costs and service quality. Identify and assess risks related to IT service delivery and develop mitigation plans. Ensure compliance with security, data protection, and regulatory requirements. Establish effective communication channels with stakeholders, including business units, end-users, and senior management. Provide regular updates on service performance, incidents, and major IT initiatives. Manage IT projects related to service delivery, ensuring they are completed on time and within budget. Behind our Innovation... Theres you 10 years of relevant IT working experience, 5 of those from a highly regulated environment, such as Pharmaceuticals, Manufacturing or Chemicals. Experience managing Operational teams, such as on-site support teams/service desks, as well as interacting with service providers. Solid technical background will be an advantage, especially in understanding and troubleshooting complex IT issues ITIL Foundation certified Good knowledge of ServiceNow, or similar ITSM systems Fluency in English, excellent verbal and written communication skills. People come first at Ferring Get inspired from our commitment to advocate for everyones right to build a family, no matter who you are, where you live or who you love Our inclusive support package Building Families at Ferring provides equal and accessible policies for all employees who wish to start their family journey, ensuring a global standard, irrespective of location and role Parental leave for both birthing and non-birthing parents Extended support on family building journey Making a difference in the life of millions of people means we succeed by working together. Our diverse backgrounds, experiences, expertise, and perspectives enable us to find solutions to even the most challenging problems, and our success is tied to each team members contributions. Imagine the power of your career when its Ferring + You. Behind our purpose There’s you If our mission and your vision are aligned, please apply! We strive to build and maintain an inclusive and diverse workplace with equal opportunities and mutual respect for all employees regardless of their backgrounds and socioeconomic status. If you have any questions, you are welcome to contact please contact HR team At Ferring Pharmaceuticals, we help people around the world build families and live better lives. We are entrepreneurial and innovative, with a global team focused on scientific advances in the areas of reproductive and women’s health, gastroenterology and urology. Ferring + You is all about working together and sharing ideas, so that we can bring science to life for patients around the world. Every person at Ferring works together to change lives and help people build families. Our corporate teams offer empowering, innovative, challenging and rewarding careers – we are motivated to make a difference. To reach our full potential we collaborate, and respect and value diverse contributions so that we can grow as an organization and as professionals. Together we can influence the world around us to make life and work better.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accentures overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole DescriptionSupport SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages are tailored to client needs and budgets, with external threat analysis provided at no costdemocratizing access to enterprise-grade cybersecurity for all. We are looking for a high-energy, results-oriented GRC professional with 6 to 10 years of experience , combining expertise in IT and Governance, Risk, and Compliance (GRC) . The candidate will report directly to the CISO’s office and contribute to internal audits and projects executed under CISO’s instructions . Key Responsibilities: Serve as a subject matter expert on information and cybersecurity governance, risk, and compliance (GRC) services and solutions. Execute security assessments of on-premise/cloud IT environments aligned with business objectives and regulatory requirements. Conduct testing and validation of IT security controls, documenting findings and preparing detailed reports. Manage and perform internal audits as per the CISO’s directives , contributing to risk posture improvements and present the metrics to the CISO on a regular basis. Apply knowledge of the Digital Personal Data Protection Act, 2023 , and other global data protection laws. Utilize and manage GRC tools and platforms. Conduct security control assessments for web/mobile applications and enterprise systems. Drive third-party risk management and support client-facing initiatives. Deliver complex GRC projects in dynamic, fast-paced environments. Engage in knowledge-sharing forums to strengthen team capabilities. Continuously enhance the cybersecurity strategy based on evolving threats and technologies. Job Requirements: 1. Qualifications: Bachelor’s degree in Engineering or a related technology discipline. Mandatory Certification : Must possess CISA or ISO 27001 Lead Auditor certification. Additional certifications preferred: ISO 27001 Lead Implementer CISSP, CIPP, CCSK, or CCSP Public Cloud certifications (AWS, Azure, GCP) 2. Experience: 6 to 10 years of total experience with proven exposure to both IT and GRC functions . Experience in internal audits, consulting, and cybersecurity risk advisory. 3. Desired Skills: Deep understanding of information security principles and compliance frameworks. Strong understanding of the IT topology and application development principles Hands-on experience with security tools (e.g., vulnerability scanners, code review platforms). Strong exposure to IT/cybersecurity standards: ISO 27001/27005, NIST CSF, PCI DSS, SOC 1/2, GDPR, COBIT. Excellent communication skills, documentation abilities, and stakeholder engagement. Experience in program and project management within cybersecurity initiatives. 4. Personal Attributes: Self-starter with strong problem-solving skills. Highly motivated and able to work with minimal supervision. Strong prioritization and multitasking abilities under pressure.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about cybersecurity and looking for an exciting role where you can make a difference? If so, we have an opportunity for you! As a Security Specialist at Kyndryl, you will play a crucial role in enabling and securing our customer organizations, cultures, and ecosystems. Your responsibilities will be varied and dynamic, spanning asset classification models, risk assessment reports, information security policies, security solution scenarios, implementation plans, organization models, procedures, security services, security effectiveness evaluation reports, and security awareness workshops. You will be tasked with configuring, monitoring, and managing the performance of networks to maintain the quality of services, while also protecting organizational infrastructure from malicious cyber-attacks. As a key member of our team, you will assess, predict, prevent, and manage the risk of IT infrastructure and data, helping our customers stay ahead of the curve and ensure their systems are secure. You will develop and implement security policies and procedures, working closely with other departments to ensure that all security measures are in place and operating effectively. But that is not all – at Kyndryl you will have the opportunity to explore innovation in CyberSecurity data science – taking information that has been gathered and looking for areas to have that “Ah Ha” moment. Drawing conclusions and patterns from the data across single and multiple clients. Creating new ideas in the area of risk management and risk quantification. In addition to your technical responsibilities, you will also play a key role in raising awareness of potential security threats through technical security training on best practices. This is an exciting opportunity to help shape the culture of our clients' organizations and make a tangible impact on their security posture. If you have a passion for cybersecurity – governance, risk and compliance, are looking for a challenging and dynamic role, and want to work with a team of like-minded individuals, then we want to hear from you! Join us as a Security Specialist and help us secure the future of our clients' organizations. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are Required Technical and Professional Experience 5+ years in IT security profile. Education : MCA / B.E. / B. Tech Project Experience : Minimum of 3+ years in security requirements, cyber security, IT security audits, certifications, etc., in at least 2 IT projects Certifications : ISO 27001 & CISSP (Certified Information Systems Security Professional) Responsibilities Facilitate review of the data security architecture as per the requirements. Facilitate review of the configuration of the required IT security infrastructure as per the law or as requested by the client against the acceptance criteria. Monitor activities related to periodic security testing/audits as per client requirements. Implement any new or existing guidelines/policies/acts issued by the Government of India on IT Security. Location : Requires working from Client location in Delhi Preferred Technical and Professional Experience CISSP (Certified Information Systems Security Professional) certification. ISO 27001 Certification. Other relevant certifications like CISM (Certified Information Security Manager) or CEH (Certified Ethical Hacker) can be beneficial. Excellent communication skills to effectively interact with stakeholders and educate employees on security best practices. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Quest is seeking a motivated self-starter with excellent interpersonal, communication, and presentation skill to join the IT Security Risk and Assurance team to work with internal and external customers to address IT Audit and assurance related requests in the areas of IT, IT security and privacy and compliance. This role will be primarily responsible for responding to, coordinating, and managing IT Security assessment and audit inquiries from our clients and regulators.

The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention.

Location: Noida Experience: Minimum 4- 10 years Responsibilities: Assist in the implementation and maintenance of information security strategies, ensuring alignment with regulatory requirements, industry standards, and business goals. Support the development and enforcement of information security policies, procedures, and best practices to protect data integrity, confidentiality, and availability. Monitor security alerts, analyze potential threats, and assist in incident detection, response, and resolution to mitigate security risks. Conduct risk assessments and vulnerability scans to identify security weaknesses and assist in remediation efforts. Work closely with engineering and IT teams to embed security best practices across the software development lifecycle and cloud infrastructure. Assist in security audits, compliance checks, and regulatory reporting to ensure adherence to RBI guidelines, DPDP Act, ISO 27001, and Cert-IN regulations. Manage and configure security tools such as firewalls, IDS/IPS, SIEM, endpoint protection, and vulnerability scanners. Assist in access control management, ensuring appropriate permissions and role-based access policies are in place. Contribute to security awareness programs, helping employees understand cybersecurity threats and best practices. Stay updated on emerging security threats, attack vectors, and defensive technologies, recommending enhancements to security processes. Qualifications and Skills: Bachelors degree in Information Security, Computer Science, IT, or a related field. Minimum of 4 years of experience in information security, cybersecurity operations, or risk management. Hands-on experience with firewalls, IDS/IPS, SIEM tools, endpoint security, and vulnerability management. Strong understanding of network security, encryption, identity and access management (IAM), and cloud security (AWS, Azure, or GCP). Knowledge of security frameworks such as ISO 27001, NIST, CIS Controls, and RBI IT Guidelines. Exposure to penetration testing, security log analysis, incident response, and threat intelligence. Strong problem-solving, analytical, and communication skills. Relevant certifications preferred (CEH, Security+, CISSP (Associate), CISM). Ability to work in a fast-paced environment, collaborate with cross-functional teams, and maintain a security-first mindset.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

The role holder will be part of a small team responsible for the implementation, management and innovation of 2nd line of defense risk management within the Information and Communication Technology (ICT) space, focusing on Operational Resilience at the Group. Responsibilities will include second line of defense oversight for Operational Resilience Domains such as Business Continuity/DR, IT Resilience, Cyber Resilience (including Cyber Fraud), Third Party Resilience and Crisis Management. The role holder will work with colleagues in Group RISK ORM Operational Resilience team, in support of and in close co-operation with RISK ORM ICT in Regions, as well as 1st line of defense ICT, business and offshoring teams and stakeholders. The candidate shall be an all-round specialist in Information and Communication Technologies, which include IT Processes (Architecture, Network, Systems, Application), Governance, Cyber Security and Operational Resilience related subjects. The candidate shall play a leading role in the successful completion of assigned assessments from start to finish and shall be competent to strengthen team spirit, improve team skills on different ICT subjects and ensure the quality, relevance and traceability of all identified gap. As a subject matter expert on ICT, the successful candidate shall stimulate and bring knowledge and innovation to the RISK ORM ICT Operational Resilience, in supporting of RISK ORM ICT Regional teams, helping to elevate the knowledge base and skills of the team. Responsibilities Governance & Oversight Provide IT & Cyber risk management (especially related to Operational Resilience) consulting to the business, technical and operations groups Provide direction, support and oversight with respect to management of security and technology risks of core systems and applications, and its resiliency Drive effective implementation and communication of Operational Risk Management (especially Operational Resilience related) policies and guidelines Risk management environment Identification & Assessment: Ensure that the identification and assessment of operational risks are effectively done across the organisation by correlating input from Audit Findings, Internal Loss Data Collection & Analysis, External Data Collection & Analysis, Risk Control Self Assessments, Business Process Mapping, KPIs & KRIs, Scenario Analysis, Quantified Measurement & Comparative Analysis Monitoring & Reporting: Implement a process to regularly monitor operational risk profiles and material exposure to losses and provide appropriate reporting mechanisms to the board, senior management and the business lines. Data capture and operational risk reporting should be continuously enhanced and provide a feedback loop to enhance risk management policies, procedures and practices. Control & Mitigation: Improve the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities. Assess operational risk response strategies. Validate risk transfer options. Risk Disclosure: Provide updates on regulatory and financial disclosure while complying with external and regulatory communications standards and disclosing the operational risk management framework of the bank in a manner that complies with the formal disclosure policy approved by the board of directors. Defines approach for determining what operational risk disclosures are made and the internal controls over the disclosure process. Implement a process to assess the appropriateness of the disclosure, including the verification and frequency. Operational Resilience Manage the delivery, testing and management of Operational Resilience risk policies, standards and associated controls Perform gap assessment of Operational Resilience regulations, standards and guidelines of assigned territories and ensure compliance through 1st Line of Defence Manage assurance/oversight of Operational Resilience directly owned controls and in-directly owned Resilience controls and ensure these controls are tested for operational effectiveness Provide active advisory, partnership, challenge or approval to applicable risk owners to ensure appropriate prioritization and resolution Perform relevant 2nd Line Of defence thematic or issue based deep dives Support the business in identifying (through control testing) Resilience gaps in process, controls and also in remediating these Contribute to the design, development and specification of new/redesigned processes, systems, information, risk controls, testing regimes, documentation and supporting materials Crisis Management: Ensure 2nd line of defence risk oversight of Crisis Management program Contribute to the development of the crisis management framework; including: policies, standards, aide memoires, SOPs, playbooks, escalation protocols, etc. Support the delivery of independent crisis exercises and test incident and crisis response capability. Develop and implement process for validating effectiveness of the crisis management program. Participate in After Action Reviews. Build and establish networks and relations with other key internal stakeholders Third Technology Risk: Provide 2nd line of defence risk oversight of Third Party Cyber & Tech Risk program Conduct independent technology and cyber risk assessment of Outsourcing risks 2nd LoD Thematic review of critical suppliers from a Cyber & Tech Risk perspective Assist Global Head in developing Group wide 2nd LoD framework and policies regarding Third Party Tech Risk programs Contributing Responsibilities Governance & Oversight Contribute to the establishment of an IT & Cyber Risk Management program for the bank within the three lines of defence model in alignment with the Group Risk Management Framework Assist with establishing and oversight of the Operational Risk Management infrastructure and ensure practices are consistent with regulatory expectations and industry sound practices Risk management environment Operational Resiliency: Support the regional oversight of Group/Regional operational resiliency program to ensure the ability of the bank to operate on an ongoing basis and limit the losses in the event of severe business disruption. Coordinate with the first and third lines of defence to test these plans to ensure coverage and adequacy. Technical & Behavioral Competencies SKILLS, EXPERIENCE AND COMPETENCIES Skills Required: 15 years or more experience or practical understanding in IT, IT Security or other ICT domains required The successful candidate will have a proven track record in managing risk and technology in large/global organizations with robust knowledge of technology, risks and controls, IT and security architecture, operational resilience, and third party technology risk management. Prior ICT risk experience (IT, DR/BCM, Cyber security, Third Party, etc.) and exposure to Financial Services industry is a requirement. Experience with risk management tools and information systems is beneficial. Generic Requested Skills Excellent stakeholder management skills Demonstrates a high level of commitment and self-motivation Able to manage workload and set realistic and achievable targets Eye for detail and ability to process high quantity of documents and correlate them Highly organized and able to multi-task Able to express views clearly and fluently both orally and in writing, considering the audience and avoiding technical jargon when necessary and appropriate Able to work under pressure in international environment Able to interface and coordinate work efficiently and effectively with senior business and technology partners Excellent communication and influencing skills, including ability to articulate complex issues and incorporate feedback Good team player, Strong stakeholder management, relationship building, influencing, facilitating and presenting skills Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements Is self-aware, anticipates problems, adapts and meets them head on. Is solutions focused measures their output on whether issues, problems or challenges are resolved as a criteria for success Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework Technical Skills Experience in business process re-engineering, experience with functional and enterprise technical architecture, good understanding of large-scale technology infrastructure Understanding of emerging technologies e.g. IoT, Cloud, etc. Understanding of ISO 2700X series of standards and guidelines Significant experience in the field of Technology Risk Management, Operational Resilience, Cyber, Information Security and Crisis Management. Strong Risk mindset with understanding of applicable Technology Risk and Resilience regulatory requirements Proficiency in IT Service Management, Service Continuity domains Experience within a regulated environment such as financial services industry Conduct: Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks Consider the implications of actions on colleagues, partners and clients before making decisions and escalate issues to manager when unsure Specific Qualifications (if required) Graduate or Post-graduate qualification in ICT domains, risk management or control function Skills Referential Behavioural Skills : (Please select up to 4 skills) Attention to detail / rigor Decision Making Communication skills - oral & written Ability to collaborate / Teamwork Transversal Skills: (Please select up to 5 skills) Ability to anticipate business / strategic evolution Ability to inspire others & generate people's commitment Ability to develop others & improve their skills Analytical Ability Ability to develop and leverage networks Education Level: Bachelor Degree or equivalent Experience Level At least 15 years Project Management Skills The successful candidate will have one or more of the following professional qualifications:

Shift Day Quest Diagnostics Third-Party Vendor Risk Management Program performs the critical function of assessing the risks of new and existing vendors. The IT Security Sr. Specialist II will be responsible for working with business partners and purchasing to evaluate the risk posture of the vendors and to ensure that appropriate risk assessments, the contract and ancillary risk assessment documents are reviewed and implemented. General Job Responsibilities: Conduct supplier risk assessments in line with Quest Diagnostics IT Security Policies and Procedures including due diligence, risk evaluation, findings management, and remediation. Quality Assurance efforts including but not limited to data integrity, metrics development, findings management, reassessment tracking and vendor off-boarding. Contribute to third-party risk management program development and process enhancements Develop working knowledge of Quest Diagnostics business and operations to ensure alignment of due diligence reviews and risk assessments with the needs of the business Special Projects as assigned.

Responsible for ISO 27001 based ISMS implementation & Sustenance. Responsible for advising Business continuity planning, IT Disaster recovery planning.

Overview. ormation Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area, Responsibilities. Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage, Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc, L2/L3 level is added advantage, Should have knowledge in managing Vulnerability tools and various remediation efforts, Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed, Enforce incident response service level agreement, Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company. Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks. Vulnerability management assessment and remediation. Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks. Research the latest information technology (IT) security trends. Help plan and carry out an organization’s way of handling security. Develop security standards and best practices for the organization. Recommend security enhancements to management or senior IT staff. Document security breaches and assess the damage they cause, Performs other duties as assigned. Qualifications. Tech, B. 2-5 years’ Experience working in a Security Operations Center. 2 years minimum in the computer industry. Knowledge working with complex Windows environments. Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001. Knowledge in design and administration of security tools. Good written and verbal communication skills. Show more Show less

Dentsply Sirona is the world’s largest manufacturer of professional dental products and technologies, with a 130-year history of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona’s products provide innovative, high-quality and effective solutions to advance patient care and deliver better and safer dentistry. Dentsply Sirona’s global headquarters is located in Charlotte, North Carolina, USA. The company’s shares are listed in the United States on NASDAQ under the symbol XRAY.. Bringing out the best in people. As advanced as dentistry is today, we are dedicated to making it even better. Our people have a passion for innovation and are committed to applying it to improve dental care. We live and breathe high performance, working as one global team, bringing out the best in each other for the benefit of dental patients, and the professionals who serve them. If you want to grow and develop as a part of a team that is shaping an industry, then we’re looking for the best to join us.. Working At Dentsply Sirona You Are Able To. Develop faster with our commitment to the best professional development.. Perform better as part of a high-performance, empowering culture.. Shape an industry with a market leader that continues to drive innovation.. Make a difference -by helping improve oral health worldwide.. Scope. The SAP GRC & Authorization Expert role is working on GRC Access control and SAP S/4 and the connected system in security and authorization management. In this role, you will design and implement robust GRC and authorization solutions, ensuring compliance with audit guidelines and enhancing our IT security framework.. Key Responsibilities. The job holder must have the following expertise:. Deep understanding of SAP authorization concept.. Knowledge of Segregation of Duties (SOD) with an understanding of business processes and applicable mitigating controls.. Understanding of periodic SAP security reviews/audits.. Experience with BRF+ and MSMP.. Firefighter configuration and maintenance.. GRC request administration and GRC (12.0) configuration.. Risk analysis configuration.. Experience in maintaining GRC risk library, roles and authorizations.. Experience in role design.. Preferred understanding on FIORI apps.. Handling high-priority requests.. Liaising with ABAP/Functional team on customized t-code development.. Clear understanding of business roles and processes.. Support team members on technical issues.. Understanding and working experience with a ticketing tool (Service-Now).. Excellent expertise in SAP GRC Access Control and SAP authorization/security.. Role design and Segregation of Duties conflict remediation related projects.. User and authorization management for SAP systems.. Review critical and sensitive authorizations.. Ensure high level of compliance and user support.. Maintain Data.. The SAP GRC & Security Expert will be responsible for the availability and integrity of security.. Other responsibilities as assigned.. Typical Background. Education. Bachelor’s degree in a related area (Computer Science, Computer Engineering, Information Technology. Language skill. English Advanced (C1), any other language is an advantage.. Years And Type Of Experience. Experience in 5 years of experience in similar role.. Experience with SAP GRC and S4/Hana.. Key Required Skills, Knowledge And Capabilities. Internationally and culturally aware. The ability to handle multiple and shifting priorities without losing focus is necessary.. Ability to communicate complicated issues in an easy to understand and concise method.. Pro-active, positive attitude, high-energy, motivated, enthusiastic with an outgoing, can-do attitude.. Personal computer skills are required and advanced skills with excel, word and access is a must.. Key Leadership Behaviors. Teamwork – Defines success in terms of the whole team. Customer Focus – Is dedicated to meeting the expectations and requirements of internal and external customers and seeking to make improvements with the customer in mind. Strategic Thinking – Applies experience, knowledge, and perspective of business and external or global factors to create new perspectives and fresh thinking. Problem Solving – Can analyze problems and put together a plan for resolution within her scope of responsibility. Drive for Results – Can be counted on to reach goals successfully. Accountability – Acts with a clear sense of ownership. Innovation and Creativity – Brings creative ideas to work and acts to take advantage of opportunities to improve business. Leading Change – Adapts to changing priorities and acts without having the total picture. Consistently meets Dentsply Sirona standards, ethics and compliance requirements. Self-motivated, conscientious with a desire to exceed. DentsplySirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in DentsplySirona.. If you need assistance with completing the online application due to a disability, please send an accommodation request to careers@dentsplysirona.com. Please be sure to include “Accommodation Request” in the subject.. Show more Show less

We're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes and for that, we need you to join us.. The Team:. As a member of the Information Security Organization at Celonis, you'll collaborate closely with various departments and customers to communicate and demonstrate the security posture of our products. This position is part of the Security Enablement team within the broader Security GRC (Governance, Risk, and Compliance) Department. The Information Security team plays a critical role in ensuring Celonis' technology and information assets are appropriately guarded from external and internal threats. The Security GRC Department you'll be joining is responsible for maintaining existing security attestations at Celonis globally, balancing risk with appropriate controls and assessing control effectiveness.. The Role:. As Associate Security Enablement Analyst within the Information Security GRC team, you will act as a key interface between Celonis and its customers, helping to demonstrate the strength of our security posture and ensuring a smooth, informed, and confident customer journey. In this role, you’ll handle a broad range of customer-facing security activities—from responding to security questionnaires and audits, to building scalable processes and content for security communications. You’ll work closely with internal stakeholders across Legal, Operations, and Engineering, playing a critical role in reinforcing trust and transparency around our security practices. This position is ideal for someone who thrives at the intersection of security, communication, and customer success.. The work you’ll do:. Customer Security Requests: Respond quickly and accurately to customer security inquiries, supporting business development and customer success efforts.. Technical Security Communication: Independently address technical questions from customers, ensuring their security requirements are clearly understood and met.. Audit Support: Support customer audits and remote assessments by preparing and delivering relevant security documentation and evidence.. Security Questionnaires: Lead the completion of security questionnaires and related documentation, particularly those focused on cloud security.. Cross-Functional Collaboration: Work with Legal, Operations, and Cloud Engineering to develop and maintain standardized materials that clearly explain our security controls and practices.. Knowledge Management: Build and maintain a centralized knowledge base covering key Information Security topics, making resources easily accessible to internal and external stakeholders.. Enablement & Culture: Contribute to internal initiatives that strengthen Celonis’s security culture, operational maturity, and external security presence—whether through team development, internal enablement, or customer-facing improvements.. Privacy & GenAI Readiness: Collaborate with cross-functional teams to support privacy-related initiatives and emerging GenAI-related security considerations, ensuring alignment with evolving regulatory and customer expectations.. The qualifications you need:. University degree in the field of Information Technology and Management, Business Administration, or a similar field. Experience working with Security Questionnaires, IT projects, RFX. Work experience in the field of IT Security, Auditing, Cloud Security or similar. Excellent communication skills in English (spoken and written). Excellent ability to communicate with clients, relevant departments, collaborators and other relevant actors. High professional responsibility and excellent skills to work independently. Excellent skills to learn quickly and adapt to new tasks. Ability to learn topics related to Cloud, Infrastructure, and IT Security. Ability to work under pressure andin a dynamic work environment. Excellent communication skills in German (has the advantage). What Celonis Can Offer You:. Pioneer Innovation: Work with the leading, award-winning process mining technology, shaping the future of business.. Accelerate Your Growth: Benefit from clear career paths, internal mobility, a dedicated learning program, and mentorship opportunities.. Receive Exceptional Benefits: Including generous PTO, hybrid working options, company equity (RSUs), comprehensive benefits, extensive parental leave, dedicated volunteer days, and much more.. Prioritize Your Well-being: Access to resources such as gym subsidies, counseling, and well-being programs.. Connect and Belong: Find community and support through dedicated inclusion and belonging programs.. Make Meaningful Impact: Be part of a company driven by strong values that guide everything we do: Live for Customer Value, The Best Team Wins, We Own It, and Earth Is Our Future.. Collaborate Globally: Join a dynamic, international team of talented individuals.. Empowered Environment: Contribute your ideas in an open culture with autonomous teams.. About Us:. Celonis makes processes work for people, companies and the planet. The Celonis Process Intelligence Platform uses industry-leading process mining and AI technology and augments it with business context to give customers a living digital twin of their business operation. It’s system-agnostic and without bias, and provides everyone with a common language for understanding and improving businesses. Celonis enables its customers to continuously realize significant value across the top, bottom, and green line. Celonis is headquartered in Munich, Germany, and New York City, USA, with more than 20 offices worldwide.. Get familiar with the Celonis Process Intelligence Platform by watching this video.. Celonis Inclusion Statement:. At Celonis, we believe our people make us who we are and that “The Best Team Wins”. We know that the best teams are made up of people who bring different perspectives to the table. And when everyone feels included, able to speak up and knows their voice is heard that's when creativity and innovation happen.. Your Privacy:. Any information you submit to Celonis as part of your application will be processed in accordance with Celonis’ Accessibility and Candidate Notices. By submitting this application, you confirm that you agree to the storing and processing of your personal data by Celonis as described in our Privacy Notice for the Application and Hiring Process.. Please be aware of common job offer scams, impersonators and frauds. Learn more here.. Show more Show less