83 Nist Csf Jobs

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about Senior Security Consultant and driven to protect against the latest threats? We are seeking a Senior Security Consultant who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Senior Security Consultant, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customer’s assets. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from a Junior Architect to Principal Architect – we have opportunities for that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise Minimum of 15 years of experience in security Experience with security frameworks such as NIST CSF, ISO 27001, or CIS Controls Deep understanding of security technologies, such as firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint protection Strong knowledge of cloud security concepts and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Good Knowledge and experience in Crowd strike , Microsoft Defender, Cortex , & Symantec EDR , Arcon PIM , Cyber Ark PIM & Iraje •Bachelor's or Master's degree in Computer Science(B.E/B.Tech/MCA), Information Security, or a related field Preferred Technical and Professional Experience •Relevant industry certifications such as CISSP, CISM, or CCSP Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

What were looking for We are seeking a skilled and proactive Cyber Threat Intelligence Analyst (3-5 years) to join our team and contribute to delivering a Fanatical Experience to our customers. This role is ideal for an individual with a strong background in threat intelligence gathering, analysis, and reporting, as well as hands-on experience in threat hunting and translating intelligence into actionable insights. Incident Handling and Managing Cloudsek Platform. As a Threat Intelligence Analyst, you will be responsible for identifying and analyzing emerging cyber threats, conducting threat hunting (good to have Sentinel Exp) activities to uncover hidden risks, and producing detailed reports to inform and support security operations. Your expertise will help enhance the overall security posture of our customers through proactive intelligence and actionable recommendations. Key Responsibilities Lead and perform proactive threat hunting across multiple customers or organizational estates using available data and threat intelligence. Create, test, and iterate threat hunting hypotheses to uncover undetected malicious activity. Leverage Cyber Threat Intelligence (CTI) feeds and tooling to track threat actor TTPs and deliver contextual insights relevant to the organization. Design and implement custom detection rules in SIEM platforms, particularly Microsoft Sentinel. Handling Cloud Sek Platform incidents (Dark web detections, Credential Leaks, Compromised Computer.) Collaborate with detection engineers, SOC analysts, and other stakeholders to improve detection content and response workflows. Contribute to incident response activities by supporting triage, investigation, and root cause analysis of cybersecurity events. Support risk and threat modelling initiatives by providing timely threat input and context. Deliver timely high-quality reporting (including executive briefings and technical analysis) on emerging threats and threat actor trends. Manage and curate threat intelligence watchlists, enrich detections with threat data, and assist SOC teams with relevant contextual insights. Support insider threat monitoring and vulnerability risk assessments. Participate in detection engineering efforts by identifying opportunities for new or enhanced analytics. Communicate threat relevance to technical and non-technical stakeholders clearly and concisely. Maintain an active awareness of the evolving cyber threat landscape, particularly as it pertains to your sector. Liaise with Corporate Enterprise Security for indicator and threat sharing. Drive iterative non-technical process improvement and documentation to minimize process friction to eliminate waste and drive consistency. Essential Skills and Experience Experience in Threat Hunting and Cyber Threat Intelligence. (3-5 years) Experience in analyzing large datasets for threat patterns. Strong understanding of threat actor behaviours, attack chains, and TTPs. Practical experience using SIEM platforms (ideally Microsoft Sentinel) and writing KQL queries. Strong Handon on Exp on Cloud Sek Platform, Understanding of threat modelling, risk management, and MITRE ATT&CK framework. Experience supporting or collaborating with Security Operations Center (SOC) teams. Understanding of Windows and/or Linux telemetry and analysis techniques. Knowledge of network protocols and how they may be exploited. Experience executing security incident response workflows and processes. Ability to triage and respond to threat intelligence alerts from multiple sources. Strong written and verbal communication skills to effectively deliver technical and executive-level briefings. Desirable Skills Experience with Microsoft Defender XDR Suite (Defender for Cloud, Server, Endpoint, Office 365, Identity). Microsoft Sentinel Cloud SEK Platform Crowdstrike, Falcon Qualys Familiarity with Microsoft Entra, Purview, and Azure technologies. Knowledge of NIST CSF, and other common security frameworks. Experience working with STIX and TAXII or equivalent for TI normalization and sharing Hands-on experience with detection creation and automation workflows using GitHub. Familiarity with scripting (python, JS, Powershell) for automation/analysis data processing. Experience working in Agile environments and cross-functional teams. Relevant certifications such as: Microsoft : SC-200, AZ-500, MS-500, SC-300 GIAC : GCTI, GCFA, GREM, GCIA Other : CISSP, CISA, CISM, CompTIA Security+/Cloud+, CCSK

JOB DESCRIPTION Cyber Advisory analyst is responsible for providing consultation on various cyber security requirements for applications, infrastructure, and emerging technologies RESPONSIBILITIES Position responsibilities include: . Perform a review of functional requirements of the software project. Identify relevant security requirements for this functionality by reasoning on the desired confidentiality, integrity or availability of the service or data offered by the software project . Conduct thorough assessments of web applications, prioritize risks aligning with OWASP and ASVS guidelines, while implementing Information Security Policy and industry standards like ISO, NIST, CIS to support application teams in creating secure products. . Support in analyzing and implementing optimized Cloud hardening controls that deliver security, compliance, and responsiveness to the latest Cloud-based threats and attacks (GCP, Azure, SaaS solutions etc.) . Provide Cyber Security guidance and requirements, when a new technology is being considered/introduced as part of the enterprise's strategy . Identify design flaws to assess, quantify and rank risk, help with mitigation of the open issues. Ensure tracking and closure of all critical risks before production launch . Analyze stakeholder feedback and input to identify areas of alignment and potential conflicts, and work to resolve them in a timely and effective manner. . Plan, research, and document appropriate and flexible security requirements for standard IT architectural components based on Industry standards (OWASP, NIST, IETF etc.) . Stay updated through continuous learning on the latest cybersecurity trends and technologies, such as LLM, ZTNA, LCNC, to offer proactive and effective recommendations and solutions to stakeholders. . Collaborate with cross-functional teams to ensure project scope/deliverables and expert advice provided post security assessments are in-line. . Benchmark and Leverage industry best practices (e.g. OWASP SAMM) to continually improve process maturity. QUALIFICATIONS Skillset required: . In-depth understanding of cyber security framework and industry standards (NIST CSF, ISO27001/2, OWASP, etc.), Threat Modeling and IT Risk Assessment . Proficiency in IAM technologies, concepts, and best practices, including identity lifecycle management, access control, authentication mechanisms, and federation protocols. . Proficiency in API security concepts, standards, and best practices, including OAuth, OpenID Connect, JWT, TLS/SSL, and OWASP API Security Top 10. . Knowledge of computer networking and network security architecture concepts including topology, protocols, components, and principles. . Deep understanding of Google Cloud Platform (GCP) services, architecture, and security features. . Knowledge of emerging technologies like AI/ML, Zero Trust, LCNC etc. and willingness to learn new technologies and concepts. . Strong understanding Cryptography and data protection concepts. . Knowledge of laws, regulations, policies, and ethics related to cybersecurity and privacy . Proficiency in conducting security assessments, risk analysis, and vulnerability management. . Knowledge of DevSecOps, agile principles, and security policies. . Excellent analytical and problem-solving skills to identify security risks and develop effective solutions. . Excellent communication and interpersonal skills to collaborate with cross-functional teams and communicate security risks effectively. Qualifications required: . Bachelor's degree in computer science, Cyber Security, or related field of study . 2+ years of experience in Cyber Security or related fields of IT. . Knowledge on Security Framework such as NIST CSF, ISO27001, OWASP Top-10 etc. . Cyber security certifications like CISSP, CCSP, CSSLP etc. are highly desirable.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Compliance Management Good to have skills : Security Architecture Design Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role ensures that the organization complies with industry standards and regulations such as ISO/IEC 27001, PCIDSS, NIST CSF, SOC 2, TISAX, and others. The candidate will work cross-functionally to manage audits, assess risks, and drive continuous improvement in the security posture of the organization. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security managed operations, ensuring that all security measures align with organizational standards and compliance requirements. You will also engage in continuous improvement initiatives to enhance the security posture of the organization. Roles & Responsibilities:Expected to perform independently and become an SME GRC professional. Required active participation/contribution in client discussions. Contribute in providing solutions to compliance related complex situations Conduct regular assessments of security framework based or cloud security controls to ensure compliance with established standards. Collaborate with cross-functional teams to identify and mitigate potential security risks. Professional & Technical Skills: Proficient in Information Security, Cyber Security and Governance, Risk, and Compliance (GRC).Has significant exposure to evolving landscape of security compliance requirementsLead and manage security compliance initiatives across the organization.Manage/ Conduct gap assessments and implement controls in alignment with compliance standards (e.g., ISO 27001, PCIDSS, NIST, SOC 2, GDPR and other relevant frameworks).Coordinate and support internal and external security audits, including evidence collection and remediation planning.Partner with business, IT, and legal teams to ensure compliance requirements are understood and implemented.Develop and maintain security policies, procedures, and documentation in line with regulatory needs.Monitor compliance status and prepare reports and metrics for leadership.Educate teams on compliance requirements and drive a culture of security awareness.Relevant certifications :Any one -ISO27001LA/LI, ISO3100 or CISA, CISM, CRISC, or equivalent. Additional Information:The candidate should have 3-5 years of relevant experience in Information Security Governance, Risk and Compliance (GRC).A 15 years of full time education is required.This position is based at our Gurgaon/ Bangalore and Other Accenture locations. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Data Privacy Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:Ensure that compliance with Privacy standards & regulations is maintained across all projects. Coordinate with other members of the information security / technology function and end client to implement and sustain appropriate technical (security & privacy) and procedural controls to support this objective. Remain apprised of pending changes to standards and proactively design and apply appropriate measures.Understand business objectives and limitations, deliver trainingAssisting, delivering the privacy programme & end-to-end as per the contractual requirementsExposure to various country specific privacy laws & regulations Adept in performing Privacy Impact assessments & Data Protection Impact assessments basis the agreed contractual requirements and applicable privacy lawsAdept in running data privacy program from scratch for clients Ensure that compliance with Privacy standards & regulations is maintained across all projects. Coordinate with other members of the information security / technology function and end client to implement and sustain appropriate technical (security & privacy) and procedural controls to support this objective. Remain apprised of pending changes to standards and proactively design and apply appropriate measures.Understand business objectives and limitations, deliver trainingAssisting, delivering the privacy programme & end-to-end as per the contractual requirementsExposure to various country specific privacy laws & regulations Adept in performing Privacy Impact assessments & Data Protection Impact assessments basis the agreed contractual requirements and applicable privacy lawsAdept in running data privacy program from scratch for clients Performing Risk assessments based on widely accepted industry standards such as ISO 27005, NIST CSF, PCI DSS etc.Develop, maintain and monitor compliance with Information Security Policies. Oversee security policies, privacy requirements, awareness & training across the organization.Develop, update and test all the required documentation & dashboards with respect to applicable Data Privacy & Security standards / regulations.Participate in new technology deployment initiatives, contributing to the organizations overall adoption of best security practices.Stay abreast of emerging technological developments and security threats and factors into our compliance program, strategies and tools. Professional & Technical Skills: At least 12+ years experience in Information Security, Data Privacy, Risk and ComplianceHands-on experience in at least one of the well-known data privacy regulations / standards such as GDPR, CCPAHands -on implementation experience in one of the Data privacy tools like OneTrust, Securiti.ai or BigID.Very strong understanding of Information Security concepts and various IT Security FrameworksShould have performed DPIA / PIA assessmentsStrong written and verbal communications skills. Additional Information:- The candidate should have minimum 12 years of experience in Security Data Privacy.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Data Privacy Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:Ensure that compliance with Privacy standards & regulations is maintained across all projects. Coordinate with other members of the information security / technology function and end client to implement and sustain appropriate technical (security & privacy) and procedural controls to support this objective. Remain apprised of pending changes to standards and proactively design and apply appropriate measures.Understand business objectives and limitations, deliver trainingAssisting, delivering the privacy programme & end-to-end as per the contractual requirementsExposure to various country specific privacy laws & regulations Adept in performing Privacy Impact assessments & Data Protection Impact assessments basis the agreed contractual requirements and applicable privacy lawsAdept in running data privacy program from scratch for clients Ensure that compliance with Privacy standards & regulations is maintained across all projects. Coordinate with other members of the information security / technology function and end client to implement and sustain appropriate technical (security & privacy) and procedural controls to support this objective. Remain apprised of pending changes to standards and proactively design and apply appropriate measures.Understand business objectives and limitations, deliver trainingAssisting, delivering the privacy programme & end-to-end as per the contractual requirementsExposure to various country specific privacy laws & regulations Adept in performing Privacy Impact assessments & Data Protection Impact assessments basis the agreed contractual requirements and applicable privacy lawsAdept in running data privacy program from scratch for clients Performing Risk assessments based on widely accepted industry standards such as ISO 27005, NIST CSF, PCI DSS etc.Develop, maintain and monitor compliance with Information Security Policies. Oversee security policies, privacy requirements, awareness & training across the organization.Develop, update and test all the required documentation & dashboards with respect to applicable Data Privacy & Security standards / regulations.Participate in new technology deployment initiatives, contributing to the organizations overall adoption of best security practices.Stay abreast of emerging technological developments and security threats and factors into our compliance program, strategies and tools. Professional & Technical Skills: At least 12+ years experience in Information Security, Data Privacy, Risk and ComplianceHands-on experience in at least one of the well-known data privacy regulations / standards such as GDPR, CCPAHands -on implementation experience in one of the Data privacy tools like OneTrust, Securiti.ai or BigID.Very strong understanding of Information Security concepts and various IT Security FrameworksShould have performed DPIA / PIA assessmentsStrong written and verbal communications skills. Additional Information:- The candidate should have minimum 12 years of experience in Security Data Privacy.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Job Description for SOC OT: Cyber SOC OT Security Analyst – Level 2 Experience Required: 3–5 years Location: Bengaluru Shift: Must be flexible to work in 24/7 rotational shifts including weekends Reports To: OT Security Operations Center Lead/ OT Security Manager ________________________________________ Role Overview: The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities: • Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. • Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. • Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. • Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. • Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). • Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. • Collaborate with OT security engineers and external vendors to escalate and remediate incidents. • Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. • Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. • Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. • Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge: • Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. • Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). • Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. • Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. • Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. • Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. • Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice to Have: • Exposure to Red Team/Blue Team exercises focused on OT/ICS. • Familiarity with GRC platforms and risk assessment tools tailored to OT.

Job Description Designation: Sr. Analyst Position Summary: We are looking for a professional having intermediate knowledge on Vulnerability assessment and penetration testing (web application, infra, mobile application, APIs) Compliance frameworks- ISO 27001:2022, NIST CSF, DPDA 2023. Skilled in identifying security risks, ensuring regulatory compliance, and implementing risk mitigation strategies. Proficient in MS Office suite for comprehensive documentation, reporting, and data analysis. Adept at collaborating with cross-functional teams to strengthen organizational security posture and maintain compliance with industry standards. Competencies/Certifications: ISO 27001:2022 or ISO 27001:2013 ISMS Lead Auditor CEH Understanding on Latest Security technologies & compliance standards Roles & Responsibilities: Develop and implement GRC frameworks and policies to ensure compliance with regulatory standards. Monitor and manage risk registers and mitigation plans. Perform security audits and gap analyses to assess compliance levels. Prepare detailed reports and documentation using MS Office tools. Collaborate with IT and business teams to address security vulnerabilities and compliance issues. Stay updated on emerging security threats and industry regulations. Assist in incident response and remediation activities. Train and educate staff on GRC policies and security best practices. Coordinate with external auditors and regulatory bodies during compliance assessments. Preparing Management presentations Managing & conducting Information security awareness session & training records Technological evaluation for tools to be on-boarded IT Security approvals Managing Phishing simulation campaigns

Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility -our people are energized problem solvers that take pride in how thework we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities: Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to explore the customer main systems under consideration. Understand basic OT flows : client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats . Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have: Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have: Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer: Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. ... and other local benefits! #LI-Hybrid #LI-RS1 Rockwell Automation's hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Risk Management Expert with 6-8 years of experience in 3rd party Risk Assessments. Having ISMS Auditing skills are added advantage. Candidate must be well versed with Risk Assessments performed and not restriciting to checklist assessments. Need thorough knowledge of Information Security. Roles and Responsibilities Experience in conducting Business Impact Analysis and Risk Assessments for third-party companies / third-party applications / i nformation s ystems with b usiness stakeholders. Ability to identify information security risks and provide recommendations, including compensating controls for third-party companies / third-party applications / information systems . Summarize findings and recommendations in the risk report. Experience in communicating with business stakeholders / non-technical stakeholders to explain information security risks and mitigation plan . Review third-party contractual agreements to ensure alignment with internal policies. Conduct audits to verify the compliance to organization security policies / standards. Expertise in cyber security / information security standards / frameworks such as ISO27001, NIST CSF, etc. Experience with TPRM tools such as Archer, OneTrust is an advantage. Experience working with geographically distributed teams . Excellent organizational, presentation & communication skills and ability to handle multiple assessment request and deliverables it within the specific timelines.

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutions Additional Information:CISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Qualification 15 years full time education

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Imagine you're a superhero, with the power to transform businesses from ordinary to extraordinary. As a Business Process Consultant at Kyndryl, you'll be just that – a trusted advisor helping customers achieve their goals and surpass even their own expectations. As a Business Process Consultant, you will play a crucial role in helping our customers reach their full potential by developing process-driven solutions that drive measurable results. You will work closely with our customers to gain a deep understanding of their unique business needs, challenges, and opportunities. Armed with this knowledge, you will leverage your expertise in aligning processes to technology to design, develop, and deploy custom solutions that exceed their goals. You will be responsible for analyzing our customers' current business processes, identifying bottlenecks, inefficiencies, and areas for incremental improvement. With your strong analytical skills, you will recommend process changes, new technologies, or appropriate organizational changes that drive efficiency, reduce costs, and improve overall business performance. In this role, you will also develop a large-scale strategic vision and ensure that all new business processes align with it. You will manage sales processes beyond day-to-day procurement to maintain strong customer relations and ensure that all stakeholders are on board with the recommended solutions. At Kyndryl, we value collaboration and teamwork. As a Business Process Consultant, you will work closely with all stakeholders, including customers, project managers, and technical teams, to ensure that our solutions meet the highest standards of quality, efficiency, and effectiveness. Our consultants are restless for innovation. They are at the edge of technology, changing the way our customers implement business solutions – so, if you’re a problem-solver, an innovative thinker, and a self-starter with a passion high impact assignments which align technology to business outcomes, then we want to hear from you! Apply today to join our dynamic team that has a host of exciting projects and customers waiting for you to work with them to solve complex transformation puzzles through technology. We are seeking an experienced ServiceNow Asset Management Specialist to lead and optimize enterprise-wide asset management initiatives. The ideal candidate will have strong technical and process expertise across Asset Data Modeling, Asset Process Optimization, and both IT and OT Asset Management. This role requires a strategic thinker capable of designing scalable, compliant, and data-driven asset processes aligned with industry standards such as ITIL, ISO 19770, and CSDM (Common Service Data Model). Key Responsibilities We are seeking an experienced ServiceNow Asset Management Specialist to lead and optimize enterprise-wide asset management initiatives. The ideal candidate will have strong technical and process expertise across Asset Data Modeling, Asset Process Optimization, and both IT and OT Asset Management. This role requires a strategic thinker capable of designing scalable, compliant, and data-driven asset processes aligned with industry standards such as ITIL, ISO 19770, and CSDM (Common Service Data Model). Define and maintain asset data structures aligned with ServiceNow CMDB and CSDM. Ensure data model supports cross-domain asset visibility (hardware, software, OT, network). Evaluate existing ITAM and HAM processes. Conduct gap analyses and maturity assessments using frameworks such as Gartner’s ITAM maturity model. Design and implement Software Asset Management (SAM) processes for end-user and developer environments. Integrate with software discovery tools to ensure licensing compliance and optimization. Extend asset management practices into the OT and network infrastructure domains Coordinate with OT/ICS teams to harmonize IT and OT asset lifecycle tracking. Redesign ServiceNow asset workflows to improve lifecycle traceability, exception handling, and process automation. Collaborate with Process Owners and Governance to align workflows with compliance and audit readiness. Identify automation and improvement opportunities across the asset lifecycle (procurement to retirement). Leverage AI/ML and AIOps insights to enable predictive asset lifecycle interventions. Your Future at Kyndryl As a Business Process Consultant at Kyndryl you will join the Kyndryl Consultant Profession, working with other Kyndryl Consultants, Architects, Project Managers, and cross-functional Technical Subject Matter Experts – presenting unlimited opportunities with unmatched support through our investment in your learning, training, and career growth. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Experience 12 + years hands on software development experience in ServiceNow, IT Asset Management with a focus on ServiceNow platform. Proven experience in implementing ServiceNow ITAM, HAM, SAM Pro, and CMDB modules. Deep understanding of asset lifecycle management across IT, software, and OT domains. Familiarity with industry standards: ITIL v4, ISO/IEC 19770, NIST CSF. Experience in working with cross-functional teams including IT Operations, Security, and Finance. Strong analytical, documentation, and stakeholder communication skills. Preferred Technical and Professional Experience ServiceNow Certified Implementation Specialist – SAM. Knowledge of discovery tools (e.g., ServiceNow Discovery, SCCM, Tanium, etc.) Experience with CSDM and data normalization techniques. Familiarity with automation and orchestration tools for asset tasks. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation&aposs security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary We seek experienced professionals across levels to join the Emerging Technologies team at PwC in India. Openings are available across Bangalore, Gurgaon, Mumbai, Pune, Chennai, Kochi and Kolkata locations. Join our Emerging Technologies team and collaborate with a global group of diverse and skilled professionals. Youll have the opportunity to work on designing cybersecurity architectures, discovering new cybersecurity technologies for industrial environments, and assisting out clients in understanding the cybersecurity risks associated with smart factories and operational fields. Our clients are market-leading companies in various industries at the international level including energy, manufacturing, utilities hospitality, life sciences, and healthcare. Responsibilities: The experienced resource will be integrated into a work team and responsible for: Manage cybersecurity projects, identifying, evaluating, and designing best in class cybersecurity solutions, demonstrating operational excellence, vision and strategic thinking; Execute complex project activities, coordinate part of the team while supporting Partner and other seniors in managing the client; Face and solve customer cybersecurity technology-driven challenges in innovative and effective way; Leverage on technology to provide innovation, operational excellence and new business model to customers; Engage with internal and external stakeholders, both at the HQ and factory/plant level, to strengthen business relations and create business opportunities; and Manage main activities such as: Maturity and/or Technical Assessment, Secure Architecture & Network Review/Design/Implement. Requirements Minimum 2 years of Cyber Security experience, preferably in a Consulting company or OEMs working in any of the Emerging Technologies like IoT/OT, AI.ML, AR/VR, 5G, Quantum Computing, Edge Computing, Blockchain or Cryptocurrency; Should have worked in ICS environment or telecom networking environment for at least 2 years or minimum 2 years of working experience in IT, cybersecurity or strategy and risk management; Expertise in Secure Architecture & Network Design, Technical Analysis, Solutions Identification and roll-out support; Understanding of cybersecurity frameworks, standards, and guidelines such as ISO 27001, NIST 800-53, NIST 800-82, NIST CSF, ISF CSF, ISA62443, ISO21434, ISO26262 and security regulations ; Good knowledge in the following areas: Cyber Security: NGFW, XDR, SRA, SIEM, ZTNA, SSE and Network Management: Routing, Switching, ACL, Security Policies, VLAN, SD-WAN, VPN, SPAN, STP; Interest in IT, business processes and controls for Emerging Technologies; cybersecurity and relevant regulatory and compliance requirements such as NERC, OSFI cybersecurity self-assessment, or three lines of defense models; Strong interest in IT infrastructure, networks, systems, application and appliances used for monitoring, securing, and responding to cyber incidents and attacks; Passion and curiosity for the cybersecurity industry and technology trends, innovations and frameworks; Be an independent and collaborative person who cooperates in one or more project teams to deliver high quality results; An Undergraduate (or higher) degree in IT related studies: Information Security Management, Risk Management, Computer Science or Engineering or other; Curious and adaptable, strong communication, time management, report writing, investigation, and presentation skills; Strong problem solving, organizational and analytical skills, with the ability to articulate complex concepts in a clear and concise manner; and Fluent knowledge of English language written and verbal. Mandatory Skill Sets: Cybersecurity, Emerging Technologies Preferred Skill Sets: Certiifcations :CISSP, GICSP, ISA 62443, CCNP, PCNSA, PCNSE, LPIC-1, RHCSA Years of Experience Required: 2+ Years Education Qualification: Btech, MBA preferred Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Information Technology General Controls (ITGC) Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing + 11 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS. As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape. What you'll do: Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains - Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to: Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas like IT Operational Risks and Information Security Risks, Control Self assessments , Internal/External Audit findings with appropriate CAPA, BCP / Disaster recovery , Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What you'll bring: Bachelor's degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT - Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 - Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX - Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR - General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we honor the visible and invisible elements of our identities, personal experiences, and belief systems-the ones that comprise us as individuals, shape who we are, and make us unique. We believe your personal interests, identities, and desire to learn are integral to your success here. We are committed to building a team that reflects a broad variety of backgrounds, perspectives, and experiences. about our inclusion and belonging efforts and the networks ZS supports to assist our ZSers in cultivating community spaces and obtaining the resources they need to thrive. If you're eager to grow, contribute, and bring your unique self to our work, we encourage you to apply. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To complete your application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At:

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation&aposs security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes forour clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences foreach other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firms growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary We seek experienced professionals across levels to join the Emerging Technologies team at PwC in India. Openings are available across Bangalore, Gurgaon, Mumbai, Pune, Chennai, Kochi and Kolkata locations. Join our Emerging Technologies team and collaborate with a global group of diverse and skilled professionals. Youll have the opportunity to work on designing cybersecurity architectures, discovering new cybersecurity technologies for industrial environments, and assisting out clients in understanding the cybersecurity risks associated with smart factories and operational fields. Our clients are market-leading companies in various industries at the international level including energy, manufacturing, utilities hospitality, life sciences, and healthcare. Responsibilities: The experienced resource will be integrated into a work team and responsible for: Manage cybersecurity projects, identifying, evaluating, and designing best in class cybersecurity solutions, demonstrating operational excellence, vision and strategic thinking; Execute complex project activities, coordinate part of the team while supporting Partner and other seniors in managing the client; Face and solve customer cybersecurity technology-driven challenges in innovative and effective way; Leverage on technology to provide innovation, operational excellence and new business model to customers; Engage with internal and external stakeholders, both at the HQ and factory/plant level, to strengthen business relations and create business opportunities; and Manage main activities such as: Maturity and/or Technical Assessment, Secure Architecture & Network Review/Design/Implement. Requirements Minimum 2 years of Cyber Security experience, preferably in a Consulting company or OEMs working in any of the Emerging Technologies like IoT/OT, AI.ML, AR/VR, 5G, Quantum Computing, Edge Computing, Blockchain or Cryptocurrency; Should have worked in ICS environment or telecom networking environment for at least 2 years or minimum 2 years of working experience in IT, cybersecurity or strategy and risk management; Expertise in Secure Architecture & Network Design, Technical Analysis, Solutions Identification and roll-out support; Understanding of cybersecurity frameworks, standards, and guidelines such as ISO 27001, NIST 800-53, NIST 800-82, NIST CSF, ISF CSF, ISA62443, ISO21434, ISO26262 and security regulations ; Good knowledge in the following areas: Cyber Security: NGFW, XDR, SRA, SIEM, ZTNA, SSE and Network Management: Routing, Switching, ACL, Security Policies, VLAN, SD-WAN, VPN, SPAN, STP; Interest in IT, business processes and controls for Emerging Technologies; cybersecurity and relevant regulatory and compliance requirements such as NERC, OSFI cybersecurity self-assessment, or three lines of defense models; Strong interest in IT infrastructure, networks, systems, application and appliances used for monitoring, securing, and responding to cyber incidents and attacks; Passion and curiosity for the cybersecurity industry and technology trends, innovations and frameworks; Be an independent and collaborative person who cooperates in one or more project teams to deliver high quality results; An Undergraduate (or higher) degree in IT related studies: Information Security Management, Risk Management, Computer Science or Engineering or other; Curious and adaptable, strong communication, time management, report writing, investigation, and presentation skills; Strong problem solving, organizational and analytical skills, with the ability to articulate complex concepts in a clear and concise manner; and Fluent knowledge of English language written and verbal. Mandatory Skill Sets: Cybersecurity, Emerging Technologies Preferred Skill Sets: Certiifcations :CISSP, GICSP, ISA 62443, CCNP, PCNSA, PCNSE, LPIC-1, RHCSA Years of Experience Required: 2+ Years Education Qualification: Btech, MBA preferred Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Information Technology General Controls (ITGC) Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing + 11 more Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship No Government Clearance Required No Job Posting End Date Show more Show less

Enterprise Information Security (EIS) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients). What will you be responsible for Develop, maintain, monitor and enforce IT policies and procedures Development, implementation and compliance of information risk management across the enterprise Support establishing information security governance framework Manage risks related to the use of information technology, information security, privacy, regulatory compliance and governance. Drive risk management and governance strategies for emerging technology areas Implement higher-level security requirements and integrate security programs across disciplines. Maintain updated knowledge in the field of Risk management and Compliance to efficiently work on frameworks including NIST CSF, CIS Controls, HIPAA, PCI DSS, ITIL, etc. Remain current with industry best practices and monitor the legal and regulatory environment for developments. What would your work week look like Serve as a subject matter expert to ensure and monitor compliance with Industry and Government rules and regulations at Enterprise/Region/Site level. Conduct gap analysis and implement Standards Frameworks like NIST 800 53, CSF, ISO 27001, PCI DSS, HIPAA, NIST, SOX Develop and revise Policies, Standards, Processes and guidelines for the enterprise through change management Manage and report overall Governance posture and Report Risk performance against established enterprise risk metrics Manage Phishing awareness campaigns Manage framework for control governance Advise business-led technology projects on IT Governance awareness and standards compliance Who are we looking for 4-year University (Bachelor's) degree in Computer Science, Information Security, Cyber Security or related field. Minimum 5 years of experience in an Information Security/GRC role. Minimum 2 years of experience in IT Governance Role. Preferred 2 years of experience in Healthcare, Pharma or Bio-Technology organization. Enthusiastic, results oriented, having a strategic outlook for Security Experience with managing a GRC tool application support life cycle Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level. Ability to drive, prioritize, and monitor security programs as per agreed timelines Ability to react to high pressure dynamic changing environments Ability to communicate IT risk concepts to non-technical people Strong problem solving and analytical skills Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities. Able to react to project adjustments and alterations promptly and efficiently. Ability to work both independently and as part of a team to deliver quality work product in a timely manner.

Position Title Assistant D&T Manager - Cyber Security, Third Party Risk Function/Group Digital & Technology Location Mumbai Shift Timing Regular Role Reports to D&T Manager - Cyber Security, Enterprise Vulnerability Management Remote/Hybrid/in-Office Hybrid ABOUT GENERAL MILLS We make foodthe world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Hagen-Dazs, we've been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of our global organization delivering business value, service excellence and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS).For more details check out We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. JOB OVERVIEW KEY ACCOUNTABILITIES Team Leadership & Development: . Mentorship and Coaching: Guide and mentor team members, fostering their professional growth in Third-party Risk Management. Provide regular feedback and development opportunities. . Performance Management: Support the performance review process and help address performance gaps within the team. . Team Building & Collaboration: Cultivate a positive and collaborative team environment. Facilitate effective communication and knowledge sharing within the team and across other departments. . Stakeholder Management: Build and maintain strong relationships with key stakeholders across the organization . Building awareness amongst stakeholders about Third Party Risk Management Process Development & Improvement: . Perform hands-on Third Party Security Risk Assessments on a regular basis to ensure a clear understanding of the processes and procedures . Continuous Improvement: Regularly review the third-party security risk management processes to Identify and propose areas for improvement. This will ensure its effectiveness and alignment with business objectives. . Stay abreast of industry best practices, emerging threats, and regulatory changes in the third-party risk management space. . Innovation & Improvement: Continuously seek opportunities to improve and innovate the third-party security risk management program. . Develop a strong understanding of the Supply Chain Center of Excellence. Build and maintain strategic partnerships in that space while gaining insights and influencing best practices. MINIMUM QUALIFICATIONS 7+ years of experience working in cyber security, cy ber security technology, risk assessment and management Bachelor's degree in Computer Science/Electronics/Electrical Specific Job Experience or Skills needed: Proven experience in managing Third-Party Security Risks Extensive experience conducting risk assessments and developing remediation plans. Strong understanding of information security principles, best practices, and frameworks (e.g., NIST CSF, ISO 27001, SOC 2) Experience working with vendors and managing vendor relationships. Competencies/Behaviors required for Job: Fosters environment of teamwork, positive relationships, accountability, and results within and across teams Strong learning agility and willing to learn new tools and technologies. Actively coaches group members in developing their skills Strong communication skills with ability to communicate complex issues to a diverse audience Self-starter with ability to drive an item from concept to full implementation independently Ability to conduct thorough analysis and recommend data driven actions The aptitude to innovate-to integrate new and better technologies and methods into our processes Highly organized and able to tackle issues efficiently. PREFERRED QUALIFICATIONS Demonstrated experience leading and managing a team of security professionals. ISO27001 lead auditor and other Cyber security certifications.

Role & responsibilities Governance, Strategy & Leadership Define and implement PMO frameworks, policies, and best practices. Ensure alignment of IT & security projects with business objectives. Conduct program reviews and provide executive updates (CEO/senior stakeholders). Track KPIs, metrics, and outcomes for IT/security initiatives. Oversee vendor & stakeholder management. Compliance, Audit & Certification Management - Technology Compliance Develop and maintain IT/security policies (ISO 27001, NIST, GDPR, SOC 2, PCI DSS, RBI, SEBI, etc.). Manage internal/external audits (ITGC, SOX, regulatory compliance). Track audit findings and ensure remediation. Drive IT security certifications (ISO 27001, NIST CSF, PCI DSS, etc.). Maintain compliance registers, evidence logs, and document repositories. Project & Program Management End-to-end project management for IT and security initiatives (planning, execution, monitoring). Maintain project documentation (charters, risk logs, change requests, lessons learned). Ensure adherence to timelines, budgets, and quality standards. Report project status via dashboards (SPHI, risk heatmaps, compliance gaps). Prepare monthly, quarterly and annual comprehensive reports Business Continuity & Disaster Recovery (BC/DR) Plan and execute BC/DR drills across all locations. Update BC/DR plans based on test outcomes. Ensure regulatory compliance for resilience (e.g., RBI, SEBI, UAE Central Bank). Risk & Control Assessments Conduct IT risk assessments and control gap analysis. Implement risk mitigation strategies. Monitor third-party vendor risks. Training, Awareness & Simulations Conduct security awareness programs (phishing simulations, workshops, e-learning). Track training effectiveness (competency improvements, phishing click rates). Organize internal technical trainings for IT/security teams. Security Product Health Index (SPHI) & Reporting Maintain SPHI reports to assess security tool effectiveness. Track vulnerabilities, patch management, and system upgrades. Generate executive dashboards & analytics for leadership. Branding, Communication & Team Engagement Publish security awareness mailers, newsletters, and compliance updates. Drive internal branding (security as a business enabler). Organize team-building activities and career growth plans for PMO/security teams.

Location: Pune Experience Required: 4-5 years Company: Incred Money (www.incredmoney.com) Industry: Fintech / Financial Services About IncredMoney.com IncredMoney.com is a fast-growing digital wealth and investment platform empowering users with smart, simplified financial tools. We are passionate about financial inclusion, investor transparency, and secure digital experiences. As we scale, security remains central to our missionand thats where you come in. Role Summary We are looking for a dynamic and hands-on Senior Infosec Engineer who will be responsible for leading and implementing our information security and cyber-risk strategy. The ideal candidate will have strong experience in fintech or financial services, knowledge of regulatory frameworks (like RBI, SEBI), and the ability to build secure digital systems while enabling growth and innovation. Key Responsibilities Own and lead the companys overall information security strategy. Build and implement policies, procedures, and controls aligned with industry best practices (e.g., ISO 27001, NIST, OWASP). Perform risk assessments, security audits, and regular vulnerability assessments of applications and infrastructure. Collaborate with engineering, DevOps, and product teams to embed security into the SDLC. Oversee data protection strategies (encryption, backups, data access) and ensure regulatory compliance (e.g., RBI, SEBI, GDPR, PCI-DSS if applicable). Manage internal and external security audits and ensure remediation of findings. Lead incident response planning and execution, including root cause analysis and post-mortem reviews. Evaluate and onboard security tools (e.g., SIEM, WAF, DLP, endpoint security). Build a security-first culture through training and awareness programs across teams. Serve as the primary point of contact for security with partners, auditors, and regulators. Key Requirements 4–5 years of progressive experience in Information Security, with at least 2 years in a leadership or ownership role. Strong understanding of cloud security (AWS preferred), web/mobile application security, and data privacy. Hands-on experience with firewalls, VPNs, intrusion detection/prevention systems, and endpoint protection tools. Familiarity with regulatory and compliance frameworks (especially RBI/SEBI guidelines for fintech). Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. Industry certifications like CISSP, CISM, CEH, or ISO 27001 LA are a strong plus. Excellent communication and stakeholder management skills. Preferred Skills Prior experience in fintech, wealth-tech, or BFSI domain. Experience leading security in a startup or early-stage company. Knowledge of DevSecOps practices and CI/CD pipeline security.

About Northern Trust: Northern Trust is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. With over 130 years of financial experience and more than 22,000 partners, Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions. The company remains true to its enduring principles of service, expertise, and integrity, serving sophisticated clients using leading technology and exceptional service. Role Description: Northern Trust's Security Operations team is seeking a motivated and detail-oriented candidate to support the creation, maturation, and execution of a cybersecurity incident response and management program. The focus will be on coordinating Northern Trust's response to emerging threats. Key Responsibilities: - Support the Incident Response Manager in the strategic management of the practice. - Coordinate regular and event calls with diverse stakeholder groups, including executive management, subject matter experts, and operational personnel. - Produce practice deliverables such as post-incident/threat analyses, root cause analyses, executive briefings, meeting minutes, and status updates. - Develop and maintain administrative documentation, including incident response plans, playbooks, and metrics. Skills / Qualifications: - General understanding of information security. - Strong written and verbal communication skills. - Experience with project management/coordination. - Ability to work collaboratively and independently. Preferred Skills / Qualifications: - Security+, GSEC, or SSCP certification. - Knowledge of NIST CSF, ISO27001, and Fusion incident management model. - Experience with ADO boards. - Technical writer experience. Working with Us: As a Northern Trust partner, you will be part of a flexible and collaborative work culture within an organization that values financial strength and stability. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve. Join us and build your career with one of the world's most admired and sustainable companies. Reasonable Accommodation: Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. Apply today and talk to us about your flexible working requirements. Let's achieve greater together. About Our Pune Office: The Northern Trust Pune office, established in 2016, is home to over 3,000 employees. The office handles various functions, including Operations for Asset Servicing and Wealth Management, as well as delivering critical technology solutions that support business operations globally. The Pune team is committed to service, volunteering thousands of hours in the communities where they live and work. Learn more about our Pune office.,

We are seeking a proactive and experienced L2 Security Operations Analyst to join our Security Operations Centre (SOC) team. In this role, you will play a crucial part in detecting, analyzing, and responding to cybersecurity incidents across a hybrid infrastructure that includes AWS Cloud, on-prem infrastructure, and various endpoint systems like Linux, Windows, and macOS. Your expertise with SIEM, EDR, firewalls, and cloud-native security tools, combined with a deep understanding of threat landscapes and incident response processes, will be essential. As an L2 Security Operations Analyst, your responsibilities will include acting as the primary escalation point for the L1 team, investigating, validating, and escalating security alerts, monitoring and analyzing security events from multiple sources, triaging security alerts, correlating data to identify malicious activity patterns, refining detection use cases, updating incident response runbooks, developing automation using SOAR platforms, documenting incidents and root cause analysis, providing status reports and metrics, and collaborating with various teams for investigation and remediation. To qualify for this role, you should have a Bachelor's degree in information security, Computer Science, or a related field, along with 3-6 years of experience in a SOC or cybersecurity operations role. Proficiency in SIEM tools such as Sentinel and Splunk, hands-on experience with EDR/XDR platforms like CrowdStrike and Sentinel One, a strong understanding of network protocols, operating systems, malware analysis, and threat actor behavior, familiarity with frameworks like MITRE ATT&CK and NIST CSF, incident response and investigation skills, and experience with ticketing systems and incident tracking tools are required. If you are looking to join a dynamic team and contribute your expertise to enhancing our cybersecurity posture, we encourage you to apply for the L2 Security Operations Analyst position at mPokket.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 -year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education