214 Nist Csf Jobs

We are looking for a detail-oriented and proactive GRC professional with hands-on experience in SOC 2 Type 1 and Type 2, NIST CSF, NIST SP 800-53 and ISO 27001 controls. Job Responsibilities: Lead and support the implementation, maintenance, and continuous improvement of information security compliance programs, specifically focusing on SOC 2 Type 1 and Type 2, NIST Cybersecurity Framework (CSF), NIST Special Publications (SP 800-53), and ISO 27001. Develop, review, and update security policies, procedures, and guidelines to align with relevant compliance frameworks and regulatory requirements. Conduct risk assessments and gap analyses against SOC 2, NIST, and ISO 27001 controls to identify ...

Develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Researches and interprets current and pending governmental laws and regulations, industry standards, and customer and vendor contracts to communicate compliance requirements. Conducts information security risk assessments, security compliance audits, and cybersecurity audits. Establishes IT security audit procedures relevant to SOX, HIPAA, PCI DSS, and international data privacy laws. Evaluates and tests the design and operating effectiveness of IT security controls. Maintains compliance of internal IT security controls by meeting in...

SUMMARY As a Cybersecurity GRC, this position plays a vital role to support the implementation and management of governance, risk, and compliance initiatives that safeguard the organization's information assets. This role involves assisting in the execution of cybersecurity policies, conducting risk assessments, participating in audits, and evaluating third-party risk. You will contribute to aligning business objectives with security best practices and regulatory standards such as ISO 27001, NIST, and ITGC. The position requires a foundational understanding of security frameworks and a collaborative approach to strengthening the organization’s cyber risk posture. Key Responsibilities: Suppor...

Date Posted: 2025-12-02 Country: India Location: 1st Flr, Wing B, North Gate Phase-II, Modern Asset, Sy.No.2/2, Venkatala Village, Yelahanka Hobli, Bangalore 560064, Karnataka Position Role Type: Unspecified Role Overview We are seeking a highly motivated, independent, and proactive vulnerability management analyst to join our cybersecurity team. This critical role is responsible for identifying, prioritizing, and driving the remediation of security vulnerabilities across the enterprise. The ideal candidate is a skilled critical thinker with a proven ability to manage a complex workload without direct supervision. You will be responsible for the full lifecycle of vulnerability findings from ...

Rockwell Automation is a global technology leader focused on helping the world's manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility -our people are energized problem solvers that take pride in how thework we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that's you we would love to have you join us! Job Description Gove...

Lead our Information Security Management Program Manage internal & external audits, assessments, and certifications, maintain ISO/IEC 42001 certification Manage security awareness trainings Coordinate with background verification team Provident fund Annual bonus

We are looking for a highly skilled and experienced AppSec & AI Security Architect to join our team at Hewlett Packard Enterprise. The ideal candidate will have a strong background in application security and artificial intelligence, with excellent architectural skills. Roles and Responsibility Design and implement secure architectures for applications using HP technologies. Develop and maintain security standards and best practices for application development. Collaborate with cross-functional teams to identify and mitigate security risks. Conduct regular security audits and vulnerability assessments. Provide technical guidance on security-related matters to junior team members. Stay up-to-...

We are looking for a highly skilled and experienced GRC Manager to join our team at Exotel. The ideal candidate will have a strong background in Governance, Risk & Compliance. Roles and Responsibility Develop and implement comprehensive GRC frameworks and policies. Conduct risk assessments and audits to identify areas of improvement. Collaborate with cross-functional teams to ensure compliance with regulatory requirements. Provide training and guidance on GRC best practices. Monitor and report on GRC performance metrics. Ensure all business operations are aligned with organizational goals and objectives. Job Requirements Strong knowledge of GRC principles and practices. Experience in develop...

This role has been designed as 'Onsite with an expectation that you will primarily work from an HPE office. Who We Are Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If ...

Requisition ID: 9911 Job Location(s): Gurugram, HR, IN, 122022 Time in Office: Hybrid Overview Reporting into Information Security, the Governance, Risk, and Compliance (GRC) Engineer plays an instrumental role in guiding GRC strategies and processes. As the primary GRC authority in India and supporting the global GRC team, this engineer works directly with other partners such as Legal, Risk, Internal Audit, etc. to ensure the alignment of the company's IT and Enterprise risk management framework with its business objectives and regulatory requirements. The GRC Engineer possesses a combination of technical expertise, background in GRC, and applicable frameworks. They will identify, track, an...

Job Description About the company SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto Make Life Simple inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees with...

Job Description Summary The role of a BD Endpoint Security Engineer is responsible for managing, optimizing, and evolving the organization's endpoint protection technologies to ensure comprehensive threat detection, prevention, and response across all enterprise devices. This position will maintain current endpoint security platforms Microsoft Defender for Endpoint (MDE), Trellix HX, and Symantec Endpoint Protection (SEP) and will play a key role in the transition to any new EDR platforms in the future. Job Description Job Responsibilities Coordinate with multi-functional teams to ensure timely and effective endpoint detection capabilities, following BD's internal policies and procedures. Se...

As a Senior Associate at PwC, you will work as part of a team of problem solvers, assisting in solving complex business issues from strategy to execution. Your responsibilities at this management level will include but are not limited to: - Using feedback and reflection to develop self-awareness, personal strengths, and address development areas. - Delegating tasks to provide stretch opportunities and coaching to help deliver results. - Developing new ideas and proposing innovative solutions to problems. - Extracting insights from current trends in the business area using a broad range of tools and techniques. - Reviewing your work and that of others for quality, accuracy, and relevance. - S...

Position Overview We are seeking an experienced Security GRC (Governance, Risk & Compliance) Lead to own and drive our Risk Management Program. This role will be responsible for defining, implementing, and maturing enterprise-wide information security risk management practices, aligning them with business strategy, regulatory requirements, and industry frameworks. Key Responsibilities Risk Management Leadership Lead the design, implementation, and continuous improvement of the Information Security Risk Management framework. Conduct regular risk assessments, control evaluations, and threat modeling across systems, vendors, and business processes. Maintain and continuously enhance the Risk Reg...

Site Name: Bengaluru Luxor North Tower Posted Date: Nov 27 2025 The primary purpose of this position is to support the Director of Cyber Risk and Assurance and operationalise cyber risk assurance management practices within the business unit by embedding the concept of secure by design, driving Cyber Security Officer (CSO) initiatives within the business unit (BU) to reduce cyber security risk, improve the BU risk profile, and ensure effective risk management and reporting. The role is accountable for embedding a culture of security within the business, ensuring cyber risks are understood, assessed, and effectively managed in alignment with enterprise policies and regulatory requirements. Th...

As the Identity & Security Visionary at Diageo, you will be a crucial part of the Security & Network Enterprise Architecture team, focusing on shaping the future of Identity Management across the organization. Your role will involve contributing to the broader cybersecurity strategy, with a split focus of approximately 60% on Identity and 40% on Security domains, adapting as per the evolving business needs. Your responsibilities will include: - Translating business objectives into a robust architecture for Identity and Access Management (IAM) and cybersecurity. - Collaborating with stakeholders to define Diageo's vision and capabilities in these areas, developing a 3-5 year roadmap for lever...

Application Deadline: 31 December 2025 Department: Risk and Compliance Location: Pune Description We are seeking a proactive and knowledgeable Information Security Officer to support the business across all aspects of information security. This role is essential in maintaining and strengthening our security posture, ensuring compliance with our regulatory and legal requirements, including maintaining our ISO/IEC 27001 certification. Reporting to the Head of Information Security, you will play a key role in advising teams on security best practices, assisting with the implementation and continuous improvement of our Information Security Management System (ISMS), and supporting, audits, risk a...

Role Overview: You will be joining the First Line of Defence as an experienced IT GRC professional, responsible for driving IT governance, risk oversight, compliance management, and audit readiness in the region. Your role will focus on ensuring alignment with global, regional, and regulatory standards to enhance the overall technology risk posture. Key Responsibilities: - Develop, review, and report key IT risk metrics (KRIs, KCIs, KPIs). - Maintain and enhance IT risk frameworks, standards, and procedures. - Guide regional teams on IT risk methodologies such as ISO, NIST CSF, COBIT, COSO, SOX, and SOC. - Conduct IT risk assessments, manage the IT risk register, and enhance risk indicators....

This role has been designed as 'Onsite with an expectation that you will primarily work from an HPE office. Who We Are Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If ...

Site Name: Bengaluru Luxor North Tower Posted Date: Nov 27 2025 The primary purpose of this position is to support the Director of Cyber Risk and Assurance and operationalise cyber risk assurance management practices within the business unit by embedding the concept of secure by design, driving Cyber Security Officer (CSO) initiatives within the business unit (BU) to reduce cyber security risk, improve the BU risk profile, and ensure effective risk management and reporting. The role is accountable for embedding a culture of security within the business, ensuring cyber risks are understood, assessed, and effectively managed in alignment with enterprise policies and regulatory requirements. Th...

Overview Reporting into Information Security, the Governance, Risk, and Compliance (GRC) Engineer plays an instrumental role in guiding GRC strategies and processes. As the primary GRC authority in India and supporting the global GRC team, this engineer works directly with other partners such as Legal, Risk, Internal Audit, etc. to ensure the alignment of the company's IT and Enterprise risk management framework with its business objectives and regulatory requirements. The GRC Engineer possesses a combination of technical expertise, background in GRC, and applicable frameworks. They will identify, track, and address potential risks, while proactively improving the company's overall GRC postu...

About The Role Project Role Security Architect Project Role Description Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills Third Party IT Risk Management Good to have skills NA Minimum 7.5 year(s) of experience is required Educational Qualification 15 years full time education Summary Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role en...

About The Role Project Role Security Architect Project Role Description Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills Third Party IT Risk Management Good to have skills Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification 15 years full time education Summary Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC...

About The Role Project Role Security Architect Project Role Description Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills Third Party IT Risk Management Good to have skills Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification 15 years full time education Summary Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC...

Lead our Information Security Management Program Manage internal & external audits, assessments, and certifications, maintain ISO/IEC 42001 certification Manage security awareness trainings Coordinate with background verification team Provident fund Annual bonus