83 Nist Csf Jobs - Page 2

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Risk Assessment Good to have skills : Security Risk and Audit Operations, Integrated Security Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security risks, implementing protective measures, and ensuring that all systems are safeguarded against potential cyber threats. You will engage in proactive monitoring and response to security incidents, while also contributing to the development of security policies and procedures that align with organizational goals. Your role will be pivotal in maintaining the integrity and confidentiality of sensitive information and ensuring compliance with industry standards. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to enhance the organization's security posture.- Conduct quality assurance reviews of information security compliance and risk assessments.- Validate assessment content for accuracy, completeness, and policy alignment.- Review and process change request tickets related to risks steaming out of the assessments.- Identify inconsistencies and provide feedback or recommendations.- Track and document review outcomes and ticket status.- Collaborate with client teams for clarification and issue resolution.- Ensure adherence to service level agreements (SLAs) and key performance indicators (KPI)- Support process improvements and standardization efforts.- Escalate significant risk issues or trends as needed.- Participate in team meetings and client reporting activities. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Risk Assessment & GRC.- Good To Have Skills: Experience with Integrated Security Risk Management, Security Risk and Audit Operations.- Understanding of information security frameworks (e.g., NIST CSF/RMF, ISO 27001).- Strong analytical and detail-oriented approach to reviewing documentation.- Proficiency with risk management or ticketing systems (e.g., JIRA).- Strong understanding of threat modeling and risk analysis techniques.- Familiarity with security tools for vulnerability scanning and penetration testing. Additional Information:- The candidate should have minimum 5 years of experience in Security Risk Assessment.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Risk Assessment Good to have skills : Security Risk and Audit Operations, Integrated Security Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security risks, implementing protective measures, and ensuring that all systems are safeguarded against potential cyber threats. You will engage in proactive monitoring and response to security incidents, while also contributing to the development of security policies and procedures that align with organizational goals. Your role will be pivotal in maintaining the integrity and confidentiality of sensitive information and ensuring compliance with industry standards. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to enhance the organization's security posture.- Conduct quality assurance reviews of information security compliance and risk assessments.- Validate assessment content for accuracy, completeness, and policy alignment.- Review and process change request tickets related to risks steaming out of the assessments.- Identify inconsistencies and provide feedback or recommendations.- Track and document review outcomes and ticket status.- Collaborate with client teams for clarification and issue resolution.- Ensure adherence to service level agreements (SLAs) and key performance indicators (KPI)- Support process improvements and standardization efforts.- Escalate significant risk issues or trends as needed.- Participate in team meetings and client reporting activities. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Risk Assessment & GRC.- Good To Have Skills: Experience with Integrated Security Risk Management, Security Risk and Audit Operations.- Understanding of information security frameworks (e.g., NIST CSF/RMF, ISO 27001).- Strong analytical and detail-oriented approach to reviewing documentation.- Proficiency with risk management or ticketing systems (e.g., JIRA).- Strong understanding of threat modeling and risk analysis techniques.- Familiarity with security tools for vulnerability scanning and penetration testing. Additional Information:- The candidate should have minimum 5 years of experience in Security Risk Assessment.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Risk Assessment Good to have skills : Security Risk and Audit Operations, Integrated Security Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to assess security risks, implementing protective measures, and ensuring that all systems are safeguarded against potential cyber threats. You will engage in proactive monitoring and response to security incidents, while also contributing to the development of security policies and procedures that align with organizational goals. Your role will be pivotal in maintaining the integrity and confidentiality of sensitive information and ensuring compliance with industry standards. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to enhance the organization's security posture.- Conduct quality assurance reviews of information security compliance and risk assessments.- Validate assessment content for accuracy, completeness, and policy alignment.- Review and process change request tickets related to risks steaming out of the assessments.- Identify inconsistencies and provide feedback or recommendations.- Track and document review outcomes and ticket status.- Collaborate with client teams for clarification and issue resolution.- Ensure adherence to service level agreements (SLAs) and key performance indicators (KPI)- Support process improvements and standardization efforts.- Escalate significant risk issues or trends as needed.- Participate in team meetings and client reporting activities. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Risk Assessment & GRC.- Good To Have Skills: Experience with Integrated Security Risk Management, Security Risk and Audit Operations.- Understanding of information security frameworks (e.g., NIST CSF/RMF, ISO 27001).- Strong analytical and detail-oriented approach to reviewing documentation.- Proficiency with risk management or ticketing systems (e.g., JIRA).- Strong understanding of threat modeling and risk analysis techniques.- Familiarity with security tools for vulnerability scanning and penetration testing. Additional Information:- The candidate should have minimum 5 years of experience in Security Risk Assessment.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Job Summary: We are seeking an experienced OT Security Consultant to support our clients in strengthening the security posture of their Operational Technology (OT) environments. The ideal candidate will be responsible for conducting OT risk assessments, identifying and prioritizing risks based on impact and likelihood, and recommending actionable mitigations and controls. A strong grasp of the ISA/IEC 62443 standard, coupled with hands-on experience in IT-OT network security and industrial control systems, is essential. Key Responsibilities: Conduct comprehensive OT risk assessments across industrial environments, identifying key risk and potential impact. Assess and prioritize risks based on impact, likelihood, and business context. Perform IT-OT network security assessments, including architecture reviews, segmentation analysis, and traffic flow evaluations. Good Understanding of OT infrastructure such as PLC, DCS, MES, SCADA etc., network infrastructure elements, topology, configuration and data flow architecture. Experienced in IT-OT network security assessment, Network solution design, implement (Network architecture/ switches/ routers/ firewalls/ DMZ/AD etc ) for manufacturing environments. Align assessment methodologies with ISA/IEC 62443,NIST 800-53 standards and best practices. Deliver detailed assessment reports and risk matrices, including practical remediation recommendations. Collaborate with client stakeholders including engineering, operations, and cybersecurity teams. Provide guidance on secure network design, hardening of ICS components, and secure integration of IT/OT systems. Required Qualifications: Bachelors or Master’s degree in Cybersecurity, Engineering, Computer Science, or a related field. 4 to 8 years of experience in OT cybersecurity or ICS/SCADA environments. In-depth knowledge of ISA/IEC 62443, NIST 800-53 and risk assessment frameworks. Hands-on experience with OT systems including PLCs, SCADA, DCS, HMIs, and Historian technologies. Strong understanding of industrial network protocols (Modbus, OPC, DNP3, etc.) and security principles. Familiarity with NIST CSF, NERC CIP, or ISO/IEC 27001 is a plus. Preferred Certifications: ISA/IEC 62443 Cybersecurity Certifications GICSP (Global Industrial Cyber Security Professional) CCNA, PCNSA

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a clients needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a detail-oriented and proactive GRC professional with hands-on experience in SOC 2 Type 1 and Type 2, NIST CSF, NIST SP 800-53 and ISO 27001 controls. Job Responsibilities: Lead and support the implementation, maintenance, and continuous improvement of information security compliance programs, specifically focusing on SOC 2 Type 1 and Type 2, NIST Cybersecurity Framework (CSF), NIST Special Publications (SP 800-53), and ISO 27001. Develop, review, and update security policies, procedures, and guidelines to align with relevant compliance frameworks and regulatory requirements. Conduct risk assessments and gap analyses against SOC 2, NIST, and ISO 27001 controls to identify areas for improvement and ensure audit readiness. Prepare and compile documentation, evidence, and responses for audit requests efficiently and accurately. Support the identification, assessment, and mitigation of information security risks in accordance with established risk management frameworks (e.g., NIST RMF). Contribute to risk assessments and business impact analysis. Maintain comprehensive documentation of security controls, compliance activities, and remediation plans. Prepare regular reports on compliance status, key metrics, and areas of concern for management and stakeholders. Perform comprehensive third-party risk assessments to evaluate vendor compliance with information security policies. Develop and maintain TPRM processes to monitor and mitigate risks associated with external vendors. Ensure effective communication and documentation of third-party risk assessments. Assist in drafting and updating organizational policies and procedures for governance and compliance. Job Specifications: 1. Qualification: Bachelors degree in Engineering or closely related coursework in technology development disciplines Certifications Security+, CEH, ISO 27001 Lead Implementer/Lead Auditor, CISA, CISM (good to have, but not mandatory) 2. Experience: Total Experience (2): 2-4 years Seniors: 5 to 8 years Knowledge and Experience: Demonstrable experience with the implementation and/or auditing of SOC 2 Type 1 and Type 2. Solid understanding and practical experience with NIST Cybersecurity Framework (CSF) and NIST Special Publications (e.g., SP 800-53). Knowledge of various security domains such as network security, application security, data privacy, and vulnerability management. Strong understanding of information security principles and related compliance controls. Ability to articulate the relevance of the security controls Experience in delivery of Information Security risk and compliance advisory services Experience in management consulting and information security audits Experience around technology risk assessments Hands-on experience in GRC projects Proficient in preparation of reports, dashboards and documentation Ability to research and develop new risk-based security offerings Comfortable working in a project based / client serving model Personal Attributes Self-starter and quick learner requiring minimal ramp-up Excellent written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment

Position - Operations Security Consultant Experience: 8 to 12 years Location: Chennai Education: B.E./ B.Tech./ MCA Job Profile The Operations Security Consultant is responsible for the end-to-end management of security operations across multiple client environments. The role demands strong leadership in overseeing SOC operations, incident response, threat detection, compliance, and risk management. The ideal candidate will possess extensive hands-on experience in a multi-customer SIEM (QRadar) environment, a deep understanding of security frameworks, and the ability to build trusted relationships with internal and external stakeholders. Key Roles & Responsibilities Oversee Daily security operations and maintain operational excellence ensuring availability, performance, and reliability of security tools and processes. Manage 24/7 monitoring, triage, investigation, and resolution of security incidents via SIEM (QRadar). Coordinate incident management efforts across internal teams and external stakeholders. Develop, fine-tune, and manage security detection rules, use cases, and threat intelligence integration. Implement continuous improvement processes using KPIs, operational reviews, and performance metrics. Manage Lead SOC analysts, threat hunters, and incident responders. Facilitate collaboration across engineering, compliance, and client teams. Ensure compliance with ISO 27001, NIST CSF, CIS Controls, DORA, GDPR, and client-specific standards. Lead preparation of audits, client reports, and executive dashboards. Maintain risk treatment plans aligned with ISO 27001 standards. Conduct vulnerability assessments and prioritize remediation using EBIOS methodology. Desired Skills Hands-on expertise with QRadar SIEM, SOC operations, and incident response. Proficiency in security frameworks: NIST CSF, CIS Controls, DORA, GDPR. Experience with vulnerability management, threat hunting, and risk assessment methodologies. Familiarity with automation, SOAR solutions, and operational workflow optimization. Strong experience on at least one technical environment and related cybersecurity topics: Cloud (AWS/Azure), Mainframe, Datawarehouse, Database, O365 Certifications (Preferred) Security: CISSP, CISM (any one) Technical Skills (Minimum 3 to 4 from below) Environments: Cloud (AWS/Azure), Windows, Linux, Mainframe, Data Warehouse, Database. Tools: Qualys, Splunk, ServiceNow, PAM, IAM, Palo Alto, Fortinet, SOC tools / EDR (MDR), AppSec, Bastion, Network Management, Micro-Segmentation, Vaults & Secret Management, PKI, Vulnerability Scanning (QRadar, Nessus).

About Marvell Marvells semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. Your Team, Your Impact You are responsible for delivering the cyber security risk & compliance-related activities defined as per Marvells internal and external standards, frameworks, and attestations. As a Cybersecurity Risk & Compliance Professional, you will play a critical role in developing and implementing a world-class information security risk and compliance program to meet industry-leading practices and customer security compliance. Youll have a deep understanding of the information security risk standards, frameworks, and methodologies we can use to strengthen our risk and compliance posture. What You Can Expect Responsible for executing day to day cyber security risk, compliance, and assurance activities. Support the global cyber security certifications such as ISO 27001, ISO 27017, and TISAX. Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of ISO 27001, ISO 27017, NIST CSF, TISAX, NIST 800-171 as well as knowledge of controls related to Privacy, Compliance, Cyber and other risk domains. Effectively develop thorough testing procedures, plan and execute the testing working with relevant stakeholders, document the testing workpapers, develop a summary report, capture observations / findings, recommend action plans, obtain agreement from stakeholders on management response plans, track remediation, and execute remediation testing. Drive the implementation of the cyber security projects and assessments in the areas of governance and risk Ensure relevant security controls are embedded in the project delivery process by providing appropriate insights to project teams. Collaborate with internal and external stakeholders assessing cyber security controls. Support the collection of any necessary evidence, coordination of walkthroughs / meetings, and any needed logistics to facilitate the assessment / audit effort. Timely report status and metrics to the cyber security management team. Complete work per agreed timelines with high quality. Support extended cyber security teams efforts What We&aposre Looking For Bachelors degree in Information Technology or a related field 5-8 years of experience in cyber security audit and/ or compliance. Strong implementation or assessment experience of NIST Cyber Security Framework standards and requirements. Proven track record and experience in executing information security-related projects in a global company Experience in supporting cyber security audits by internal audit or other third parties (i.e. ISO 27001, ISO 27017, and TISAX). Experience with infrastructure operations and processes associated with IT service management in an enterprise-level organization Experience presenting to large audiences. Very good oral and written communication skills in English Preferred Certifications: CISA, CISSP, CISM, CRISC, ISO27001 Lead Implementor and Auditor, SANS Additional Compensation And Benefit Elements With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. Were dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what its like to work at Marvell, visit our Careers page. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Show more Show less

About Marvell Marvells semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. Your Team, Your Impact You are responsible for delivering the cyber security risk & compliance-related activities defined as per Marvells internal and external standards, frameworks, and attestations. As a Cybersecurity Risk & Compliance Professional, you will play a critical role in developing and implementing a world-class information security risk and compliance program to meet industry-leading practices and customer security compliance. Youll have a deep understanding of the information security risk standards, frameworks, and methodologies we can use to strengthen our risk and compliance posture. What You Can Expect Responsible for executing day to day cyber security risk, compliance, and assurance activities. Support the global cyber security certifications such as ISO 27001, ISO 27017, and TISAX. Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of ISO 27001, ISO 27017, NIST CSF, TISAX, NIST 800-171 as well as knowledge of controls related to Privacy, Compliance, Cyber and other risk domains. Effectively develop thorough testing procedures, plan and execute the testing working with relevant stakeholders, document the testing workpapers, develop a summary report, capture observations / findings, recommend action plans, obtain agreement from stakeholders on management response plans, track remediation, and execute remediation testing. Drive the implementation of the cyber security projects and assessments in the areas of governance and risk Ensure relevant security controls are embedded in the project delivery process by providing appropriate insights to project teams. Collaborate with internal and external stakeholders assessing cyber security controls. Support the collection of any necessary evidence, coordination of walkthroughs / meetings, and any needed logistics to facilitate the assessment / audit effort. Timely report status and metrics to the cyber security management team. Complete work per agreed timelines with high quality. Support extended cyber security teams efforts What We&aposre Looking For Bachelors degree in Information Technology or a related field 5-8 years of experience in cyber security audit and/ or compliance. Strong implementation or assessment experience of NIST Cyber Security Framework standards and requirements. Proven track record and experience in executing information security-related projects in a global company Experience in supporting cyber security audits by internal audit or other third parties (i.e. ISO 27001, ISO 27017, and TISAX). Experience with infrastructure operations and processes associated with IT service management in an enterprise-level organization Experience presenting to large audiences. Very good oral and written communication skills in English Preferred Certifications: CISA, CISSP, CISM, CRISC, ISO27001 Lead Implementor and Auditor, SANS Additional Compensation And Benefit Elements With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. Were dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what its like to work at Marvell, visit our Careers page. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Show more Show less

AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Technical Skills AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Nice-to-have skills Experience with multi-cloud security strategies and implementations Knowledge of regulatory compliance requirements relevant to cloud environments Experience with container security (Docker, Kubernetes, ECS, EKS) Background in implementing Zero Trust architecture in AWS environments Experience with AWS automated incident response and remediation Knowledge of cloud-native security tools and platforms Experience with Hashicorp Vault or similar secrets management solutions Background in implementing security for data lakes and analytics platforms Experience with cloud workload protection platforms (CWPP) Knowledge of serverless security best practices Experience with cloud security in the energy efficiency or sustainability industries Background in threat modeling for cloud architectures Experience working with global teams and offshore development models Qualifications Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM) Hands-on experience implementing security controls in CI/CD pipelines Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform Experience with cloud security posture management (CSPM) tools and processes Strong understanding of identity and access management principles in cloud environments Experience with automated security testing and continuous security validation Proficiency in scripting and programming (Python, Bash, etc.) for security automation Excellent understanding of network security, containerization security, and serverless security In-depth knowledge of DevSecOps principles and practices Excellent written and verbal communication skills Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)

How is this team contributing to the vision of Providence Enterprise Security & Infrastructure (ESI) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients). What will you be responsible for Lead the development, implementation, and continuous improvement of the organizations security governance, risk management, and compliance (GRC) strategies. Establish and maintain a comprehensive governance management framework, ensuring effective operational controls to address information security risks. Create, update, and enforce security policies, procedures, processes, standards, and guidelines to support the IT Governance Program, including the lifecycle management of internal controls. Drive risk management and governance initiatives in response to emerging technologies and evolving business needs. Oversee the remediation of information security issues and findings, ensuring both immediate corrective actions and sustainable long-term solutions to mitigate risks. Collaborate with senior leadership, business units, IT, and Legal to establish consistent processes for identifying, assessing, responding to, and reporting on IT risks. Champion the implementation of global IT GRC initiatives, ensuring alignment with organizational objectives and industry standards. Partner with program leadership to influence decision-making and foster unified progress towards security and compliance goals. Identify and lead cross-functional projects that enhance standardization, efficiency, and maturity within the GRC function. Provide effective leadership to GRC teams, including direct reports and contractorsdelegating tasks, coordinating efforts, fostering motivation, and conducting performance reviews in collaboration with HR. Directly manage and develop GRC teams, with responsibility for up to 10 caregivers. Stay current on best practices, legal requirements, and industry standards related to risk management and compliance frameworks such as NIST CSF, NIST 800-53 v5, CIS Benchmarks, HIPAA, PCI DSS, SOX 404, and ITIL. Monitor industry trends and the regulatory environment, proactively adapting governance strategies to maintain compliance and organizational resilience. How is this team contributing to the vision of Providence Enterprise Security & Infrastructure (ESI) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients). What will you be responsible for Lead the development, implementation, and continuous improvement of the organizations security governance, risk management, and compliance (GRC) strategies. Establish and maintain a comprehensive governance management framework, ensuring effective operational controls to address information security risks. Create, update, and enforce security policies, procedures, processes, standards, and guidelines to support the IT Governance Program, including the lifecycle management of internal controls. Drive risk management and governance initiatives in response to emerging technologies and evolving business needs. Oversee the remediation of information security issues and findings, ensuring both immediate corrective actions and sustainable long-term solutions to mitigate risks. Collaborate with senior leadership, business units, IT, and Legal to establish consistent processes for identifying, assessing, responding to, and reporting on IT risks. Champion the implementation of global IT GRC initiatives, ensuring alignment with organizational objectives and industry standards. Partner with program leadership to influence decision-making and foster unified progress towards security and compliance goals. Identify and lead cross-functional projects that enhance standardization, efficiency, and maturity within the GRC function. Provide effective leadership to GRC teams, including direct reports and contractorsdelegating tasks, coordinating efforts, fostering motivation, and conducting performance reviews in collaboration with HR. Directly manage and develop GRC teams, with responsibility for up to 10 caregivers. Stay current on best practices, legal requirements, and industry standards related to risk management and compliance frameworks such as NIST CSF, NIST 800-53 v5, CIS Benchmarks, HIPAA, PCI DSS, SOX 404, and ITIL. Monitor industry trends and the regulatory environment, proactively adapting governance strategies to maintain compliance and organizational resilience. What would your day look like Regularly collaborate with business leaders, application, and product owners to evaluate security needs and impacts of security decisions on business processes as well as to communicate risks. Drive implementation of framework, policies, standards, and other security requirements. Conduct gap analysis and implement Standards Frameworks like NIST CSF, NIST 800-53 v5, CIS Benchmarks, HIPAA, PCI DSS, SOX 404, and ITIL. Develop and revise Policies, Standards, Processes, and guidelines for the enterprise through change management. Perform security reviews, attestations, assessments and serve as a Liaison between various teams within Cybersecurity. Collaboare with business function owner on deliverables, support team in understating and meeting business requirements. Manage expectations and effectively communicate to colleagues, project team members, sponsors, stakeholders, business leaders, as well as internal and external security stakeholders and leaders. Promote and raise awareness of Cyber-Security programs and posture, driving change and influencing proper Cyber Security hygiene within the organization. Who are we looking for 4-year University (Bachelors) degree in Computer Science, Information Security, Cyber Security or related field. Minimum 10 years of experience in an Information Security/GRC role. Minimum 5 years of experience in IT Risk Management Role. Preferred 3 years of experience in Healthcare, Pharma or Bio-Technology organization. Strong project management skills to simultaneously work on multiple projects concurrently. Experience with managing a GRC tool support life cycle. Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level. Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities. Able to react to project adjustments and alterations promptly and efficiently. Ability to lead a team and collaborate with other leaders throughout the organization. Ability to effectively prioritize and execute tasks in a high-pressure environment Preferred knowledge of Information Security standards (ISO/IEC 27001, 27002, NIST CSF, NIST SP 800-53, CIS Controls). Show more Show less

As a Consultant working in a hybrid work mode with a shift from 1 PM to 10 PM, you will be responsible for various Cyber Security auditing tasks in locations like Bangalore, Pune, Noida, and Gurgaon. Your duties will involve understanding engagement objectives, preparing audit plans, and testing procedures to meet review objectives. You will gather detailed insights into IT and business processes, systems, and controls, and lead risk assessments and evaluations. Additionally, you will identify opportunities to leverage data analytics, track project status, and ensure high-quality work paper documentation according to client standards. You will drive discussions on audit findings with the team and management, formulate risk assessments on complex systems, and create Business Impact Analysis, Risk Assessment, and Corrective Action Plan documentation. Developing recommendations to enhance security posture and communicating these recommendations to stakeholders will be part of your responsibilities. You will also identify security deficiencies and vulnerabilities, participate in organizational projects, and contribute to the development of information security policies, standards, and procedures. Desired Qualifications: - Bachelor's degree in Computer Science, Engineering, Cyber Security, or related field - Cyber security certifications (CISSP, CISM, Security+, CEH, Azure Security Engineer, CSFA) - CISA certification required or willingness to obtain within 3 months of employment - 5+ years of experience in Cyber Security field - 2+ years of IT systems audit experience - Experience in Identity and Access Management, Infrastructure Security, Application Security, Data Governance, Cloud Security, and Third-Party Risk Management - Familiarity with standards and regulations such as PCI, SOX, ISO, NIST CSF, NIST 800-53, NIST RMF, PII, CCPA, COPPA, HIPAA, VCDPA, etc. - Proficiency in MS Office, Teams, and working knowledge of standard computer software - Ability to work in a fast-paced environment with attention to detail - Strong verbal and written communication skills, especially in explaining complex topics - Experience in regulated industries and familiarity with technology standards and compliance frameworks Bonus Points for: - ITIL Certification - Threat Hunting and DFIR experience - Security experience in GCP, Azure, and AWS - Knowledge of Zero Trust architectures and data analytics implementation - Penetration testing experience and expertise in multiple cyber security domains - Familiarity with network protection approaches and technologies,

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. We are seeking a dynamic IT Compliance & Audit Lead to join our Governance, Risk & Compliance (GRC) team in Pune. This role will be pivotal in driving the implementation and evolution of ZSs Continuous Compliance Monitoring (CCM) program. The ideal candidate will bring hands-on technical security expertise, a strong audit and risk management mindset, and the ability to collaborate across technical and business stakeholders. What youll do: Lead the development and execution of ZSs Continuous Compliance Monitoring (CCM) program across infrastructure, applications, and third-party vendors Collaborate cross-functionally with internal security, privacy, engineering, and operations teams to drive remediation and maturity of compliance gaps Serve as SME for security audits, helping interpret and implement compliance controls (e.g., ISO 27001, SOC 2 Type 2, NIST CSF, HIPAA, ESG reporting frameworks) Design and implement automated compliance checks and control testing routines aligned with risk appetite and audit requirements Conduct and support internal and external audits, including pre-audit readiness assessments, evidence collection, and issue remediation oversight Contribute to enterprise risk assessments, security profiling, and threat modeling to improve ZSs security posture Drive security incident post-mortems and track audit findings to closure with technical leads and business owners Assist in the maintenance and enhancement of security policies, procedures, and standards to reflect evolving risk and regulatory requirements Create training and awareness content related to policy adoption, audit preparedness, and security control responsibilities Provide metrics and executive-level reporting on compliance posture, audit outcomes, and CCM maturity Serve as a technical consultant in areas such as SIEM tuning, bounty hunting initiatives, and threat intelligence integration What youll bring: Bachelor's degree in Computer Science, Information Systems, or a related field 4+ years of hands-on experience in Information Security, Audit, Compliance, or GRC roles with technical depth Proven experience implementing or maturing compliance frameworks like ISO 27001, SOC 2 Type 2, HIPAA, NIST CSF, etc. Strong understanding of security tooling and architecture, including: SIEM platforms (e.g., Splunk, Sentinel, QRadar) Threat modeling and profiling tools Vulnerability management platforms Cloud security configurations (AWS, Azure, GCP) Experience with bug bounty programs or threat hunting initiatives is a plus Excellent communication skills; ability to articulate risk and compliance requirements to technical and non-technical stakeholders Certifications preferred: CISA, CISSP, CRISC, CISM, ISO Lead Auditor/Implementer, CEH

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities:- SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization.- Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows.- Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools.- Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization.- Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations.- Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: - Proficiency in scripting and programming Python to develop custom playbooks and integrations.- Strong understanding of security operations, incident response, and threat intelligence workflows.- Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools.- Ability to troubleshoot complex integration and automation issues effectively. Additional Information:- Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent.- Experience with cloud-native SOAR deployments and hybrid environments.- Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001.- A 15 year full-time education is required- 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

The Manager, Exposure Management plays a crucial role in identifying, analyzing, and mitigating cybersecurity exposures across enterprise systems. Your focus will be on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks impacting the organization's digital footprint. It is essential to possess strong technical expertise, attention to detail, and the ability to collaborate across teams to influence remediation activities and enhance security posture. Key Responsibilities - Operate enterprise vulnerability scanning platforms, validate findings, and monitor remediation efforts effectively. - Continuously assess the organization's internal and external attack surface for untracked assets, misconfigurations, and exposed services. - Identify and manage asset ownership across business units, ensuring accurate data consistently reflected in the configuration management database (CMDB). - Collaborate with infrastructure, application, and business stakeholders for prompt and comprehensive updates to asset and ownership records. - Configure, execute, and analyze web application security scans, working closely with development teams to address identified issues. - Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tools. - Prepare detailed reports and dashboards tailored for various audiences, from technical teams to executive leadership. - Partner with IT, infrastructure, and cybersecurity stakeholders to facilitate risk-informed remediation activities. - Contribute to continuous process enhancements and tool optimization throughout the exposure management lifecycle. Basic Qualifications - A Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field, along with a minimum of 10 years of experience in cybersecurity, focusing on vulnerability or exposure management. - A Master's degree in Computer Science, Information Security, Engineering, or a related technical field, combined with at least 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications - Hands-on experience with tools like Tenable, Qualys, Rapid7, or similar platforms. - Familiarity with web application scanning tools and techniques. - Experience in managing or supporting a CMDB and asset lifecycle processes in a large organization. - Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. - Strong communication and analytical skills to effectively communicate technical risks to business stakeholders. - Experience supporting compliance and regulatory programs within a global business context. In addition to competitive benefits programs, we offer health insurance, professional development opportunities, and an Employee Assistance Programme to help you achieve your personal goals. At our organization, we value the expertise, creativity, and passion of our employees and strive to create an inclusive environment that promotes growth, innovation, and diversity. Join us and be part of The Carrier Way, where you can make a difference. Apply now!,

The Manager, Continent Information Security Partnerships, Property Security Compliance plays a crucial role in managing continent security aspects related to the Marriott Security Compliance Assessment program. Your primary responsibilities include planning, executing, and overseeing the program to ensure maximum security compliance status across IT Operations in the continent. You will enforce Marriott Security Standards and requirements for properties, while reporting directly to the Senior Director/Director, Continent Information Security Partnerships. Building strong relationships with Area Operation/IT Leaders, you will offer support to continent operations and collaborate with various Information Security teams. This role involves up to 75% travel for work purposes. **Candidate Profile:** **Education and Experience:** - 5+ years of Information Technology or information security work experience, with a focus on technology plans and/or information security projects. - 3+ years of experience in implementing enterprise security risk management frameworks. - Bachelor's degree in Computer Sciences, Information Technology, Information Security, Cybersecurity, or equivalent field experience. - Proficiency in spoken and written English. **Preferred:** - Professional certifications related to security assessment (e.g., CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor). - Knowledge of Hotel IT Management and Cybersecurity. - Understanding of PCI DSS, NIST CSF, and global regulatory standards. - Expertise in network and technical security controls. - Experience in coordinating security incident responses. - Ability to apply organizational information security policies effectively. - Familiarity with IT security in an infrastructure environment. - Proven ability to prioritize tasks in high-pressure environments. - Graduate/postgraduate degree. **Core Work Activities:** - Conduct audits, security assessments, and control reviews across various domains. - Evaluate the effectiveness of information security controls aligned with corporate standards. - Perform risk-based assessments and identify vulnerabilities and improvement opportunities. - Develop and manage audit or assessment programs from planning to follow-up. - Collaborate with stakeholders to develop remediation plans and track progress. - Prepare detailed audit reports with actionable findings. - Contribute to the enhancement of information security internal audit methodology. - Additional Functions include representing Security in new property openings, providing tactical communications, tracking compliance performance, and reporting on security & compliance metrics. **Additional Responsibilities:** - Keep supervisors and team members informed through effective communication. - Attend relevant meetings and present information clearly. - Use problem-solving methodology for decision-making. - Maintain positive working relationships and manage time effectively. - Perform any other duties as assigned by the manager. Marriott International is an equal opportunity employer, committed to a diverse workforce and an inclusive, people-first culture. Non-discrimination based on any protected basis is our principle, ensuring fairness and respect for all employees.,

Role & responsibilities : Design and comply with applicable ISO27001 and NIST CSF standards. Monitor and protect against IT security threats with regular and effective oversight, testing, awareness building and employee training. Help develop a company-wide cultural mentality regarding the importance of information security. Prepare reports on IT security issues, testing, threats and incidences on a regular basis. Perform information security risk assessments. Identify and track the resolution of security incidences and vulnerabilities. Develop communication plans in advance of incidents to ensure a prompt and strategic response to both internal and external personnel. Ensure that adequate physical security controls exist to protect sensitive data and information systems. Responsibilities include asset, building, and network protection. Participate in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements, to ensure all security concerns, requirements, and responsibilities are addressed. Qualifications: Bachelors degree or masters degree in a computer field. Ten years or more IT operations experience and management. Ten years or more of experience leading technology projects in a high uptime, telecom, call center and/or Software-as-a-Service environment. CISSP or CISM qualifications Track record of ISO27001 program implementation, certification and maintenance In-depth knowledge of Windows and Linux server environments Ability to maintain composure and sound judgment in high-pressure environments Demonstrated leadership and personnel/project management skills Highly self-motivated and directed Proven analytical and problem-solving abilities Strong customer service orientation Experience working in a team-oriented, collaborative environment

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Role Overview: The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities: • Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. • Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. • Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. • Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. • Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). • Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. • Collaborate with OT security engineers and external vendors to escalate and remediate incidents. • Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. • Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. • Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. • Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge: • Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. • Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). • Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. • Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. • Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. • Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. • Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice to Have: • Exposure to Red Team/Blue Team exercises focused on OT/ICS. • Familiarity with GRC platforms and risk assessment tools tailored to OT.

AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Technical Skills AWS Security Architecture & Strategy: Design and implement comprehensive security architectures for Redaptive's AWS cloud environments Develop cloud security roadmaps aligned with business objectives and compliance requirements Establish security standards, policies, and procedures for AWS deployments Evaluate and recommend security enhancements to strengthen the cloud security posture Lead security aspects of cloud migration initiatives and new AWS service adoptions Implement zero-trust security principles in cloud architecture designs Provide expert guidance on AWS security best practices to stakeholders across the organization Establish metrics to measure the effectiveness of cloud security controls Security Automation & CI/CD Integration: Develop and maintain security as code implementations for AWS environments Integrate security controls and checks into CI/CD pipelines Automate security scanning, compliance verification, and remediation processes Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform Create automated security testing frameworks for cloud resources Develop custom security rules and policies for automated enforcement Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle Design and implement automated incident response playbooks for cloud security events Cloud Security Monitoring & Operations: Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail Implement and tune cloud-native SIEM solutions for comprehensive security visibility Develop and maintain cloud security dashboards and reporting mechanisms Perform advanced cloud security investigations and threat hunting Respond to and remediate cloud security incidents Conduct cloud security posture assessments and vulnerability management Implement and manage cloud security logging and audit mechanisms Develop and maintain cloud security incident response procedures Identity & Access Management: Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles Develop automated solutions for identity lifecycle management in cloud environments Implement and manage privileged access management for AWS resources Configure and maintain AWS Single Sign-On and federation with corporate identity providers Design and implement secure service-to-service authentication mechanisms Conduct regular access reviews and implement automated compliance checks Develop and maintain IAM security frameworks and governance processes Implement automated detection and remediation of IAM policy violations Compliance & Risk Management: Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST) Develop and implement cloud security compliance frameworks and controls Perform cloud security risk assessments and develop risk treatment plans Nice-to-have skills Experience with multi-cloud security strategies and implementations Knowledge of regulatory compliance requirements relevant to cloud environments Experience with container security (Docker, Kubernetes, ECS, EKS) Background in implementing Zero Trust architecture in AWS environments Experience with AWS automated incident response and remediation Knowledge of cloud-native security tools and platforms Experience with Hashicorp Vault or similar secrets management solutions Background in implementing security for data lakes and analytics platforms Experience with cloud workload protection platforms (CWPP) Knowledge of serverless security best practices Experience with cloud security in the energy efficiency or sustainability industries Background in threat modeling for cloud architectures Experience working with global teams and offshore development models Qualifications Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM) Hands-on experience implementing security controls in CI/CD pipelines Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform Experience with cloud security posture management (CSPM) tools and processes Strong understanding of identity and access management principles in cloud environments Experience with automated security testing and continuous security validation Proficiency in scripting and programming (Python, Bash, etc.) for security automation Excellent understanding of network security, containerization security, and serverless security In-depth knowledge of DevSecOps principles and practices Excellent written and verbal communication skills Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)

As a Technical Writer at PwC, your primary responsibility will be to work as part of a team in producing high-quality documentation for threat actor simulation services, device and application assessments, and penetration test results. You will collaborate closely with the business team to gather information and understand documentation requirements. Your role will involve creating, editing, and maintaining documentation for penetration testing reports, procedures, guidelines, and standards. It is essential to explain complex technical concepts clearly and concisely, tailoring the content to various audiences, including both technical and non-technical stakeholders. Staying updated on the latest cybersecurity trends and technologies is crucial to ensure that the documentation reflects current practices and solutions. You will also be analyzing existing content to recommend and implement improvements and ensuring that the documentation meets industry standards, regulatory requirements, and organizational compliance needs. Identifying opportunities to enhance documentation processes and tools, managing diverse viewpoints to build consensus, and focusing on building trusted relationships are integral aspects of this role. Upholding the firm's code of ethics and business conduct is a fundamental expectation. The skills, knowledge, and experiences required to excel in this position include responding effectively to diverse perspectives, utilizing a broad range of tools to generate new ideas, employing critical thinking to break down complex concepts, understanding project objectives in the broader business context, and interpreting data to inform insights and recommendations. Additionally, developing self-awareness through reflection, upholding professional and technical standards, and adhering to the firm's code of conduct and independence requirements are vital components of this role. For this management level role, the basic qualifications include a bachelor's degree and 4-9 years of experience. Preferred qualifications encompass fields of study such as Computer and Information Science, Information Security, Information Technology, Management Information Systems, Computer Applications, and Computer Engineering. Certification in Technical Writing is also preferred. Demonstrating extensive abilities and success in technical concepts related to application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management is essential. Familiarity with security testing tools like BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Responder, Nmap, and others within the Kali Linux distribution is advantageous. Knowledge of networking protocols, TCP/IP stack, systems architecture, and operating systems is beneficial. Additionally, familiarity with cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS is desirable. Experience in writing cybersecurity articles, reports, tools, protocols, and best practices, translating technical jargon into clear language for various audiences, and developing a library of technical documentation are valuable assets. Collaborating with cybersecurity professionals, analyzing information from multiple sources, managing multiple documentation requirements effectively, ensuring accuracy and consistency, and adapting writing styles to suit different platforms and audience needs are essential skills for this role. Leveraging graphic design and visualization tools, proactively seeking feedback, and keeping leadership informed of progress and issues are critical competencies expected in this position. Professional and Educational Background: A Bachelor's Degree is preferred for this role.,

Let me tell you about the role We are looking for an Information Security Engineering Specialist with great knowledge in security fundamentals and is eager to apply them in complex environments. In this role, you will assist in implementing security controls, executing vulnerability assessments, and supporting automation initiatives. This position will have an emphasis in one or more of the following areas cloud security; infrastructure security; and/or data security. You will have an opportunity to learn and grow under the mentorship of senior engineers, while also contributing to critical security tasks that keep our organization safe. What you will deliver Define security policies that can be used to improve our cloud, infrastructure or data security posture. Integrate our vulnerability assessment tooling into our environments, to provide continuous scans, uncovering vulnerabilities, misconfiguration or potential security gaps. Work with engineering teams to support the remediation and validation of vulnerability mitigations and fixes. Integrate security validations into continuous integration/continuous deliver (CI/CD) pipelines and develop scripts to automate security tasks. Maintain clear, detailed documentation of security procedures and policies, including how to embed and measure security on our cloud, infrastructure or data environments. What you will need to be successful (experience and qualifications) Seasoned security professional with 3+ years delivering security engineering services and/or building security solutions within a complex organization. Practical experience designing, planning, productizing, maintaining and documenting reliable and scalable data, infrastructure, cloud and/or platform solutions in complex environments. Firm foundation of information and cyber security principles and standard processes. Professional and technical security certifications such as CISSP, CISM, GEVA, CEH, OSCP or equivalent are a plus. Development experience in one or more object-oriented programming languages (e.g., Python, Scala, Java, C#) and/or cloud environments (including AWS, Azure, Alibaba, etc.) Exposure/experience with full stack development. Experience with security tooling (vulnerability scanners, CNAPP, Endpoint and/or DLP) and automation and scription for security tasks (e.g., CI/CD integration). Familiarity with basic security frameworks such as NIST CSF, NIST 800-53, ISO 27001, etc. Foundational knowledge of security standards, industry laws, and regulations such as Payment Card Industry Data Security Standards (PCI-DSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and Sarbanes-Oxley (SOX) Continuous learning and improvement approach. This position is a hybrid of office/remote working

Key Responsibilities: Serve as a trusted security advisor and designated vCISO for assigned clients, providing executive-level guidance on cybersecurity strategy, risk posture, governance, and compliance initiatives. Lead the development, implementation, and continuous improvement of client security policies, procedures, and frameworks aligned with standards such as NIST 800-53/CSF, ISO 27001, HIPAA, CMMC, SOC 2, and others. Define and deliver comprehensive security programs, including security risk assessments, maturity roadmaps, control gap analysis, and compliance reporting. Guide clients through technical and strategic decision-making related to infrastructure, applications, third-party tools, and data protection strategies. Coordinate and oversee vulnerability assessments, penetration tests, and the design and implementation of technical and administrative controls. Interpret the results of threat and vulnerability assessments to identify gaps and recommend remediation actions, ensuring alignment with each client's operational risks and compliance obligations. Engage with client stakeholders across IT, DevOps, legal, operations, and executive leadership to drive a security-by-design culture across projects and teams. Manage and deliver high-impact cybersecurity engagements with a focus on scope definition, schedule, budget, documentation, and successful client outcomes. Facilitate client discovery, build proposals, and articulate engagement scope, deliverables, and level of effort required for custom security solutions. Identify cross-functional improvement opportunities, recommending enhancements to client systems and infrastructure (hardware, software, networks). Communicate technical concepts and security strategy effectively to both technical and non-technical audiences, demonstrating leadership and executive presence. Provide mentorship and guidance to junior consultants, engineers, and analysts; when serving in a team lead capacity, manage workload, project direction, and performance feedback for 35 team members. Contribute to business development by identifying upselling and cross-selling opportunities based on client needs, emerging security challenges, or regulatory changes. Plan and execute projects independently with limited oversight, consistently delivering high-quality advisory services and exceeding client expectations. Minimum Qualifications: Bachelors degree in business, computer science, information systems, engineering, or a relevant discipline, or equivalent experience. 10+ years of technical experience. 5+ years of Information Security experience. Familiarity and experience with Microsoft 365, Azure, and AWS. Familiar with Security Frameworks (FedRAMP, ISO, NIST, COBIT, HIPAA/HITECH, PCI, SOC, SOX, etc.) and regulatory requirements. Understanding of Data Loss Prevention, Zero Trust, etc. Excellent written, verbal, and presentation communication skills. Excellent customer service skills. Comfortable in a sales environment and interest in negotiation statements of work. Experience collaborating and supporting clients and executives. Innovative and analytical problem-solving skills. Entrepreneurial and forward-thinking mindset. Strong management consulting skills. Ability to make decisive decisions and exhibit executive presence. Proven ability to lead a team of analysts and engineers effectively.

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Imagine you're a superhero, with the power to transform businesses from ordinary to extraordinary. As a Business Process Consultant at Kyndryl, you'll be just that – a trusted advisor helping customers achieve their goals and surpass even their own expectations. As a Business Process Consultant, you will play a crucial role in helping our customers reach their full potential by developing process-driven solutions that drive measurable results. You will work closely with our customers to gain a deep understanding of their unique business needs, challenges, and opportunities. Armed with this knowledge, you will leverage your expertise in aligning processes to technology to design, develop, and deploy custom solutions that exceed their goals. You will be responsible for analyzing our customers' current business processes, identifying bottlenecks, inefficiencies, and areas for incremental improvement. With your strong analytical skills, you will recommend process changes, new technologies, or appropriate organizational changes that drive efficiency, reduce costs, and improve overall business performance. In this role, you will also develop a large-scale strategic vision and ensure that all new business processes align with it. You will manage sales processes beyond day-to-day procurement to maintain strong customer relations and ensure that all stakeholders are on board with the recommended solutions. At Kyndryl, we value collaboration and teamwork. As a Business Process Consultant, you will work closely with all stakeholders, including customers, project managers, and technical teams, to ensure that our solutions meet the highest standards of quality, efficiency, and effectiveness. Our consultants are restless for innovation. They are at the edge of technology, changing the way our customers implement business solutions – so, if you’re a problem-solver, an innovative thinker, and a self-starter with a passion high impact assignments which align technology to business outcomes, then we want to hear from you! Apply today to join our dynamic team that has a host of exciting projects and customers waiting for you to work with them to solve complex transformation puzzles through technology. We are seeking an experienced ServiceNow Asset Management Specialist to lead and optimize enterprise-wide asset management initiatives. The ideal candidate will have strong technical and process expertise across Asset Data Modeling, Asset Process Optimization, and both IT and OT Asset Management. This role requires a strategic thinker capable of designing scalable, compliant, and data-driven asset processes aligned with industry standards such as ITIL, ISO 19770, and CSDM (Common Service Data Model). Key Responsibilities We are seeking an experienced ServiceNow Asset Management Specialist to lead and optimize enterprise-wide asset management initiatives. The ideal candidate will have strong technical and process expertise across Asset Data Modeling, Asset Process Optimization, and both IT and OT Asset Management. This role requires a strategic thinker capable of designing scalable, compliant, and data-driven asset processes aligned with industry standards such as ITIL, ISO 19770, and CSDM (Common Service Data Model). Define and maintain asset data structures aligned with ServiceNow CMDB and CSDM. Ensure data model supports cross-domain asset visibility (hardware, software, OT, network). Evaluate existing ITAM and HAM processes. Conduct gap analyses and maturity assessments using frameworks such as Gartner’s ITAM maturity model. Design and implement Software Asset Management (SAM) processes for end-user and developer environments. Integrate with software discovery tools to ensure licensing compliance and optimization. Extend asset management practices into the OT and network infrastructure domains Coordinate with OT/ICS teams to harmonize IT and OT asset lifecycle tracking. Redesign ServiceNow asset workflows to improve lifecycle traceability, exception handling, and process automation. Collaborate with Process Owners and Governance to align workflows with compliance and audit readiness. Identify automation and improvement opportunities across the asset lifecycle (procurement to retirement). Leverage AI/ML and AIOps insights to enable predictive asset lifecycle interventions. Your Future at Kyndryl As a Business Process Consultant at Kyndryl you will join the Kyndryl Consultant Profession, working with other Kyndryl Consultants, Architects, Project Managers, and cross-functional Technical Subject Matter Experts – presenting unlimited opportunities with unmatched support through our investment in your learning, training, and career growth. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Experience 12 + years hands on software development experience in ServiceNow, IT Asset Management with a focus on ServiceNow platform. Proven experience in implementing ServiceNow ITAM, HAM, SAM Pro, and CMDB modules. Deep understanding of asset lifecycle management across IT, software, and OT domains. Familiarity with industry standards: ITIL v4, ISO/IEC 19770, NIST CSF. Experience in working with cross-functional teams including IT Operations, Security, and Finance. Strong analytical, documentation, and stakeholder communication skills. Preferred Technical and Professional Experience ServiceNow Certified Implementation Specialist – SAM. Knowledge of discovery tools (e.g., ServiceNow Discovery, SCCM, Tanium, etc.) Experience with CSDM and data normalization techniques. Familiarity with automation and orchestration tools for asset tasks. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

New requirement - JD for Cybersecurity risk manager: Key responsibilities As a Cyber Risk & compliance Professional in our Group CISO office, you will be occupied in the following domainsa) Risk management b) Compliance.This role is responsible for planning, managing and coordinating various cybersecurity risk management activities focused on identifying, assessing, and mitigating risks for the enterprise from a business perspective. Skill requirement: Degree, or equivalent, in Information Security or Cyber Security or Computer science or similar course Self-motivation to continuously develop in the areas of cybersecurity Ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience Cyber / technology risk assessments & management methodologies Hands on with assessment report preparation and presenting to senior technical and business stakeholders Articulative and confident in presentation to senior stakeholders Knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Advanced knowledge and understanding of ITGC, NIST 800-53, NIST CSF controls and Risk management frameworks Expertise in complex business processes and technological risks Deep understanding of security technologies including firewalls, proxies, SIEM, XDR, CSPM, IGA, PAM, Data protection Experience8 12 years. Applications from people with disabilities are explicitly welcome.