39 Nist Csf Jobs - Page 2

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What youll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the companys solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelors degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives. Workplace type On-site Working

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What you'll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the company's solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelor's degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives. Workplace type : On-site Working

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What youll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the companys solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelors degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives.

Job Duties (Summary): Senior Security SOC Analyst works in 24/7 team and in shifts which include nights and rotational weekends. The role is a key part of our Security Monitoring Incident Response team, involving in investigating alerts/events that trigger from MS Sentinel / SIEM and EDR Tools and other end point tools. Senior Analyst will be the internal escalation point for the Security analysts within the shift/team and will assist Security Analysts in responding to Security Incidents. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognizing familiar elements within complex situations. Required Skills & Experience: Responsible for 24/7 monitor, triage, analysing security events and alerts. Including Malware analysis. Should have good hands-on in Microsoft Sentinel and should have ability to query using KQL [Mandatory] Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc... Strong knowledge of email security threats and security controls, including experience analysing email headers. Analysing Phishing emails and associated Threats and to remediate them by blocking the Urls analysing the malware(s),link(s),IOCs. Good understanding of Threat Intel and Hunting. Good hands on experience in investigating EDR alerts (Tanium, CrowdStrike, etc..) Good hands on experience in using XSOAR Platforms (Demisto, Phantom, etc..) Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP. Experience analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues. Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues. Knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure (Preferred not mandatory) Good knowledge and hands-on experience with SIEM systems such as SentinelOne/RSA Netwitness/Splunk/AlienVault/QRadar, ArcSight or similar in understanding/creating new detection rules, correlation rules etc... Experience In defining use cases for playbooks and runbooks (Preferred) Experience in understanding log types and log parsing Strong passion in information security, including awareness of current threats and security best practices. Basic Qualifications (Preferred not mandatory ? if Candidate has equivalent knowledge) Bachelors Degree in Computer Sciences or equivalent (Preferred not mandatory) Minimum of 3 years of experience in a Security Operations Centre (SOC) or incident response team (CSIRT Team member). Overall 3+ experience in Information Security/IT Security/Network Security. CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA certification (minimum One certification - Preferred not mandatory) A relevant specialist degree (e.g., information security or digital forensics). Knowledge in NIST CSF, MiTRE & ATTACK Framework. Active involvement in the Information Security community. Certified in Azure Security [SC-200, AZ-500, AZ-900] ? Either one or more [Mandatory]

Location: Pune Experience Required: 5-7 years Company: Incred Money (www.incredmoney.com) Industry: Fintech / Financial Services About IncredMoney.com IncredMoney.com is a fast-growing digital wealth and investment platform empowering users with smart, simplified financial tools. We are passionate about financial inclusion, investor transparency, and secure digital experiences. As we scale, security remains central to our missionand thats where you come in. Role Summary We are looking for a dynamic and hands-on Senior Infosec Engineer who will be responsible for leading and implementing our information security and cyber-risk strategy. The ideal candidate will have strong experience in fintech or financial services, knowledge of regulatory frameworks (like RBI, SEBI), and the ability to build secure digital systems while enabling growth and innovation. Key Responsibilities Own and lead the company’s overall information security strategy. Build and implement policies, procedures, and controls aligned with industry best practices (e.g., ISO 27001, NIST, OWASP). Perform risk assessments, security audits, and regular vulnerability assessments of applications and infrastructure. Collaborate with engineering, DevOps, and product teams to embed security into the SDLC. Oversee data protection strategies (encryption, backups, data access) and ensure regulatory compliance (e.g., RBI, SEBI, GDPR, PCI-DSS if applicable). Manage internal and external security audits and ensure remediation of findings. Lead incident response planning and execution, including root cause analysis and post-mortem reviews. Evaluate and onboard security tools (e.g., SIEM, WAF, DLP, endpoint security). Build a security-first culture through training and awareness programs across teams. Serve as the primary point of contact for security with partners, auditors, and regulators. Key Requirements 4–7 years of progressive experience in Information Security, with at least 2 years in a leadership or ownership role. Strong understanding of cloud security (AWS preferred), web/mobile application security, and data privacy. Hands-on experience with firewalls, VPNs, intrusion detection/prevention systems, and endpoint protection tools. Familiarity with regulatory and compliance frameworks (especially RBI/SEBI guidelines for fintech). Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. Industry certifications like CISSP, CISM, CEH, or ISO 27001 LA are a strong plus. Excellent communication and stakeholder management skills. Preferred Skills Prior experience in fintech, wealth-tech, or BFSI domain. Experience leading security in a startup or early-stage company. Knowledge of DevSecOps practices and CI/CD pipeline security.

Job ID: 199874 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking a highly skilled and experienced Senior Governance, Risk, and Compliance (GRC) Specialist to join our dynamic team. The ideal candidate will have a strong background in GRC, with a proven track record of managing and implementing comprehensive risk management and compliance programs, particularly within the EMEA (Europe, Middle East, and Africa) and IMEA (India, Middle East, and Africa) regions. What will your job look like Develop and maintain governance frameworks, policies, and procedures. Ensure compliance with industry standards, regulations, and contractual obligations. Identify, assess, and prioritize security risks, implementing mitigation strategies. Conduct regular risk assessments, audits, and maintain risk registers. Ensure adherence to GDPR, CRA, and other relevant security regulations. Monitor and enforce security compliance across EMEA and IMEA regions. Develop and deliver compliance training programs for employees. Prepare and present security reports to senior management and stakeholders. Collaborate with internal teams and liaise with external auditors and regulators. Communicate security risks and mitigation strategies effectively to stakeholders. All you need is... Bachelor's degree in Business Administration, or a related field. Professional certification (e.g., CISA, CRISC, CISSP) is preferred. Minimum of 6 years of experience in governance, risk management, and compliance. Strong knowledge of relevant laws, regulations, and industry standards, particularly in the EMEA and IMEA regions. Strong understanding of NIST CSF, CIS, ISO 27001, PCI DSS, and Data Protection frameworks. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with experience in defending and explaining security risks and mitigations to customers and stakeholders. Ability to work independently and as part of a team. Proficiency in GRC software and tools. Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Roles & Responsibilities:- Design and implement secure AWS cloud architectures aligned with business and compliance requirements. Automate security controls and integrate them into CI/CD pipelines Manage and monitor AWS security tools such as GuardDuty, Security Hub, and CloudTrail Develop and enforce IAM policies using least privilege principles Conduct threat modeling, vulnerability assessments, and cloud security posture evaluations Ensure compliance with standards like SOC 2, ISO 27001, and NIST Support audit readiness and implement risk treatment plans Collaborate with DevOps teams to embed security in cloud deployments Promote DevSecOps culture across development and operations teams Create and maintain security-as-code using CloudFormation, Terraform, and scripting Automate detection, remediation, and incident response processes Provide security guidance during cloud migrations and new service adoptions Qualification:- Bachelors in Cybersecurity, Computer Science, or related field (Masters preferred) 7+ years in cybersecurity, with 5+ years in cloud security Strong expertise in AWS security tools (GuardDuty, Security Hub, IAM, KMS, CloudTrail) Familiar with cloud security frameworks (AWS Well-Architected, NIST CSF, CSA CCM) Experience in securing CI/CD pipelines and implementing IaC security (CloudFormation/Terraform) Hands-on with CSPM tools and automated security validation Deep understanding of IAM principles and DevSecOps practices Proficient in scripting (Python, Bash) for automation Strong knowledge of network, container, and serverless security Excellent communication skills (verbal and written) Certifications: AWS Security Specialty, CCSP, CISSP, or equivalent Preferred Qualifications :- Experience with multi-cloud (AWS, Azure, GCP) security Understanding of regulatory frameworks (e.g., GDPR, HIPAA, ISO) Hands-on with container security (Docker, Kubernetes, ECS/EKS) Experience with Zero Trust security models in cloud Familiarity with automated incident response and cloud-native tools Knowledge of Hashicorp Vault or similar tools for secrets management Experience securing data lakes and analytics platforms Worked with CWPP and serverless security best practices Cloud security experience in energy efficiency/sustainability domains Experience in cloud threat modeling and collaborating with global teams

Security Risk and Compliance Expert will be instrumental in shaping the global Information Security Management System (ISMS) within our Group Security team. This role involves engaging with various Business Groups and Corporate Functions to identify and manage information security risks, ensuring compliance and enhancing our security posture. Facilitate risk assessments, develop training, and contribute to the continuous improvement of security policies and tools. Enhance the overall security and compliance of services provided to our customers. You have: Master's or bachelor's degree in computer science, security engineering, or equivalent 5+ years of experience in information security in a multinational organization. Solid understanding of information security processes and technologies Practical knowledge of ISO/IEC 27001:2022 standard implementation Excellent documentation and communication skills It would be nice if you also had: Knowledge of security standards like CSA CCM, NIST CSF, NIS2, and SOC2 Experience delivering information security training Familiarity with RSA Archer and Microsoft Power BI or other GRC tools Certifications in information security (e.g., CRISC, CISSP and ISO 27001 LI/LA) Implement and operate the global Information Security Management System (ISMS) to enhance overall security and compliance Conduct risk assessments with global stakeholders to evaluate and report information security risks Develop and maintain the information security risk register, tracking mitigation progress and presenting reports to stakeholders Provide recommendations for security risk mitigation strategies tailored to different business groups Create, update, and maintain ISMS documentation and a repository of reports and audit records Facilitate training sessions to educate employees on ISMS practices and promote a strong security culture Collaborate with cross-functional teams to identify evolving security trends and compliance requirements Contribute to the continuous improvement of Nokia ISMS and related tools, utilizing KPIs to measure effectiveness

Manage internal/external audits (ISO, SOC 2), handle client questionnaires, ensure security compliance (ISO 27001, NIST), coordinate audits via OneTrust, test controls, review policies, and support InfoSec risk, GRC, and compliance processes. Required Candidate profile Looking for 8–12 yrs exp in InfoSec audits, ISO 27001, NIST, client questionnaires, OneTrust GRC, control testing. Good to have CISSP/ISO certs. Shift: 2–11 PM,

JD Requirement # 1 Infosec Audit Manager Designation Manager Experience 8 to 12 years Relevant Experience Mandatory Skills Client questionnaires, Security, ISO 270001- 2022, Audit Coordination , NIST CSF, Audit programs, Security analyst or client analyst Good to have skills CISSP certification , ISO certification, One Trust, GRC experience Requirement # 2 Infosec Third Party Risk Senior Manager Designation Senior Manager Experience 15 to 20 years – Relevant Experience Mandatory Skills TPRM, Supply chain risk assessments, Risk assessment, ISO- 270001, NIST - CSF Good to have skills GRC , CISSP , ISO Requirement # 3 Infosec Client Questionnaire & Audit Manager Designation Manager Experience 8 to 12 years – Relevant Experience Mandatory Skills Client questionnaires, Security, ISO 270001- 2022, Audit Coordination , NIST CSF, Audit programs, Security analyst or client analyst Good to have skills CISSP certification , ISO certification, One Trust, GRC experience Location Remote Targeted Companies Big 4

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about security architecture and driven to protect against the latest threats? We are seeking a Security Lead who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Security Lead, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customer’s assets. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from a Junior Architect to Principal Architect – we have opportunities for that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise •Minimum of 8 years of experience in security architecture design and implementation within a Service Provider organization •Experience with security frameworks such as NIST CSF, ISO 27001, or CIS Controls. . Exp in Fortigate Firewall, WAF or Zscaler(Mandatory) •Deep understanding of security technologies, such as firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint protection •Strong knowledge of cloud security concepts and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) Preferred Technical and Professional Experience •Relevant industry certifications such as CISSP, CISM, or CCSP •Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Job Summary: We are seeking an experienced OT Security Consultant to support our clients in strengthening the security posture of their Operational Technology (OT) environments. The ideal candidate will be responsible for conducting OT risk assessments, identifying and prioritizing risks based on impact and likelihood, and recommending actionable mitigations and controls. A strong grasp of the ISA/IEC 62443 standard, coupled with hands-on experience in IT-OT network security and industrial control systems, is essential. Key Responsibilities: Conduct comprehensive OT risk assessments across industrial environments, identifying key risk and potential impact. Assess and prioritize risks based on impact, likelihood, and business context. Perform IT-OT network security assessments, including architecture reviews, segmentation analysis, and traffic flow evaluations. Good Understanding of OT infrastructure such as PLC, DCS, MES, SCADA etc., network infrastructure elements, topology, configuration and data flow architecture. Experienced in IT-OT network security assessment, Network solution design, implement (Network architecture/ switches/ routers/ firewalls/ DMZ/AD etc ) for manufacturing environments. Align assessment methodologies with ISA/IEC 62443,NIST 800-53 standards and best practices. Deliver detailed assessment reports and risk matrices, including practical remediation recommendations. Collaborate with client stakeholders including engineering, operations, and cybersecurity teams. Provide guidance on secure network design, hardening of ICS components, and secure integration of IT/OT systems. Required Qualifications: Bachelors or Master’s degree in Cybersecurity, Engineering, Computer Science, or a related field. 4 to 8 years of experience in OT cybersecurity or ICS/SCADA environments. In-depth knowledge of ISA/IEC 62443, NIST 800-53 and risk assessment frameworks. Hands-on experience with OT systems including PLCs, SCADA, DCS, HMIs, and Historian technologies. Strong understanding of industrial network protocols (Modbus, OPC, DNP3, etc.) and security principles. Familiarity with NIST CSF, NERC CIP, or ISO/IEC 27001 is a plus. Preferred Certifications: ISA/IEC 62443 Cybersecurity Certifications GICSP (Global Industrial Cyber Security Professional) CCNA, PCNSA

The Audit Manager, Information Security position will be an integral member of the Information Security and Risk Management team. This role will be responsible for organizing and managing internal and external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance, this role serves as an information security technology professional for Grant Thornton to support the design, implementation, and maintenance of a cohesive information security governance, risk and compliance program. The successful candidate will have a good mix of deep technical knowledge, understanding of industry best practice, frameworks and regulations, and a demonstrated background in information security risk management program. An experienced and motivated risk and compliance individual contributor is needed to work across a matrixed team in place today and growing in the future. The successful candidate has a track record of developing strong relationships, collaborating across teams, coordinating multiple timelines, and managing complex, cross discipline projects.