83 Nist Csf Jobs - Page 3

Lead internal/external security audits (HITRUST, ISO27001, SOC2) collect evidence, map controls, Maintain compliance docs, risk registers, track remediation. Coordinate cross-functional teams, review policies, assess vendors.

The Lead Analyst, Cybersecurity Operations will be part of the Cybersecurity team that analyzes, implements, monitors, troubleshoots, and audits the cybersecurity of the Frontier network infrastructure. The analyst provides timely and comprehensive intelligence on internal/external threats for detection, monitoring, threat hunting, and incident response. The scope of environment includes system-monitoring platforms, anti-virus, DLP, URL filtering, and PCI environments. The analyst will be responsible for performing alert analysis, incident response, digital forensics, and supporting penetration remediation on applications/systems. Essential Functions Monitor, investigate, analyze, respond, and report to cyber incidents identified through detection/response platforms. Lead support to Management in detecting and responding to cybersecurity alerts and incident activity. Responsible for engaging and escalating incidents to Cyber Operations Management and other Cyber Incident Response Team members. Actively support incident response activities, efforts, and training exercises (e.g., incidents, tabletops, threat simulations) and be the lead incident response analyst. Actively drive risk reduction efforts for known cyber security vulnerabilities and known attack traffic patterns/indicators of compromise (IOC). Actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, provide proactive threat research, and recommend mitigation strategies. Evaluate and determine if/when cybersecurity violations have occurred through examination of network/application logs, open-source research, vulnerability and configuration scan data, and user provided reports. Proactively conduct investigations, analysis, and evaluation of projects to determine cybersecurity risk and feasibility as required. Administer, maintain, tune, and perform heath checks on cybersecurity products and services (such as: secure mail gateway, SIEM, IDS/IPS, EDR, vulnerability management, brand monitoring, threat intelligence, security rating, DDoS, web proxy, file integrity monitoring (FIM), data loss prevention (DLP), User Entity Behavioral Analytics (UEBA), and other). Provide and implement recommendations for new technical controls to help mitigate security vulnerabilities. Responsible for leading the vulnerability management program functions including hosting weekly meetings with Stakeholders and the operations team, creating and tracking tickets for all vulnerabilities, holding stakeholder teams to meet SLAs, and reporting to the Manager of Cybersecurity on a weekly basis. Actively perform threat hunting activities in the environment to detect cyber threats in the network. Coordinate and support purple, red, and blue team engagements. Provide cybersecurity technical assistance when needed by system/application owners. Support multiple day-to-day cybersecurity tasks and projects efforts. Provide regular status updates to Management on projects and remediation efforts. Solid understanding of cybersecurity policies and procedures, ability to draft, modify and create standard operating procedures (SOPs) for use of other team members. Support organizational Security Awareness Training efforts (suggest training topics, coordinate phishing campaigns, enable awareness to end-users in support of incidents). Support vulnerability assessments functions (such as: enterprise pen testing, application pen testing, static/dynamic testing, scorecard assessments). Participate and support afterhours/on-call rotation requirements for cybersecurity incidents. Responsible for developing, monitoring, and tracking cyber security metrics on a recurring basis, including creating Powerpoint slide decks for presentations. Coordinate response and remediation efforts across various departments in a cooperative and beneficial manner. Responsible for maintaining Incident Response documentation and auditing member contact information on at least a semi-annual basis or as needed. Responsible for attending all vendor meetings and acts as the point of contact for our Cybersecurity vendors. Demonstrate ownership and understanding of tasks when engaging with other team members. Provide leadership, guidance and partnership to Analyst(s) and Senior Analyst(s). Responsible for the onboarding and training of new analysts to the Cybersecurity Operations team. Provide support to management team. Qualifications Bachelors degree in computer science, technology, or equivalent combination of education and relevant experience (required). 6+ years of relevant IT/Cybersecurity experience (required). 5+ years in security operations with hands-on experience with enterprise cybersecurity products, such as Qualys, SentinelOne, Proofpoint, Office365, Microsoft Defender for Cloud, Microsoft Defender for Identity (required). 5+ years of SIEM (security information and event management) platform experience (required). 4+ years supporting adversary tactics and techniques based on MITRE attack framework (required). Knowledge of cyber security standards and frameworks such as ISO 27001, NIST CSF, NIST-800- 53, PCI DSS ASV (highly desired). Hands-on experience with tools like PowerShell, Vulnerability Management suite, Wireshark, and NMAP (required). Position Description Industry cybersecurity certification: CompTIA: Security+ or Pentest+, CEH, CISSP, OCSP, SANS: GCIH or GSEC, CISSP, ISACA: CISA or CISM, Security+, SSCP, or CCNA (required, or willing to attain within 3 months of start date). Hands-on Cloud infrastructure (Azure/AWS/GCP) cybersecurity remediation experience (desirable). Hands-on experience with next-gen endpoint detection/response (EDR), Enterprise Firewall, IPS, Log Management, Cisco, and Checkpoint experience (desirable). URL Filtering (web proxy) and troubleshooting experience (desirable). Solid

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired bya collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizationsunlock the value of technology and build a more sustainable, more inclusive world. Your Role Minimum 3-8 years’ experience assessing against standards and frameworks including one or more of the followingDOE C2M2, IEC-62243/ISA-99, NIST CSF, NERC CIP, etc. Minimum 3-5 years’ experience working with ICS technologies and/or environments on one or more of the followingSCADA, DCS, EMS, DMS, ADMS, PCN, RTUs, IACS, PLCs, HMIs, etc. Minimum 3-5 years working with cybersecurity functions of one or more of the followingvulnerability assessment and management processes, identity and access management, incident response and monitoring, etc. Problem-solving ability and strong analytical skills Experience of working with diverse teams and is a team player Relevant certifications (CISSP, GICSP, GRID, GCIP, etc.). Keep abreast with the latest technology trends and predictions Ability to drive the creation of prototypes and proof of concepts Able to effectively communicate, interact and influence business and operational stakeholders and partners Ability to deliver innovative solutions and consistently demonstrate customer outcomes. Primary Skills DOE C2M2 IEC-62243/ISA-99 NIST CSF NERC CIP

Lead risk analysis efforts to assess how technical control issues, vulnerabilities, and compliance exceptions contribute to overall enterprise risk posture. Maintain and improve governance and risk methodologies aligned with standards such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, SOX, GDPR, HIPAA, and PCI DSS. Act as a liaison between technical teams and business stakeholders to translate risk-related insights into actionable strategies. Support internal and external audit readiness by coordinating risk assessments, tracking issue remediation, and reporting on compliance gaps. Contribute to GRC tool usage (e.g., ServiceNow GRC, Archer, or MetricStream) for monitoring control health, exceptions, and residual risk. Collaborate with legal, compliance, audit, and IT operations to ensure integrated risk management practices across the enterprise. Aggregate data from multiple risk domains to develop executive-level dashboards, reports, and risk narratives that influence decision-making. Participate in the development and rollout of risk governance models, exception handling processes, and control improvement initiatives. Roles and Responsibilities Required Qualifications: 7–12 years of professional experience in IT Risk, Governance, or Cybersecurity GRC functions. Strong working knowledge of risk frameworks such as NIST CSF, ISO 27001, COBIT, SOC 2, SOX, and GDPR. Demonstrated ability to interpret and connect vulnerabilities, policy violations, and exceptions to broader business risks. Experience with risk aggregation, remediation tracking, and reporting for internal/external stakeholders. Skilled in stakeholder engagement across risk, audit, compliance, and technical functions. Familiarity with GRC tools and platforms used to manage controls, exceptions, and assessments. Preferred Qualifications: Certifications such as CISA, CRISC, CISSP, CGEIT, or equivalent. Experience working in regulated sectors such as finance, healthcare, insurance, or critical infrastructure. Hands-on experience with exception governance processes, risk acceptance workflows, and issue management. Understanding of how to design and implement scalable metrics for KRIs, control effectiveness, and risk trends. Key Competencies: Strategic thinker with a strong grasp of enterprise risk management principles. Highly analytical with the ability to synthesize complex technical data into actionable business insight. Effective communicator skilled in developing risk reports, briefings, and dashboards for both technical and executive audiences. Strong collaboration and leadership skills within matrixed environments. Proactive, organized, and results-driven with a continuous improvement mind-set.

Lead governance, risk, and compliance initiatives across cyber domains. Develop risk frameworks, align with global regulations, and interface with leadership and auditors. Required Candidate profile Strategic cyber risk leader with experience in GRC, regulatory compliance, and cyber risk frameworks. Ability to drive governance programs and manage stakeholder communication

Develop the culture of risk management across the organisation, and ensure effective identification, quantification, communication, and management of risks focusing on root cause analysis and resolution recommendations across domains Cyber, HR, Legal, Finance, etc. Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance. Provide SME support to functional managers or Internal stakeholders in understanding and applying responsibilities towards risk and compliance providing recommendations as appropriate. Support the CIO and CISO, and work with internal stakeholders to: Participate in consultation and conduct gap analysis against new requirements Coordinate and facilitate IT / cyber security audits. Support Risk Owners and Tech teams in documenting control procedures, guidelines, etc. Ensure risk and control activities are completed in a timely and appropriate manner applying the correct governance route Report and publish Risks to senior leadership inclusive of providing content for Senior Leadership risk and control review forums/Committees. Ensure all governance attestations and sign-off from Senior leadership are completed including the conduct risk measures. Co-ordinate and track the tickets / findings in areas likeIT Operational Risks and Information Security Risks,Control Self assessments ,Internal/External Audit findings with appropriate CAPA,BCP / Disaster recovery ,Problem tickets with root cause analysis. Audit event co-ordination, Audit liaison and issue closure oversight (SOC 2 Type 2, ISO 27001, etc.) Lead pre-audit preparation activities with stakeholders (SOC 2 Type 2, ISO 27001, etc.) Provide first line of defense support in assessing risk and reviewing control issues Documentation of control procedures, standards and guidelines, etc. What youll bring: Bachelor s degree in IT or relevant field with a strong academic background A minimum of 7-10 Years of experience in Risk management and internal controls governance Strong communication & strategic influencing skills. Relevant experience working with senior leaders, building internal networks, and delivering high impact programs in complex -matrixed environments. Formal training or certification in Information Security, and/or 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation. Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies. Proficient in MS Office productivity suite (e.g., Word, Excel, PowerPoint, SharePoint). Advanced Excel skills strongly preferred CISM/CRISC/CISA/CISSP/CIA/MBA or relevant Risk Management / Audit certification Basic working knowledge of following (Majority of the points, if not all): -COBIT Control Objectives for Information and Related Technology -ISO/IEC 27001:2013 Code of Practice for Information Security Management -NIST SP 800-53 -NIST CSF -SOC1/SOC2/SOC3 -HIPAA/HITECH Security and Privacy Audit Protocol -Shared Assessments Standard Information Gathering (SIG) framework -US SOX Sarbanes Oxley Act -US HIPAA/HITECH Act -EU GDPR General Data Protection Regulation -US EU Privacy Shield -India Companies Act Additional Skills: Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives. Program level management up to and including Executive presentation and reporting. Knowledge and Experience of Technology Infrastructure. Understanding of Infrastructure Security Stakeholder management Willingness to adapt to evolving industry standards and technologies Ability to manage a wide variety of tasks and meet deadlines, and reliability/dependability Proven ability to work creatively and analytically in a problem-solving environment

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time educationAs a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 -year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Job Description Objective LabVantage Solutions is an industry leading provider of laboratory software products. Our products enable scientists and analysts across the globe to develop novel solutions, work effectively, and meet regulatory compliance. LabVantage solution is an OLTP system based on RDBMS platforms, including Oracle, SQL Server, and EDB (Postgres managed DB for our SaaS solution). This position plays a key role in the development and security of LabVantage Solutions software. The individual will be responsible for monitoring and analyzing security vulnerabilities, conducting risk assessments, and implementing security measures. They will ensure secure coding practices, perform security testing, and collaborate with DevOps to integrate security into the development lifecycle. The Security Engineer must have a solid understanding of core Java concepts such as imports, inheritance, and class conflicts, and should be capable of making necessary code changes. They will be responsible for identifying potential risks to LabVantage and recommending appropriate mitigation strategies, including suppression, smoke testing, soak testing, or limited regression. Role Responsibility Review and Monitor CVEs: Continuously monitor Common Vulnerabilities and Exposures (CVEs) to identify potential threats and vulnerabilities. Penetration Test Analysis: Analyze penetration test reports to understand vulnerabilities and recommend remediation steps. Dependency and Third-Party Software Management: Assess and manage dependencies and third-party software for security risks. Risk Assessment and Mitigation: Conduct risk assessments and develop mitigation strategies to address identified vulnerabilities. Static and Dynamic Analysis: Use tools for static and dynamic code analysis to detect vulnerabilities and ensure code quality. Integration with DevOps: Work closely with DevOps teams to integrate security into the CI/CD pipeline, ensuring automated and continuous security checks. Threat Modeling: Perform threat modeling to identify potential security threats and design countermeasures during the product design phase. Security Testing: Conduct various types of security testing, such as penetration testing, to identify and address vulnerabilities in the product. Security Requirements: Define and enforce security requirements for new features and products to ensure they meet the organization's security standards. Job Qualifications 5+ years of experience in information security, including roles as a Security Analyst and/or Security Engineer. Experience with secure coding practices, code reviews, and security testing. Experience with static and dynamic code analysis tools. Experience with CI/CD pipelines and integrating security into DevOps processes. Certifications: Relevant certifications such as CISSP, CEH, OSCP, or similar. Skills Strong understanding of security principles, protocols, and best practices. Proficiency in security tools and technologies (e.g., Wiz, SonarQube, vulnerability scanners). Knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001, SOC2). Familiarity with the OWASP Top 10 vulnerabilities and mitigation strategies Understanding of NIST cybersecurity standards and frameworks (e.g., NIST CSF, NIST SP 800-53) Strong communication and collaboration skills. Interested candidates apply!

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What youll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the companys solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelors degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives. Workplace type On-site Working

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What you'll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the company's solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelor's degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives. Workplace type : On-site Working

Your day at NTT DATA The Senior Security Sales Specialist is an advanced subject matter expert and is also quota-bearing sales persona. Thie primary purpose of this role is to pursue and land qualified leads identified by the Client Management team and other respective teams. The Senior Security Sales Specialist identifies new opportunities from a selection of existing accounts, and presents solutions, value propositions, partner configurations, cost structures, and revenue models to the client that meet their needs. The Senior Security Sales Specialist works directly with clients at a variety of levels, as well as internal subject matter experts. A substantial amount of time is spent on engaged selling or supporting the sales process in partnership with Client Managers. This role contributes to the pre-sales process by working with pre-sales architects to create the best solution design for the client, as well as building and developing excellent stakeholder relationships with new and existing clients, whilst developing new business channels and territories. What youll be doing Key Responsibilities: Owns and drives pipeline to achieve allocated security budget numbers. Drives positive brand recognition on security business in-country and in-region. Maintains subject matter expertise in the Security technology domain or solutions set. Supports the closure of sales based on Security technology domain knowledge. Addresses the technology conceptual challenges during the sales process. Maintains a comprehensive level of relevant product and service knowledge to have meaningful conversations with potential and existing clients. Maintains awareness of the competitive landscape, market pricing, and strategy and how to penetrate a new market. Contributes to the knowledge base of the companys solutions and services within a practice area or service area by sharing best practices with internal teams, as well as client teams. Works with relevant technology vendors and ensures a deep understanding of their solutions and how they can contribute to our own solutions set. Articulates the Security solution/deliverables that the client requires, as opposed to the products that they need to buy. Prepares and conducts client workshops and presentations. Establishes relationships with multiple client stakeholders and secures deals with clients to achieve assigned sales quotas and targets. Uses understanding of the clients business and depth of knowledge on the Security solutions to personalize the recommended solution in line with the clients need. Capable of spotting new sales opportunities within an account and work with the sales teams to drive them to closure. Pursues and lands qualified leads identified by the client managers and other lead generation sources. Develops and maintains clear account plans for appropriate clients and targets. Discovers, forecasts, and runs opportunities in the medium and long-term. Identifies, assesses and highlights client risks that could prove detrimental to the clients organization and credibility. Collaboratively work with sales teams, especially Client Managers, to successfully close the deal. Works closely with other in-territory counterparts and matrix teams to achieve the shared goal of growth. Uses sales methodologies and tools such as target plans, opportunity plans, and account plans to drive the sales process. Develops and implements an opportunity plan, to provide regular check-ins with the primary point of contact and have an established process for getting buy-in from all stakeholders. Knowledge and Attributes: Advanced understanding of security principles, concepts, and technologies, including knowledge of NIST CSF, ISO 27001, cybersecurity solutions, network security, data security/privacy and best practices in securing data and IT infrastructure. Advanced understanding of the technical concepts of Security solutions and display the ability to provide technical consultation and guidance to customers. Displays success in achieving and exceeding sales and financial goals. Advanced proficiency in developing and encouraging meaningful customer relationships up to C-level. Displays ability to delivery engaging sales presentations and elevator pitches. Close attention to maintaining up to date, accurate sales forecast and close plans. Advanced proficiency in team selling approach. Advanced knowledge of competitors and ability to apply competing successful sales strategies. Client-centric approach, with ability to understand customer problems and find best-fit solutions. Flexible to adapt quickly to short, new missions or urgent deadlines. Displays negotiation capabilities to craft solutions that are beneficial to customers, partners, and organization overall. Academic Qualifications and Certifications: Bachelors degree or equivalent in a Technical or Sales field or related is preferred. Certified in industry relevant structured sales methodologies and negotiation skills. Preferred certifications (but not limited to) CISSP, CompTIA Security+, GISF. Required Experience: Advanced sales experience in a technology or services environment, particularly selling Security solutions. Advanced experience of IT Managed Services environment. Advanced demonstrable experience of solution-based selling with a proven track record of sales over-achievement. Advanced experience in selling complex security solutions and services to C-Level clients. Advanced experience in resolving a wide range of issues in creative ways to meet targets and objectives.

Job Duties (Summary): Senior Security SOC Analyst works in 24/7 team and in shifts which include nights and rotational weekends. The role is a key part of our Security Monitoring Incident Response team, involving in investigating alerts/events that trigger from MS Sentinel / SIEM and EDR Tools and other end point tools. Senior Analyst will be the internal escalation point for the Security analysts within the shift/team and will assist Security Analysts in responding to Security Incidents. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognizing familiar elements within complex situations. Required Skills & Experience: Responsible for 24/7 monitor, triage, analysing security events and alerts. Including Malware analysis. Should have good hands-on in Microsoft Sentinel and should have ability to query using KQL [Mandatory] Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc... Strong knowledge of email security threats and security controls, including experience analysing email headers. Analysing Phishing emails and associated Threats and to remediate them by blocking the Urls analysing the malware(s),link(s),IOCs. Good understanding of Threat Intel and Hunting. Good hands on experience in investigating EDR alerts (Tanium, CrowdStrike, etc..) Good hands on experience in using XSOAR Platforms (Demisto, Phantom, etc..) Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP. Experience analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues. Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues. Knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure (Preferred not mandatory) Good knowledge and hands-on experience with SIEM systems such as SentinelOne/RSA Netwitness/Splunk/AlienVault/QRadar, ArcSight or similar in understanding/creating new detection rules, correlation rules etc... Experience In defining use cases for playbooks and runbooks (Preferred) Experience in understanding log types and log parsing Strong passion in information security, including awareness of current threats and security best practices. Basic Qualifications (Preferred not mandatory ? if Candidate has equivalent knowledge) Bachelors Degree in Computer Sciences or equivalent (Preferred not mandatory) Minimum of 3 years of experience in a Security Operations Centre (SOC) or incident response team (CSIRT Team member). Overall 3+ experience in Information Security/IT Security/Network Security. CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA certification (minimum One certification - Preferred not mandatory) A relevant specialist degree (e.g., information security or digital forensics). Knowledge in NIST CSF, MiTRE & ATTACK Framework. Active involvement in the Information Security community. Certified in Azure Security [SC-200, AZ-500, AZ-900] ? Either one or more [Mandatory]

Location: Pune Experience Required: 5-7 years Company: Incred Money (www.incredmoney.com) Industry: Fintech / Financial Services About IncredMoney.com IncredMoney.com is a fast-growing digital wealth and investment platform empowering users with smart, simplified financial tools. We are passionate about financial inclusion, investor transparency, and secure digital experiences. As we scale, security remains central to our missionand thats where you come in. Role Summary We are looking for a dynamic and hands-on Senior Infosec Engineer who will be responsible for leading and implementing our information security and cyber-risk strategy. The ideal candidate will have strong experience in fintech or financial services, knowledge of regulatory frameworks (like RBI, SEBI), and the ability to build secure digital systems while enabling growth and innovation. Key Responsibilities Own and lead the company’s overall information security strategy. Build and implement policies, procedures, and controls aligned with industry best practices (e.g., ISO 27001, NIST, OWASP). Perform risk assessments, security audits, and regular vulnerability assessments of applications and infrastructure. Collaborate with engineering, DevOps, and product teams to embed security into the SDLC. Oversee data protection strategies (encryption, backups, data access) and ensure regulatory compliance (e.g., RBI, SEBI, GDPR, PCI-DSS if applicable). Manage internal and external security audits and ensure remediation of findings. Lead incident response planning and execution, including root cause analysis and post-mortem reviews. Evaluate and onboard security tools (e.g., SIEM, WAF, DLP, endpoint security). Build a security-first culture through training and awareness programs across teams. Serve as the primary point of contact for security with partners, auditors, and regulators. Key Requirements 4–7 years of progressive experience in Information Security, with at least 2 years in a leadership or ownership role. Strong understanding of cloud security (AWS preferred), web/mobile application security, and data privacy. Hands-on experience with firewalls, VPNs, intrusion detection/prevention systems, and endpoint protection tools. Familiarity with regulatory and compliance frameworks (especially RBI/SEBI guidelines for fintech). Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. Industry certifications like CISSP, CISM, CEH, or ISO 27001 LA are a strong plus. Excellent communication and stakeholder management skills. Preferred Skills Prior experience in fintech, wealth-tech, or BFSI domain. Experience leading security in a startup or early-stage company. Knowledge of DevSecOps practices and CI/CD pipeline security.

Job ID: 199874 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking a highly skilled and experienced Senior Governance, Risk, and Compliance (GRC) Specialist to join our dynamic team. The ideal candidate will have a strong background in GRC, with a proven track record of managing and implementing comprehensive risk management and compliance programs, particularly within the EMEA (Europe, Middle East, and Africa) and IMEA (India, Middle East, and Africa) regions. What will your job look like Develop and maintain governance frameworks, policies, and procedures. Ensure compliance with industry standards, regulations, and contractual obligations. Identify, assess, and prioritize security risks, implementing mitigation strategies. Conduct regular risk assessments, audits, and maintain risk registers. Ensure adherence to GDPR, CRA, and other relevant security regulations. Monitor and enforce security compliance across EMEA and IMEA regions. Develop and deliver compliance training programs for employees. Prepare and present security reports to senior management and stakeholders. Collaborate with internal teams and liaise with external auditors and regulators. Communicate security risks and mitigation strategies effectively to stakeholders. All you need is... Bachelor's degree in Business Administration, or a related field. Professional certification (e.g., CISA, CRISC, CISSP) is preferred. Minimum of 6 years of experience in governance, risk management, and compliance. Strong knowledge of relevant laws, regulations, and industry standards, particularly in the EMEA and IMEA regions. Strong understanding of NIST CSF, CIS, ISO 27001, PCI DSS, and Data Protection frameworks. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with experience in defending and explaining security risks and mitigations to customers and stakeholders. Ability to work independently and as part of a team. Proficiency in GRC software and tools. Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Roles & Responsibilities:- Design and implement secure AWS cloud architectures aligned with business and compliance requirements. Automate security controls and integrate them into CI/CD pipelines Manage and monitor AWS security tools such as GuardDuty, Security Hub, and CloudTrail Develop and enforce IAM policies using least privilege principles Conduct threat modeling, vulnerability assessments, and cloud security posture evaluations Ensure compliance with standards like SOC 2, ISO 27001, and NIST Support audit readiness and implement risk treatment plans Collaborate with DevOps teams to embed security in cloud deployments Promote DevSecOps culture across development and operations teams Create and maintain security-as-code using CloudFormation, Terraform, and scripting Automate detection, remediation, and incident response processes Provide security guidance during cloud migrations and new service adoptions Qualification:- Bachelors in Cybersecurity, Computer Science, or related field (Masters preferred) 7+ years in cybersecurity, with 5+ years in cloud security Strong expertise in AWS security tools (GuardDuty, Security Hub, IAM, KMS, CloudTrail) Familiar with cloud security frameworks (AWS Well-Architected, NIST CSF, CSA CCM) Experience in securing CI/CD pipelines and implementing IaC security (CloudFormation/Terraform) Hands-on with CSPM tools and automated security validation Deep understanding of IAM principles and DevSecOps practices Proficient in scripting (Python, Bash) for automation Strong knowledge of network, container, and serverless security Excellent communication skills (verbal and written) Certifications: AWS Security Specialty, CCSP, CISSP, or equivalent Preferred Qualifications :- Experience with multi-cloud (AWS, Azure, GCP) security Understanding of regulatory frameworks (e.g., GDPR, HIPAA, ISO) Hands-on with container security (Docker, Kubernetes, ECS/EKS) Experience with Zero Trust security models in cloud Familiarity with automated incident response and cloud-native tools Knowledge of Hashicorp Vault or similar tools for secrets management Experience securing data lakes and analytics platforms Worked with CWPP and serverless security best practices Cloud security experience in energy efficiency/sustainability domains Experience in cloud threat modeling and collaborating with global teams

Security Risk and Compliance Expert will be instrumental in shaping the global Information Security Management System (ISMS) within our Group Security team. This role involves engaging with various Business Groups and Corporate Functions to identify and manage information security risks, ensuring compliance and enhancing our security posture. Facilitate risk assessments, develop training, and contribute to the continuous improvement of security policies and tools. Enhance the overall security and compliance of services provided to our customers. You have: Master's or bachelor's degree in computer science, security engineering, or equivalent 5+ years of experience in information security in a multinational organization. Solid understanding of information security processes and technologies Practical knowledge of ISO/IEC 27001:2022 standard implementation Excellent documentation and communication skills It would be nice if you also had: Knowledge of security standards like CSA CCM, NIST CSF, NIS2, and SOC2 Experience delivering information security training Familiarity with RSA Archer and Microsoft Power BI or other GRC tools Certifications in information security (e.g., CRISC, CISSP and ISO 27001 LI/LA) Implement and operate the global Information Security Management System (ISMS) to enhance overall security and compliance Conduct risk assessments with global stakeholders to evaluate and report information security risks Develop and maintain the information security risk register, tracking mitigation progress and presenting reports to stakeholders Provide recommendations for security risk mitigation strategies tailored to different business groups Create, update, and maintain ISMS documentation and a repository of reports and audit records Facilitate training sessions to educate employees on ISMS practices and promote a strong security culture Collaborate with cross-functional teams to identify evolving security trends and compliance requirements Contribute to the continuous improvement of Nokia ISMS and related tools, utilizing KPIs to measure effectiveness

Manage internal/external audits (ISO, SOC 2), handle client questionnaires, ensure security compliance (ISO 27001, NIST), coordinate audits via OneTrust, test controls, review policies, and support InfoSec risk, GRC, and compliance processes. Required Candidate profile Looking for 8–12 yrs exp in InfoSec audits, ISO 27001, NIST, client questionnaires, OneTrust GRC, control testing. Good to have CISSP/ISO certs. Shift: 2–11 PM,

JD Requirement # 1 Infosec Audit Manager Designation Manager Experience 8 to 12 years Relevant Experience Mandatory Skills Client questionnaires, Security, ISO 270001- 2022, Audit Coordination , NIST CSF, Audit programs, Security analyst or client analyst Good to have skills CISSP certification , ISO certification, One Trust, GRC experience Requirement # 2 Infosec Third Party Risk Senior Manager Designation Senior Manager Experience 15 to 20 years – Relevant Experience Mandatory Skills TPRM, Supply chain risk assessments, Risk assessment, ISO- 270001, NIST - CSF Good to have skills GRC , CISSP , ISO Requirement # 3 Infosec Client Questionnaire & Audit Manager Designation Manager Experience 8 to 12 years – Relevant Experience Mandatory Skills Client questionnaires, Security, ISO 270001- 2022, Audit Coordination , NIST CSF, Audit programs, Security analyst or client analyst Good to have skills CISSP certification , ISO certification, One Trust, GRC experience Location Remote Targeted Companies Big 4

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and innovative SOAR Architect to lead the design, development, and implementation of advanced Security Orchestration, Automation, and Response (SOAR) solutions. The ideal candidate will leverage their expertise in platforms like Splunk Phantom, Chronicle SOAR, and Cortex XSOAR to optimize and automate incident response workflows, enhance threat detection, and improve overall security operations efficiency. Roles & Responsibilities: SOAR Strategy and Architecture:Develop strategies for automation, playbook standardization, and process optimization. Playbook Development:Create, test, and deploy playbooks for automated threat detection, investigation, and response. Collaborate with SOC teams to identify repetitive tasks for automation and translate them into SOAR workflows. Integration and Customization:Integrate SOAR platforms with existing security tools, including SIEM, threat intelligence platforms, and endpoint protection. Customize connectors and APIs to enable seamless communication between security tools. Collaboration and Leadership:Work closely with SOC analysts, threat hunters, and other stakeholders to align automation efforts with organizational goals. Provide technical mentorship to analysts on SOAR platform utilization. Performance Optimization:Continuously evaluate SOAR platform performance and implement improvements for scalability and reliability. Monitor automation workflows and troubleshoot issues to ensure consistent operations. Compliance and Best Practices:Ensure that all SOAR implementations align with industry standards, compliance regulations, and organizational policies. Stay up to date with the latest advancements in SOAR technology and incident response practices. Professional & Technical Skills: Proficiency in scripting and programming Python to develop custom playbooks and integrations. Strong understanding of security operations, incident response, and threat intelligence workflows. Proven track record of integrating SOAR with SIEM solutions (e.g., Splunk, Chronicle), EDR, and other security tools. Ability to troubleshoot complex integration and automation issues effectively. Additional Information: Certifications such as Splunk Phantom Certified Admin, XSOAR Certified Engineer, or equivalent. Experience with cloud-native SOAR deployments and hybrid environments. Familiarity with frameworks like MITRE ATT&CK, NIST CSF, or ISO 27001. A 15 year full-time education is required 3.5 years of hands-on experience with SOAR platforms like Splunk Phantom (On-Prem and Cloud), Chronicle SOAR, and Cortex XSOAR. Qualification 15 years full time education

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about security architecture and driven to protect against the latest threats? We are seeking a Security Lead who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Security Lead, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customer’s assets. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from a Junior Architect to Principal Architect – we have opportunities for that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise •Minimum of 8 years of experience in security architecture design and implementation within a Service Provider organization •Experience with security frameworks such as NIST CSF, ISO 27001, or CIS Controls. . Exp in Fortigate Firewall, WAF or Zscaler(Mandatory) •Deep understanding of security technologies, such as firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint protection •Strong knowledge of cloud security concepts and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) Preferred Technical and Professional Experience •Relevant industry certifications such as CISSP, CISM, or CCSP •Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Job Summary: We are seeking an experienced OT Security Consultant to support our clients in strengthening the security posture of their Operational Technology (OT) environments. The ideal candidate will be responsible for conducting OT risk assessments, identifying and prioritizing risks based on impact and likelihood, and recommending actionable mitigations and controls. A strong grasp of the ISA/IEC 62443 standard, coupled with hands-on experience in IT-OT network security and industrial control systems, is essential. Key Responsibilities: Conduct comprehensive OT risk assessments across industrial environments, identifying key risk and potential impact. Assess and prioritize risks based on impact, likelihood, and business context. Perform IT-OT network security assessments, including architecture reviews, segmentation analysis, and traffic flow evaluations. Good Understanding of OT infrastructure such as PLC, DCS, MES, SCADA etc., network infrastructure elements, topology, configuration and data flow architecture. Experienced in IT-OT network security assessment, Network solution design, implement (Network architecture/ switches/ routers/ firewalls/ DMZ/AD etc ) for manufacturing environments. Align assessment methodologies with ISA/IEC 62443,NIST 800-53 standards and best practices. Deliver detailed assessment reports and risk matrices, including practical remediation recommendations. Collaborate with client stakeholders including engineering, operations, and cybersecurity teams. Provide guidance on secure network design, hardening of ICS components, and secure integration of IT/OT systems. Required Qualifications: Bachelors or Master’s degree in Cybersecurity, Engineering, Computer Science, or a related field. 4 to 8 years of experience in OT cybersecurity or ICS/SCADA environments. In-depth knowledge of ISA/IEC 62443, NIST 800-53 and risk assessment frameworks. Hands-on experience with OT systems including PLCs, SCADA, DCS, HMIs, and Historian technologies. Strong understanding of industrial network protocols (Modbus, OPC, DNP3, etc.) and security principles. Familiarity with NIST CSF, NERC CIP, or ISO/IEC 27001 is a plus. Preferred Certifications: ISA/IEC 62443 Cybersecurity Certifications GICSP (Global Industrial Cyber Security Professional) CCNA, PCNSA

The Audit Manager, Information Security position will be an integral member of the Information Security and Risk Management team. This role will be responsible for organizing and managing internal and external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance, this role serves as an information security technology professional for Grant Thornton to support the design, implementation, and maintenance of a cohesive information security governance, risk and compliance program. The successful candidate will have a good mix of deep technical knowledge, understanding of industry best practice, frameworks and regulations, and a demonstrated background in information security risk management program. An experienced and motivated risk and compliance individual contributor is needed to work across a matrixed team in place today and growing in the future. The successful candidate has a track record of developing strong relationships, collaborating across teams, coordinating multiple timelines, and managing complex, cross discipline projects.

We are seeking a skilled Cybersecurity GRC Consultant with 6+ years of experience, preferably immediate joiners for our Hyderabad location. The ideal candidate will have expertise in governance, risk, and compliance (GRC), conducting internal audits, performing risk assessments, and ensuring compliance with global data protection regulations. Responsibilities include acting as a subject matter expert in GRC, assessing IT environments, testing and validating security controls, managing GRC tools, executing internal audits, and presenting risk metrics to the CISO. The role requires deep knowledge of frameworks like ISO 27001, NIST CSF, PCI DSS, GDPR, and the Digital Personal Data Protection Act, 2023. Candidates should have strong stakeholder management skills and the ability to lead complex cybersecurity projects in fast-paced environments.

Role & responsibilities: Outline the day-to-day responsibilities for this role. Preferred candidate profile: Specify required role expertise, previous job experience, or relevant certifications.