83 Nist Csf Jobs - Page 4

Role & responsibilities -Shall be accountable for interpreting the RFI/RFP, or Customer queries, and responding to them. -Review Contracts/MSA/DPA to ensure they include appropriate risk-related clauses, such as security controls, data privacy, liability, and business continuity terms. -Shall be accountable for assessing vendors or suppliers to identify potential risks in areas such as cybersecurity, data protection, regulatory compliance, and operational resilience. -Participate in meetings with customers, partners, and vendors and be accountable for handling security/privacy-related discussions. -Work closely with IT, HRD, L&D, and other teams to close any Customer audit observations, and shall be accountable. -Shall be accountable for tracking the external advisories/threat intelligence to closure. -Shall be accountable for Enterprise Risk Management. Eligibility Criteria -Must have 5 years in a Customer/Vendor role responsible for Responding, clarifying and reviewing Contracts around below standards/models/industry best practices and their mapping to Organizational Practices. -In-depth knowledge of standards and frameworks such as ISO 9000, ISO 27001, PCI-DSS, SOC 2, CMMi, NIST, HIPAA, GDPR, and CCPA. -Must have led the implementation of security standards like ISO 27001, PCI-DSS, SOC 2, etc. -Knowledge of privacy regulations like GDPR, PDPD, DPDPA, etc. is preferred. -Must have faced or facilitated customer or external audits. -Proven experience in quality assurance, compliance, and risk management. At least more than 7 years of experience in managing the audit. -Excellent communication and interpersonal skills. -Strong analytical skills and attention to detail. -Ability to work collaboratively with cross-functional teams. -Must have managed a team of more than 3 members at least for 5 years. -Certification in Quality Assurance or Information Security (e.g., ISO 9001 Lead Auditor, ISO 27001 Lead Implementer, CEH) will be preferred.

Role & responsibilities Key responsibilities Assess the security posture of customer cloud workloads and environments to identify vulnerabilities and gaps. Recommend and design security interventions aligned with best practices and compliance requirements. Evaluate and strengthen configurations for Azure security services, including Microsoft Defender for Cloud, Sentinel, Key Vault, Azure AD (Entra ID), Privileged Identity Management (PIM), Azure Policy, and governance and observability tools such as Azure Monitor and Log Analytics. Lead and facilitate security architecture workshops, risk assessments, and governance reviews with client teams. Collaborate with cross-functional teams to ensure alignment between security, operations, and business objectives. Conduct thorough security risk assessments and ensure mitigation strategies are implemented. Drive continuous improvement of security processes and controls based on evolving threat landscapes and compliance frameworks. Ensure adherence to industry frameworks and regulations such as NIST, ISO/IEC 27001, HIPAA, GDPR, and FedRAMP.. Required Qualifications Minimum 5 years of experience in cloud security architecture and assessment, specifically within Microsoft Azure environments. Deep knowledge of Azure security architecture and cloud-native security resiliency patterns. Strong experience with security frameworks and methodologies (e.g., NIST CSF, ISO/IEC 27001). Proficient in vulnerability management, risk assessment, and security compliance standards. Ability to communicate complex security concepts clearly to both technical and non-technical stakeholders. Strong written and verbal communication and documentation skills. Hands-on experience with Azure security and governance services: Microsoft Defender for Cloud, Sentinel, Key Vault, Azure AD (Entra ID), PIM, Azure Policy, Azure Monitor, and Log Analytics. Familiarity with Microsoft Security Assessments, such as the Well-Architected Review Assessment (WARA) and Microsoft Security Assessment Frameworks. Experience working directly with clients in customer-facing roles to deliver security assessments and solutions. Solid understanding of process governance, security incident response planning, and Major Incident Response Plan (MIRP) development. Preferred qualifications Strong consulting experience with direct client engagement and workshop facilitation. Familiarity with SOC integration, security operations center workflows, and incident response coordination. Experience with compliance frameworks such as HIPAA, GDPR, FedRAMP, or equivalent. Expertise with SIEM/SOAR tools, automation, and security orchestration. Proven track record delivering executive-level security architecture reviews and recommendations.. Certifications Required: Microsoft Certified: Cybersecurity Architect Expert ITIL Foundation Certification Preferred: Microsoft Certified: Azure Security Engineer Associate Certified Information Systems Security Professional (CISSP) Microsoft Certified: Security Operations Analyst Associate Microsoft Certified: Identity and Access Administrator Associate Microsoft Certified: Azure Administrator Associate Business Continuity and Disaster Recovery (BC/DR) certifications such as CBCP, MBCI, ISO 22301, or equivalent industry-recognized certifications

We are hiring an experienced AI Security & Compliance Specialist for a 12-month remote contract-to-hire role The ideal candidate will have over 4 years of experience in information security and compliance, with proven expertise in implementing ISO 27001 and a strong understanding of AI-specific security challenges such as data poisoning, model inversion, and prompt injection Knowledge of ISO 42001 and the NIST Cybersecurity Framework (CSF) is highly desirable This role is critical in ensuring security, trust, and compliance across the AI lifecyclefrom data collection and model training to deployment and governance Location-Remote,Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad

We are hiring an experienced AI Security & Compliance Specialist for a 12-month remote contract-to-hire role The ideal candidate will have over 4 years of experience in information security and compliance, with proven expertise in implementing ISO 27001 and a strong understanding of AI-specific security challenges such as data poisoning, model inversion, and prompt injection Knowledge of ISO 42001 and the NIST Cybersecurity Framework (CSF) is highly desirable This role is critical in ensuring security, trust, and compliance across the AI lifecyclefrom data collection and model training to deployment and governance Location-Remote,Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad

Security Risk and Compliance Expert will be instrumental in shaping the global Information Security Management System (ISMS) within our Group Security team. This role involves engaging with various Business Groups and Corporate Functions to identify and manage information security risks, ensuring compliance and enhancing our security posture. Facilitate risk assessments, develop training, and contribute to the continuous improvement of security policies and tools. Enhance the overall security and compliance of services provided to our customers. You have: Master's or bachelor's degree in computer science, security engineering, or equivalent 5+ years of experience in information security in a multinational organization. Solid understanding of information security processes and technologies Practical knowledge of ISO/IEC 27001:2022 standard implementation Excellent documentation and communication skills It would be nice if you also had: Knowledge of security standards like CSA CCM, NIST CSF, NIS2, and SOC2 Experience delivering information security training Familiarity with RSA Archer and Microsoft Power BI or other GRC tools Certifications in information security (e.g., CRISC, CISSP and ISO 27001 LI/LA) Implement and operate the global Information Security Management System (ISMS) to enhance overall security and compliance. Conduct risk assessments with global stakeholders to evaluate and report information security risks. Develop and maintain the information security risk register, tracking mitigation progress and presenting reports to stakeholders. Provide recommendations for security risk mitigation strategies tailored to different business groups. Create, update, and maintain ISMS documentation and a repository of reports and audit records. Facilitate training sessions to educate employees on ISMS practices and promote a strong security culture. Collaborate with cross-functional teams to identify evolving security trends and compliance requirements. Contribute to the continuous improvement of Nokia ISMS and related tools, utilizing KPIs to measure effectiveness.

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. We are seeking a dynamic IT Compliance & Audit Lead to join our Governance, Risk & Compliance (GRC) team in Pune. This role will be pivotal in driving the implementation and evolution of ZSs Continuous Compliance Monitoring (CCM) program. The ideal candidate will bring hands-on technical security expertise, a strong audit and risk management mindset, and the ability to collaborate across technical and business stakeholders. What youll do: Lead the development and execution of ZSs Continuous Compliance Monitoring (CCM) program across infrastructure, applications, and third-party vendors Collaborate cross-functionally with internal security, privacy, engineering, and operations teams to drive remediation and maturity of compliance gaps Serve as SME for security audits, helping interpret and implement compliance controls (e.g., ISO 27001, SOC 2 Type 2, NIST CSF, HIPAA, ESG reporting frameworks) Design and implement automated compliance checks and control testing routines aligned with risk appetite and audit requirements Conduct and support internal and external audits, including pre-audit readiness assessments, evidence collection, and issue remediation oversight Contribute to enterprise risk assessments, security profiling, and threat modeling to improve ZSs security posture Drive security incident post-mortems and track audit findings to closure with technical leads and business owners Assist in the maintenance and enhancement of security policies, procedures, and standards to reflect evolving risk and regulatory requirements Create training and awareness content related to policy adoption, audit preparedness, and security control responsibilities Provide metrics and executive-level reporting on compliance posture, audit outcomes, and CCM maturity Serve as a technical consultant in areas such as SIEM tuning, bounty hunting initiatives, and threat intelligence integration What youll bring: Bachelor's degree in Computer Science, Information Systems, or a related field 4+ years of hands-on experience in Information Security, Audit, Compliance, or GRC roles with technical depth Proven experience implementing or maturing compliance frameworks like ISO 27001, SOC 2 Type 2, HIPAA, NIST CSF, etc. Strong understanding of security tooling and architecture, including: SIEM platforms (e.g., Splunk, Sentinel, QRadar) Threat modeling and profiling tools Vulnerability management platforms Cloud security configurations (AWS, Azure, GCP) Experience with bug bounty programs or threat hunting initiatives is a plus Excellent communication skills; ability to articulate risk and compliance requirements to technical and non-technical stakeholders Certifications preferred: CISA, CISSP, CRISC, CISM, ISO Lead Auditor/Implementer, CEH

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about Senior Security Consultant and driven to protect against the latest threats? We are seeking a Senior Security Consultant who will join our team and take the lead on developing, implementing, and maintaining our security strategy within our Service Provider organization. As our Senior Security Consultant, you will work closely with our leadership team to design and implement effective security solutions that not only protect our business objectives and regulatory requirements, but also provide innovative solutions to stay ahead of emerging threats. You will conduct risk assessments and threat modeling to identify and prioritize risks to our business and IT assets, using your extensive experience in security architecture design and implementation within a Service Provider environment to create a cutting-edge security architecture framework. You will also work to maintain policies, standards, and guidelines related to information security within our organization, collaborating with cross-functional teams to implement security controls and technologies such as encryption, authentication, and authorization solutions. Your role will also involve conducting security reviews of vendors and third-party partners to ensure they meet our rigorous security standards, as well as performing regular security and risk reviews of our Service Provider environment to identify vulnerabilities and recommend remediation activities. At the forefront of security trends and technologies, you will advise our senior leadership team on the latest security best practices, and stay ahead of emerging security threats, always keeping our organization one step ahead. Join us on this exciting journey of securing our Service Provider organization and protecting our customer’s assets. Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from a Junior Architect to Principal Architect – we have opportunities for that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Technical and Professional Expertise Minimum of 15 years of experience in security Experience with security frameworks such as NIST CSF, ISO 27001, or CIS Controls Deep understanding of security technologies, such as firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint protection Strong knowledge of cloud security concepts and technologies, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Good Knowledge and experience in Crowd strike , Microsoft Defender, Cortex , & Symantec EDR , Arcon PIM , Cyber Ark PIM & Iraje •Bachelor's or Master's degree in Computer Science(B.E/B.Tech/MCA), Information Security, or a related field Preferred Technical and Professional Experience •Relevant industry certifications such as CISSP, CISM, or CCSP Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Key Responsibilities: Conduct internal cybersecurity assessments in alignment with ISO/IEC 27001, ISA/IEC 62443, and other related industry standards Perform comprehensive security evaluations of both, IT and OT environments across enterprise, manufacturing, and industrial settings Assess the effectiveness of existing information security controls, risk management frameworks, and compliance policies Develop and deliver detailed assessment reports including observations, risk ratings, and actionable remediation plans Deep understanding of cybersecurity frameworks such as ISO/IEC 27001, NIST CSF, ISA/IEC 62443, COBIT, and PCI-DSS Strong knowledge of IT and OT security architectures, including SCADA, PLCs, DCS, and industrial network protocols Proficiency in risk assessment methodologies, threat modeling, and vulnerability management Familiarity with financial systems security and regulatory compliance (e.g., SOX, GDPR) Preferred candidate profile Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Thanks and Regards, Deepali deepali@hirednext.info