3659 Nist Jobs - Page 11

Certifications, Qualification And Experience Bachelor / PG degree with any of the certifications - ISO 27001, CBCP, CISA, CISM, CRISC, CISSP 2 years to 20 years of applied work experience in cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management. Job Description Implements security controls, risk assessment framework (ISO 31000, NIST), and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns and advances client business objectives. Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves client security positioning through process improvement, policy, automation, and the continuous evolution of capabilities. Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts. Defines and documents business process responsibilities and ownership of the controls in GRC tool (e.g. ServiceNow GRC, Archer, OneTrust, SAP GRC). Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports. Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally Identifying Information (PII) data, and compliance such PCI DSS, SOX, SOC2, HIPAA, RBI Guideline, ISO standards Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks. Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Assists other staff in the management and oversight of security program functions. Trains, guides, and acts as a resource on security assessment functions to other departments within Client sites. Remains current on best practices and technological advancements and acts as the Client’s technical resource for security assessment and regulatory compliance. Performs other related duties as assigned. Location: Bangalore - VPTS, Bangalore, Karnataka, India ; Mumbai - VPTS, Mumbai, Maharashtra, India

Job Title: Deputy Manager – VAPT & Governance Location: Navi Mumbai Experience Required: 3+ years Industry: Consulting Domain: Banking and Financial Services Work Mode: Work from Office (WFO) Joining: Immediate joiners preferred Key Responsibilities: Lead and manage VAPT projects for BFS clients including scoping, execution, reporting, and remediation tracking. Deliver technical and governance-driven security assessments across infrastructure, applications, cloud, and network environments. Provide expertise on security governance frameworks, controls, and compliance (RBI, ISO 27001, NIST, etc.). Review and develop security policies, procedures, and risk assessment frameworks. Collaborate with cross-functional teams and manage client relationships. Ensure timely reporting and communication of critical findings to stakeholders. Mentor junior team members and contribute to practice development. Desired Skills & Qualifications: Bachelor’s or Master’s degree in IT, Cybersecurity, or related field. Relevant certifications: OSCP, CEH, CISA, CISSP (preferred) . Extensive experience in consulting for Banking and Financial Services clients . Strong hands-on experience with VAPT tools and methodologies. Deep understanding of governance, risk, and compliance in BFSI. Excellent presentation, reporting, and client communication skills.

Devsecops Engineer Gurugram, Haryana – Engineering /Full-Time We at OLX work together to build a more sustainable world through trade. We make it safe, smart, and convenient to buy and sell cars, find housing, get jobs, buy and sell household goods, and more. We are looking for a Devsecops Engineer to empower millions of people across the globe by helping them connect and share their goods and services. What You’ll be doing ? ● Design and implement security measures to protect our cloud infrastructure, applications, and data. ● Collaborate with development and operations teams to integrate security into the CI/CD pipeline. ● Conduct security assessments and vulnerability scans, and implement remediation measures. ● Automate security controls and compliance checks using scripting and configuration management tools. ● Monitor and respond to security incidents and alerts, and implement incident response procedures. ● Implement and enforce security policies, standards, and best practices. ● Stay up-to-date on the latest security threats, vulnerabilities, and trends, and recommend security enhancements accordingly. ● Provide security guidance and training to development and operations teams. Who We are looking for : ● Bachelor's degree in Computer Science, Information Technology, or related field. ● 4+ years of experience in software development, operations, or security roles. ● Strong understanding of DevOps principles and practices. ● Strong understanding of CDN (e.g AKAMAI, CLOUDFRONT,CLOUDFARE) ● Strong experience in Cloud technologies, particularly AWS. ● Proficiency in scripting and programming languages (e.g., Python, Ruby, Shell). ● Experience with configuration management and infrastructure as code tools (e.g., Ansible, Terraform). ● Knowledge of containerization technologies (e.g., Docker, Kubernetes) and microservices architecture. ● Familiarity with AWS Well-Architected and security frameworks and standards (e.g., OWASP, NIST, CIS PCI DSS,). ● Certifications such as Certified DevOps Engineer, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are a plus. ● Excellent communication and collaboration skills. What We'll give you ● An opportunity to shape a largely unorganised industry and help millions of car buyers and sellers transact with trust and efficiency. ● Passionate team and leadership colleagues who will share the dream and drive to deliver the most trusted, convenient and innovative car buying and selling experiences. ● Opportunities to speed up your learning and development across your role relevant areas . At OLX, we are committed to creating a diverse, inclusive, and authentic workplace. We strongly encourage people of all races, ethnicities, disabilities, ages, gender identities or expressions, sexual orientations, religions, backgrounds, and experiences to apply. We embrace diversity and welcome applicants from all backgrounds. If you are as excited as us about this position and our company, we hope you join us! "Our Success is fueled by diverse perspectives and talents”.

About Position: Persistent is scaling up its global Digital Trust practice. Digital Trust encompasses the domains of Data Privacy, Responsible AI (RAI), GRC (Governance, Risk & Compliance), and other related areas. This is a rapidly evolving domain globally that is at the intersection of technology, law, ethics, and compliance. Team members of this practice get an opportunity to work on innovative and cutting-edge solutions. We are looking for a highly motivated and technically skilled Responsible AI Testing Analyst with 1–3 years of experience to join our Digital Trust team. In this role, you will be responsible for conducting technical testing and validation of AI systems or agents against regulatory and ethical standards, such as the EU AI Act, AI Verify (Singapore), NIST AI RMF, and ISO 42001. This is a technical position requiring knowledge of AI/ML models, testing frameworks, fairness auditing, explainability techniques, and regulatory understanding of Responsible AI. Role: AI Testing Analyst Location: All PSL Location Experience: 1-3 years Job Type: Full Time Employment What You’ll Do: Perform technical testing of AI systems and agents using pre-defined test cases aligned with regulatory and ethical standards. Conduct model testing for risks such as bias, robustness, explainability, and data drift using AI assurance tools or libraries. Support the execution of AI impact assessments and document the test results for internal and regulatory audits. Collaborate with stakeholders to define assurance metrics and ensure adherence to RAI principles. Assist in setting up automated pipelines for continuous testing and monitoring of AI/ML models. Prepare compliance-aligned reports and dashboards showcasing test results and conformance to RAI principles. Expertise You’ll Bring : 1 to 3 years of hands-on experience in AI/ML model testing, validation, or AI assurance roles. Experience with testing AI principles such as fairness, bias detection, robustness, accuracy, explainability, and human oversight. Practical experience with tools like AI Fairness 360, SHAP, LIME, What-If Tool, or commercial RAI platforms Ability to run basic model tests using Python libraries (e.g., scikit-learn, pandas, numpy, tensorflow/keras, PyTorch). Understanding of regulatory implications of high-risk AI systems and how to test for compliance. Strong documentation skills to communicate test findings in an auditable and regulatory-compliant manner. Preferred Certifications (any one or more): AI Verify testing framework training (preferred) IBM AI Fairness 360 Toolkit Certification AI Certification (Google Cloud) – Vertex AI + SHAP/LIME ModelOps/MLOps Monitoring with Bias Detection – AWS SageMaker / Azure ML / GCP Vertex AI TensorFlow Developer / Python for Data Science and AI / Applied Machine Learning in Python Benefits: Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry’s best Let’s unleash your full potential at Persistent “Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.”

SOC L2 Engineer Location - Bangalore/Chandigarh Experience - 4+ years Hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms As this is an immediate need, candidates who can join within 30 days may apply. About the Role: We are seeking a highly skilled and motivated L2 SOC Engineer with 4-6 years of experience in implementing security solutions, maintenance and troubleshooting. The ideal candidate will have deep hands-on expertise with either IBM QRadar and/or Microsoft Sentinel SIEM platforms. You will play a crucial role in integration, monitoring, and analyzing to security tools/incidents, and contributing to the continuous improvement of our security posture. Key Responsibilities: SIEM Administration & Optimization: Support the administration, maintenance, and health monitoring of the SIEM platform (QRadar or Microsoft Sentinel). Log source integration and parsing. Assist with log source onboarding, parser development, and data normalization within the SIEM. Contribute to the continuous improvement of SOC processes, playbooks, and standard operating procedures (SOPs). Security Monitoring & Incident Response: Conduct thorough investigations to determine the scope, root cause, and impact of security incidents (e.g., malware infections, phishing attempts, unauthorized access, denial-of-service attacks). Execute incident response procedures, including containment, eradication, and recovery, in accordance with established playbooks and industry best practices (e.g., NIST, MITRE ATT&CK). Document all incident details, analysis findings, and remediation steps accurately and comprehensively in the incident management system. Collaborate with cross-functional teams (IT operations, network, application development) to facilitate incident resolution and implement corrective actions. Participate in on-call rotation as required to ensure 24/7 security coverage. Required Skills and Qualifications: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 4-6 years of hands-on experience in a Security Operations Center (SOC) environment. Strong expertise with either IBM QRadar and Microsoft Sentinel, including: In-depth knowledge of SIEM components and how it works. Good troubleshooting skills. In-depth knowledge of log source integration troubleshooting. Experience in developing and optimizing correlation rules, use cases, and dashboards. Familiarity with log source integration and data ingestion. (For QRadar): Experience with QRadar AQL (Ariel Query Language) and building blocks. (For Sentinel): Proficiency with KQL (Kusto Query Language) and Azure security services (Azure AD, Azure Security Center, Azure Log Analytics). Strong knowledge of network protocols (TCP/IP, HTTP, DNS, SMTP, etc.) and network security concepts (firewalls, IDS/IPS, VPNs). Proficiency in analyzing logs from various sources (Windows Event Logs, Linux logs, firewall logs, web server logs, cloud logs). Familiarity with scripting languages (e.g., Python, PowerShell) for automation and data analysis is a plus. Excellent analytical, problem-solving, and critical thinking skills. Strong written and verbal communication skills, with the ability to articulate technical issues to both technical and non-technical audiences. Ability to work effectively both independently and as part of a team in a fast-paced environment. Preferred Certifications (one or more highly desirable): Microsoft Certified: Azure Security Engineer Associate (for Sentinel focus) IBM Certified Analyst - Security QRadar SIEM

Navaera Worldwide is a global, full-service firm specializing in advanced knowledge management products and services that empower financial organizations to improve operational efficiency, manage risk with data-informed decisions, detect fraud and gain competitive advantages. The privately held company has diverse clients around the world, including major corporations in the financial services sector as well as small and medium-sized enterprises. At Navaera Worldwide, we provide potent and scalable business products and solutions to organizations of all sizes. Responsibilities: Design and comply with applicable ISO27001 and NIST CSF standards. Monitor and protect against IT security threats with regular and effective oversight, testing, awareness building and employee training. Help develop a company-wide cultural mentality regarding the importance of information security. Prepare reports on IT security issues, testing, threats and incidences on a regular basis. Perform information security risk assessments. Identify and track the resolution of security incidences and vulnerabilities. Develop communication plans in advance of incidents to ensure a prompt and strategic response to both internal and external personnel. Ensure that adequate physical security controls exist to protect sensitive data and information systems. Responsibilities include asset, building, and network protection. Participate in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements, to ensure all security concerns, requirements, and responsibilities are addressed. Qualifications: Bachelor’s degree or master’s degree in a computer field. Ten years or more IT operations experience and management. Ten years or more of experience leading technology projects in a high uptime, telecom, call center and/or Software-as-a-Service environment. CISSP or CISM qualifications Track record of ISO27001 program implementation, certification and maintenance In-depth knowledge of Windows and Linux server environments Ability to maintain composure and sound judgment in high-pressure environments Demonstrated leadership and personnel/project management skills Highly self-motivated and directed Proven analytical and problem-solving abilities Strong customer service orientation Experience working in a team-oriented, collaborative environment

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Compliance Management Good to have skills : Security Architecture Design Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role ensures that the organization complies with industry standards and regulations such as ISO/IEC 27001, PCIDSS, NIST CSF, SOC 2, TISAX, and others. The candidate will work cross-functionally to manage audits, assess risks, and drive continuous improvement in the security posture of the organization. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security managed operations, ensuring that all security measures align with organizational standards and compliance requirements. You will also engage in continuous improvement initiatives to enhance the security posture of the organization. Roles & Responsibilities: Expected to perform independently and become an SME GRC professional. Required active participation/contribution in client discussions. Contribute in providing solutions to compliance related complex situations Conduct regular assessments of security framework based or cloud security controls to ensure compliance with established standards. Collaborate with cross-functional teams to identify and mitigate potential security risks. Professional & Technical Skills: Proficient in Information Security, Cyber Security and Governance, Risk, and Compliance (GRC). Has significant exposure to evolving landscape of security compliance requirements Lead and manage security compliance initiatives across the organization. Manage/ Conduct gap assessments and implement controls in alignment with compliance standards (e.g., ISO 27001, PCIDSS, NIST, SOC 2, GDPR and other relevant frameworks). Coordinate and support internal and external security audits, including evidence collection and remediation planning. Partner with business, IT, and legal teams to ensure compliance requirements are understood and implemented. Develop and maintain security policies, procedures, and documentation in line with regulatory needs. Monitor compliance status and prepare reports and metrics for leadership. Educate teams on compliance requirements and drive a culture of security awareness. Relevant certifications : Any one -ISO27001LA/LI, ISO3100 or CISA, CISM, CRISC, or equivalent. Additional Information: - The candidate should have 3-5 years of relevant experience in Information Security Governance, Risk and Compliance (GRC). - This position is based at our Chennai office. - A 15 years full time education is required., 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Experienced and technically proficient Telecom Security Expert for our cybersecurity team. The ideal candidate will bring 7.5 years of hands-on experience in telecom risk and vulnerability assessment, network element hardening, and SOC use case development for telecom infrastructure. This role is critical in securing telecom nodes, ensuring compliance with industry standards, and reducing the risk landscape across telecom assets. Roles & Responsibilities: Conduct comprehensive telecom risk assessments on core and access network nodes (e.g., MSC, HSSvoice core, packet core, radio, backhaul IMS, 5G Core, fixed line etc.). Perform vulnerability risk assessments specific to telecom protocols and elementsservices, identifying and addressing weaknesses in both legacy and modern network infrastructures. Drive security hardening initiatives across telecom network elements by defining and implementing industry-aligned baselines (e.g., 3GPP, GSMA NESAS, NIST). Experience on Telecom SOC operation/ use cases for proactive threat detection and mitigation related to telecom-specific attack vectors. Collaborate with OEM vendors and internal network teams to ensure telecom infrastructure meets all security compliance and regulatory requirements. Provide expert-level guidance during security incident investigations related to telecom infrastructure, including root cause analysis and remediation planning. Stay abreast of emerging threats, vulnerabilities, and technologies relevant to telecom systems and propose strategic mitigations. Lead or support internal and third-party security audits, assessments, and penetration tests across telecom assets. Develop technical documentation, risk reports, and security architecture reviews tailored to the telecom domain. Required Skills and Qualifications: Bachelor’s or Master’s degree in Telecommunications, Information Security, Computer Science, or related field. 7.5 years of experience in telecom cybersecurity, with deep expertise in mobile and fixed network technologies (2G/3G/4G/5G, IMS, VoLTE, etc.). Proven experience in telecom-specific risk and vulnerability assessments. Strong knowledge of network element hardening techniques and standards (e.g., NE security configuration baselines, patching policies). Hands-on experience with telecom protocols such as Diameter, SIP, SS7, GTP, SCTP, etc. Solid understanding of SOC and SIEM tools, with a focus on use case development for telecom-specific threats. Familiarity with compliance frameworks and standards like 3GPP, GSMA NESAS, ISO 27001, NIST, and local telecom regulations. Ability to collaborate with cross-functional teams and articulate complex security issues to technical and non-technical stakeholders. Strong documentation and reporting skills. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing with experience in Telecom Security. - Strong understanding of cloud security principles and best practices. - Experience with threat modeling and risk assessment methodologies. - Familiarity with security tools and technologies for vulnerability scanning and penetration testing. - Knowledge of compliance frameworks such as ISO 27001, NIST, and GDPR. Preferred Certifications: Telecom Security relevant certification/rainings (preferred) Certified Information Systems Security Professional (CISSP) GIAC Global Industrial Cyber Security Professional (GICSP) or equivalent telecom-focused security credentials Additional Information: - The candidate should have minimum 7.5 years of experience in Security Penetration Testing. - This position is based at our Gurugram office. - A 15 years full time education is required.

Area(s) of responsibility About Us Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities. Location -Mumbai ,Pune ,Bangalore, Hyderabad , Noida Exp -8 yrs to 10 yrs About The Role We are seeking a skilled Network Security Engineer to design, implement, and maintain secure network infrastructures. The ideal candidate will possess strong expertise in network protocols, firewall and IDS/IPS configuration, VPN solutions, and security compliance standards. You will be instrumental in enhancing our network security posture through threat detection, risk assessment, and zero trust architecture implementation. Key Responsibilities Design, configure, and manage network security devices including firewalls (Palo Alto, Fortinet, Cisco ASA) and intrusion detection/prevention systems (Snort, Suricata). Implement and manage Network Access Control (NAC) systems utilizing 802.1X, RADIUS, and Cisco ISE for role-based access control. Configure and maintain secure VPN solutions including IPsec, SSL VPNs, and site-to-site tunnels. Conduct SIEM and log analysis using tools such as Splunk, QRadar, and ELK Stack to detect and respond to security threats. Design and enforce network segmentation and apply Zero Trust security principles. Ensure compliance with security standards such as ISO 27001, NIST, PCI-DSS, GDPR, and HIPAA. Perform threat modeling, vulnerability assessments, and risk analysis to mitigate security risks. Collaborate with cross-functional teams to develop and enforce security policies and procedures. Core Technical Competencies Deep understanding of network protocols including TCP/IP, UDP, ICMP, DNS, HTTP/S, FTP. Hands-on experience with firewall and IDS/IPS tools such as Palo Alto, Fortinet, Cisco ASA, Snort, and Suricata. Familiarity with Network Access Control frameworks (802.1X, RADIUS), especially Cisco ISE. Expertise in VPN technologies like IPsec and SSL VPNs. Proficiency in SIEM platforms and log correlation for threat detection and incident response. Knowledge of network segmentation strategies and Zero Trust architecture. Strong understanding of compliance requirements (ISO 27001, NIST, PCI-DSS, GDPR, HIPAA). Ability to conduct threat modeling and risk assessments. Required Certifications CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CEH (Certified Ethical Hacker) CompTIA Security+ CCNP Security (Cisco Certified Network Professional Security) Palo Alto PCNSA/PCNSE Qualifications Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience). Proven experience in network security engineering or a similar role. Why Join Us? Work with cutting-edge security technologies. Collaborate with a passionate and dynamic security team. Opportunities for professional growth and certification support.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: 1) Design and implement Microsoft Sentinel architecture, including data connectors, analytics rules, and workbooks. 2) Integrate Sentinel with various data sources, including Azure services on-premises systems, and third-party security products. 3) Develop and maintain data connectors, APIs and custom integrations. 4) Configure and optimize incident response workflows, including automated response actions and playbooks. 5) Collaborate with security operations teams to implement Sentinel-based security monitoring and incident response processes. 6) Provide training and support to security teams on Sentinel features and functionality 7) Continuously monitor and optimize Sentinel performance, scalability, and reliability 8) Develop and maintain custom dashboards, reports, and workbooks to provide security insights and metrics. 9) Integrate Azure Logic Apps with Azure Sentinel to automate security workflows and incident response. 10) Develop custom connectors for Logic apps to integrate with Azure Sentinel and other security tools. 11) Collaborate with security teams, developers, and operation teams to ensure seamless integration and deployment of Logic Apps with Azure Sentinel 12) Configure and maintain Sentinel workspaces, including data connectors, analytics rules. 13) Optimize Sentinel workspace performance, scalability, and security. 14) Develop and maintain reports and dashboards to provide visibility into security metrics and trends. 15) Strong knowledge of KQL and experience writing complex queries. - Proficiency in Microsoft Sentinel, Azure Security Center and Azure Monitor - Experience with data analytics, machine learning, and threat intelligence. - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Develop and maintain comprehensive documentation of security architecture and frameworks. - Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Azure Sentinel & KQL. - Strong understanding of cloud security principles and best practices. - Experience with security incident response and management. - Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS. - Knowledge of automation tools and scripting languages to enhance security operations. Additional Information: - The candidate should have minimum 5 years of experience in Security Operation Automation. - This position is based at our Gurugram office. - A 15 years full time education is required.

We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients. Req Id : 109973 Job Title : Incident Response Analyst Business Unit sector : CPL-BECIO-CIO Department: BVCPL DIGITAL OFFICE Work Location : INPUNE Opportunity Type : Staff Full time/Part time : Full-Time Employment Status: [[employmentStatus]] Recruiter : Indranee Bindu Job Summary The Incident Response Analyst in the computer security incident response team will be responsible for developing and executing standards, procedures and processes to uncover, resist and recover from security incidents. This position is for an early career analyst that will learn and grow throughout their security career. This is a very technically challenging career track in cyber security and technical acumen, passion, and determination will be highlighted in the interview process. Key Responsibilities The Incident Response Analyst fulfills the following tasks: Responds to computer security incidents according to the computer security incident response policy and procedures. Provides technical guidance to first responders for handling cybersecurity incidents. Provides timely and relevant updates to appropriate stakeholders and decision makers. Communicates investigation findings to relevant business units to help improve the cybersecurity posture. Validates and maintains incident response plans and processes to address potential threats. Compiles and analyzes data for management reporting and metrics. Analyzes potential impact of new threats and communicates risks back to detection engineering functions. Performs root-cause analysis to document findings and participate in root-cause elimination activities as required. Triages and assesses the risk of incidents, performing real-time analysis and managing workload during investigations/incidents. Creates runbooks for frequently occurring incidents to automate or at least assist with the resolution of those cases. Management Responsibilities Individual Contributor Preferred Qualifications A successful Incident Response Analyst candidate will have the expertise and skills described below Education, Training And Past Experience Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. Bachelor's Degree (in Business, Technology, Computer Science or related field), preferred or equivalent experience. BE/BTech, BS or MA in computer science, information security or a related field Candidate must have 5 years of experience in incident response. Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK. Experience with incident response tools and technologies, including tools for security information and event management (SIEM), forensics, and/or threat intelligence even in a lab environment is beneficial. Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents is beneficial. Minimum Qualifications Knowledge and Skills Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include: Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Understands organizational mission, values, goals, and consistent application of this knowledge. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one Ability to effectively influence others to modify their opinions, plans, or behaviors. A team-focused mentality, with the proven ability to work effectively with diverse stakeholders. Strong problem-solving and troubleshooting skills. All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Certifications Contact Compensation Work Environment/Physical Demands Typical office environment Competencies Salary Plan ITS: Information Technology Service Job Grade 004 BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law. By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : BeyondTrust Privileged Access Management Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: We are looking for a seasoned BeyondTrust Implementation Engineer with 5 to 10 years of experience in enterprise cybersecurity, particularly in Privileged Access Management (PAM) implementation. The ideal candidate will have hands-on expertise in designing, deploying, integrating, and optimizing BeyondTrust PAM solutions, with deep understanding of enterprise IT landscapes, security architecture, and regulatory compliance requirements. This is a technical, client-facing role requiring strong analytical, communication, and project management skills to drive PAM solution rollouts and ensure they align with the client’s security objectives and business processes. Roles & Responsibilities: Lead the full lifecycle of BeyondTrust deployments, including requirement gathering, environment assessment, design, deployment, testing, go-live, and support. Configure and customize BeyondTrust products such as: o Password Safe: secure credential storage, automated password rotation, credential injection. o Privilege Management for Windows/Mac/Unix: application control, policy-based least privilege. o Secure Remote Access / Remote Support: secure vendor and internal access. Develop and enforce custom policies and rules for privilege elevation, whitelisting, blacklisting, and session monitoring. Design scalable and secure PAM architectures tailored to enterprise environments (on-premise, hybrid, cloud). Integrate BeyondTrust with IT ecosystems: o Active Directory / LDAP / Azure AD o SIEM (e.g., Splunk, QRadar) o ITSM (e.g., ServiceNow, BMC Remedy) o MFA / SSO solutions (e.g., Okta, Duo, Ping) o Vaulting of SSH Keys, API Keys, and Cloud Secrets Automate BeyondTrust tasks and integrations using: o PowerShell, Bash, Python, or RESTful APIs Build custom connectors or plug-ins for third-party tools. Implement RBAC (Role-Based Access Control) for administrators, auditors, and users. Establish password rotation schedules, check-in/check-out rules, and approval workflows. Enable session recording, keystroke logging, and real-time session termination features. Conduct user acceptance testing (UAT) and performance tuning post-deployment. Produce high-quality deliverables: HLD, LLD, implementation runbooks, migration plans, SOPs, rollback procedures. Conduct hands-on training and knowledge transfer sessions for admins and security teams. Assist with creation of audit and compliance reports related to privileged access. Act as Level 3 escalation point for PAM-related incidents and service disruptions. Diagnose and resolve complex issues involving PAM platform, connectors, and integrations. Provide post-deployment support including system health checks, hotfixes, and version upgrades. Professional & Technical Skills: Minimum 5 years of experience in cybersecurity/IT infrastructure with 3+ years dedicated to BeyondTrust PAM products. In-depth experience in implementing BeyondTrust Password Safe, Privilege Management for Endpoints, and Secure Remote Access. Strong working knowledge of: o Authentication protocols (Kerberos, LDAP, RADIUS, SAML, OAuth) o Operating systems: Windows Server, Linux/Unix o Enterprise directories: AD, Azure AD o Networking basics and firewall concepts Proficiency in scripting: PowerShell, Python, Bash Familiarity with regulatory and security standards: ISO 27001, NIST, GDPR, HIPAA, SOX Hands-on experience with ITSM and ticketing platforms for automation and integration. Excellent verbal and written communication, interpersonal, and customer-facing skills. Additional Information: - 5 or more years’ experience implementing and performing integrations with BeyoundTrust. - This position is based at our Bengaluru, Chennai,Pune,Hyderabad, Gurugaon - A 15-year full time education is required

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Compliance Management Good to have skills : Security Architecture Design Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role ensures that the organization complies with industry standards and regulations such as ISO/IEC 27001, PCIDSS, NIST CSF, SOC 2, TISAX, and others. The candidate will work cross-functionally to manage audits, assess risks, and drive continuous improvement in the security posture of the organization. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security managed operations, ensuring that all security measures align with organizational standards and compliance requirements. You will also engage in continuous improvement initiatives to enhance the security posture of the organization. Roles & Responsibilities: Expected to perform independently and become an SME or manage a team of GRC professional. Required active participation/contribution in client discussions. Contribute in providing solutions to compliance related complex situations Conduct regular assessments of security framework based or cloud security controls to ensure compliance with established standards. Collaborate with cross-functional teams to identify and mitigate potential security risks. Professional & Technical Skills: Proficient in Information Security, Cyber Security and Governance, Risk, and Compliance (GRC). Has significant exposure to evolving landscape of security compliance requirements Lead and manage security compliance initiatives across the organization. Manage/ Conduct gap assessments and implement controls in alignment with compliance standards (e.g., ISO 27001, PCIDSS, NIST, SOC 2, GDPR and other relevant frameworks). Coordinate and support internal and external security audits, including evidence collection and remediation planning. Partner with business, IT, and legal teams to ensure compliance requirements are understood and implemented. Develop and maintain security policies, procedures, and documentation in line with regulatory needs. Monitor compliance status and prepare reports and metrics for leadership. Educate teams on compliance requirements and drive a culture of security awareness. Relevant certifications : ISO27001LA/LI, ISO3100 or CISA, CISM, CRISC, or equivalent. Additional Information: - The candidate should have 8-10 years of relevant experience in Information Security Governance, Risk and Compliance (GRC). - This position is based at our Gurugram office. - A 15 years full time education is required.

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part of Mizuho’s long-term strategy of creating a captive global processing center for remotely handling banking and IT related operations of Mizuho Bank’s domestic and overseas offices and Mizuho’s group companies across the globe. At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGS’s development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS. What’s in it for you? o Immense exposure and learning o Excellent career growth o Company of highly passionate leaders and mentors o Ability to build things from scratch Company website : - https://www.mizuhogroup.com/asia-pacific/mizuho-global-services Position: Governance Risk & Compliance - SENIOR OFFICER ( Non IT) Job Type:- ONROLE JOB Job Location- Ghansoli We are seeking a skilled and vigilant L2 for handling Governance Risk and Compliance for MGS. The Ideal candidate will ensure that an organization’s operations and procedures meet government and industry compliance standards with a strong focus on ISO 27001 implementation and policy preparation. Roles & Responsibilities: 1. Risk Management: Identify, assess, and manage risks related to information security, privacy, and regulatory compliance. 2. ISO 27001 Implementation: Lead the implementation and maintenance of ISO 27001 standards, including conducting internal audits and managing certification processes. 3. Policy Development: Develop, update, and enforce security policies, standards, and procedures to ensure compliance with regulatory requirements. 4. Compliance Monitoring: Monitor and ensure adherence to industry regulations and standards, such as GDPR, NIST, and SOX. 5. Audits and Assessments: Conduct regular audits and risk assessments to identify gaps and recommend improvements. 6. Vendor Risk Management: Evaluate and manage third-party vendors to ensure they meet organizational security requirements. 7. Security Controls: Test and monitor the effectiveness of security controls and recommend enhancements. 8. Regulatory Research: Stay updated on regulatory changes and ensure the organization complies with new requirements. Mandate Skills:- Good Verbal and Written communication skills. Good Team player. Possess Positive and learning attitude. Excellent problem-solving skills and attention to detail. Strong documentation skills (creation of dashboards for regular reporting) Relevant certifications (e.g., CISA, CISM, ISO 27001) are a plus. Sense of Ownership, Priorities and Autonomous. Good to have at least one certification (ISO 27001 LI, ISO27001 LA) Knowledge of banking business and information technology practices and trends in banking sector Ability to communicate effectively, both orally and in writing. Qualifications: Graduation/Post graduation in, Computers, Information Systems, Computer Science, or Information technology systems Experience: Relavant 5+yrs hands on Experience in corporate governance risk and compliance including skills - ISO27001 implementation or auditor, risk mangement risk assessment, 2nd line of defence in risk, Control review and testing, creating policy and procedures, auditing gap analysis, NIST, SOX Preferred candidate from central harbour line Under 15 to 20 kilometers Interested can share the updated cv in mgs.rec@mizuho-cb.com Subject line:- Governance Risk & Compliance - Senior Officer Current location:- Current fixed ctc Notice period:- Address: - Mizuho Global Services India Pvt. 11th Floor, Q2 Building Aurum Q Park, Gen 4/1, Ttc, Thane Belapur Road, MIDC Industrial Area, Ghansoli, Navi Mumbai- 400710.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity Access Management (IAM), Microsoft Active Directory, Microsoft Azure Active Directory Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary We are seeking a highly experienced Entra ID (formerly Azure AD) & Active Directory Architect to design, implement, and optimize enterprise identity and access management (IAM) solutions. The ideal candidate will bring deep expertise in Microsoft identity platforms, with a focus on hybrid identity architecture, federation, and zero trust security models. This role involves strategic planning, hands-on engineering, and close collaboration with security, infrastructure, and application teams. Roles & Responsibilities Design and architect secure, scalable, and high-performing Entra ID (Azure AD) and Active Directory infrastructures. Design and maintain PKI infrastructure (ADCS) including Enterprise/Subordinate CAs, CRLs, certificate templates. Own and manage the end-to-end response for RFPs (Request for Proposals) and RFIs, ensuring that all identity-related components are technically sound, compliant, and aligned with business objectives. Participate in solution architecture reviews, identifying risks and validating feasibility and scalability of proposed identity solutions. Prepare high-quality design documentation, including Security Impact Assessments Lead efforts to modernize identity platforms, including hybrid identity, cloud-only identity, and passwordless authentication. Develop and enforce IAM standards, policies, and governance aligned with organizational security frameworks (e.g., Zero Trust, NIST, CIS). Architect solutions for SSO, MFA, Conditional Access, and Privileged Identity Management (PIM). Manage identity integrations with SaaS applications using SAML, OIDC, OAuth2, and SCIM protocols. Drive federation strategies involving Entra ID B2B, B2C, and on-prem Active Directory Federation Services (ADFS). Collaborate with cybersecurity teams to ensure secure access and compliance with internal and regulatory requirements. Conduct identity assessments, architecture reviews, and provide remediation guidance for IAM-related gaps. Serve as a subject matter expert (SME) in incident response, access reviews, lifecycle automation, and role-based access control (RBAC). Review implementation deliverables, and act as a technical escalation point. Professional & Technical Skills Strong leadership and communication skills; ability to present architectural strategies to executives and stakeholders. Proven track record in delivering large-scale identity modernization programs. Strategic thinker with strong problem-solving and analytical skills. Ability to work cross-functionally with security, networking, compliance, and application teams. Entra ID / Azure Active Directory (Tenant design, CA policies, SSO, B2B/B2C) Microsoft Active Directory (AD) and Group Policy Objects (GPO) ADFS, Azure AD Connect, Pass-through Authentication, Password Hash Sync Conditional Access, MFA, SSPR, Identity Governance Privileged Identity Management (PIM) and Access Reviews Proficient with identity federation protocols like SAML 2.0, OAuth 2.0, OpenID Connect Experience integrating identity with platforms like: Microsoft 365, ServiceNow, PingOne, Okta, SailPoint, Workday and other LOB applications Strong knowledge on Scripting and automation: PowerShell, Graph API, Logic Apps, Azure automation. Knowledge in IAM frameworks like Zero trust security, Lifecycle management & Just-in-time access. Security standards such as ISO 27001, NIST 800-53, GDPR, SOX. Additional Information: Minimum 12 or more years’ experience in designing & implementing Identity & Access Management solutions. This position is based on Pan India A 15-year full time education is required

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements. - Collaborate with cross-functional teams to ensure that security architecture aligns with business objectives and regulatory requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM). - Strong understanding of cloud security principles and best practices. - Experience with security frameworks such as NIST, ISO 27001, or CIS. - Familiarity with incident response and threat detection methodologies. - Knowledge of compliance requirements related to cloud security. Additional Information: - The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM). - This position is based at our Kolkata office. - A 15 years full time education is required., 15 years full time education

About the Company Softcell Global Technologies Pvt. Ltd. is a leading IT services provider with over 30 years of experience in infrastructure solutions, cybersecurity, cloud, and engineering. Trusted by top banks, enterprises, and government institutions, Softcell is a CERT-In empaneled organization at the forefront of cybersecurity service delivery. About the Role Softcell Global Technologies Pvt. Ltd. is seeking a highly skilled Senior Security Analyst with strong offensive security capabilities across the Web, Network, Mobile, Active Directory, OT environments and at least 4-5 years of experience in vulnerability assessment, penetration testing and code review. The ideal candidate must demonstrate proven hands-on experience, leadership ability, and excellent communication skills to manage project delivery, lead a technical team, and coordinate directly with enterprise clients. Practical skills are mandatory, and all shortlisted candidates will undergo a practical assessment. Responsibilities Conduct in-depth penetration tests on web apps, APIs, networks, cloud, and OT environments. Execute internal infrastructure and Active Directory exploitation using BloodHound, CrackMapExec, Impacket, etc. Perform OT/ICS/SCADA security testing, including assessments of protocols and firmware. Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities – SAST and DAST. Chain vulnerabilities to simulate end-to-end real-world attack scenarios and provide POCs. Team Leadership & Client Coordination Lead and mentor junior security analysts during engagements. Act as the technical lead for VAPT projects, ensuring timely delivery and quality assurance. Interface directly with clients to understand requirements, present findings, and suggest remediation strategies. Manage testing schedules, reporting timelines, and escalation workflows. Draft detailed vulnerability reports with actionable remediation. Qualifications Bachelor’s degree in Computer Science, Cybersecurity, or related field. Required Skills 4–5 years of hands-on experience in penetration testing and red teaming. Strong grasp of OWASP Top 10, MITRE ATT&CK, and real-world threat simulation. Expertise in AD security, internal lateral movement, and domain privilege escalation. Familiarity with OT security controls, risk frameworks (NIST, IEC 62443), and protocol fuzzing. Scripting proficiency in Python, PowerShell, or Bash. Exposure to tools like Nmap, Wireshark, Burp Suite, Metasploit, BloodHound, SonarQube, Checkmarx, etc. Leadership experience in managing client-facing pentest projects. Excellent communication, documentation, and collaboration skills. Preferred Skills Preferred Certifications: OSCP – Offensive Security Certified Professional OSWE – Offensive Security Web Expert CRTP – Certified Red Team Professional CRTE – Certified Red Team Expert CPENT – Certified Penetration Testing Professional CEH – Certified Ethical Hacker eJPT, eCPTX, CBBH, PNPT – or equivalent certifications in advanced adversarial simulation. Immediate Joiners Preferred Practical Skills are a Must Location: Delhi and Bangalore (Onsite Only) Equal Opportunity Statement Be part of a CERT-In empaneled cybersecurity team delivering critical security services. Get exposure to real-world attack simulations, internal security assessments, and VAPT projects. Learn and grow under certified red teamers and penetration testers. Access lab environments, tools, and mentoring to grow your skills. Regards HR Team

Job Title: Senior Java Developer Organization: Mobile First Applications Pvt Ltd Experience: 8+ Years Location: Pune Contract: 4+ months(extensible) Job Summary: We are looking for a Senior Java Developer with 8+ years of hands-on experience in Java development, particularly focused on cryptography, security compliance, and scalable system design. The ideal candidate should possess strong technical expertise in Core Java, secure application development, cryptographic implementations, and database systems. As an individual contributor, you will take full ownership of modules, contributing to the design and development of secure, reliable, and high-performance systems. Key Responsibilities: ● Design, develop, and maintain secure, high-performance Java-based applications. ● Implement and manage cryptographic algorithms, ensuring adherence to industry-standard protocols (e.g., AES, RSA, SHA, TLS). ● Apply secure coding and compliance practices to mitigate security threats (e.g., OWASP Top 10). ● Ensure system architecture aligns with Core and MVC patterns, and promote best practices across the team. ● Collaborate with architecture and DevOps teams to embed security-first design principles into the development lifecycle. ● Perform code reviews, threat modeling, and contribute to internal security audits. ● Maintain strong working knowledge of SQL (e.g., MySQL, PostgreSQL) and NoSQL databases (e.g., MongoDB, Cassandra), ensuring optimal data access and storage strategies. ● Keep documentation updated for cryptographic and security processes and mentor junior developers on technical and security aspects. ● Stay current with emerging security technologies, threats, and regulations. Required Skills & Qualifications: ● 8+ years of strong Java development experience. ● Deep knowledge of Java Cryptography Architecture (JCA), Java Security Manager, and encryption protocols. ● Proficiency in Core Java concepts and application of MVC architectural pattern. ● Strong hands-on experience with SQL and NoSQL databases including schema design, indexing, and optimization. ● Knowledge of security standards such as OWASP, PCI-DSS, ISO 27001, or NIST. ● Familiarity with Spring Security, OAuth2, JWT, and SAML. ● Experience working with build tools (Maven/Gradle) and version control systems (Git). ● Exposure to security testing tools like OWASP ZAP, Burp Suite, or Fortify. ● Strong analytical, debugging, and problem-solving skills. ● Ability to work independently as an individual contributor and take ownership of modules. Preferred Qualifications: ● Certifications such as Oracle Certified Java Developer, CISSP, or CEH. ● Experience in regulated industries like finance, banking, or healthcare. ● Knowledge of cloud security (AWS/GCP/Azure), container security, and API security.

Job description: Job Description Job Title: Program Manager – Network & Security Infrastructure Location: Mumbai, India Job Summary: We are seeking a highly experienced Program Manager – Network Infrastructure to lead and manage complex network infrastructure initiatives across enterprise environments. This role requires a deep understanding of networking technologies, project and program management methodologies, and stakeholder coordination to deliver secure, scalable, and high-availability network solutions. The Program Manager will oversee end-to-end delivery of large-scale network programs, such as data center transformation, SD-WAN rollout, global MPLS migrations, wireless architecture upgrades, and integration with security platforms like Zscaler, Cisco ISE, and Palo Alto K͏ey Roles & Responsibilities Key Responsibilities : Program Planning & Governance: Define and own the overall program roadmap for enterprise network infrastructure projects. Develop integrated program plans including scope, timelines, dependencies, risks, and resource allocation. Establish governance mechanisms to monitor program health, track KPIs, and ensure alignment with business objectives. Technical Oversight & Execution Provide technical leadership to ensure infrastructure designs meet high availability, performance, and security standards. Collaborate with Network Architects and Engineers to oversee deployment of: LAN/WAN infrastructure (Cisco, Juniper, Aruba) Data Center Networks (VXLAN, EVPN, Spine-Leaf architecture) Cloud networking (AWS Transit Gateway, Azure vWAN) Wireless access solutions (802.1X, Cisco DNA Center, WiFi6) SD-WAN and edge routing (Cisco Viptela, Fortinet, Versa) Drive lifecycle management programs including hardware refresh, EOL/EOS upgrades, and patch compliance. Stakeholder Management: Engage with C-level executives, InfoSec, compliance, cloud, and application teams to align program outcomes with enterprise goals. Act as the primary point of contact for escalations, decision-making, and cross-functional coordination. Budgeting & Resource Management Develop multi-year CAPEX/OPEX plans aligned with network strategy. Optimize resource allocation across multiple concurrent projects; manage vendor SOWs, contracts, and performance (OEMs and MSPs). Risk, Compliance & Change Management Identify risks and implement mitigation strategies using qualitative and quantitative risk assessments. Ensure network changes adhere to change management policies (ITIL, ISO/IEC 20000). Support audits and security assessments (e.g., PCI-DSS, ISO 27001, NIST 800-53) through documentation and control validation R͏equired Skills Technical Expertise: Deep understanding of networking fundamentals (TCP/IP, BGP, OSPF, MPLS, QoS, NAT, DNS, DHCP) Proven experience managing large-scale deployments of: Campus networks, WAN/LAN, SD-WAN Firewalls (Palo Alto, Fortinet), NAC (Cisco ISE), ZTNA/SASE platforms (Zscaler, Netskope) Network monitoring tools (SolarWinds, Thousand Eyes, Net Brain) Familiarity with hybrid and cloud-native networking (AWS VPCs, Azure vNets, GCP Interconnects) Project & Program Management: 15+ years of experience in IT program management, with at least 5 years in network infrastructure PMP, PRINCE2, or PgMP certification is required Proficiency with Agile/Scrum, SAFe, and waterfall methodologies Hands-on experience with project tracking tools (JIRA, MS Project, Smartsheet, Confluence). Leadership & Soft Skills: Exceptional communication and stakeholder management skills Strong analytical thinking with a solution-oriented mindset Ability to lead cross-functional and distributed teams, including vendor/partner coordination Preferred Qualifications: Master’s degree in computer science, Information Technology, or related field Network certifications such as CCNP/CCIE, JNCIP/JNCIE, or equivalent Experience with mergers, acquisitions, or large-scale network consolidation programs Experience integrating with security platforms and frameworks like MITRE ATT&CK, Zero Trust Architecture, or SASE. K͏ey KPIs Key Performance Indicators (KPIs) : On-time and within-budget delivery of network programs. % reduction in network outages/downtime post-implementation. Compliance adherence scores (ISO 27001, NIST). Stakeholder satisfaction (via program reviews/CSAT). Risk mitigation effectiveness and issue resolution turnaround time. ͏ Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Job description: Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1Customer centricityTimely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers.2Support sales team to create wins% of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Varonis - Data Classification . Experience: 8-10 Years . Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role Description This is a full-time on-site role for a GCP DevOps Engineer. The GCP DevOps Engineer will be responsible for managing and automating infrastructure using Infrastructure as Code (IaC), developing and maintaining software applications, implementing and managing continuous integration systems, and performing system administration tasks. Responsibilities Design, build, and manage secure, scalable, and high-availability cloud environments in GCP. Expertise in GCP tool set (Cloudbuild, codedeploy, artifactory repository, secret manager, Google Pub/Sub, and GCS) Develop and maintain Infrastructure-as-Code (IaC) solutions using Terraform, CloudFormation, Pulumi, and Ansible. Implement multi-cloud strategies, hybrid cloud deployments, and cloud networking solutions. Optimize cloud costs through monitoring, auto-scaling, and resource provisioning techniques. Architect, implement, and maintain CI/CD pipelines using tools like Jenkins, GitHub Actions, GitLab CI/CD Automate build, test, deployment, and rollback processes for applications and infrastructure. Ensure secure DevOps practices, including secrets management, policy-as-code, and automated compliance. Integrate observability, logging, and monitoring solutions within the pipeline (e.g., ELK, Prometheus, Grafana, Datadog, New Relic). Build automated alerting and response mechanisms for cloud and DevOps environments. Implement chaos engineering to improve system resilience and fault tolerance. Innovation & Continuous Improvement: Continuously evaluate new DevOps and cloud technologies to improve efficiency and scalability. Automate repetitive tasks and enhance self-service capabilities for development teams. Participate in architecture discussions, design reviews, and proof-of-concept (PoC) implementations. Qualifications Hands-on experience in Cloud & DevOps Engineering roles. Deep understanding of DevOps methodologies, CI/CD pipeline design, and automation. Strong experience with Terraform, Ansible, CloudFormation, and Kubernetes. Proficiency in Jenkins, GitHub Actions, GitLab CI/CD, and Azure DevOps. Knowledge of cloud security, IAM, RBAC, and compliance frameworks (SOC2, NIST, ISO 27001). Proficiency in scripting and automation using Python, Bash, PowerShell, or Go. Experience with observability tools like Prometheus, Grafana, ELK, and Datadog.

Location: Gurgaon (Hybrid) Looking for Immediate Joiners only. About the Role This role is critical to ensuring compliance with HITRUST, HIPAA, and other regulatory requirements while securing healthcare operations and mitigating risks across business, IT, and security domains. Responsibilities HITRUST & HIPAA Compliance Management: Establish and oversee a HITRUST CSF and HIPAA-aligned management system across business processes, applications, IT infrastructure, and security technologies. Security & Compliance Documentation: Develop and guide teams in creating security policies, procedures, and controls documentation for HITRUST and HIPAA compliance. Regulatory & Compliance Assessments: Review the organization’s HITRUST CSF and HIPAA Security & Privacy controls posture and manage evidence collection for certification and compliance. HITRUST & HIPAA Audits: Support and manage internal & external audits for HITRUST CSF certification, HIPAA, and healthcare compliance, ensuring IT and security technologies align with regulatory needs. Training & Awareness: Conduct training sessions for internal teams on HITRUST CSF and HIPAA controls, ensuring awareness and adherence to security and privacy regulations. Risk Management & Assessments: Collaborate with business, IT, and security teams to drive risk assessments and ensure compliance with HITRUST and HIPAA across applications, infrastructure, and operations. Continuous Compliance Monitoring: Ensure ongoing compliance with HITRUST & HIPAA controls by regularly evaluating security and privacy measures across business processes, IT systems, and security infrastructure. Contractual & Client Security Compliance: Interpret business contractual security & privacy requirements (Technology & Information Security) to ensure HITRUST & HIPAA-compliant client delivery environments. Client & Regulatory Audits: Respond to client security & compliance audits, regulatory reviews, and HITRUST & HIPAA assessments, ensuring timely and effective resolutions. Security Risk Communication: Communicate security, privacy risks, vulnerabilities, and compliance assessment findings to senior management and stakeholders, ensuring timely mitigation and governance. Qualifications Strong understanding of HITRUST CSF, HIPAA, HITECH, and security/privacy compliance for business applications, IT systems, and security technologies. Good knowledge of IT security technologies. Hands-on experience in SOC1, SOC2, HITRUST, or supplier risk management audits. Working knowledge of NIST, ISO 27001, and security frameworks for IT and business security alignment. 5+ years of experience in security, privacy, and compliance, with preferred 2+ years in HITRUST CSF & HIPAA Compliance. Strong analytical, problem-solving, and stakeholder communication skills. Preferred certifications: CISSP, CISA, CRISC, CISM, HCISPP, CIPP/IT, or equivalent.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Conduct regular assessments of cloud security measures to ensure effectiveness and compliance. - Collaborate with cross-functional teams to integrate security practices into the cloud architecture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM). - Strong understanding of cloud security principles and best practices. - Experience with security frameworks such as NIST, ISO 27001, or CIS. - Familiarity with incident response and threat detection methodologies. - Knowledge of regulatory requirements related to cloud security. Additional Information: - The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM). - This position is based at our Pune office. - A 15 years full time education is required., 15 years full time education

Vestas is well-known in wind technology and actively contributes to its development. Vestas’ core business comprises the development, manufacture, sale, marketing, and maintenance of Wind Turbines. Come and join us at Vestas! Vestas Technology & Operations > Frontend Engineering & Technology > Global Power Plant Solutions Vestas Technology & Operations (VTO) is where new product solutions envisioned, developed, improved, and verified before we in Front-end Engineering & Technology take full technical accountability of deployment in customer projects. Within VTO and Front-end Engineering & Technology, you will find our Global Power Plant Solutions team. A team that enables our regional colleagues with Technical- and Functional Excellence. Responsibilities Maintain up-to-date knowledge of key CS standards & frameworks including ISA/IEC 62443, ISO 27000 Series, C2M2 Framework, NIST CSF, AESCSF, NERC-CIP, EU NIS2 Directive, EU Cyber Resilience Act and Country-specific Critical Infrastructure cybersecurity legislation Identify and mitigate contractual risks in alignment with Vestas' internal guidance Review the Cyber security contract language in alignment with Vestas' business units with stakeholder engagement Customer negotiations to enable the regions to close technical deals on cyber security offerings Collaborate closely with teams across Vestas' business units, Cyber community in the organization to ensure cybersecurity commitments are realistic and deliverable Translate identified cybersecurity gaps from customer contracts into clear, structured requirements to product teams Follow up on mitigation plans, timelines, and implementation feasibility with product and engineering teams Conduct gap analysis between contractual cybersecurity commitments and actual capabilities delivered Monitor evolving global cybersecurity legislation relevant to OT and industrial control systems (ICS) Analyze and interpret evolving cyber security legislation requirements impact on Vestas' offerings Initiate cross-functional alignment and implementation where necessary Prepare and deliver training material related to all the above Qualifications Master's / Bachelors in Cybersecurity / Computer Science / Similar engineering specialization Cyber security models, frameworks, systems, principles, concepts, designs & architectures for IT & OT systems International and National Legislation & Standards related to OT Safety & Cyber security Extensive knowledge of cybersecurity standards (e.g., IEC 62443, NIST, ISO 27001) Good exposure to industrial control system Effective communication, negotiation, and presentation skills in English Experience working in a global, cross-functional, and matrix organization Acumen with Industry certifications such as IEC 62443, GICSP, CISSP, CISM, or similar are preferred Familiarity with energy or renewables industry and operational environments Competencies OT systems development, design, architecture, and deployment in the electric utility industry Technical and organizational cyber security implementation projects Sales contract reviews, revisions, and customer negotiations Product stakeholder management What We Offer In this position, you will be able to put your competencies and experience to the test in a modern and growing company. You will have the opportunity to help improve the position of Vestas in key markets while being part of a company with rapid growth. Join Vestas and you will cultivate your career in an inspiring environment at a renowned wind turbine and power plant OEM, which has an ongoing dedication to sustainability. We value individual initiative, the willingness to take initiative, and the right balance between creativity and quality in all solutions. We offer you an exciting and inspiring job with great opportunities for professional and personal development within the major player in wind energy. In this position, you will be at the heart of the action of the wind industry. Despite being the largest presence in the industry, Vestas is responsive, giving you the freedom to act creatively in a truly global environment, within a highly diverse, skilled, and knowledgeable team. Team members with experience working in Regional Engineering & Technology are highly valued across multiple functions in Vestas - working within Power Plant Solutions opens career paths in Engineering and Project-facing roles within Vestas. Additional Information Your primary workplace will be Vestas India, Chennai. Please note: We do amend or withdraw our jobs and reserve the right to do so at any time, including before the advertised closing date. Please be advised to apply on or before 31st August 2025. Our commitment to a fair hiring At Vestas, we evaluate all candidates solely on professional experience, education, and relevant skills. To support a fair recruitment process, please remove any photos, dates of birth or graduation dates, gender pronouns, marital status, or other personal details not relevant to the role, before submitting your CV. Please keep your CV focused on work and educational details, and the necessary information that we contact you (email and phone number). We train our hiring teams in inclusive evaluation and regularly review process outcomes to ensure fairness. DEIB Statement At Vestas, we recognise the value of diversity, equity, and inclusion in driving innovation and success. We strongly encourage individuals from all backgrounds to apply, particularly those who may hesitate due to their identity or feel they do not meet every criterion. As our CEO states, "Expertise and talent come in many forms, and a diverse workforce enhances our ability to think differently and solve the complex challenges of our industry". Your unique perspective is what will help us powering the solution for a sustainable, green energy future. BEWARE – RECRUITMENT FRAUD It has come to our attention that there are a number of fraudulent emails from people pretending to work for Vestas. Read more via this link, https://www.vestas.com/en/careers/our-recruitment-process About Vestas Vestas is the energy industry’s global partner on sustainable energy solutions. We are specialised in designing, manufacturing, installing, and servicing wind turbines, both onshore and offshore. Across the globe, we have installed more wind power than anyone else. We consider ourselves pioneers within the industry, as we continuously aim to design new solutions and technologies to create a more sustainable future for all of us. With more than 185 GW of wind power installed worldwide and 40+ years of experience in wind energy, we have an unmatched track record demonstrating our expertise within the field. With 30,000 employees globally, we are a diverse team united by a common goal: to power the solution – today, tomorrow, and far into the future. Vestas promotes a diverse workforce which embraces all social identities and is free of any discrimination. We commit to create and sustain an environment that acknowledges and harvests different experiences, skills, and perspectives. We also aim to give everyone equal access to opportunity. To learn more about our company and life at Vestas, we invite you to visit our website at www.vestas.com and follow us on our social media channels. We also encourage you to join our Talent Universe to receive notifications on new and relevant postings.

You might be a fit if you have ● 5 + yrs production ML / data-platform engineering (Python or Go/Kotlin). ● Deployed agentic or multi-agent systems (e.g., micro-policy nets, bandit ensembles) and reinforcement-learning pipelines at scal (ad budget, recommender, or game AI). ● Fluency with BigQuery / Snowflake SQL & ML plus streaming (Kafka / Pub/Sub). ● Hands-on LLM fine-tuning using LoRA/QLoRA and proven prompt-engineering skills (system / assist hierarchies, few-shot, prompt compression). ● Comfort running GPU & CPU model serving on GCP (Vertex AI, GKE, or bare-metal K8s). ● Solid causal-inference experience (CUPED, diff-in-diff, synthetic control, uplift). ● CI/CD, IaC (Terraform or Pulumi) & observability chops (Prometheus, Grafana). ● Bias toward shipping working software over polishing research papers. Bonus points for: ● Postal/geo datasets, ad-tech, or martech domain exposure. ● Packaging RL models as secure micro-services. ● VPC-SC, NIST, or SOC-2 controls in a regulated data environment. ● Green-field impact – architect the learning stack from scratch. ● Moat-worthy data – 260 M+ US consumer graph tying offline & online behavior. ● Tight feedback loops – your models go live in weeks, optimizing large amounts of marketing spend daily.