About Temenos Temenos powers a world of banking that creates opportunities for billions of people and businesses everywhere. We have been doing this for over 30 years through the pioneering spirit of our Temenosians who are passionate about making banking better, together. We serve over 3000 clients from the largest to challengers and community banks in 150+ countries. We collaborate with clients to build new banking services and state-of-the-art customer experiences on our open banking platform, helping them operate more sustainably. At Temenos, we have an open-minded and inclusive culture, where everyone has the power to create their own destiny and make a positive contribution to the world of banking and society. THE ROLE The Cloud Security Engineer will act as the most senior technical authority within the Cloud Security Operations team based in India. The role will ensure the security of our banking clients in public and private cloud as part of our SaaS banking services. The role will ensure that our cloud deployments and cloud infrastructure and associated services meets our cloud security standards including defining and maintaining security controls. The role is pivotal in ensuring that our client projects are deployed successfully to cloud with strong security posture. The role will support and interact with other Temenos teams both within and external to the Cloud Security global team including Cloud Operations, Cloud Architecture, Cyber Defence Centre, Information security, Regional Engineering teams, SRE, Product Security, SaaS Design and Build and our Compliance/Audit/Risk teams. This role may also require interfacing with our SaaS clients directly and the incumbent should be comfortable in such environments, being able to communicate confidently both verbally and in writing. OPPORTUNITIES You will Understand and contribute to cloud security architecture and design patterns. You will Review and validation of cloud security controls across public and private cloud infrastructure including Azure (essential) and AWS (desirable). Any other cloud security experience beneficial. You will Support the team by focussing on developing effective automation solutions to common, repetitive manual tasks, ensuring proper attention to quality and achieving positive business outcomes are achieved. You will Security solution advisory and consulting (e.g., integration with 3rd party systems, architecture reviews, documentation of security processes) You will Support Cloud security operations including security alerts, incident, change control and reporting, aligning to Temenos SOC activities. Security assurance - vulnerability management, application security/cloud infrastructure penetration testing and managing associated remediation plans. You will Technical experience in cloud security services – network and storage encryption, key management, tokenisation, API security, micro services, firewalls, application gateways, network security groups, web security and identity and access management. You will Support the delivery of client projects in the region and collaborate on planning and execution activities requiring cloud security involvement. You will Conduct security assessments for cloud infrastructure and cloud service providers. You will Support internal and external audits, risk and compliance initiatives. You will Ensure cloud security standards and patterns are followed and adhered to You will Documentation and maintenance of cloud security standards and processes. Skills You should have At least 5 years’ experience in information/cyber security with recent cloud security experience. Proven experience in a senior technical/senior engineer/team lead role. MS Defender and Sentinel is mandatory. Oversight for more junior members of the team, demonstrated ability to coach, develop and mentor team members sharing technical skills and experience to develop team capabilities. You should Recent hands-on experience with securing cloud infrastructure in either Azure and/or AWS. You should Have hands-on security engineering experience and demonstrable ability to develop automation solutions where appropriate (e.g. scripting languages, python, KQL, powershell, azure policy, terraform etc). Any other development experience highly regarded. You should DevOps and automation experience to help manage transition to DevSecOps. You should Strong knowledge of common cloud security design patterns/frameworks. You should Good understanding of cloud technologies and associated deployment patterns. You should Good knowledge of WAF and Firewall technologies. You should Can communicate effectively both orally and in written format. You should Able to provide cloud security support to clients and operations in a fast-paced environment. You should Solid understanding of current and recent tactics/techniques and procedures for preventing common attack types Bachelor’s degree in Computer Science, Engineering or related discipline Desirable (knowledge/experience): You should Recognised industry certifications/qualifications in cloud/security e.g., CCSP, CCSK, CISSP etc. You should Cloud Security controls and standards (CCM, ISO, NIST, SOC2, MCSB etc.) You should Hands on experience in threat modelling security infrastructure and applications You should Previous experience in security incident response in a public cloud environment You should Experience in the banking, financial services, or security/intelligence industry You should Knowledge and experience in core and digital banking services, markets, and products You should Regulatory compliance knowledge and experience (GDPR, FFIEC, FINMA etc) VALUES Care You will be a caring leader who puts people first. Commit You will be comfortable committing time to the job when required – with flexibility to work to meet global demands. Collaborate You will be a consensus builder and a collaborator, able to break through challenges with organizational silos. Challenge You will not be happy with just meeting targets but always demonstrate a stretch mindset. SOME OF OUR BENEFITS include: Maternity leave: Transition back with 3 days per week in the first month and 4 days per week in the second month Civil Partnership: 1 week of paid leave if you're getting married. This covers marriages and civil partnerships, including same sex/civil partnership Family care: 4 weeks of paid family care leave Recharge days: 4 days per year to use when you need to physically or mentally needed to recharge Study leave: 2 weeks of paid leave each year for study or personal development Please make sure to read our Recruitment Privacy Policy Show more Show less

Chennai, India Hyderabad, India Job ID: R-1072499 Apply prior to the end date: June 18th, 2025 When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. Job Description What you’ll be doing... We are seeking a highly skilled Enterprise Architect to lead the design and optimization of our secure network architecture across our hybrid IT environment - spanning both on-premises infrastructure and multiple-cloud platforms (e.g.AWS, Axure, GCP etc) & SASE/SSE products. This role focuses on enforcing robust security principles such as Zero Trust Architecture, network segmentation and intrusion detection and prevention, ensuring a consistent and secure access model across all environments. You will play a key role in modernizing network security, reducing attack surfaces, and ensuring that security scales with our global operations and digital transformation. Key Responsibilities Hybrid Network Security Architecture Architect and design secure network architecture across hybrid environments, encompassing data centers, campus, branch offices, and public/private cloud. Develop architecture patterns that ensure consistent security posture, traffic visibility, and policy enforcement across cloud and on-prem networks. Align networking and security design with zero trust principles, ensuring trust is continuously evaluated and enforced regardless of environment and location Zero Trust and Network Segmentation Define a zero trust model that includes identity-aware access, device trust, microsegmentation and continuous verification Architect and develop network segmentation strategies to isolate workloads, limit lateral movement and enforce least privilege across cloud and on-prem environments Establish trust zones, access control policies, and segmentation boundaries in hybrid architecture Intrusion Detection and Threat Monitoring Design and deploy intrusion detection and prevention systems tailed for hybrid environments Integrate network detection and response tools with cloud-native services and on-prem infrastructure to ensure end-to-end threat visibility Collaborate with SOC and threat intel teams to operationalize detection logic and incident response capability Policy Enforcement and Access Control Define ACLs and NAC systems for secure access across multiple trust zones Ensure consistent policy management and enforcement using next-gen firewalls, identity-aware proxy, network access brokers and zero trust gateways. Compliance and Risk Mitigation Ensure architectural decision meet internal and external compliance requirements Identify and mitigate risks associated with network design, configuration, third-party integration in a hybrid environment. Qualifications & Experience You’ll need to have: Bachelor's or six or more years of expereince. Six or more years of experience in enterprise network architecture and security. Strong expertise in security frameworks, CASB, SWG, ZTNA, and cloud security. Deep knowledge of cloud platforms (AWS, Azure, Google Cloud) and cloud-native security models. Experience designing and implementing zero trust architectures. Strong understanding of industry security standards such as NIST, ISO 27001, and CIS benchmarks. Excellent communication skills with the ability to articulate complex technical concepts to executives and stakeholders. Industry certifications such as CISSP, CCSP, CCIE, AWS/Azure Security, or SASE-related certifications are a plus. Self-motivated and forward-thinking Strong analytical and problem-solving skills, with the ability to work in a fast-paced, dynamic environment. Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics. Apply Now Save Saved Open sharing options Share Related Jobs Princ Engr-Network Design Save Hyderabad, India, +1 other location Network Principle Engineer - SSE Network Engineer Save Basking Ridge, New Jersey, +4 other locations Network Distinguished Engineer - SASE Architect Save Basking Ridge, New Jersey, +6 other locations Network

502322 NMSU satellite location, New Mexico, United States Staff Staff Full-time Closing at: Jul 2 2025 - 23:55 MDT Position Title: NMDA Inspector,Inter - Possible Career Development Opportunity Employee Classification: NMDA Inspector,Inter College/Division: New Mexico Dept of Agriculture Department: 180100-NMDA ENTOMOL AND NURSERY IND BUREAU Internal or External Search: External - Open to all applicants Location: NMSU satellite location Offsite Location (if applicable): Albuquerque/Northern New Mexico Target Hourly/Salary Rate: Commensurate with education and experience Appointment Full-time Equivalency: 1.0 Exempt or Non-Exempt : Exempt Summary: The New Mexico Department of Agriculture (NMDA) works for the benefit of the state’s citizens and supports the viability of agriculture and affiliated industries. NMDA promotes food protection, a uniform, and fair marketplace, and global marketing and economic development; supports the beneficial use of natural resources; and works cooperatively with public and private sector entities. Opportunities for excellence abound, and NMDA staff dedicate themselves to proactive service in fulfilling the department’s mission. Each division plays an important role in carrying out the goals and objectives. Our rich agricultural history, culture, and traditions are addressed through new and innovative approaches using the latest in science, technology, and economic strategies. In New Mexico, we contribute to the safest and most affordable, and nutritious food supply on the globe. NMDA is a constitutional agency organized under the Board of Regents of New Mexico State University (NMSU). This unique relationship creates efficiencies and opportunities for New Mexico’s food and agriculture sector as well as service and outreach opportunities for NMSU, making NMDA an integral part of the university. NMDA/NMSU is an equal opportunity and affirmative action employer. Classification Summary: Under moderate supervision performs regulatory inspections and otherwise enforces consumer and producer protection laws and regulations. Consumer Service Inspectors inspect all commercial weighing and measuring devices, enforce applicable regulations, in order to protect the economic interests of consumers and merchants in the State of New Mexico. Consumer Service Inspectors may also be called upon to appear in court as a witness or participate in fraud investigations. Classification Standard Duties: Consumer Service Inspector, Intermediate works under moderate supervision functioning at the full performance level of Consumer Service Inspector, General & Associate positions. Positions allocated to this advanced level advise and/or participate in investigations, inspections, programs and projects which require the input of senior personnel. This position serves as a technical expert for a variety of field business evaluations and compliance with state and federal statutory requirements. Provides training, guidance and technical assistance to lower level entry or staff on the performance of or review of job assignments and job responsibilities. May act as lead person for Consumer Service Inspector General & Associate personnel. Work involves on-site joint field evaluations and training. Aids in the development of policy and may have a minimum case load of complex field activities for evaluation. Inspects labeling and net content of packaged commodities, and verifies pricing accuracy of Universal Product Code (UPC) scanners; inspects and ensures eggs that are sold meet the USDA Egg Standards; inspects open dates on dairy products, and inspects frozen desserts to verify the standard of identity is met; inspects/audits establishments to verify the Chile Advertising Act is being complied with. Maintains accurate and orderly records and reports; removes obsolete files, files inspection documents, records information, documents consumer complaints and submits work activity reports; maintains a current list of businesses with weighing and measuring devices; develops an annual inspection schedule. Inspectors maintain testing equipment and standards; perform preventive and minor maintenance; maintain records of equipment servicing; and test against official State standards to ensure accuracy and proper calibration. Consumer Service Inspectors perform all other duties as assigned. Required Education, Experience, Certification/License, Equivalency Required Education:Bachelor's degree in a related field.; Required Experience:Three (3) years of experience directly related to the standard duties as outlined.; Equivalency:Any equivalent combination of education, training and/or experience as approved by Human Resource Services.; Required Certification/License: Knowledge, Skills and Abilities KNOWLEDGE: Knowledge of weights and measures laws and regulations; math, physics, and electronics as applied to weights and measures; scale systems to enable correct analysis of their operation; proper safety procedures when working with hazardous chemicals, flammable liquids, and handling of mass weights; weighing and measuring devices; NIST regulations including Handbook 44 as pertains to specifications, tolerances and other technical requirements for weighing and measuring devices. SKILLS: ; ABILITITES: At this level inspector will be able to apply and enforce weights and measures regulations and procedures; make independent decisions in the field; interpret statutes, rules and procedures; independently investigate and resolve consumer complaints; communicate effectively both orally and in writing; may act as a trainer/mentor for lower staff Job Duties and Responsibilities This position may be underfilled as a NMDA Inspector, Associate Grade Level 06 on a career development plan if unable to fill at the NMDA Inspector, Intermediate Grade Level 07. Minimum requirements for the associate level: Bachelor’s degree in related field, no previous work experience. Any equivalent combination of education, training and/or experience as approved by Human Resource Services may be used to meet the minimum requirements. Inspect agricultural and horticultural commodities for compliance with state and federal regulations related to plant pests. including arthropods and pathogens. Establish surveys in managed and natural ecosystems for early detection of invasive plant pests. Represent New Mexico Department of Agriculture at stakeholder meetings and conferences. Inspects agricultural and horticultural plants for disease, insects, and other plant pests. Inspects bee colonies for disease; sample feed, seed, and fertilizer for laboratory testing. Inspects pesticide applicators for compliance with the Pesticide Control Act. Performs marketplace inspections of pesticide products. Assists in cooperative spray programs. Assists in applicator training programs. Inspects fruits and vegetables for quality characteristics. Examines weighing and measuring devices for accuracy. Evaluates prepackaged items for correct weight, price, and label information. Inspects eggs for size and quality. Obtains product samples for lab analysis. Instructs and trains others in methods and procedures. Performs related duties as required. Preferred Qualifications Special Requirements of the Position Position requires 70% travel within an assigned inspection area. Out of state travel is also required on occasion. Department Contact: Cheryl Mason-Herrera, 646-7523,cmason@nmda.nmsu.edu Contingent Upon Funding: Contingent upon funding Bargaining Unit Eligibility: This is NOT a bargaining unit position with American Federation of State, County & Municipal Employees (AFSCME). Standard Work Schedule: Standard (M-F, 8-5) If Not a Standard Work Schedule: Working Conditions and Physical Effort Environment: Work involves moderate exposure to unusual elements, such as extreme temperatures, dirt, dust, fumes, smoke, unpleasant odors, and/or loud noises. Physical Effort: Moderate physical activity. Lifting Requirements: Requires handling of average-weight objects up to 25 pounds or standing and/or walking for more than four (4) hours per day. Risk: Work environment involves exposure to potentially dangerous materials and situations that require following extensive safety precautions and may include the use of protective equipment.

We are seeking a highly skilled and customer-focused Customer Success Engineer (CSE) to support our customers using Prisma Cloud, Palo Alto Networks’ comprehensive cloud-native security platform. As a CSE, you will play a pivotal role in driving successful adoption, resolving technical issues, and ensuring overall customer satisfaction and retention. Key Responsibilities: Serve as the primary technical contact for assigned Prisma Cloud customers. Drive onboarding, enablement, and ongoing technical support throughout the customer lifecycle. Troubleshoot complex issues across cloud environments (AWS, Azure, GCP) and guide customers to resolution. Collaborate with internal teams (Support, Product, Engineering, Sales) to escalate and resolve customer concerns. Provide best practice recommendations to ensure successful product adoption. Conduct regular health checks and technical reviews to ensure customer success. Assist in identifying customer use cases and advocating feature enhancements. Document solutions, processes, and contribute to knowledge base content. Work closely with account teams to understand customer goals and ensure alignment with product capabilities. Required Skills and Experience: 6–10 years of experience in a technical support, customer success, or professional services role. Strong understanding of cloud platforms: AWS, Azure, or GCP. Hands-on experience with containerization (Kubernetes, Docker) and CI/CD pipelines. Familiarity with security concepts including cloud security posture management (CSPM), compliance, and DevSecOps. Experience in scripting (Python, Bash, etc.) and using REST APIs. Strong problem-solving and communication skills. Ability to manage multiple priorities in a fast-paced environment. Customer-centric attitude with a focus on delivering exceptional service. Preferred Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. Industry certifications such as AWS Certified Solutions Architect, GCP Professional Cloud Architect, or Azure Administrator Associate. Experience with Prisma Cloud or other CNAPP (Cloud Native Application Protection Platforms). Familiarity with SIEM tools and security frameworks (e.g., NIST, CIS). Job Category: Technical Job Type: Full time Job Location: Noida Experience: 8-12 years Position : 2

Job Title: Senior Information Security Engineer Location: Noida Sec - 63 Department: Information Security / IT Security Reports To: Information Security Manager / Security Director Summary: We are seeking a highly skilled Senior Information Security Engineer to lead the design, implementation, and management of our organization’s security infrastructure. The ideal candidate will drive security initiatives, ensure compliance, and proactively identify and mitigate security risks across the enterprise. Key Responsibilities: Design, implement, and maintain security controls and systems to protect organizational data and infrastructure. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses. Develop and enforce security policies, standards, and procedures in alignment with industry best practices and compliance requirements. Monitor security alerts, analyze security incidents, and coordinate incident response activities. Lead security projects including firewalls, intrusion detection/prevention systems, endpoint protection, and encryption solutions. Collaborate with IT teams to ensure security is integrated into network, application, and system configurations. Conduct security awareness training for staff and promote security-minded culture across the organization. Stay current on security threats, trends, and regulatory requirements to recommend proactive solutions. Prepare reports and documentation for audits, management, and compliance purposes. Qualifications: Bachelor’s degree in Computer Science, Cybersecurity, or related field; relevant certifications preferred. 2+ years of experience in information security, cybersecurity, or related roles. Strong knowledge of security frameworks, standards (ISO 27001, NIST, CIS, etc.), and best practices. Experience with security tools such as SIEM, IDS/IPS, firewalls, endpoint protection, and vulnerability management. Familiarity with cloud security (AWS, Azure, or GCP) is a plus. Job Type: Full-time Benefits: Leave encashment Provident Fund Schedule: Day shift Monday to Friday Application Question(s): How many years of experience do you have in Cyber-security or Information security/ Do you have experience with security tools such as SIEM, IDS/IPS, firewalls? Do you have knowledge of security frameworks, standards (ISO 27001, NIST, CIS, etc.)? Are you comfortable working in Noida Sector 63? What is your current and expected CTC? Work Location: In person

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities: Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelor's degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification: CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone–of every race, gender, sexuality, age, location and income–deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. #njp

🚀 **We Are Hiring – ServiceNow Experts!** ### 📌 **Open Roles**: 1️⃣ **ServiceNow – TPRM / IRM GRC Consultant** (7+ Yrs) 2️⃣ **ServiceNow – ITOM Architect** (10+ Yrs) 📍 **Location**: **Chennai / Bangalore / Mumbai / Pune / Noida** (Hybrid) 💼 **Type**: **Full-Time** ### 🔍 **TPRM / IRM GRC Consultant** - Experience in **Vendor Risk, Policy & Compliance, Risk, and Audit Modules** - Strong understanding of frameworks: **ISO 27001, NIST, SOC2, GDPR** - Hands-on with **ServiceNow workflows, questionnaires, assessments, and risk scoring models** - ServiceNow GRC certifications preferred ### 🔧 **ITOM Architect** - Expertise in **Discovery, CMDB, Event Management, Service Mapping, Cloud Management** - Strong experience with **CMDB design, integrations, MID Servers, probes/patterns** - Knowledge of hybrid/cloud infrastructures and automation best practices - ServiceNow ITOM certifications preferred 📩 **Interested candidates, please share your resumes to**: 👉 **📧 udaykiran@knsofttech.com** (Use subject line: *“ServiceNow GRC / ITOM Application – [Your Name]”*) Show more Show less

Cyber Security Director - HIH - Evernorth About Evernorth: Evernorth Health Services, a division of The Cigna Group (NYSE: CI), creates pharmacy, care, and benefits solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention, and treatment of illness and disease more accessible to millions of people. Role Title: Cyber Security Director Position Summary: The Cigna Information Protection, Head of Security is a key leadership business facing position with primary focus is to act as conduit between the Cigna Information Protection organizational goals and business line interests. Acting as the primary delegate for the business line Chief Information Security Officer, you will oversee the development and execution of the Cyber / Information Security Strategy at a granular level. Strategically you will be responsible for delivery of the ‘last mile execution’ of all Cigna Information Protection global Shared Services, developing and measuring capabilities whilst running subsequent risk mitigation Cyber Information Security Management programs. Being the local evangelist and expert, you will focus on local stakeholder business management and also wider stakeholders such as regulators, clients and external parties. Job Description & Responsibilities: Manage all external local client and regularity engagements, including fielding queries, regulatory & compliance submissions in conjunction with matrix Cigna Information Protection Shared Service Partners and governance stakeholders, legal, compliance and data privacy. Lead localized Controls Assurance activities, define and track effectively control testing and remediation risks for local business line. Coordinate Shared Service benchmarking exercises (NIST etc.) using Cigna Information Protection standards. Leverage the Enterprise Risk Management framework, perform focused localized risk assessments of existing or new services and technologies in line with policies and standards, and manage the risk exceptions process. Develop residual risk registers and integrate into Shared Service Integrated Risk Management Framework. Coordinate the local delivery of global Cyber & Privacy portfolio risk mitigation projects and programs into business line / region. Conversely feed the portfolio by registering local business line residual risk outputs driving controls mitigation activity. Evolve Cigna Information Protection security policies and processes, aligning to local business requirements and operate the policy exceptions management process. Coordinate security education & awareness initiatives in line with policy framework, integrate with the Shared Service overall thematic awareness program. Partner with business line / regional CIOs and technology stakeholders to educate and integrate risk management activities in first and second line of defense governance. Coordinate with Shared Services to provide localized risk and vulnerability management information and reporting and embed Cyber / Information Security into business operational governance forums enabling data driven decision making. Develop organizational wide Cyber / Information Security risk views by collaborating with internal control groups e.g. Audit, Compliance, Enterprise Risk Management, Legal and Privacy. Liaise across Legal, Privacy and Sourcing teams to manage 3rd party risks. Conduct 3rd Party Assessments, including evaluations, contract reviews and onsite visit where appropriate. Embed secure development practices, working with local business and technology teams to implement enterprise tooling and processes to ensure secure code implementation. Embed risk management practices into Agile / DevSecOps pipelines to minimizing production vulnerabilities. Run localized Infrastructure, Application and Cloud evaluations / assessments against agreed security patterns and pre-production scanning processes to reduce production vulnerabilities. Integrate residual risk outputs in local and Shared Services governance. Champion local incident responses & handling processes, provide business context and local expertise in incident scenarios. Coordinate with Shared Service owner to manage local incident management post mortem activities and track residual findings to resolution. Maintain and manage local regulatory incident response reporting requirements. Engage with Shared Services to carry out forensics security investigations work integrating processes with business and legal / compliance stakeholders. Partner with Global Architecture Shared Services organizations to implement standard security solutions and capabilities, providing expert change solution design in local business line. Conversely feed global Architecture roadmaps by capturing local requirements. Support business line mergers, acquisitions and divestiture activities in line with the Shared Services playbook designed to reduce change risk. Lead local business Cigna Information Protection teams as well as matrix manage Shared Services peers. Ensure in person employee engagement by motivating team, running personalized development programs, and creating an empowering culture aligned with Cigna values. Experience Required: Minimum 18-21 years of Information Security / Cyber or related risk management experience. Experience Desired: Experience leading teams of over 125-150 employees Experience within the Healthcare, Insurance or Financial Services industry preferred. Education and Training Required: CISSP or other security related certification preferred (CISM / CISM etc.) Primary Skills: Implementation level knowledge of information security standards and frameworks (e.g. ISO/IEC 27001/27002, PCI-DSS, NIST Cybersecurity Framework, etc.) and attestation reports (e.g. SOC 1/2). Awareness of Governance, Risk and Compliance and workflow management tools, e.g. Onspring, ServiceNow VR, Brinqa etc. Additional Skills: Ability to translate information security and technical controls into business terms that are easily understood. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

S&P Global Ratings The Role : Director, Application Operations The Team : This team is part of the global SRE group that provides Site Reliability Engineering Services for the critical applications used by the analysts for conducting the business. Application Operations team is responsible for the Stability (Uptime), Reliability (Quality & Performance) and Engineering of these applications to improve business outcomes, user experience and efficiencies. The Team operates at the intersection of IT operations and software development, ensuring that our services are not only robust but also agile enough to adapt to the ever-evolving business needs. Impact and Responsibilities : The Impact of this role extends far beyond the immediate team. You will be instrumental in shaping the reliability and performance standards of our critical applications, ensuring they meet the highest benchmarks. By driving advancements in automation and cloud technologies, you will contribute significantly to the organization's strategic goals and toil reduction, enhancing both the user experience and operational efficiency. You will nurture the team members to be the best-in-class by upskilling and cross-skilling. General & Team management Ensure the team balances its focus between daily operational tasks and strategic long-term projects Drive the adoption of new technologies and processes through training and mentoring Lead/Mentor/Guide/Coach and transform a team of Application Operations to SRE’s Create/maintain documentation for systems and processes to ensure continuity and knowledge sharing within the team. Adoption of Gen AI to leverage knowledge repository Collaborate with cross-functional teams to ensure seamless integration and support for new technologies and initiatives Oversee daily operations and ensure the shifts are adequately managed Set the roadmap; derive goals for each team member; review, motivate and support to make them successful Stability Build a SRE practice that improves system stability with Monitoring & AIOps. Avert P1/P2 incidents and minimize business impact Analyze system vulnerabilities, SPOFs and address them proactively to improve stability Refactor monolithic apps and databases to containerized services to improve delivery/scale Work with business users to understand needs, issues, develop root cause analysis and work with the cross functional teams to address them permanently Reliability Monitor system performance and create strategies to improve it Reduce the number of incidents and the time taken to resolve them (MTTR) Develop and implement disaster recovery plans to ensure business continuity Lead DevOps transformation to improve the delivery of value to business, reduction of costs & manual errors, increased velocity of releases and improved config management Engineering Involvement in Architecture and Development design reviews (Shift-left) for new implementation and integration projects to build SRE best practices into the SDLC Continuously look for opportunities to automate tasks, simplify processes, Self-service to reduce the toil Value Stream Alignment: While alignment as horizontal lead is expected to begin with, it’s expected that you also handle the role of a SRE value stream lead going forward. Ensure smooth inter-working with value streams (VS) to meet the objectives & realize value Foster a 2-way knowledge sharing with VS and reduce dependency on SRE Help shepherd VS to improve SRE maturity levels; implement & prioritize best practices like monitoring, post-mortem, toil reduction, retrospectives etc. Application to User Journey orientation and transformation What’s in it for you : In this role, you will have the opportunity to collaborate with a diverse and talented team, working on cutting-edge technology solutions to drive efficiency and innovation within the organization. You will be at the forefront of implementing best practices in site reliability engineering, with a strong emphasis on automation, cloud technologies, and performance optimization. You will interface with the value stream leads to improve the SRE practices and maturity levels within the value streams. What We’re Looking For: Basic Qualifications : Bachelor’s degree in computer science or equivalent is required, or in lieu, a demonstrated equivalence in work experience 15+ years of experience in Information Technology domain including cloud, systems & database administration, networking, performance, and application operations Proven experience in IT Operations and/or Site Reliability Engineering, successful handling of Application Operations in a complex IT setup Manage Multi-cloud (AWS/Azure) environments Engineering and implementing proactive monitoring of applications, infrastructure & databases. Engineering automation to self-heal and mature towards AIOps Manage, innovate, and create processes, software and tools that continuously improve the availability, reliability, scalability, latency and efficiency of platforms Engineer Self-service portals, Scalable platforms and repeatable processes that allow product teams to own the entire life cycle of their products, reducing the SRE dependency Excellent communication skills with experience in managing, coaching, and building highly effective teams. Manage and inspire a team of full stack Site Reliability Engineers across regions and time zones, emphasizing collaboration and efficiency. Establish relationships with business teams & other IT partners. Identifying and measuring KPIs like CSAT/NPS scores, establishing feedback channels which have a direct correlation to UX Cost management through forecasting consumption, budgeting, tagging assets & tracking cost, disposing unused allocations & right sizing, optimizing usage & correlating cost to business value Establish incident & defect review process to help guide and continually improve stability of applications Shapes and leverages advanced conceptual thinking to solve complex and/or completely new or novel situations that have never been dealt with before. Actively pursues innovative solutions that align with the company’s tolerance for risk (business and reputational) Looks at external companies, products and capabilities and how they may accelerate Ratings technology initiatives Preferred qualifications: Experience in application & data architecture, system design, algorithms, data structures, complexity analysis, and software design Ability to architect high availability application and servers on cloud adhering best practices. Ability to perform technical deep-dives into code, networking, systems, databases and storage configuration Experience working in Agile software product development Experience working with stakeholders and collaborating across organizational boundaries. Configuration management, automation of patching, threat and vulnerability management, security monitoring, network security, endpoint security, cloud application and data security Awareness of security frameworks like NIST to address technology, information and resilience risk, information security and risk management Support & transform ITSM process – Incident, Change & Problem management to align with DevOps maturity Show more Show less

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. The Second line of Defense Controls Testing partner for the Cyber and Technology Risk Management (CTRM) division will be a team leader who will work closely with peers, stakeholders, and their manager on Second Line’s Controls Testing program focused, on Cyber and Technology Controls Testing/Validations as well as Cyber and Technology related assessments. Responsibilities Will Include Lead 2LOD Cyber and Technology Risk Management team in India focused on controls testing/validation, assessments, and overall support to Cyber and Technology Risk Management initiatives Manage testing/validation requirements for controls testing team, monitor progress, and ensure timeliness and quality of team’s work Test, Validate, and Assert to Business and Application Owner control testing methodology and test procedures Perform 2LOD validation work, including plan preparation, workpapers, finding, and report results to risk committees Manage day-to-day risk issues, design, and implementation of new controls with various teams Examine cyber risk controls, evaluate the design and operational effectiveness, determine exposure to risk, and work with business to develop remediation strategies Assess risk as a Second-Line governance role through the Risk and Control testing; Risk Identification; and Change Initiative Risk Assessment processes, as applicable Provide Second-Line risks and control testing findings to Risk Management leadership and risk committees Understanding of the ‘Three Lines of Defense’ governance model Ability to assess and effectively communicate the operational, and technical findings and control issues to executive and business leadership, using language that is relevant to and understandable by the business Strong risk assessment framework knowledge and experience performing risk assessments covering key risks and controls Strong project management skills, including the ability to adapt to change quickly, multi-task and demonstrate flexibility in prioritization based on requested tasks Strong working knowledge of banking/financial regulatory requirements to perform and ensure an appropriate level of testing Qualifications - External 10-12 years of IT Audit experience to include but not limited to: Cyber Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit 3+ years leading controls testing and/or audit teams CISSP, CISM, CISA, CRISC, or equivalent certifications highly preferred Familiarity with the NIST Cybersecurity Framework Strong working knowledge of the inherent cyber risks in the financial services industry Cloud, MFA, Password vaulting (e.g. CyberArk), and Secure SDLC experience Analytical and communication skills required to summarize and analyze information Organizational skills required to coordinate risk related activities with peers and senior executives Advanced Microsoft Office 365 skills Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater. Show more Show less

Summary Position Summary USI T&I/IT Security – Analyst/Senior Analyst – Disaster Recovery Analyst/Specialist - Deloitte Support Services India Private Limited Work you’ll do Responsibilities As a team member, you will be accountable for, but not limited to the responsibilities below. Operational Disaster Recovery Planning & Execution: Develop and maintain comprehensive Disaster Recovery (DR) strategies and policies to ensure rapid system recovery. Conduct Business Impact Analyses (BIA) and Risk Assessments to identify critical systems, dependencies, and recovery priorities. Establish and track Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) for all essential business applications. Maintain up-to-date documentation for DR plans, including technical recovery procedures. Testing & Compliance: Coordinate and execute DR testing exercises, including tabletop simulations and live failover tests. Ensure compliance with ISO 22301, Deloitte DR Standards, and other regulatory requirements (e.g., SOC 2, NIST). Monitor DR performance and recommend improvements to enhance resilience. Assist with internal and external audit responses related to disaster recovery. Collaboration & Stakeholder Engagement: Work closely with IT Security, Infrastructure, Cloud, and Business Continuity teams to align DR strategies. Develop and deliver DR training and awareness sessions for key personnel. Engage with third-party vendors to evaluate and enhance disaster recovery solutions. Incident Response & Recovery: Provide technical support during disaster recovery activations, ensuring a swift and efficient system restoration. Identify and resolve gaps in backup and recovery processes to minimize downtime. Participate in post-incident reviews to assess DR effectiveness and recommend improvements. Skills: Attention to detail for compliance documentation Project management and organizational abilities Strong understanding of disaster recovery frameworks (ISO 22301, NIST, ITIL, or similar). Hands-on experience with backup, failover, and recovery solutions (e.g., Veeam, Azure Site Recovery, AWS Backup, Zerto). Knowledge of cloud-based DR strategies (AWS, Azure, or Google Cloud). Familiarity with risk management and compliance frameworks (SOC 2, ISO 27001, NIST 800-34). Experience conducting DR testing and incident response exercises. Strong documentation and reporting skills for DR planning and audit support. Hands-on experience with ServiceNow Business Continuity, IRM, or GRC modules (configuration, customization, or development). Certifications such as CBCP (Certified Business Continuity Professional), CISSP, ITIL, or DRII certifications. Experience with automation and scripting (e.g., PowerShell, Python) for DR process improvement. Knowledge of network security, endpoint protection, and SIEM tools. Education: Bachelor’s Degree or equivalent Experience: 3+ years of experience in Disaster Recovery, Business Continuity, IT Security, or IT Infrastructure roles. Work Location : Hyderabad Shift Timings : 2 PM to 11 PM IST. In addition, may require working during weekends or beyond 11 PM sometime during any DR testing activities. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 300351 Show more Show less

Job Summary We are seeking a highly skilled and motivated Security, Compliance, Service Governance, and FinOps Engineer to join our Platform Engineering Team . This role is critical in ensuring that our developer platform adheres to security, compliance, and governance standards for Europe and North America while also managing FinOps practices to optimize cloud cost efficiency. The personnel will work closely with engineering teams to implement security best practices, ensure regulatory compliance, enforce service governance policies, and drive cost optimization. Key Responsibilities Security & Compliance: Implement security best practices within the platform, ensuring alignment with industry standards (ISO 27001, SOC 2, NIST, etc.). Enforce regulatory compliance with GDPR, CCPA, and other region-specific privacy regulations. Conduct risk assessments and vulnerability management within the platform. Collaborate with security teams to design and integrate zero-trust architectures and IAM policies. Service Governance: Define and enforce governance policies for service publishing and consumption. Ensure API and microservices security compliance (OAuth, OpenID Connect, API gateways). Monitor service reliability, availability, and SLA compliance. FinOps & Cloud Cost Optimization: Develop and implement FinOps strategies to optimize cloud usage and reduce costs. Monitor and analyze cloud expenditures to provide insights and recommendations for cost savings. Collaborate with finance and engineering teams to establish budget controls and forecasting for cloud resources. Implement automation for cost management, including auto-scaling, resource tagging, and anomaly detection. Automation & Monitoring: Automate compliance and governance checks using tools like OPA, Terraform, Kubernetes policies (Kyverno, Gatekeeper), and CI/CD security scanning tools. Implement observability tools for audit logging, security monitoring, and anomaly detection. Collaboration & Stakeholder Engagement: Work closely with engineering, DevOps, and security teams to embed compliance into the software development lifecycle. Provide training and best practice guidelines to developers on security, governance, and FinOps. Required Skills & Qualifications 5+ years of experience in security, compliance, governance, or FinOps within a cloud-based platform environment. Strong understanding of cloud security principles (AWS, Azure, or GCP). Hands-on experience with CI/CD security tools (e.g., Snyk, SonarQube, Aqua Security, Prisma Cloud). Proficiency in infrastructure-as-code (IaC) (Terraform, CloudFormation) and security automation. Familiarity with Kubernetes security (Pod Security Policies, RBAC, network policies). Knowledge of regulatory compliance standards (GDPR, SOC 2, ISO 27001, NIST 800-53). Experience with IAM, RBAC, and policy-based security controls. Strong scripting skills (Python, Bash, or similar) for automation. Experience with FinOps tools (AWS Cost Explorer, Azure Cost Management, GCP Cost Analysis) and cloud financial management best practices. Excellent problem-solving and communication skills. Desired Skills & Qualifications Certifications such as CISSP, CISM, AWS Security Specialty, CKS, or FinOps Certified Practitioner. Experience with service mesh technologies (Istio, Linkerd) for governance. Exposure to DevSecOps methodologies and security-as-code principles. Prior experience working in regulated industries (finance, healthcare, etc.). Justification for the Role Ensuring Compliance: With evolving privacy laws (GDPR, CCPA, etc.) in Europe and North America, a dedicated role is essential to maintain compliance. Security Risk Mitigation: As the platform scales, ensuring secure CI/CD pipelines and service publishing reduces vulnerabilities. Service Governance: Standardized governance enhances interoperability, security, and reliability of published services. FinOps Efficiency: Optimizing cloud costs and ensuring financial governance is crucial to managing infrastructure expenditures effectively. Developer Enablement: Providing automated security, compliance, and cost governance frameworks allows developers to focus on innovation while adhering to best practices. About Trimble Trimble is a leading provider of advanced positioning solutions that maximize productivity and enhance profitability for our customers. We are an exciting, entrepreneurial company, with a history of exceptional growth coupled with a disciplined and strategic focus on being the best. While GPS is at our core, we have grown beyond this technology to embrace other sophisticated positioning technologies and, in doing so, we are changing the way the world works. Those who successfully lead others to meet our objectives are vital to our organization. Leadership at Trimble is much more than simply exercising assigned authority; we expect our leaders to embrace a mission-focused leadership style, demonstrating the strength of character, intellect and the ability to convert ideas to reality. www.trimble.com Show more Show less

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express. How will you make an impact in this role? Responsible for contacting clients with overdue accounts to secure the settlement of the account. Also they do preventive work to avoid future over dues with accounts that have a high exposure. The Global Risk & Compliance (GRC) group within American Express is responsible for providing oversight and governance of risks to ensure that the company operates in a safe and sound manner within regulatory expectations. In a world increasingly subject to digitalization and the use of technology, technology risk management has become increasingly significant across organizations, becoming one of the key themes at board meetings. Cyberattacks have become increasingly commonplace and the trend continues to move upward. This individual contributor role is part of the second line technology risk management team within the GRC group, headed by the Chief Risk Officer (CRO) of the company. This is a unique opportunity to work with a team of diverse and talented professionals who are responsible for building the technology risk management program and providing independent risk oversight to the Information Technology (IT), Information Security (IS) and Business Continuity management (BCM) risks. Reporting to the Manager for Cybersecurity, Technology, and Resiliency Risk oversight, this position is responsible for supporting independent assessments and reporting of risks. The risks identified by this team are reported to the Senior Management, Risk Management Committees, Board of Directors, and Regulators. This position will be responsible for effectively collaborating with key stakeholders across lines of business and lines of defense to ensure risks are managed effectively and efficiently in accordance with the company policies and applicable regulatory requirements. Essential Job Functions: Assist in identifying and assessing IT and IS risks across applications, infrastructure, and third-party vendors. Support IT and IS risk assessments and recommend mitigation strategies. Monitor IT and IS risk trends and emerging threats to provide proactive recommendations. Assist in the testing and validation of IT and IS controls. Prepare IT and IS risk reports and dashboards for management review. Support internal and external audits related to IT and IS risk. Support the implementation of IT and IS risk management frameworks, policies, standards, and procedures. Maintain IT and IS risk registers and track remediation efforts for identified risks. Support independent, proactive risk management and oversight of information technology, information security and business continuity management risks generated within business processes or that occur due to use of Technology. Support data-driven reviews focused on technology, cyber security, and business continuity management risks. Support development and enhancement of data-driven key risk indicators and key performance indicators that provide real time and meaningful insights into the risk and performance trends. Stay knowledgeable of relevant regulations, guidelines & industry standards. Support the design of independent Information Technology risk oversight program which defines the engagement and integration with various risk management programs, including Risk and Control Self Assessments, Business Continuity Management, New Product Approval, Mergers & Acquisitions etc. Required Qualifications: Bachelor’s Degree in related field. 3 + years of experience in IT and IS risk management across any of the three lines of defense. Proven ability to identify risks, analyze issues and derive meaningful insights about risk trends. by conducting interviews and analyzing large volumes of data. Excellent analytical skills with high attention to detail and accuracy. Excellent critical thinking and problem-solving skills. Excellent verbal, written and interpersonal communication skills. Willingness to challenge traditional thinking by actively engaging in constructive dialogue. Preferred: Educational background: Computer Science or Information Systems. Experience in risk management across cyber security, information technology, third party, business continuity management. Working knowledge of one or more of the data mining tools/technologies (e.g., Microsoft Excel: Pivot Tables SQL, SAS, Python, R). Industry certifications (e.g., CISSP, CISM, CISA, CRISC, ITIL, CBCM, CBCP, CBCI). Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, ISO/IEC 20000-1, ISO 22301, FAIR or NIST RMF). Knowledge of relevant policies & regulations (e.g., OCC Heightened Standards, FFIEC IT booklets). Experience with Governance, Risk and Compliance tools (e.g., Archer) We back you with benefits that support your holistic well-being so you can be and deliver your best. This means caring for you and your loved ones' physical, financial, and mental health, as well as providing the flexibility you need to thrive personally and professionally: Competitive base salaries Bonus incentives Support for financial-well-being and retirement Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location) Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need Generous paid parental leave policies (depending on your location) Free access to global on-site wellness centers staffed with nurses and doctors (depending on location) Free and confidential counseling support through our Healthy Minds program Career development and training opportunities American Express is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other status protected by law. Offer of employment with American Express is conditioned upon the successful completion of a background verification check, subject to applicable laws and regulations. Show more Show less

Job Description: PCI Internal Security Assessor (ISA) Department: Enterprise Security & Technology Risk Management Employment Type: Contractor Job Overview The PCI Internal Security Assessor (ISA) is responsible for ensuring that complies with the Payment Card Industry Data Security Standard (PCI DSS). The ISA will assess, monitor, and enforce the security measures necessary to protect cardholder data and maintain PCI compliance across all systems and processes. This role works closely with internal stakeholders and external parties to maintain a secure environment, mitigate risks, and improve overall security posture. Key Responsibilities: PCI DSS Compliance Management: Conduct regular internal assessments and audits to ensure the organization's compliance with PCI DSS. Develop and implement PCI compliance policies, procedures, and controls. Serve as the internal point of contact for PCI DSS-related matters and ensure all applicable security controls are in place. Collaborate with the external Qualified Security Assessor (QSA) to facilitate annual PCI DSS certification audits. Risk Assessment and Mitigation: Identify and assess potential risks to cardholder data environments and provide recommendations for risk mitigation. Implement and enforce necessary security controls to address gaps identified during assessments. Ensure vulnerability scanning, penetration testing, and security reviews are conducted to identify weaknesses and ensure continuous compliance. Documentation and Reporting: Prepare and maintain comprehensive documentation, including policies, procedures, and reports required for PCI DSS compliance. Maintain comprehensive documentation of assessment findings, corrective actions, and compliance status. Manage the submission of the Self-Assessment Questionnaires (SAQs) and Attestation of Compliance documents (AOCs) as needed. Training and Awareness: Conduct internal PCI DSS training for staff to ensure a deep understanding of the importance of compliance and security measures. Provide ongoing guidance and support to departments regarding security best practices related to PCI DSS. Collaboration and Communication: Work closely with projects, Enterprise Security, Technology, and other relevant departments to align PCI DSS compliance with overall security policies and practices. Proactively identify and/or promptly escalate risks and issues affecting PCI compliance status. Stay updated on changes in PCI DSS requirements and industry best practices to ensure CIBC Caribbean remains compliant. Present PCI DSS compliance status reports to senior management and external stakeholders. Act as a liaison where necessary between CIBC Caribbean and external vendors or service providers involved in processing or storing cardholder data. Qualifications: Education: Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent work experience). Experience: Minimum of 3-5 years of experience in information security, PCI compliance, or a related field. Previous experience as an ISA, QSA, or a similar role is highly desirable. Certifications: Certified PCI Internal Security Assessor (ISA) or Certified PCI Professional (PCIP) certifications preferred. Additional certifications such as CISSP, CISM, CISA, or CEH are a plus. Skills and Competencies: Deep understanding of PCI DSS requirements and data security best practices. Familiarity with security frameworks (NIST, ISO 27001, CIS Controls) and security technologies (firewalls, IDS/IPS, encryption, etc.). Strong analytical, problem-solving, and project management skills. Excellent communication and interpersonal skills with the ability to work cross-functionally. Proficiency in using security assessment tools and techniques (e.g., vulnerability scanners, SIEM). Other Requirements: Ability to work independently and handle sensitive information confidentially. Detail-oriented with strong organizational skills. Occasional travel may be required for audits or compliance reviews. Show more Show less

Business Unit: Global Technology Reporting To: Director, Cybersecurity Shift: EMEA (1:30 pm - 10:30 pm IST) (India) About Russell Investments, Mumbai: Russell Investments is a leading outsourced financial partner and global investment solutions firm providing a wide range of investment capabilities to institutional investors, financial intermediaries, and individual investors around the world. Building on an 89-year legacy of continuous innovation to deliver exceptional value to clients, Russell Investments works every day to improve the financial security of its clients. The firm is “Top 12 Ranked Consultant (2009-2024)” in P&I survey 2024 with $906 billion in assets under advisement (as of December 31, 2024) and $331.9 billion in assets under management (as of March 31, 2025) for clients in 30 countries. Headquartered in Seattle, Washington in the United States, Russell Investments has offices around the world, including London, New York, Toronto, Sydney, Tokyo, Shanghai – and has opened a new office in Mumbai, India in June 2023. Joining the Mumbai office is an incredible opportunity to work closely with global stakeholders to support the technology and infrastructure that drives the investment and trading processes of a globally recognized asset management firm. Be part of the team based out of Goregaon (East) and contribute to the foundation and culture of the firm’s growing operations in India. The Mumbai office operates with varying shifts to accommodate time zones around the world. For more information, please visit https://www.russellinvestments.com. Job Description: Location : Mumbai, India Department : Global Technology/Cybersecurity Reporting to : Global Head of Cybersecurity Role Overview The Head of Cybersecurity – India will lead the cybersecurity strategy, operations, and governance for the region. The role is responsible for ensuring robust protection of the organization's data, systems, and networks against cyber threats, while enabling compliance with regulatory requirements. This senior leadership role requires expertise in threat management, risk assessment, and cybersecurity technologies, as well as strong people and project management skills. Key Responsibilities Strategic Leadership Develop and implement the cybersecurity strategy for India in alignment with global and regional security objectives. Ensure alignment of cybersecurity initiatives with business goals and regulatory requirements. Lead a high-performing cybersecurity team. Assist Global Head of Cybersecurity in preparing presentations to the various Boards and Committees. Operational Security Oversee the design, implementation, and maintenance of security technologies, including firewalls, intrusion detection systems, endpoint protection, and cloud security tools. Monitor, detect, and respond to cyber threats, ensuring rapid resolution of incidents. Identify risks in technology selections and configurations in the region and create plans for remediation. Ensure business continuity through robust disaster recovery and incident response plans and revise such plans to leverage this regional office. Risk & Compliance Assess, monitor, and mitigate cybersecurity risks in collaboration with business units. Ensure compliance with local and international regulations (e.g., GDPR, IT Act 2000, ISO 27001). Report regularly to Global Head of Cybersecurity on the state of cybersecurity and risks. Ensure compliance with all global corporate Policies, Standards and best practices for the India office. Stakeholder Engagement Collaborate with global cybersecurity leaders to share insights, resources, and strategies. Act as the primary point of contact for regulators, auditors, and third-party security assessments in India. Facilitate cybersecurity awareness program for employees in India to foster a security-conscious culture and ensure completion of required training. Innovation and Trends Stay updated on emerging cybersecurity threats, technologies, and best practices. Recommend and implement innovative solutions to strengthen the organization’s cybersecurity posture. Manage Cybersecurity intranet site and ensure fresh and relevant content is provided. Qualifications Education Bachelor’s/Master’s degree in Computer Science, Information Security, or a related field. Certifications (Preferred) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CRISC (Certified in Risk and Information Systems Control) Experience 12+ years of experience in information security, with at least 5 years in a leadership role. Proven track record of managing cybersecurity strategies in a large organization, preferably in a global or regional context. Hands-on experience with security frameworks like NIST, ISO 27001, or COBIT. Skills Strong knowledge of security technologies, tools, and practices (e.g., SIEM, EDR, DLP, cloud security). Experience managing cybersecurity in multi-cloud and hybrid environments. Excellent leadership, communication, and decision-making skills. Ability to balance technical requirements with business needs. Show more Show less

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level:8 + years. Location: Hyderabad / Bengaluru Required skills: 6 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level:5 + years. Location: Hyderabad / Bengaluru Required skills: 4 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level: 3+ years. Location: Hyderabad / Bengaluru Required skills: 3 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Bachelor's degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. #njp Show more Show less

JOB DESCRIPTION ———————————————————————— Assistant Manager - IT & OT Infrastructure, Data and Applications Security Godrej Agrovet Limited (GAVL) Mumbai, Maharashtra, India ————————————————————————————————————— Job Title: Assistant Manager - IT & OT Infrastructure, Data and Applications Security Job Type: Permanent, Full-time Function: IT Business: Godrej Agrovet Limited - Corporate Location: Mumbai, Maharashtra, India About Godrej Industries Group (GIG) At the Godrej Industries Group, we are privileged to serve over 1.1 billion consumers globally through our businesses with market leadership positions in the consumer products, real estate, agriculture, financial services and chemicals industries. https://www.godrejindustries.com/ About Godrej Agrovet Limited (GAVL) Godrej Agrovet is a food and agri conglomerate, dedicated to improving the productivity of Indian farmers by innovating products and services that sustainably increase crop and livestock yields. www.godrejagrovet.com About the role We are seeking a highly skilled and experienced IT & OT Infrastructure, Data, and Applications Security Manager to lead the security strategy and implementation for IT & OT (Operational Technology) environments. This role is responsible for ensuring that critical infrastructure, network systems, and applications are secure from cyber threats while ensuring operational continuity in both the IT and OT domains. The position requires a deep understanding of both IT and OT security frameworks, as well as an ability to collaborate with cross-functional teams to safeguard digital assets and operations. Roles & Responsibilities: 1. IT & OT Infrastructure Security: Develop, implement, and maintain security policies, procedures, and controls to protect IT & OT infrastructure components, including servers, networks, industrial control systems (ICS), SCADA, and cloud environments. Collaborate with IT teams to ensure secure integration between IT and OT systems, addressing the unique security requirements of each domain. Conduct regular risk assessments, vulnerability scans, and penetration tests to identify and mitigate threats in IT & OT infrastructures. Manage the security of industrial networks, SCADA systems, and IIoT (Industrial Internet of Things) devices to prevent cyber threats and ensure safe operations. Implement and maintain security for cloud services, on-premises data centers, and critical OT assets, ensuring compliance with industry standards. 2. Data Security : Implement data encryption, tokenization, and masking techniques to protect sensitive and proprietary data across systems, databases, and storage devices. Oversee data classification processes and ensure data protection in compliance with legal and regulatory requirements (GDPR,CCPA, HIPAA, etc.). Ensure proper data backup, disaster recovery, and business continuity planning related to data security. Conduct data loss prevention (DLP) assessments and implement preventative controls. Manage access control policies for databases and ensure segregation of duties for sensitive information. 3. Network Security: Develop and maintain robust network security architecture for IT & OT networks, ensuring protection against unauthorized access, data breaches, and cyber-attacks. Monitor and analyze network traffic and logs to detect potential threats, vulnerabilities, and anomalous activities across IT & OT networks. Implement network segmentation to isolate IT and OT environments while ensuring controlled data exchange between systems. Configure and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and secure VPNs to protect networks from external and internal threats. Manage secure communication channels for IT/OT devices and ensure the proper functioning of secure remote access protocols for IT/OT systems. 4. Applications Security: Lead the implementation of secure application development practices for OT applications. Work with development and OT engineering teams to incorporate secure coding practices into OT software systems. Conduct regular security assessments and code reviews for applications, ensuring that vulnerabilities are identified and mitigated. Oversee security testing of OT applications, including SCADA systems, human-machine interfaces (HMIs), and industrial control software, to ensure that security controls are in place. Implement security controls around application access, user authentication, and data integrity for OT applications. 5. Incident Response & Threat Management: Lead and coordinate response efforts to security incidents involving OT systems, ensuring that containment, investigation, and remediation processes are followed efficiently. Develop and maintain incident response plans that address OT-specific risks, ensuring minimal disruption to critical operations. Conduct post-incident analysis to identify root causes, recommend improvements, and apply corrective actions to prevent future occurrences. Collaborate with internal and external teams (e.g., law enforcement, vendors) during security incidents that may impact OT systems. 6. Security Governance and Compliance: Ensure compliance with relevant industry regulations, standards, and frameworks (e.g., NIST, ISO 27001, IEC 62443, NERC CIP) in OT environments. Implement and enforce security governance, risk management, and compliance strategies across OT assets. Perform regular audits and assessments of OT security controls to ensure compliance with security policies and regulatory requirements. Maintain comprehensive security documentation, including risk assessments, incident reports, and security project plans. 7. Security Awareness and Training: Develop and conduct security awareness training programs for OT staff, ensuring that they are educated on security best practices, emerging threats, and organizational policies. Provide ongoing education to the OT team about the importance of cybersecurity in the context of industrial operations and critical infrastructure. Stay current with emerging security trends, threats, and vulnerabilities specific to OT environments and incorporate new knowledge into security practices. Key Requirements: Education : Bachelor's degree in computer science, Information Security, Cybersecurity, Engineering, or a related field (Master’s preferred). Experience : Minimum of 5 to 6 years of experience in IT & OT security, Data security, and application security. Extensive experience securing both OT (industrial control systems, SCADA, ICS, IIoT) environments. Proven experience with network segmentation, firewalls, IDS/IPS, VPNs, and application security frameworks. Familiarity with securing operational technology, including understanding of industrial protocols (Modbus, OPC, DNP3, etc.). Hands-on experience with OT vulnerability management, incident response, and threat intelligence processes. Certifications : CISSP, CISM, CISA, or similar certifications are preferred. OT-specific certifications such as Certified SCADA Security Architect (CSSA) or IEC 62443 certification a plus. Network security certifications such as CCSP, AWS Certified Security Specialty, or CCNA Security are beneficial. Application security certifications (e.g., CEH, OWASP) are a bonus. Technical Skills: Expertise in securing network and infrastructure devices, systems, and industrial control systems (ICS). Deep knowledge of network protocols and security mechanisms (e.g., IP, TCP/IP, VPNs, firewalls). Proficiency in securing cloud environments (AWS, Azure, Google Cloud) as well as on-premises systems. Experience with tools for vulnerability scanning, penetration testing, and risk assessments (e.g., Nessus, Qualys, Burp Suite). Knowledge of SCADA systems, PLCs, and industrial protocols commonly used in OT environments. Personal Attributes: Strong analytical, problem-solving, and decision-making skills with the ability to think critically under pressure. Excellent communication and collaboration skills, able to work with both IT and OT teams to implement security solutions. Ability to manage multiple projects, prioritize tasks, and meet deadlines in a fast-paced environment. Proactive and forward-thinking, with a passion for staying ahead of emerging cybersecurity threats and trends. What’s in it for you? Be an equal parent Maternity support, including paid leave ahead of statutory guidelines, and flexible work options on return Paternity support, including paid leave New mothers can bring a caregiver and children under a year old, on work travel Adoption support; gender neutral and based on the primary caregiver, with paid leave options No place for discrimination at Godrej Gender-neutral anti-harassment policy Same sex partner benefits at par with married spouses Gender transition support We are selfish about your wellness Comprehensive health insurance plans, as well as accident coverage for you and your family, with top-up options Uncapped sick leave Mental wellness and self-care programmes, resources and counselling Celebrating wins, the Godrej Way Structured recognition platforms for individual, team and business-level achievements Performance-based earning opportunities https://www.godrejcareers.com/benefits/ If this sounds like a role for you, apply now! We look forward to meeting you. Show more Show less

Leadership and Management: Lead and manage a team of technical resources located offshore, ensuring high performance, motivation, and professional development. Oversee Security Operations Center (SOC), incident response, vulnerability management, threat intelligence, and endpoint protection. Direct the development and implementation of security architecture, tools, and frameworks across cloud, on-premises, and hybrid environments. Education: Bachelor’s degree in computer science, Information Technology, or a related field. A master’s degree is preferred. Experience: 12+ years of progressive experience in cyber security, including at least 5 years in senior leadership roles. Technical Skills: Deep understanding of cyber security frameworks (NIST CSF, NIST 800-53, MITRE ATT&CK) Leadership Skills: Demonstrated experience building and managing enterprise security programs in complex, regulated environments. Proven ability to influence at all levels, including executives and board members. Excellent leadership, communication, and stakeholder engagement skills. Problem-Solving: Strong technical foundation in network security, cloud security (GCP, AWS, Azure, OCI), security engineering, and incident response. Cultural Awareness: Ability to work effectively in a multicultural environment and manage teams across different time zones. Preferred Qualifications: Experience working in a global organization with distributed teams. Certification in (CISSP, CISM, CISA, CCSP, etc.) strongly preferred. Experience and Certifications in ITIL, Agile and DevOps practices. Experience working in Retail & Manufacturing. Knowledge of managing regulatory environments such as HIPAA, SOX, PCI-DSS, GDPR. Show more Show less

Job Summary: As a Security Software Designer, you will be responsible for designing, developing, and implementing software solutions that protect systems and networks from cyber threats. You will work closely with cross-functional teams to ensure that security is integrated into every phase of the software development lifecycle. Primary responsibilities: 1. Carry security assessment Complying to requirements on Embedded Product Using Threat Model , Threat & Risk Analysis and vulnerability analysis. 2. Bring up the Security Architecture and Design as per the Need of the project to mitigate/Remediate the threats and Get final Cybersecurity approval for Release. 3. Design and Develop the Secure Embedded software applications 4. Analyze and propose mitigation for Security scan results - SAST,DAST,SCA and FST requirements. 5. Collaborate with Development team of Different Product lines to propose and integrate the secure Practices in product design lifecycle Qualification / Requirement: • Bachelor’s/Master’s degree in CS/E&C/IS with Overall Working experience of 8+ Years in Embedded System with Cybersecurity • Proven experience in Secure software design development with security practices. • Strong understanding of security protocols, cryptography, and secure coding techniques. • Excellent problem-solving skills and attention to detail. Essential Requirements: • Very strong technical knowledge on Secure Embedded system Design and Implementation in Bear Metal & Embedded Linux – Secure Boot, Serial, USB, Ethernet and IoT • Hands experience with Programming Language C, C++ and Python • Secure Design Patterns & Principles, Standards IEC62443, NIST 800 Standard OWSAP, CWE • Working experience with Network Protocols, network Infrastructure and services in Embedded LinuxFirewalls, Router, Switches, VPN, HTTP, SSH,SFTP,FTP,TFTP,SNMP,DHCP,MQTT,MQTTS,NTP etc • Cryptographic Concept - Storage of passwords, accounts, keys, Certificates use, Crypto Key Management, Key Generation and Key Usage Desired Requirements : • Sound Knowledge on the Network Security Protocols HTTPS, SSL,TLS • Authentication and Authorization • Gitlab Repository and Pipeline Concept • Design and Development experience in FPGA,PLC,Cloud and IOT based secure systems • Study and Propose best Security design Solution to meet the project needs • Understand and Comply to customer proposed security Requirements and Standards • Risk Assessment • Security Scan tools Knowledge Polaris, Blackduck etc… • Ability to perceive the system knowledge and Analyse the Threat Surface and Vector of threat • Proficient enough to Propose and Conceptualize the Security solution based on the Technology domain Show more Show less

Job requisition ID :: 83149 Date: Jun 12, 2025 Location: Delhi Designation: Associate Director Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile As part of our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Roles and Responsibilities: Working knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection Experience in leveraging industry standards and frameworks such as PCI-DSS, ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc. Demonstrates in-depth knowledge of security and privacy controls and risk management process For Manager/DM/AM: Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc. Possesses certifications such as CEH, ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM certification- preferred For Consultant: Should have basic understanding of cyber security controls such as encryption, hashing, CIA Traits, network security, data security, NIST etc The key skills required are as follows: Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible to assist client in developing information assets inventory and classification Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Advice clients on data privacy, data leakage prevention, identity and access management Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Desired qualifications IT education or related fields PCI-DSS, ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification preferred CISSP, GSEC, GCIH, CEH, LPT, CCSK, certifications would be preferred Location and way of working Base location: Bangalore This profile involves frequent / occasional travelling to client locations. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Consultant/Assistant/Manager/Deputy Manager/Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation. Committed to creating purpose - Creating a sense of vision and purpose. Agile - Achieving high-quality results through collaboration and Team unity. Skilled at building diverse capability - Developing diverse capabilities for the future. Persuasive / Influencing - Persuading and influencing stakeholders. Collaborating - Partnering to build new solutions. Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization. Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities. Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems. Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Job requisition ID :: 83060 Date: Jun 12, 2025 Location: Delhi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile As part of our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Roles and Responsibilities: Working knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection Experience in leveraging industry standards and frameworks such as PCI-DSS, ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc. Demonstrates in-depth knowledge of security and privacy controls and risk management process For Manager/DM/AM: Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc. Possesses certifications such as CEH, ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM certification- preferred For Consultant: Should have basic understanding of cyber security controls such as encryption, hashing, CIA Traits, network security, data security, NIST etc The key skills required are as follows: Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible to assist client in developing information assets inventory and classification Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Advice clients on data privacy, data leakage prevention, identity and access management Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Desired qualifications IT education or related fields PCI-DSS, ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification preferred CISSP, GSEC, GCIH, CEH, LPT, CCSK, certifications would be preferred Location and way of working Base location: Bangalore This profile involves frequent / occasional travelling to client locations. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Consultant/Assistant/Manager/Deputy Manager/Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation. Committed to creating purpose - Creating a sense of vision and purpose. Agile - Achieving high-quality results through collaboration and Team unity. Skilled at building diverse capability - Developing diverse capabilities for the future. Persuasive / Influencing - Persuading and influencing stakeholders. Collaborating - Partnering to build new solutions. Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization. Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities. Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems. Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Job requisition ID :: 78476 Date: Jun 12, 2025 Location: Delhi Designation: Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile As part of our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Roles and Responsibilities: Working knowledge in one or more security and privacy domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection Experience in leveraging industry standards and frameworks such as PCI-DSS, ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc. Demonstrates in-depth knowledge of security and privacy controls and risk management process For Manager/DM/AM: Experience in data protection technologies such as encryption, data discovery, data masking, data redaction, etc. Possesses certifications such as CEH, ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM certification- preferred For Consultant: Should have basic understanding of cyber security controls such as encryption, hashing, CIA Traits, network security, data security, NIST etc The key skills required are as follows: Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible to assist client in developing information assets inventory and classification Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Advice clients on data privacy, data leakage prevention, identity and access management Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Desired qualifications IT education or related fields PCI-DSS, ISO 27001 LA/LI, ISO 31000 LA/LI, ISO 22301 LA/LI, CISA, ITIL, or equivalent certification preferred CISSP, GSEC, GCIH, CEH, LPT, CCSK, certifications would be preferred Location and way of working Base location: Bangalore This profile involves frequent / occasional travelling to client locations. Hybrid is our default way of working. Each domain has customized the hybrid approach to their unique needs. Your role as a Consultant/Assistant/Manager/Deputy Manager/Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation. Committed to creating purpose - Creating a sense of vision and purpose. Agile - Achieving high-quality results through collaboration and Team unity. Skilled at building diverse capability - Developing diverse capabilities for the future. Persuasive / Influencing - Persuading and influencing stakeholders. Collaborating - Partnering to build new solutions. Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization. Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities. Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems. Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte. Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviors and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.