3740 Nist Jobs - Page 12

Job Description: AML RightSource is a leading provider of anti-money laundering (AML) and financial crimes compliance solutions. Our team of experts provides our clients with the highest quality of service, while ensuring compliance with regulatory requirements. We are currently seeking a Senior SOC Analyst to join our team. Responsibilities: Monitor and analyze security events from multiple sources, including security information and event management (SIEM) systems, network and host-based intrusion detection/prevention systems, and other security technologies. Conduct investigations into security incidents, analyze evidence, and report findings to management. Provide technical guidance and support to junior SOC analysts. Develop and maintain standard operating procedures for the SOC. Participate in security assessments and penetration testing activities. Conduct threat hunting activities to identify and respond to advanced persistent threats (APTs). Participate in incident response activities and coordinate with other teams to contain and remediate security incidents. Maintain awareness of new and emerging security threats, vulnerabilities, and mitigation techniques. Collaborate with other teams, including the IT team, to ensure the security of the organization's infrastructure and systems. Provide regular reports to management on the SOC's performance and effectiveness. Requirements: Bachelor's degree in Computer Science, Information Systems, or related field. Minimum of 2.5 years of experience in a SOC or security operations role. Strong knowledge of security technologies, including SIEM systems, intrusion detection/prevention systems, and other security tools. Familiarity with security standards and frameworks, such as NIST, ISO, and SOC 2. Experience with security incident response, including investigation, containment, and remediation. Excellent analytical and problem-solving skills. Ability to work well in a team environment. Strong verbal and written communication skills. Relevant security certifications, such as CISSP, CISM, or GSEC, are highly desirable. AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

As a part of Cisco's Security team, you will play a crucial role in helping businesses maintain cyber resiliency in the face of rapidly evolving digital threats. Your efforts will contribute to preparing for, responding to, and recovering from cyber incidents, ultimately ensuring business acceleration for organizations. By providing guidance, utilizing cutting-edge tools, and offering trusted services, you will assist businesses in achieving cyber resiliency and safeguarding their operations. At Cisco, we are dedicated to developing a comprehensive security portfolio that caters to organizations of all sizes amidst an expanding and sophisticated threat landscape. Through investments in artificial intelligence (AI) and a range of security offerings, we aim to ensure end-to-end security for everything connected to an organization, from applications and services to end users. By leveraging AI and machine learning advancements, we empower security teams with simplified operations and heightened effectiveness. Our innovative solutions such as Cisco XDR and the security service edge (SSE) aim to enhance security operations and provide frictionless access across diverse locations and devices, ultimately benefiting both users and IT professionals. In your role, you will have a significant impact by engaging with customer executives to build deep relationships and establish yourself as a trusted advisor. By identifying customer business issues and challenges, you will communicate solutions in a thought-provoking and insightful manner. Your responsibilities will include presenting comprehensive business cases aligned with customers" strategies, calculating return on investment, negotiating agreements, and capturing market and industry insights. To excel in this role, you are required to have 8-12 years of experience in techno-commercial roles within the cybersecurity domain, knowledge of new technologies, and at least 3 years of experience in selling SaaS and subscription delivery models. Your track record should demonstrate success in achieving sales quotas, strong hunting skills, and the ability to communicate technical propositions at an executive level. Additionally, industry certifications like CISSP, CSSP, CEH, or a Bachelor's Degree in Cybersecurity are preferred, along with a good understanding of NIST guidelines, MITRE ATT&CK framework, and Cisco Security products. Joining Cisco means becoming a part of a diverse and inclusive environment where individual skills and perspectives are celebrated. We prioritize learning and development at every stage of your career, offering opportunities for growth and advancement. Our commitment to inclusion is reflected in our employee resource organizations and volunteer programs, allowing Cisconians to make a positive impact in their communities. By working with us, you will contribute to shaping a more inclusive future for all while embracing your unique talents and potential. Cisco offers a comprehensive benefits package for employees in the U.S. and Canada, including medical, dental, and vision insurance, a 401(k) plan with a matching contribution, disability coverage, life insurance, and wellbeing offerings. Your performance and achievements will be rewarded with a competitive incentive structure that recognizes and values your contributions to the organization's success.,

Required minimum 7 years of experience in system administration. Manage and maintain on-premise and cloud-based servers (Linux/Windows) Administer user accounts, access control, and Active Directory policies Manage virtual infrastructure (VMware, Hyper-V, AWS/GCP/Azure) Monitor system performance and resolve hardware/software issues Ensure availability and reliability of critical business systems Configure and maintain firewalls, routers, VPNs, switches (Fortinet, Cisco, Ubiquiti, etc.) Monitor and respond to intrusion detection/prevention systems (IDS/IPS) Implement and manage endpoint protection and antivirus solutions Conduct vulnerability assessments and remediation Manage secure email gateways, spam filtering, and DLP policies Strong knowledge of HIPAA security rules Responsible for enforcing HIPAA administrative, physical, and technical safeguards Maintain documentation of compliance controls and risk assessments Oversee data encryption, audit logs, access controls, and PHI handling Train staff on HIPAA security awareness and handle incident reporting Lead annual HIPAA security risk assessments and audits Develop and enforce IT and security policies, including data retention, access control, and BYOD Maintain audit trails for compliance purposes Coordinate third-party vendor risk assessments and compliance reviews Familiar with NIST, ISO 27001, and general IT compliance frameworks Ability to communicate clearly with technical and non-technical teams Good to have : Certified HIPAA Professional (CHP) Job Type: Full-time Pay: ₹500,000.00 - ₹800,000.00 per year Benefits: Health insurance Schedule: Day shift Ability to commute/relocate: Ahmedabad, Gujarat: Reliably commute or planning to relocate before starting work (Required)

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Bachelor's degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. #njp

Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. Responsibilities As a Senior Data Protection Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 4+ years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. Join and hustle with the India's fastest privacy and information security consulting company. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

At EY, you have the opportunity to shape a career that reflects your uniqueness, supported by a global network, inclusive culture, and cutting-edge technology to help you reach your full potential. Your distinct voice and perspective are valued in contributing towards making EY even better. Join us in creating an extraordinary experience for yourself while striving towards a better working world for all. As a Technology Risk Manager at EY, you will play a pivotal role in IT Risk and Assurance client projects and internal initiatives. Building and maintaining relationships, identifying business opportunities, and proactively addressing risks are key aspects of your responsibilities within the EY- Technology Risk team. You will have the chance to lead as a Manager within the EY- Technology Risk Team, contributing to the growth of a new service offering and shaping the direction of the firm. Your primary duties include evaluating control portfolios, ensuring compliance with policies and standards, supervising control assessments, and providing valuable insights to clients for enhancing processes and managing risks effectively. Key Responsibilities: - Conduct assessments of control design, operating effectiveness, and risk management outcomes - Ensure accuracy, effectiveness, and timely delivery of assigned control assessments - Manage relationships with control owners and stakeholders, resolving issues and escalating when necessary - Apply risk management concepts to identify and formulate findings, offering insights for process improvement - Stay updated on regulatory standards, industry best practices, and control frameworks Skills and Attributes: - Ability to guide team members and perform procedures related to complex issues - Experience in information security assessments and audits - Proficiency in conducting NIST assessments, ISO assessments, and privacy impact audits - Strong project management skills and understanding of complex information systems - Extensive knowledge of clients" business/industry to identify technological impacts Qualifications: - Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with a minimum of 6 years of experience - Significant experience in technical knowledge relevant to IT assessments and audits Preferred Qualifications: - Familiarity with program and project management practices - Understanding of IT systems development life cycle EY offers a dynamic work environment where you can collaborate with talented individuals globally and engage with leading businesses across diverse industries. Your growth and development are prioritized, supported by coaching, feedback, and opportunities to enhance your skills and advance your career in a way that suits you best. Join EY in building a better working world through creating long-term value, fostering trust, and providing innovative solutions to complex global challenges.,

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30187464 Job Category Digital Technology Job Description Job Description Role: Audit & Complaince Location: Bangalore Full/ Part time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do About the role: We are seeking a highly skilled and experienced DT Compliance Lead to join our team, within Cyber Security function in Carrier, the ideal candidate will have a strong background in IT audits, compliance, and risk management. This is an individual contributor role that requires a proactive and detail-oriented professional to manage and support various compliance and audit activities. The individual will be responsible for governance and oversight of enterprise-wide SOX IT control program to mitigate the risk of material omissions, errors or weaknesses in our technology and security controls. The position requires a combination of strong program management and leadership skills, along with broad technical knowledge and subject-matter expertise in IT audits and compliance. This individual will be responsible for managing SOX compliance expectations with our key stakeholders including control owners, senior/executive management, and internal/external auditors. Key Responsibilities: Oversee program management for all activities including planning, scoping, audit fieldwork, issue identification, reporting, and remediation of issues. Develop an intimate understanding of Carrier’s business processes and the role of technology in meeting business objectives including key IT processes, automations, reports, data flows, and interfaces. Maintain SOX IT documentation, liaise with internal and external auditors, and provide guidance and support to technology control owners on control design, audit requirements, and issue remediation. Conduct internal audits to assess the effectiveness of internal controls and compliance with policies and regulations. Coordinate and support external audits, including providing necessary documentation and information. Evaluate IT control deficiencies for impact and perform root cause analysis to determine appropriate management actions. Monitor management’s remediation efforts to closure, including review of supporting evidence. Serve as subject matter expert and advise on the SOX compliance implications of technology related changes to the business such as new product lines, new system implementations etc. Develop a continuous monitoring program with an emphasis IT controls automation. Develop metrics, reporting and dashboards to track SOX IT control effectiveness and ensure process efficiency, and that risks are being appropriately tracked, communicated and managed. Continually identify opportunities to benchmark controls, automate control testing and streamline manual efforts to increase efficiency and reduce cycle times. Stay current on new technical literature applicable to the internal control process (e. g., PCAOB guidance, SEC, COSO, COBIT, etc.) and maintain awareness of emerging trends and best practices around technology and security controls. Successfully partner with and manage executive level stakeholders, PMOs & Working Groups with Domestic & International cross-functional teams. Create and deliver DT SOX Compliance training materials to key stakeholders. Provide guidance and support to other teams on compliance-related matters. Prepare and present reports on compliance activities and findings to senior management. Requirment Minimum 8-10 years of experience in IT audits, compliance, and risk management. Full-time Bachelor’s degree in IT, Computer Science or equivalent. Certifications such as CISA, CISM, or CISSP or similar professional certifications are highly desirable. Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework. Advanced knowledge of SOX IT requirements, COSO/CoBIT framework and PCAOB standards, and in-depth experience with testing general IT and application controls, segregation of duties (SoD) rules, reports and interfaces. ServiceNow GRC preferred. Excellent analytical and problem-solving skills. Excellent written and verbal communication skills, strong interpersonal skills and the ability to communicate technical concepts effectively across functions and all levels of management. Highly motivated self-starter with a meticulous attention to detail and bias to action, who is eager to put his/her stamp on our rapidly increasing compliance footprint. Ability to work independently and manage multiple priorities. Detail-oriented with a high level of accuracy., or accounting. Key Attributes: Forward-thinking mindset with strong digital acumen. Ability to collaborate across business, legal, and engineering functions. Strong sense of ethics, accountability, and customer trust. Excellent communication and stakeholder influence capabilities. Benefits We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary. Make yourself a priority with flexible schedules, parental leave Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. Inspired by innovation, powered by people. Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself and a better working world for all. As part of our EY-cyber security team, you shall engage in Identity & Access Management projects in the capacity of execution of deliverables. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. We're looking for Senior Security Analyst / Senior Consultant in the Technology Consulting team to work on various Identity and Access Management projects for our customers across the globe. Also, the professional shall need to report any identified risks within engagements and share any issues and updates with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of the highest quality as per EY's quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. **Your key responsibilities:** - Engage and contribute to the Identity & Access Management projects. - Provide Level 3 and Level 4 support for the system within agreed service levels. - Ability to work independently, adapt quickly, and maintain a positive attitude. - At least 3-6 years of Active Directory / Azure Active Directory (Entra) experience. - Have experience in maintaining & administering Active Directory. - Knowledge of Bulk updates using scripts. - Managing backup/restore of AD database. - Must have good experience in handling escalated issues and providing RCA. - Experienced in AD server migration, deployment, and DC promotion. - Knowledge of AD migrations from one domain to another domain will be an added advantage. - Good verbal & written communication, technical document writing. - Awareness of security standards such as NIST and CIS. - Must have knowledge of AD Core Servers handling through command lines. - Must have hands-on experience in managing Azure AD connect server synchronization. - Experience in handling synchronization issues on Azure AD Connect and troubleshoot. - Preparing Operational Manual, Procedure Documents & Design Documents. - Understands concepts of Authentication, Authorization, Provisioning, Identity, and Access Management. - Good knowledge of basic security concepts and certificate management. - Understanding of Authentication, Authorization, MFA, SSO, Federation, and Directory Services concepts. - Supporting Single Sign-On (SSO) infrastructure, analyzing issues related to SSO and Multi-Factor Authentication (MFA). - Strong knowledge about OAuth, OpenID, and SAML concepts. Proficient in Azure Active Directory B2C & B2B connections. - Technical knowledge of Active Directory and experience with user and computer account administration. - Understanding of Active Directory Forest, domain, trust, permissions, access control lists, and related concepts. - Knowledge and experience of AD concepts like FSMO roles, DNS, DHCP, and Group Policies, AD SIEM and log events, AD Sites, GPO, Build it groups, Policies, Directory Sync. - Hands-on experience on end-to-end Identity and Access Management Tools such as Active Directory, Azure AD Operations. - Should be flexible to work on new technology on IAM domain. - Worked in the capacity of a techno-functional role of Identity and Access Management Implementation. - Worked in a client-facing role. - Good understanding of Identity Access Management solutions. - Hands-on experience or good knowledge of Active directory domain migrations will be an added advantage. - Need to be thorough in their respective tools with hands-on experience involving configuration, implementation & customization. - Prior experience working in remote teams on a global scale. - Implement and manage the effectiveness of Incident, Service Request, Change, and Problem management processes for the service area. - Ability to perform Root Cause Analysis and suggest solutions to avoid errors. - Resolve technical issues through debugging, research, and investigation. - Strong communication skills, both verbal and written. - Perform systems analysis and tuning to ensure optimal infrastructure response. **Skills and attributes for success:** - Hands-on experience on end-to-end implementation of Identity and Access Management tools. - Strong communication, presentation, and team-building skills and experience in producing high-quality reports, papers, and presentations. - Ability to communicate detailed technical information to a non-technical audience clearly. - Hands-on experience on tools like PKI, MFA, ADFS, Entra, QMM. **Work Requirements:** - Willingness to travel as required. - Willingness to be an on-call support engineer and work occasional overtime as required. - Willingness to work in shifts as required. **To qualify for the role, you must have:** - Bachelor or master's degree in a related field or equivalent work experience. - 3-6 years of experience implementing IAM projects (Active Directory and Azure AD) and migration. - Strong command of verbal and written English language. - Strong interpersonal and presentation skills. **What working at EY offers:** At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As an IT Auditor in our organization, you will be responsible for leading IT audits to ensure alignment with industry standards. You will oversee quality assurance and reviews for audit engagements, including conducting cybersecurity audits and risk assessments to ensure compliance with IT governance and regulatory requirements. Collaborating with cross-functional teams will be essential to address risks effectively. Your expertise will be crucial in providing expert recommendations for improving cybersecurity measures. Managing audit timelines and deliverables with consistent quality will be a key aspect of your role. Staying updated on emerging IT and cybersecurity trends will also be necessary to enhance our audit processes and practices. To excel in this role, you should hold certifications such as CISA, CISSP, CIA, CISL (or equivalent) and have expertise in IT audit, cybersecurity frameworks, and risk management. Previous experience in a Big 4 firm or relevant industry exposure will be advantageous. A strong knowledge of security standards like ISO, NIST, GDPR, and others is required. Your proven ability to lead teams, manage audit quality, and possess strong communication and stakeholder management skills will be essential for success in this position. Additionally, you should be willing to travel up to 20% to the Middle East to fulfill job requirements effectively.,

As the Lead (BISO) Business Information Security Officer at Computacenter, you will have a unique opportunity to join the Cybersecurity leadership team reporting directly to the Group CISO. Your primary role will involve partnering with senior security professionals to protect Computacenter and its customers from Cyber threats. By ensuring security risk awareness, mitigation, and alignment with the strategic objectives of the business, you will play a crucial role in safeguarding the organization. In this hybrid working role, you will spend two to three days a week in Bangalore, following Computacenter's Strategic Business Partner model. Your responsibilities will include owning the Cybersecurity lens for supporting and guiding the protection of the business from Cyber threats and risks. You will work closely with the broader Group Information Systems and Cybersecurity team to drive the implementation of the evolving Security Strategy under the guidance of the CISO. Your key responsibilities will be divided into four main areas: 1. **Functional Management (40%):** - Develop and implement the business unit security approach in alignment with business goals and objectives. - Define roles and responsibilities of the Lead BISO to meet Strategic Partner and CISO responsibilities. - Establish proactive initiatives to support market trends, business strategies, and compliance requirements. - Build and maintain relationships with senior management for Business Units and regional executives. 2. **CISO deputy (30%):** - Act as a security ambassador and deputize in the region on cybersecurity matters. - Oversee legal Security Compliance requirements within the region. - Support local MDs in adapting business strategy on information and cybersecurity. - Advise on information security, initiate security-related improvements, and support crisis management activities. 3. **Management responsibility (20%):** - Manage, develop, and coach security managers and staff to achieve goals. - Set objectives at individual and team levels and manage performance. - Represent the cybersecurity team on Computacenter topics and projects within the region. 4. **Financial Management (10%):** - Contribute to annual budget planning and manage spend in the budget. - Prepare business cases and controlling mechanisms for major expenditures. - Develop business cases to support investments in Information Security. To be successful in this role, you should possess a completed university degree, preferably a Master's, or comparable cybersecurity education. You should have 5-8 years of professional experience in Information Security/Cyber Security, including experience in Information Security Management Systems. Holding professional certifications such as CISM, CISSP, or CRISC is desirable. Strong knowledge of Information Security frameworks and standards, as well as legislative and regulatory Security compliance requirements, is essential. At Computacenter, with over 20,000 employees globally, we are at the forefront of digitization, advising organizations on IT strategy and implementing technology solutions across 70 countries. We offer leadership training, coaching, mentoring, and international opportunities to support your professional development and personal growth. Join us in driving digital transformation and making a difference in the world of technology. If you are ready to take on a challenging yet rewarding role as a Lead (BISO) Business Information Security Officer and contribute to the cybersecurity initiatives at Computacenter, we welcome your application. Your dedication and expertise will play a vital role in protecting our business and customers from Cyber threats.,

About Us JOB DESCRIPTION SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work. Join us to shape the future of digital payment in India and unlock your full potential. What’s In It For YOU SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees Dynamic, Inclusive and Diverse team culture Gender Neutral Policy Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits Commitment to the overall development of an employee through comprehensive learning & development framework Role Purpose Responsible for implementing and managing Infrastructure vulnerability tools and processes to reduce technical risks due to vulnerabilities, including identifying and evaluating vulnerabilities and supporting remediation activities. This role is also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment. Role Accountability Lead the Vulnerability Assessment, Penetration Testing & Patch Management Program in support of the functional & company strategy, goals, and performance objectives Manage development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements Develop Vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks Provide technical expertise for information security policies and standards Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience Perform vulnerability risk profiling and prioritization of vulnerabilities Identify, research, validate, and exploite various different known and unknown security vulnerabilities on server and client side Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies Coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.) Develop and Monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness Provide communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team Maintain relationship with managed security services vendor leadership to ensure effective implementation and operation of security programs, ongoing support and deployment of competent resources Oversee the development, implementation and maintenance of vendor standard operating procedures/ run book in line with SBI Card policies & standards Provide technical & program management expertise and oversight over vendor teams Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership Ensure process documentation and compliance adherence Measures of Success Reduction in security vulnerabilities in SBI Card IT platforms Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card Reduction in information leakage and exploitation from vulnerabilities Security metrics / SLA / KPIs are within acceptable threshold Timely updation of Application Security & Vulnerability Management related standards and SOPs and other documents No adverse observations in Internal / External Audits Process Adherence as per MOU Technical Skills / Experience / Certifications Understanding of Vulnerability Management Program including Assessment and Remediation Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation. Understanding of the overall threat and vulnerability management process, including metrics to measure performance Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF. PCI-DSS etc.) Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments) Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open-source tools Competencies critical to the role Stakeholder Management Analytical ability Innovation & Problem Solving Market Awareness Qualification Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science Preferred Industry BFSI / NBFC /E-commerce/IT & ITES / Telecom

Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunk…etc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Micro…etc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organization’s way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the company’s core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the company’s Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years’ Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Genpact is a global professional services and solutions firm committed to delivering outcomes that shape the future. With over 125,000 employees in more than 30 countries, we are driven by curiosity, agility, and the desire to create lasting value for our clients. Our purpose, the relentless pursuit of a world that works better for people, guides us as we serve and transform leading enterprises, including the Fortune Global 500, leveraging our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI. We are currently seeking a talented individual to join us as a Senior Manager, Infosec Metrics Program. In this role, you will be responsible for leading our Information Security (InfoSec) Program Metrics team to design, develop, and maintain interactive dashboards displaying key performance indicators and metrics for our InfoSec program. Your main responsibilities will include collaborating with cybersecurity analysts, engineers, and managers to understand their data needs, integrating data from multiple sources, performing data analysis and validation, and designing interactive dashboards using tools like Power BI, Tableau, SQL, and Python. You will also be responsible for optimizing dashboard performance, providing technical support, documenting the development process, and supporting initiatives to improve security maturity. To be successful in this role, you should have a Bachelor's degree in computer science, information systems, cybersecurity, or a related field, or equivalent work experience. You should also have relevant years of information security experience, strong technical background, and experience in developing dashboards and reports using tools like Power BI, Tableau, Python, or similar. Additionally, you should have functional knowledge of cybersecurity concepts, frameworks, standards, and best practices, strong analytical and problems-solving skills, attention to detail, and excellent communication and collaboration skills. If you are passionate about information security, data analytics, and driving security maturity, we invite you to apply for this exciting opportunity with Genpact.,

Information Security Head : Responsibilities: Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program Work directly with the business units to facilitate risk assessment and risk management processes Develop and enhance an information security management framework Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services Partner with business stakeholders across the company to raise awareness of risk management concerns Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems Requirements: Degree in business administration or a technology-related field required Professional security management certification Minimum of 7+ to 11 years of experience in a combination of risk management, information security and IT jobs Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST, SOC 2 and GDPR Excellent written and verbal communication skills and high level of personal integrity Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams Hands-on experience in managing information /cyber security systems and solutions Having exposure in formulation and implementation of information security policies and procedures Experience with contract and vendor negotiations and management including managed services Specific experience in Agile (scaled) software development or other best in class development practices Experience with Cloud computing/Elastic computing across virtualized environments A good understanding or working knowledge of, Vulnerability assessments and penetration testing Application security source code reviews Incident management and investigations life cycle Security Architecture design principles and its applications in real world scenarios

About Us At apexanalytix, we’re lifelong innovators! Since the date of our founding nearly four decades ago we’ve been consistently growing, profitable, and delivering the best procure-to-pay solutions to the world. We’re the perfect balance of established company and start-up. You will find a unique home here. And you’ll recognize the names of our clients. Most of them are on The Global 2000. They trust us to give them the latest in controls, audit and analytics software every day. Industry analysts consistently rank us as a top supplier management solution, and you’ll be helping build that reputation. Read more about apexanalytix - https://www.apexanalytix.com/about/ Job Details The Role Design and Implement Cloud Security Architecture: Plan, execute, and manage cloud security architecture using Azure Sentinel, M365 Defender Suite, and Azure Security to ensure the organization's cloud infrastructure is secure and compliant. Penetration Testing and Vulnerability Management: Conduct regular penetration testing and vulnerability assessments to identify weaknesses in the organization's cloud infrastructure, applications, and networks, and implement remediation measures to address identified vulnerabilities. Cloud Security Incident Response: Serve as the primary point of contact for cloud security incident response, ensuring timely and effective processing, containment, and remediation of security incidents in the cloud environment. Azure Sentinel and M365 Defender Suite Management: Manage and configure Azure Sentinel and M365 Defender Suite to monitor and respond to security threats in the cloud environment, including threat hunting, incident response, and security analytics. DevOps Security Integration: Collaborate with DevOps teams to integrate security into the CI/CD pipeline, ensuring that security is a key consideration throughout the software development lifecycle. Cloud Security Compliance and Governance: Ensure cloud security compliance with relevant regulations and standards, such as HIPAA, PCI-DSS, and GDPR, and maintain up-to-date knowledge of cloud security governance best practices. Cloud Security Monitoring and Reporting: Generate daily, weekly, and monthly reports on cloud security monitoring activities, providing insights and recommendations to stakeholders on cloud security posture and risk mitigation. Cloud Security Risk Assessment and Mitigation: Conduct regular cloud security risk assessments to identify potential security risks and implement corrective actions to mitigate them. Cloud Security Awareness and Training: Educate and train staff on cloud security awareness and best practices, ensuring that all employees understand their roles and responsibilities in maintaining cloud security. Stay Up-to-Date with Cloud Security Trends and Technologies: Stay current with the latest cloud security trends, tools, and technologies, including Azure Sentinel, M365 Defender Suite, and Azure Security, to ensure the organization's cloud security posture is current and effective. The Must Haves - Bachelor's degree in Computer Science, Information Security, or related field. Minimum of 5 years of experience in cloud security or related roles, with a focus on Azure Sentinel, M365 Defender Suite, Azure Security, penetration testing, and DevOps security. Strong knowledge of cloud security architecture, cloud security compliance, and cloud security governance. Experience with Azure Sentinel, M365 Defender Suite, and Azure Security, including configuration, management, and troubleshooting. Strong understanding of DevOps security principles and practices, including integration of security into the CI/CD pipeline. Certifications in cloud security, such as Azure Security Engineer Associate or Microsoft Certified: Azure Security Engineer, are highly desirable. Preferred Skills Experience with cloud security automation tools, such as Azure Functions, Azure Logic Apps, or PowerShell. Knowledge of cloud security frameworks and standards, such as NIST Cybersecurity Framework or ISO 27001. Experience with containerization and serverless computing, including Docker, Kubernetes, or Azure Functions. Strong understanding of threat intelligence and threat hunting, including experience with threat intelligence platforms and tools. Over the years, we’ve discovered that the most effective and successful associates at apexanalytix are people who have a specific combination of values, skills, and behaviors that we call “The apex Way”. Read more about The apex Way - https://www.apexanalytix.com/careers/ Benefits At apexanalytix we know that our associates are the reason behind our successes. We truly value you as an associate and part of our professional family. Our goal is to offer the very best benefits possible to you and your loved ones. When it comes to benefits, whether for yourself or your family the most important aspect is choice. And we get that. apexanalytix offers competitive benefits for the countries that we serve, in addition to our BeWell@apex initiative that encourages employees’ growth in six key wellness areas: Emotional, Physical, Community, Financial, Social, and Intelligence. With resources such as a strong Mentor Program, Internal Training Portal, plus Education, Tuition, and Certification Assistance, we provide tools for our associates to grow and develop.

Key Responsibilities: Serve as a subject matter expert on information and cybersecurity governance, risk, and compliance (GRC) services and solutions. Execute security assessments of on-premise/cloud IT environments aligned with business objectives and regulatory requirements. Conduct testing and validation of IT security controls, documenting findings and preparing detailed reports. Manage and perform internal audits as per the CISO’s directives , contributing to risk posture improvements and present the metrics to the CISO on a regular basis. Apply knowledge of the Digital Personal Data Protection Act, 2023 , and other global data protection laws. Utilize and manage GRC tools and platforms. Conduct security control assessments for web/mobile applications and enterprise systems. Drive third-party risk management and support client-facing initiatives. Deliver complex GRC projects in dynamic, fast-paced environments. Engage in knowledge-sharing forums to strengthen team capabilities. Continuously enhance the cybersecurity strategy based on evolving threats and technologies. Job Requirements: 1. Qualifications: Bachelor’s degree in Engineering or a related technology discipline. Mandatory Certification : Must possess CISA or ISO 27001 Lead Auditor certification. Additional certifications preferred: ISO 27001 Lead Implementer CISSP, CIPP, CCSK, or CCSP Public Cloud certifications (AWS, Azure, GCP) 2. Experience: 6 to 10 years of total experience with proven exposure to both IT and GRC functions . Experience in internal audits, consulting, and cybersecurity risk advisory. 3. Desired Skills: Deep understanding of information security principles and compliance frameworks. Strong understanding of the IT topology and application development principles Hands-on experience with security tools (e.g., vulnerability scanners, code review platforms). Strong exposure to IT/cybersecurity standards: ISO 27001/27005, NIST CSF, PCI DSS, SOC 1/2, GDPR, COBIT. Excellent communication skills, documentation abilities, and stakeholder engagement. Experience in program and project management within cybersecurity initiatives. 4. Personal Attributes Self-starter with strong problem-solving skills. Highly motivated and able to work with minimal supervision. Strong prioritizations and multitasking abilities under pressure.

Description: Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Key Responsibilities: • Develop, implement, and maintain an enterprise-wide information security risk management program. • Identify, assess, and document information security risks, ensuring alignment with business objectives. • Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. • Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. • Monitor, track, and report on risk metrics and key performance indicators (KPIs). • Stay updated on regulatory requirements and ensure compliance with standards such as ISO 27001, NIST, GDPR, etc. • Develop and maintain comprehensive process documentation and generate reports tailored to the needs of various stakeholders. • Drive security awareness programs and train employees on risk management practices. • Prepare and present detailed risk assessment reports to senior management. • Lead incident response planning and participate in cybersecurity investigations when necessary. Qualifications: Education: • Bachelors degree in Information Security, Cyber Security, Computer Science, Information Science, or a related field. • Advanced degrees (e.g., Masters) or certifications (e.g., CISSP, CRISC, CISM, CEH) are a plus. Experience: • 5+ years of experience in information security, risk management, or related domains. Skills and Competencies: • Comprehensive understanding of frameworks such as ISO 27001, NIST Cybersecurity Framework, COSO, and COBIT. • Proven analytical expertise in evaluating and prioritizing risks effectively. • Advanced proficiency in utilizing security tools for risk assessment and mitigation. • Strong preference for candidates with certifications like CISSP, CISM, CRISC, or equivalent. • Exceptional communication and presentation skills, with a proven ability to collaborate effectively across diverse teams. • Demonstrated problem-solving capabilities, including critical thinking and informed decision-making under pressure. • Skilled in leading security initiatives and managing projects across global teams. • A strategic mindset paired with keen attention to detail. • Resourceful and decisive under high-pressure situations. • An effective team player with exceptional interpersonal and collaboration skills. Drop your resume at sowmya.v@acesoftlabs.com

Min 4–7-year experience performing security testing on Industrial control system components like PLC’s, SCADA, IIOT devices etc. Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Strong knowledge of common security vulnerabilities, attack vectors, threat modelling and exploitation techniques. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Understanding and evaluation of security testing methods. Knowledge of typical industrial protocols (e.g., Modbus, Profinet, OPC, DNP3.0, CAN) Excellent communication skills, with the ability to clearly articulate technical findings and recommendations to both technical and non-technical audiences Roles and Responsibilities Handle the training delivery for IEC 62443 topics and OT security Handle the OT security project delivery and AUdits

About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to naonal and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Role & responsibilities (1) Experience with cloud platforms, risk assessment tools, identity management, and data encryption. (2) Develop standards, procedures, and guidelines for multiple platforms and diverse environments (e.g., client-server, distributed, mainframe). (3) Knowledge of network security architecture concepts, including topology, protocols, components, and principles (4) Professional certification such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM). (5) Plan, study, and design a robust security architecture for various IT projects. (6) Develop prerequisites for networks, firewalls, routers, and other network devices. (7) Perform security testing, and risk analysis. (8) Research and implement updated security standards, systems, and best practices. (9)Create standards for all IT assets, such as routers, firewalls, LANs, WANs, VPNs, and other network devices. (10) Proficient in Python, Terraform, and DevOps pipeline setup (11) Should have setup, deployed and tweaked the product rules and configurations to suit requirements (12) Ability to apply security frameworks such as NIST and compliance standards as per the industry. Experience with security frameworks and standards (e.g., NIST, CIS, ISO 27001) (13) Ability to translate business and functional requirements into structured high-quality implementation using relevant industry standard approaches (14) Ability to understand the Threat Landscape (threats and vulnerabilities) in SaaS platforms. Preferred candidate profile (1) Technical certification on Security (AWS Security, Azure Security, GCP Security certifications) (2) Hands on experience with Terraform and Python (3) Experience on securing network, data, and access. Ability to plan and design a security architecture with correct product placements. (4) Relevant certifications such as CISA, CISSP, CISM, or similar (5) ISO 27001 ,NIST, GCP,AWS , Azure, WIZ, SSPM (Saas Security Posture management). Equal Opportunity Employer KPMG India: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, naonal origin, cizenship, sexual orientaon, gender identy or expression, disability, or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below informaon is voluntary and refusal to submit such informaon will not be prejudicial to you.

FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity "We are seeking a highly skilled and forward-thinking Cyber Security Sr. Manager to lead and strengthen our security posture in the domains of data protection, AI system integrity, and customer onboarding. This role is pivotal in driving secure data lifecycle practices, safeguarding AI models, and ensuring regulatory adherence across data-driven and AI-powered platforms."- Sr. Director, Cyber Security What Youll Contribute Lead a team of cybersecurity professionals and provide mentorship and career development support. Ensure compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory frameworks. Design, implement, and oversee security controls for enterprise data platforms and AI systems (e.g., ML pipelines, LLM integrations, analytics environments). Manage incident response plans related to data management, model poisoning, or data leakage from model outputs. What Were Seeking 12-15 years of relevant experience in Cyber Security domain with 5 - 7 years of leadership experience. Bachelor's degree in MIS, computer science (or related field) or equivalent combination of education and experience. 4 years of experience with enterprise technology design, deployment and support. Strong knowledge of data privacy laws (e.g., GDPR, CCPA), cloud security (e.g., AWS, GCP). Experience on integration with SIEM tool like Splunk Cloudis mandatory. Experience with data security technologies (DLP, tokenization, encryption)is a plus. Experience working on containerized solutions with Docker, Kubernetes using ECR, ECS and EKS services in AWSis preferred. Experience with AWS and implementing best practices in regard to securing cloud infrastructure and cloud servicesis preferred. Experience in Python scripting or programming languages with an automation mindsetis a plus. Excellent interpersonal, management, and customer service skills. Excellent written and verbal communication skills. Subject matter expert in the design, implementation and support of enterprise cloud technologies. High degree of initiative, self-motivation and follow through. Knowledge of ITIL concepts including Service Management and Service Delivery. Proven history of incident response, diagnostic activities, Root Cause Analysis (RCA), Corrective Action Plans, and advanced troubleshooting. Highly developed analytical skills and the ability to solve complex technical problems using a methodical systematic approach. Our Offer to You High performance culture promoting recognition, rewards and professional development. An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. Competitive base salary coupled with attractive role-specific incentive plan. Comprehensive benefits program. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at www.fico.com/Careers FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at https://www.fico.com/en/privacy-policy

About The Role : Job Title- I&A On-boarding Information Security Analyst, Associate Location- Pune, India Role Description: As I&A On-boarding Information Security Analyst you will be part of Access Lifecycle On-boarding global family which includes access management for application end user recertification On-boarding, user access for request & approval, user provision On-boarding and Functional Taxonomy SoD On-boarding & maintenance as well as IDAHO (Access concept) SME as central DB services. Deutsche Bank is looking for bright and open-minded individuals to support Business Identity & Access Services within Access Lifecycle Solution On-boarding team for application end user request & approval as well as end user access provision central service On-boarding. A key success factor of the Access Lifecycle Solution On-boarding team is the quick understanding of complex application set ups for Identity & Access Management and support Information Security Officer (ISO) and IT Application Owner (ITAO) along end-to-end central solution On-boarding process across DB. You will gain insights into the complete Identity & Access Management lifecycle as you will learn about the roles and entitlements and their set up, segregation of duties, application authentication and authorization process. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities As I&A On-boarding Information Security Analyst you will be responsible to perform On-boarding assessments if an IT asset is applicable for end user application access for request & approval and business requirement gathering (based on existing KOP ID Admin procedures) to identify, how future user provisioning (ID Admin via automated connector or manual, centrally or decentral managed) will be set up between central request & approval platform and to be on-boarded application in adhering to Information Security (IS) internal and regulatory requirements. Efficiently engage, manage, and influence the main stakeholders, along with application On-boarding process including Information Security Officer, IT Application Owner, Engineering and Operations teams Provide process improvement inputs to various stakeholders involved. Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions. Report and escalate potential risks to the management to help avoid / minimize the impact. Work with multiple, distributed teams (across different locations) Support develops key operational procedures where necessary and ensure adherence to all such defined policies. Comfortable with associated disciplines of Security Policy and Governance in banking domain Very good presentation and communication skills allowing to communicate with our stakeholders. A structured and methodological way of working with the objective to deliver high quality results. Supports tough people decisions to ensure people performance is aligned with organization imperatives and needs. Addresses individual performance issues, where necessary, to drive for high performance. Pro-active and flexible working approach, Team spirit Your skills and experience Minimum 5 years working experience in Identity & Access Management, Governance, Risk and Control related topics. Team management experience Basic knowledge and/or willingness to work with industry best practices and frameworks like ISO27001, NIST, CSA CCM, COBIT, ITIL Good business analyses knowledge of system design, development, implementation, and user support principles and practices Knowledge of IT Service Management or IT Governance or IT Delivery Management or IT Project Management or IT Delivery background or IT Security Knowledge on Database Systems, application interactions and server operating systems Excellent Excel knowledge Competencies: Self-motivated and flexibility to work autonomously in virtual and multicultural teams. Good communication skills (both written and verbal), fluent in English (written/verbal) Good analytical skills and problem-solving abilities Pro-active and flexible working approach A structured and methodological way of working with the objective to deliver high quality results. Flexible mindset with an eye for detail and continuous improvement Good understanding in business related information Being flexible, open minded, able to share information, transfer knowledge and expertise to stakeholders and other team members. How well support you . . . .

Minimum 3+yrs experience in Information Technology Infrastructure, Information Security, IT Audits etc Experience in managing Information Security Management, GRC, Cyber, System & ISO Audits. Good knowledge of SEBI Cyber Security & NCIIPC guidelines. Required Candidate profile Exposure on ISO 27001, ISO 22301, ISO 9001, NIST framework. Good interpersonal,communication, documentation & presentation skills. Track compliance /regulatory requirements & ensure on time reporting. Perks and benefits To be disclosed post interview

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Risk and Audit Operations, Governance Risk & Compliance (GRC) Platform Operations Minimum 3 Year(s) Of Experience Is Required Educational Qualification : Bachelors degree in computer science, IT, information systems management or equivalent area Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Engage in continuous learning to stay updated with the latest security trends and technologies. - Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management. - Good To Have Skills: Experience with Security Risk and Audit Operations, Governance Risk & Compliance (GRC) Platform Operations. - Strong understanding of cloud security principles and practices. - Experience with risk assessment methodologies and frameworks. - Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. Additional Information: - The candidate should have minimum 3 years of experience in Integrated Security Risk Management. - This position is based at our Chennai office. - A Bachelors degree in computer science, IT, information systems management or equivalent area is required., Bachelors degree in computer science, IT, information systems management or equivalent area

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Microsoft 365 Security & Compliance Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for an experienced Entra Architect with a strong background in the Microsoft Power Platform to join our offshore ATCi team. The ideal candidate will be responsible for designing, implementing, and supporting Entra ID (Azure AD) solutions, ensuring seamless integration with Power Platform components like Power Apps, Power Automate, and Power BI.As a Security Delivery Lead, you will be responsible for overseeing the implementation and delivery of Security Services projects. Your typical day will involve coordinating with various teams to ensure that projects are executed efficiently, utilizing our global delivery capabilities, including methods, tools, training, and assets. You will engage with stakeholders to align project goals with organizational objectives, ensuring that security measures are effectively integrated into all aspects of service delivery. Your role will also require you to monitor project progress, address any challenges that arise, and facilitate communication among team members to foster a collaborative work environment.Key Responsibilities:Design and architect identity and access management solutions using Microsoft Entra ID.Work closely with Power Platform developers to enable secure app development and deployment.Implement security, authentication, and authorization standards across Power Platform solutions.Define and enforce governance, compliance, and lifecycle management policies.Collaborate with cross-functional teams (onshore/offshore) for solution design and integration.Lead troubleshooting and provide guidance on Entra and Power Platform-related issues.Prepare technical documentation and architecture diagrams.Required Skills: Hands-on experience with Microsoft Entra ID (Azure Active Directory).Strong understanding of Power Platform components Power Apps, Power Automate, Power BI.Knowledge of identity lifecycle management, conditional access, and security best practices.Experience in integrating Entra ID with Dataverse and Power Platform apps.Ability to design role-based access controls and governance models.Excellent communication and collaboration skills.Preferred Certifications:Microsoft Certified:Power Platform Solution Architect ExpertMicrosoft Certified:Identity and Access Administrator Associate (Entra ID) Professional & Technical Skills: - Must To Have Skills: Proficiency in Architectural Design.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management methodologies.- Ability to design and implement security controls in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft 365 Security & Compliance.- Strong understanding of security frameworks and compliance regulations.- Experience with risk assessment and management processes.- Ability to analyze security incidents and implement corrective actions.- Familiarity with security tools and technologies relevant to Microsoft 365. Additional Information:- The candidate should have minimum 7.5 years of experience in Microsoft 365 Security & Compliance.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education