3740 Nist Jobs - Page 17

Job Title: B-2-B Sales Manager Location: Hyderabad/Remote Company: Frigg Business Solutions LLP (www.friggp2c.com) Experience: 5+ years in B2B Sales (Cybersecurity/Compliance preferred) Job Type: Part-time About Us Frigg Business Solutions LLP is a boutique cybersecurity and compliance consulting firm helping businesses across North America strengthen their security posture and meet regulatory obligations such as SOC 2, ISO 27001, HIPAA, and NIST. We offer strategic advisory, gap and risk assessments, and end-to-end implementation support. Role Summary We are seeking a dynamic Sales Manager, a candidate who is a self-motivated, well-organized individual who has a deep understanding of prospecting and developing strong relationships with prospective customers to drive client acquisitions and revenue growth by identifying and closing new opportunities in cybersecurity and compliance. The ideal candidate is experienced in B2B solution selling, understands client risk and compliance challenges, and can effectively communicate Frigg’s value proposition. Key Responsibilities Develop and execute strategies to drive business in new and existing markets Own and achieve monthly/quarterly/annual sales targets. Build and manage a qualified pipeline of Small and Medium-sized Businesses (SMB) and mid-market prospects. Identify client needs, propose tailored cybersecurity and compliance solutions. Collaborate with technical teams to prepare proposals, demos, and presentations. Negotiate and close deals while maintaining high customer satisfaction. Stay updated on industry trends (SOC 2, HIPAA, NIST, ISO, etc.) to inform client conversations. Maintain accurate records and report sales metrics to leadership. Requirements Bachelor’s degree in Business, IT, or a related field. 5+ years of sales experience; cybersecurity or compliance sales preferred. Proven track record of meeting/exceeding sales targets. Strong communication, presentation, and negotiation skills. Ability to understand technical concepts and translate them into business value. Self-starter with a consultative sales approach and customer-first mindset. Good to Have Knowledge of frameworks like SOC 2, HIPAA, NIST, ISO 27001. Experience working with Canadian and US clients. Familiarity with cybersecurity SaaS or consulting environments. How to apply Apply through this LinkedIn Job Post Send us an email on friggp2c.ca@gmail.com

The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC" Director, Cyber Security. What Youll Contribute 3+ years of applicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage What We're Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS) AWS Certifications (added advantage) Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status.

Role & responsibilities : Design and comply with applicable ISO27001 and NIST CSF standards. Monitor and protect against IT security threats with regular and effective oversight, testing, awareness building and employee training. Help develop a company-wide cultural mentality regarding the importance of information security. Prepare reports on IT security issues, testing, threats and incidences on a regular basis. Perform information security risk assessments. Identify and track the resolution of security incidences and vulnerabilities. Develop communication plans in advance of incidents to ensure a prompt and strategic response to both internal and external personnel. Ensure that adequate physical security controls exist to protect sensitive data and information systems. Responsibilities include asset, building, and network protection. Participate in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements, to ensure all security concerns, requirements, and responsibilities are addressed. Qualifications: Bachelors degree or masters degree in a computer field. Ten years or more IT operations experience and management. Ten years or more of experience leading technology projects in a high uptime, telecom, call center and/or Software-as-a-Service environment. CISSP or CISM qualifications Track record of ISO27001 program implementation, certification and maintenance In-depth knowledge of Windows and Linux server environments Ability to maintain composure and sound judgment in high-pressure environments Demonstrated leadership and personnel/project management skills Highly self-motivated and directed Proven analytical and problem-solving abilities Strong customer service orientation Experience working in a team-oriented, collaborative environment

The GRC Security Analyst will plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data. The GRC security analysts will stay up-to-date on the latest cybersecurity intelligence, including hackers' methodologies, in order to modify standards and controls that govern cybersecurity across the corporation. About the Role Essential Duties & Responsibilities: Performing control assessments against corporate cybersecurity frameworks Perform review of policies and supporting procedures/processes Perform assessments of adherence to standards Customer Security Questionnaire assistance Work closely with management on security practices Assess 3rd party vendors for adherence to standards Develop routine reports in accordance with GRC metrics Stay on top of changes in the industry as it relates to security. Other security-related projects that may be assigned according to skills Ensure compliance with policies and procedures Develop and test Disaster Recover Plans Help align company with HITRUST CSF Qualifications Bachelor’s Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of Cybersecurity 3+ years of relevant work experience in: compliance/systems engineering/cybersecurity role Experience in a healthcare setting preferred Possess current security certifications (e.g., Security+, CISSP, CEH, SANS) or be willing to obtain within 1 year of assignment. Required Skills 3 – 5 years experience in building an Information Security Risk Management program Experience supporting the development of Disaster Recovery Plans (DRPs). Proven ability to coordinate, execute, and document Disaster Recovery Plan tests, including analysis and reporting of results. Understanding and familiarity with information system standards Understanding and familiarity with cybersecurity frameworks (ISO, NIST, HiTrust, COBIT, etc…) Assist in maturing the Information Security Risk Management Program by helping to define an IS risk register which includes identifying threats and risks to the organization Meet with business stakeholders to identify top security risks Assist in performing IS self-assessments to ensure systems and applications are complying with corporate policies, applicable regulatory and legal requirements, and leading industry practices Assist in developing and driving the implementation of security best practices and standards to mature the overall IS Risk Management Program which includes defining security system and application standards of control Provide solutions to identified issues and risks Work with the CISO to determine the acceptable level of risk for enterprise computing platforms. Coordinate with key functional teams such as HR, IT, Marketing, Finance, Product Management, Development, General Counsel, and the Business to identify new applications and service providers in use and the associated security controls to secure the data. Assist in performing Third Party Risk Assessments for new and existing vendor tools, on premise implementations, and third parties with access to the environment. Assist in maturing the Third Party Risk Management program by defining security controls based on tiers of vendors. Articulating identified risks to the business for remediation, mitigation and sign off. Investigates incidents and events that include potential HIPAA and other data breaches, data leakage, brand reputational risks, malware propagation, system compromises etc. Mature the Data Loss Prevention Program by defining DLP rulesets in existing tools such as Varonis, CASB, Next Generation Firewalls etc. and review outputs to determine the appropriate action required. Assist with maturing the Data Governance Program which includes defining a Data Classification and Handling Program, identifying Data Owners, and assisting with the design and implementation of a Data Classification and Rights Management tool. Assist in developing and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the Data Governance Security Program and initiatives. Assist in the management and maintenance of the enterprise wide IS Security Awareness Program which includes phishing simulations, computer based training, proactive communications on latest threats, workshops and newsletters. Assist in developing enterprise and functional team specific presentations to promote a security mindset Work with the CISO to ensure the Information Security team stays abreast of new regulatory, legal and/or compliance data security requirements. Ensure compliance with HIPAA, HITRUST, and applicable legal and regulatory requirements. Strong documentation and communications skills Pay range and compensation package This position is primarily a sedentary job and requires that the associate can work in an environment where they will consistently be seated for the majority of the work day. This role requires that one can sit and regularly type on a keyboard the majority of their work day. This position requires the ability to observe a computer screen for long periods of time to observe their own and others’ work, as well as in-coming and out-going communications via the computer and/or mobile devices. The role necessitates the ability to listen and speak clearly to customers and other associates. The work environment is an open room with other associates and noise from others will be part of the regular work day.

We are looking for an experienced Application Security Engineer with 23 years of hands-on experience in security testing across web, mobile, API, and cloud environments. You will perform in-depth manual and automated testing, identify vulnerabilities using frameworks like OWASP and NIST, and provide actionable remediation guidance with clear PoCs. This role involves close collaboration with development and DevOps teams to integrate security into the SDLC, support secure coding practices, and contribute to threat simulations and R&D efforts. Strong knowledge of CVSS, MITRE ATT&CK, and scripting skills (Python, Bash) are essential, along with the ability to clearly communicate security findings to both technical and non-technical stakeholders Key Responsibilities: Conduct hands-on security testing of web applications, mobile apps, cloud environments, and APIs, identifying security vulnerabilities based on industry-standard methodologies (e.g., OWASP, SANS, NIST). Evaluate the risk and severity of discovered vulnerabilities using frameworks such as CVSS and document findings with clear Proof-of-Concepts (PoCs), highlighting real-world business impact and custom remediation guidance. Collaborate with development teams to explain vulnerabilities, answer technical queries, and recommend secure coding practices and mitigation strategies. Participate in research and development (R&D) initiatives, including the discovery of new attack vectors, tooling improvements, and security automation. Contribute to secure SDLC processes, including secure design reviews, code reviews alongside DevOps and architecture teams. Assist in conducting threat simulations, adversary emulation, and red team exercises when required. Maintain awareness of emerging threats, CVEs, and vulnerability trends affecting web, mobile, and cloud technologies. Required Skills & Tools 2-3 years of hands-on experience in security testing or penetration testing across web, mobile, API, and/or network layers. Bachelors degree in Computer Science or a related technical field (or equivalent experience). Having published CVEs is considered a strong advantage. Solid knowledge of OWASP Top 10, MITRE ATT&CK, and Secure Coding Guidelines. Strong understanding of manual testing approaches — not just tool-assisted scans. Hands-on experience with reporting, PoC generation, and remediation consulting. Scripting or automation skills in Python, Bash for creating custom tools. Effective communication skills to interact with both technical and non-technical stakeholders.

Job Title Senior Network Architect Job Grade Senior Manager 1 Function Information Technology Sub-function Infra IT Manager’s Job Label Network Architect- Lead Skip Level Manager’s Label Global Head – Infra Operation Function Head Title GM Location: Mumbai No. of Direct Reports (if any) NA Business Unit Areas Of Responsibility At Sun Pharma, we commit to helping you “ Create your own sunshine ”— by fostering an environment where you grow at every step, take charge of your journey and thrive in a supportive community. Are You Ready to Create Your Own Sunshine? As you enter the Sun Pharma world, you’ll find yourself becoming ‘Better every day’ through continuous progress. Exhibit self-drive as you ‘Take charge’ and lead with confidence. Additionally, demonstrate a collaborative spirit, knowing that we ‘Thrive together’ and support each other’s journeys.” Job Summary We are looking for a dynamic and forward-thinking Senior Network Architect to lead the strategy, design, and implementation of our enterprise-wide IT and OT network infrastructure. This role requires a perfect blend of technical expertise, leadership, and project delivery skills , with a focus on cloud connectivity, network security, segmentation, and emerging technologies (SD-WAN, 5G/6G). You will be responsible for designing scalable, secure, and high-performance network architectures that support business growth, compliance, and digital transformation. This role demands a strategic thinker with a deep understanding of networking technologies, protocols, and best practices to support our organization's evolving needs. Responsibilities Architecture, Design & Delivery Lead the end-to-end design of enterprise network architecture, including cloud, data centre, campus, OT, encompassing LAN, WAN, WLAN, SD-WAN, and cloud networking that aligns with business objective Develop High-Level Design (HLD) and Low-Level Design (LLD) documents along with Bill of Materials (BOM) and Bill of Quantities (BOQ). Evaluate and integrate emerging technologies to enhance network performance and security. Design and implement macro and micro segmentation, next-generation firewall architectures, and secure SD-WAN topologies. Architect cloud networking and security solutions (AWS, Azure, GCP) using Transit Gateway, VPC peering, Azure Firewall, etc. Project & Program Management Lead the technical delivery of complex networking projects including cloud integration, OT segmentation, secure remote access, and SD-WAN rollouts. Own project lifecycle from requirement gathering and solutioning to handover and documentation. Define capacity planning models to forecast bandwidth, throughput, and resource utilization. Oversee the deployment of network solutions, ensuring minimal disruption to business operations. Ensure compliance with industry standards and organizational policies during implementation Technology Evaluation, POCs, RFPs & RFIs Evaluate and recommend new technologies, platforms, and OEMs through competitive assessments, RFI/RFP, and Proof of Concept (POC). Drive strategic network transformation initiatives by selecting the most appropriate solutions based on TCO, scalability, and regulatory needs. Design and enforce network security protocols to protect organizational data and resources. Ensure compliance with relevant regulations and standards (e.g., ISO 27001, NIST). Leadership & Vendor Management Lead and mentor a cross-functional team of engineers, architects, and project managers. Manage technical engagements with vendors and partners—ensuring alignment with architecture standards and service levels. Collaborate with cybersecurity, infrastructure, operations, and compliance teams to maintain enterprise governance. Manage and monitor vendor driven agreed SLA’s based parameter set Security, Cloud & OT Integration Architect secure IT and OT connectivity using Zero Trust models , EDR/XDR , NAC , and network segmentation . Design and enforce network security protocols to protect organizational data and resources. Design resilient OT networks that meet ISA/IEC 62443 , NIST , and GxP compliance standards. Collaborate with the security team to address vulnerabilities and implement mitigation strategies. Stakeholder Communication & Presentation Present technical solutions, risks, roadmaps, and architecture proposals to leadership, including CIO, CISO, and steering committees. Translate business goals into network design and infrastructure strategy. Maintain detailed documentation of network configurations, processes, and procedures Provide training and mentorship to junior network staff and other stakeholders. Travel Estimate Job Scope Internal Interactions (within the organization) IT functional team across globe. External Interactions (outside the organization) Vendors and OEM’s Geographical Scope Global Financial Accountability (cost/revenue with exclusive authority) Job Requirements Educational Qualification Bachelor's/Master’s in Computer Science, Engineering, or IT Specific Certification CCNP/CCIE , PCNSE , AWS/Azure Network Specialty , CISSP , TOGAF , PMP/ITIL v4 Experience 10-12 years’ experience Skill (Functional & Behavioural) Networking: BGP, OSPF, VXLAN, SD-WAN, MPLS, 5G/6G, WAN Optimization Cloud Networking: AWS Transit Gateway, Azure VNet, ExpressRoute, Direct Connect, NSG/UDR Security: NGFWs (Palo Alto, Fortinet, Cisco), ZTNA, CASB, Zscaler/Netskope, EDR/XDR (CrowdStrike, Defender), NAC Segmentation: Micro and macro segmentation, VRFs, SGTs, VLANs OT Networking: Industrial firewalling, SCADA/PLC segregation, ICS/OT security policies Your Success Matters to Us At Sun Pharma, your success and well-being are our top priorities! We provide robust benefits and opportunities to foster personal and professional growth. Join us at Sun Pharma, where every day is an opportunity to grow, collaborate, and make a lasting impact. Let’s create a brighter future together! Disclaimer: The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees as assigned to this job. Nothing herein shall preclude the employer from changing these duties from time to time and assigning comparable duties or other duties commensurate with the experience and background of the incumbent(s).

Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics and biotechnology? At Pall Corporation, one of Danaher’s 15+ operating companies, our work saves lives—and we’re all united by a shared commitment to innovate for tangible impact. You’ll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher’s system of continuous improvement, you help turn ideas into impact – innovating at the speed of life. As a global leader in high-tech filtration, separation, and purification, Pall Corporation thrives on helping our customers solve their toughest challenges. Our products serve diverse, global customer needs across a wide range of applications to advance health, safety and environmentally responsible technologies. From airplane engines to hydraulic systems, scotch to smartphones, OLED screens to paper—everyday Pall is there, helping protect critical operating assets, improve product quality, minimize emissions and waste, and safeguard health. For the exponentially curious, Pall is a place where you can thrive and amplify your impact on the world. Find what drives you on a team with a more than 75-year history of discovery, determination, and innovation. Learn about the Danaher Business System which makes everything possible. The Analyst, IT Compliance is responsible for hands-on SOX control testing activities and responsible to ensure assigned processes are compliant with SOX program requirements and deadlines This position reports to the Sr. Manager – IT Compliance and is part of the IT Compliance team located in Pune and will be an on-site role. Perform SOX control testing, process walkthroughs, and documentation reviews, including SOPs and policies. Identify, document, and communicate control issues and audit findings to control owners in a timely manner. Escalate control deficiencies to the IT Compliance Manager and participate in remediation planning with process owners. Support control owners in timely remediation of deficiencies and perform retesting for design and operational effectiveness. Maintain accurate records of controls and testing results to support reporting to senior management and Audit Committee. Contribute to continuous improvement of IT compliance and audit processes. Assist in preparing reports and updates for leadership on compliance testing progress and status The essential requirements of the job include: 5+ years of experience in SOX IT Controls testing and review enterprise applications across the IT ecosystem. Strong independent problem solving, project management and analytical skills in finance, accounting, or auditing related areas SAP application experience desirable Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate Sox-related concepts to technical and nontechnical audiences in all levels of the organization, up to and including Executive Management. Bachelor’s Degree or equivalent It would be a plus if you also possess previous experience in: Strong hands-on experience with SAP IT General Controls (ITGCs) – including user access management, change management, and IT operations within SAP landscapes (e.g., ECC, S/4HANA). Proven ability to implement, test, and remediate SOX controls in SAP environments. Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or other relevant certifications preferred – with a strong understanding of control frameworks (e.g., COBIT, NIST) and how they apply to SAP systems. Exhibit excellent analytic skills, the ability to manage multiple projects under strict timelines, and to work well in a demanding, dynamic environment and meet overall objectives. Pall Corporation, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it’s a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info. At Pall we believe in designing a better, more sustainable workforce. We recognize the benefits of flexible, remote working arrangements for eligible roles and are committed to providing enriching careers, no matter the work arrangement. This position is eligible for a remote work arrangement in which you can work remotely from your home. Additional information about this remote work arrangement will be provided by your interview team. Explore the flexibility and challenge that working for Pall can provide. Join our winning team today. Together, we’ll accelerate the real-life impact of tomorrow’s science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life. For more information, visit www.danaher.com. At Danaher, we value diversity and the existence of similarities and differences, both visible and not, found in our workforce, workplace and throughout the markets we serve. Our associates, customers and shareholders contribute unique and different perspectives as a result of these diverse attributes.

Senior Cyber Security Partner | 8+ yrs exp | Lead threat modeling, secure SDLC, cloud security (AWS/Azure/GCP), compliance (OWASP/NIST/ISO), incident response, mentoring, and tool evaluation. Pref: CISSP/CISM/CEH. Hybrid – Bengaluru.

Job Title: Audit & Compliance Specialist Experience: 5–8 Years Certifications Required: ISO 27001 Lead Auditor (Mandatory) Job Summary: We are seeking an experienced and proactive Audit & Compliance Specialist to lead and manage internal audits, client audits, and RCSA (Risk Control Self-Assessment) exercises. This role will act as a key liaison between internal stakeholders, subject matter experts (SMEs), and external/internal auditors to ensure timely, accurate, and complete delivery of audit responses and evidence. Key Responsibilities: Coordinate and manage internal audits, client audits, and RCSA assessments from planning through closure. Work closely with auditors to understand assessment scope and requirements. Collaborate with internal stakeholders and SMEs to gather relevant responses and evidence. Review and validate responses to ensure alignment with auditor requirements before packaging and submission. Maintain a well-organized and secure repository of evidence and supporting documents for audits and compliance checks. Draft and maintain clear documentation, trackers, and status reports for all ongoing audit and compliance initiatives. Manage audit timelines, delivery schedules, and ensure commitments are met across teams. Support in developing corrective action plans for audit findings and track closure. Mentor and guide junior resources assisting in audit and compliance projects. Required Skills & Qualifications: ISO 27001 Lead Auditor certification is mandatory. Understanding of Information Security concepts, controls, and frameworks (e.g., ISO 27001, NIST). Proven experience handling internal audits, client audits, and RCSA processes. Strong analytical and problem-solving skills to validate audit responses. Proficient in MS Excel, Word, and PowerPoint for documentation, reporting, and presentations. Exceptional verbal and written communication skills for interacting with clients, auditors, and internal teams. Highly organized with the ability to store, manage, and retrieve evidence efficiently. Demonstrated maturity and capability to handle complex and time-sensitive situations. Ability to work both independently and as part of a team in a fast-paced, cross-functional environment. Nice to Have: Exposure to client-facing security audits. Experience working in regulated industries such as BFSI, Banks or IT Services. Knowledge of Power BI

The Senior InfoSec Compliance Analyst will play a pivotal role in ensuring that Onit adheres to industry standards and regulatory requirements. This position involves analyzing, implementing, and maintaining compliance protocols, collaborating with internal teams, and providing strategic insights to enhance our security posture. Responsibilities: Lead the planning and execution of security audits (e.g., ISO 27001, SOC 2, PCI DSS, HIPAA, NIST, GDPR). Assess, implement, and maintain new compliance frameworks or controls, leading cross-functional projects for certifications or attestations (e.g., achieving new levels of SOC 2, ISO 27001, or industry-specific standards). Lead compliance-related projects, including process improvements, tool implementations (e.g., GRC platforms), and policy roll-outs. Oversee and coordinate penetration testing activities and manage third-party penetration testing vendors. Complete and manage responses to customer security and privacy questionnaires, providing evidence of controls to support sales. Perform risk assessments; document findings and collaborate with stakeholders to mitigate risks. Develop, review, and maintain security policies, procedures, and standards. Serve as the point of contact for compliance-related incidents and inquiries, conducting investigations and documenting findings. Support vendor management by performing third-party security assessments Mentor and coach junior analysts, promoting a team culture of knowledge-sharing and professional growth. Qualifications/Skills Bachelor’s degree in Information Security, Computer Science, or a related field. Minimum of 6-8 years of experience in years of experience in information security compliance, risk management, or IT audit. Proven experience managing and implementing major compliance frameworks (e.g., ISO 27001, SOC 2, NIST, PCI DSS, HIPAA, GDPR, etc.). Hands-on experience with penetration testing oversight and third-party risk assessments. Track record of leading or participating in successful compliance audits, certifications, and attestation projects. Experience managing multiple compliance projects and initiatives simultaneously. Ability to lead cross-functional teams and work collaboratively across departments. Self-motivated and proactive, with strong organizational and time-management skills. Strong analytical, investigative, and problem-solving skills. Strong written and verbal communication skills. Audit experience working with Enterprise SaaS software is a plus. Auditing knowledge of AWS and cloud infrastructures a plus. Professional certifications such as CISA, CISSP, or similar strongly desired. About Onit Onit is a global leader in enterprise workflow solutions for legal, compliance, sales, IT, HR, and finance departments. With Onit, companies can transform best practices into smarter workflows, better processes, and operational efficiencies. Onit focuses on enterprise legal management, matter management, spend management, contract lifecycle management, and legal holds, transforming how global Fortune 500 companies and corporate legal departments bridge the gap between systems of record and systems of engagement.

This role is for one of Weekday's clients Salary range: Rs 2000000 - Rs 2800000 (ie INR 20-28 LPA) Min Experience: 6 years Location: Mumbai JobType: full-time Requirements About the role A minimum experienceof 6-8 years in IT Services and Security Management with relevant 5 years in information / cyber security risk assessment or management or security risk advisory consulting experience Minimum 4 years of experience in web application/API/ mobile application development In depth understanding of OWASP & CWE application / API. Mobile security vulnerabilities Hands-on experience in implementingapplication security controlsas per NIST, OWASP Perform Threat Modelling of application considering internal and external risk factors Good hold in API and microservices security Ability to identify risk and threats based on overall environment and platform of application Detail understanding of web, app, middleware,and database security Excellentoral and writtencommunication skills preferred having customer or stakeholder interaction exposure Must be able to articulate risk observation in detail and simple understandable language Perform application & mobile security risk assessment as per best industry standards (NIST, ISO) Develop threat model as per the application applicability and business environment Share knowledge with other team members, provide inputs to provide quality risk reports Ensure risk tracker is kept updated for assessment performed Should be able to analyze risk for changes performed in application and recommend best practices Communicate effectively withproject managers, app owner and stakeholders Advises management of critical issues that may affect the risk posture in application Generate innovative ideas for achieving the objectives Demonstrate skills with upgrading knowledge quickly for latest platform level security such as for Kubernetes, OpenShift, microservices architecture security best practices Preferred Certifications CRISC/ CISSP/ OSCP/ CSSLP

Job description: Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1Customer centricityTimely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers.2Support sales team to create wins% of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Security Information Event Management . Experience: 8-10 Years . Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30187465 Job Category Digital Technology Role: Cyber GRC Innovation Location :Bangalore Full/ Part-time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. About the role: We are seeking a highly motivated and detail-oriented Cyber GRC Innovation Analyst to enhance coordination across Governance, Risk, and Compliance (GRC) functions. The ideal candidate will quality management methodologies and innovation frameworks to improve cybersecurity governance processes, ensure compliance, and drive continuous improvement across GRC initiatives . Key Responsibilities Cross-Functional Coordination: Serve as a central point of contact across GRC teams (Governance, Risk Management, Compliance, Audit). Facilitate communication, workflow integration, and status tracking between GRC, Cybersecurity, IT, and Business units. Maintain and improve documentation, dashboards, and reporting for GRC activities. Innovation and Process Improvement: Identify inefficiencies or gaps in existing GRC processes and propose scalable, innovative solutions. Use Lean, Six Sigma, Kaizen, or other quality management tools to streamline GRC workflows. Research and recommend emerging GRC technologies or automation solutions to enhance team effectiveness. Risk & Compliance Support: Assist in risk identification, assessment, treatment, and monitoring activities. Support compliance initiatives across regulatory frameworks such as ISO 27001, NIST CSF, SOC 2, PCI DSS, or GDPR. Contribute to policy and control framework updates and help manage the compliance calendar. Data-Driven Insights: Analyze data from GRC platforms (e.g., ServiceNow, Archer, LogicGate) to track KPIs, trends, and improvement opportunities. Develop and maintain metrics to demonstrate GRC performance, innovation impact, and risk posture over time. Training & Awareness: Contribute to GRC awareness campaigns and training content development. Promote innovation culture within the GRC team by organizing workshops or collaborative improvement initiatives. Requirements Bachelor's degree in Cybersecurity, Information Systems, Business, or related field. Certifications such as CRISC, CISA, ISO 27001 LA, or Lean Six Sigma (Green Belt or higher) preferred. Experience: 2–5 years in Cybersecurity, IT Risk, GRC, or Quality Assurance roles. Experience working in a matrixed environment with cross-departmental stakeholders. Skills: Strong understanding of GRC frameworks and cybersecurity risk principles. Familiarity with GRC tools/platforms (e.g., Archer, OneTrust, ServiceNow GRC). Analytical mindset with a passion for process optimization and data analysis. Strong communication, project coordination, and change management skills. Proficiency with MS Excel, Power BI, or similar tools for metrics reporting. What we offer: Collaborative and innovative work environment. Opportunities for professional development and certifications. The chance to contribute to a critical cybersecurity function with a measurable business impact. Benefits We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary. Have peace of mind and body with our health insurance Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way . Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Information Work Experience 5-8 years City Hyderabad Country India Job Description We are looking for a proactive and detail-oriented Exception & Risk Administrator to support the operational handling of risk and compliance processes across the organization. You will work closely with the Governance, Risk and Compliance (GRC) team to ensure smooth execution of exception workflows, risk documentation, and follow-up activities. This role is ideal for someone with a basic background in risk, compliance, or security, who enjoys structured work, is comfortable coordinating across teams, and can operate independently while collaborating remotely in a global environment. Key Responsibilities: Risk Register Management Maintain and update the risk register; ensure timely follow-up with risk owners on mitigation actions and status updates. Evidence Gathering for Risk Assessments Collect and organize required documentation to support risk assessments, audits, and control validations. Ensure evidence is complete, accessible, and well-structured. Mailbox and Communication Handling Monitor and triage risk- and compliance-related mailboxes. Coordinate with internal stakeholders to ensure timely responses, escalate issues when needed, and maintain communication records. Exception Management Support Track security and compliance exceptions. Follow defined decision matrices to assist in handling, escalate when required, and ensure documentation is accurate and complete. Support in Reporting and Metrics Assist in preparing periodic risk, compliance, and exception dashboards. Ensure data is up-to-date and sources are traceable. ISMS Documentation Support Support the organization and upkeep of ISMS-related documents (e.g., policies, procedures, control lists). Ensure consistent formatting, proper version control, and and assist in preparing documentation for internal reviews or audits, in collaboration with the GRC team. Requirements Educational background in Information Security, Risk Management, Business Administration, or a related field; a bachelor’s degree in one of these areas is a plus. 5–6 years of experience in a GRC, security operations, compliance, or administrative security support role. Basic understanding of security risk management frameworks (e.g., ISO 27001, NIST, COBIT) is a plus. Strong organizational and communication skills. Comfortable working with documentation tools (e.g., MS Office, SharePoint, Confluence, Excel). Ability to work independently, prioritize tasks and take initiative. High attention to detail and a structured, methodical mindset. Languages: professional level - English Preferred: Experience working with international teams across time zones. Analytical mindset and ability to interpret basic risk and compliance data. What We Offer: Opportunity to contribute to a critical function in a global organization. A supportive, remote-friendly team environment. Exposure to a wide range of security, risk, and compliance topics. Potential to grow into a broader GRC or risk analyst role.

Director, Security Architect Gurgaon, India Information Technology 315845 Job Description About The Role: Grade Level (for internal use): 13 The Team: The SPGI Market Intelligence (MI) InfoSec team works to increase value in our products through strong security posture. When we can show our customers their information is protected with us, they are more apt to bring new opportunities. Additionally, our work to reduce risk contributes to the value returned to our customers and shareholders. We engage closely with product teams to deliver security practices, capabilities, and advisory services to continually improve and ensure security is incorporated throughout the product lifecycle. Responsibilities and Impact: The security resource will be aligned to an MI Tech business segment to collaborate in-depth with developers, SREs, DBAs, and other personnel to both instill a security mindset and support security improvement efforts. The individual will use their experience strategically and tactically in supporting products teams to find the most efficient and effective methods to close vulnerabilities, implement security capabilities and respond to issues or alerts. Product engagement Identify and prioritize critical business functions in collaboration with organizational stakeholders. Engage with business units to understand their security requirements and align security capabilities accordingly. Determine the protection needs (i.e., security controls) for the information systems, environments, and networks and document appropriately. Document and/or review security standards, architectures and blueprints for adoption by product teams to improve protection, visibility and transparency. Collaborate with stakeholders to implement security standards and procedures. Security Assessments Perform security reviews, identify gaps in security architecture and controls to develop security risk management plans. Support and expand ACF process to mature security oversight. Conduct security assessments of third-party applications and vendors as provided by the division or centralized teams. Support the M&A processes with security assessments, third-party engagements and integration or divestiture oversight. Education and enablement Provide technical guidance and support to the security and product teams in incident response, control adoption, and threat mitigation. Facilitate educational opportunities within the division to increase security awareness, secure coding practices and secure architecture and design. Application Security Design and implement secure coding practices and guidelines for application development teams. Collaborate with development teams to integrate security controls into the software development lifecycle. What We’re Looking For: Requirements: Minimum of 8 years of experience in information security. Strong knowledge of security frameworks, such as ISO 27001 and NIST Cybersecurity Framework. Expertise in designing and implementing security controls, including cloud architectures, networks, monitoring, technical security policies. Stays up-to-date with the latest security technologies, approaches, and best practices. Experience with cloud security, network security, and secure coding practices. Excellent communication and interpersonal skills to collaborate with cross-functional teams. Relevant certifications such as CISSP, CISM, or CEH are preferred. About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. For more information, visit www.spglobal.com/marketintelligence. What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert: If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, “pre-employment training” or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.2 - Middle Professional Tier II (EEO Job Group) Job ID: 315845 Posted On: 2025-07-23 Location: Gurgaon, Haryana, India

Vacancy Name Network & Security Engineer Requisition No VN3876 Time Type Full Time Location Gurgaon Office Additional Location Country India Job Description Say yes to a better tomorrow! SHL, People Science. People Answers. Ever wondered what it takes to defend a company’s digital infrastructure against evolving cyber threats? We’re seeking a Network Security Engineer to protect SHL’s networks and cloud environments by designing and implementing cutting-edge security solutions. If you excel at decoding intricate security difficulties, monitoring for threats, and driving proactive defences while collaborating across teams, this role offers a unique chance to make a tangible impact. Can you blend deep technical expertise, strategic insight, and a vigilant mindset to keep our systems secure and resilient? If so, we’d love to hear your vision! A great benefits package is offered in a culture where career development, with ongoing manager guidance, collaboration, flexibility, diversity and inclusivity are all intrinsic to our culture. There is a huge investment in SHL currently so there’s no better time to become a part of something transformational. What You’ll Be Doing Design and guide network security tools—firewalls, IDS/IPS, VPNs, SASE. Implement AWS security services (WAF, Shield, GuardDuty, IAM, Security Hub). Monitor network activity and attend to security incidents. Troubleshoot application, network, and authentication issues. Conduct risk assessments, firewall reviews, and assist audits. Collaborate across teams to strengthen security posture. What We’re Looking For Essential TCP/IP, routing, switching, SD-WAN, DNS, and load balancing. Familiarity with cloud security and AWS security services. Incident response, scripting (Python, PowerShell), and monitoring tools (SolarWinds, PRTG). Familiarity with NIST, ISO 27001, and CIS frameworks. Excellent troubleshooting, communication, and collaboration experience. Desirables: Incident management and ticketing systems like ServiceNow or Jira. Experience with cloud network infrastructure (AWS, Azure, Google Cloud) Prior experience aiding 24x7 operations in a global NOC environment. Get In Touch Find out how this unique opportunity can help you achieve your career goals by applying to our knowledgeable Talent Acquisition team. Choose a new path with SHL. Apply now and secure your future with SHL. About Us We unlock the possibilities of businesses through the power of people, science and technology. We started this industry of people insight more than 40 years ago and continue to lead the market with powerhouse product launches, ground-breaking science and business transformation. When you inspire and transform people’s lives, you will experience the greatest business outcomes possible. SHL’s products insights, experiences, and services can help achieve growth at scale. What SHL can offer you SHL is an equal opportunity employer. We support and encourage applications from a diverse range of candidates. We can, and do make adjustments to make sure our recruitment process is as inclusive as possible.

This is a strategic, high-impact leadership position for a visionary technology leader who will serve as the most senior individual contributor and technical authority within the Enterprise Technology function. You will be the architect and strategist behind the enterprise technology ecosystem, driving initiatives that ensure systems are secure, scalable, reliable, and cost-optimized . The role blends deep technical expertise, architectural leadership, strategic vendor management, and IT security mastery , with a focus on enabling the business to thrive through robust, future-ready technology solutions. In three words: Strategic Technology Leadership. Key Responsibilities - Develop & Own the Technology Roadmap: Define, maintain, and evolve the long-term enterprise technology strategy, aligning with business needs, anticipating growth, and integrating emerging innovations. Architect & Validate Enterprise Solutions: Act as the ultimate design authority , reviewing and approving major technology decisions, ensuring solutions meet the highest standards for security, scalability, reliability, and total cost of ownership (TCO) . Lead Mission-Critical Technology Programs: Oversee the planning and execution of complex and high-stakes IT initiatives , managing cross-functional teams, budgets, and timelines to ensure successful delivery. Vendor & Partner Leadership: Build and manage strategic partnerships with technology vendors , lead negotiations, influence vendor product direction, and maximize value from all contracts. IT Security & Compliance Expertise: Act as a trusted authority on IT security and regulatory compliance , ensuring enterprise systems meet standards such as ISO 27001, GDPR, SOX, and NIST frameworks . Mentorship & Technical Leadership: Strengthen team performance by mentoring engineers , establishing technical best practices, and promoting a culture of excellence and innovation . What we are looking for: Experience: Minimum 15 years in enterprise IT , with at least 5 years in senior architecture or technical leadership roles . Proven success working within large-scale enterprise environments . Technical Mastery Across Core Domains: Identity & Access Management: Okta, Azure AD/Entra ID, IAM governance. Endpoint Management & Security: MDM (Intune, Jamf) and EDR/XDR. Network & Web Security: WAF, Firewalls, SASE/SSE, DNS, and secure network design. IT Service Management & Automation: ServiceNow, Jira Service Management, automation principles. Strategic & Financial Acumen: Strong expertise in TCO modelling, IT budgeting, and FinOps practices , optimizing technology investments while maintaining reliability and security. Leadership Attributes: Able to move seamlessly between executive-level strategy and deep technical problem-solving . Exceptional communicator, capable of explaining complex technology concepts to non-technical stakeholders . Collaborative and influential, able to drive alignment and adoption across teams without direct authority . Pragmatic and results-driven, finding simple, scalable, and elegant solutions to complex problems. Committed to continuous learning and staying updated on emerging technologies and industry trends . What We Offer: A talented and dedicated team passionate about creating exceptional products. Competitive compensation, including benefits, and a culture that values work-life balance. Why Lognormal? Be part of a fast-scaling, tech-driven organization at the forefront of innovation. Opportunity to shape IT infrastructure and support frameworks across a global setup. Work with a talented, collaborative, and inclusive team that values ownership and continuous learning. Lead or contribute to critical technology projects that have real business impact. Attractive Compensation Competitive compensation tailored to experience and value. Comprehensive medical insurance benefits A professional environment that values clarity, efficiency, and long-term thinking.

Summary As an Project Management at Gainwell, you can contribute your skills as we harness the power of technology to help our clients improve the health and well-being of the members they serve — a community’s most vulnerable. Connect your passion with purpose, teaming with people who thrive on finding innovative solutions to some of healthcare’s biggest challenges. Here are the details on this position. Your role in our mission Assist in keeping Security projects moving as Gainwell helps clients deliver better health and human services outcomes through technology and innovation. Lead one or more large project management teams by breaking down bigger technological programs and assisting with project staffing Spearhead project planning, tracking and oversight of assigned staff by providing direction and deadlines to ensure quality and timely completion of tasks Communicate with the client, company and project team leadership, measuring and sharing project metrics/status; recommend program changes as needed Self-starter willing to work with positive attitude in environment with challenging and changing priority to accomplish the project objectives. Create project schedules, program definitions, budgets and objectives to ensure the quality of project deliverables across all phases Actively project manage across non-direct reports by quickly escalating any risks and implementing risk mitigation solutions Support Gainwell’s growth as you prepare detailed SOW and assist with new proposal efforts and business development What we're looking for 9+ years of experience managing complex Security projects, programs or initiatives through a full project management life cycle, with 3 or more years of Medicaid or Medicare experience would be plus Expertise with project management methodology such as Catalyst or Certified Project Management Professional (PMP), Scrum(SCM) and Agile practices Modern understanding of budget development, control and assurance methods, and project management software Ability to lead and translate the broader objectives of a program into clear and achievable project scope and milestones that can be worked toward Influencer that who can clearly communicate project priorities and motivate direct and indirect networks and stakeholders to action Understanding of Network concepts like LAN, WAN, SD-WAN Understanding of Firewall concepts Foundational understanding of AWS and MS Azure Understanding of Security tools like Intrusion Prevention System, Identity Management Systems, Splunk, etc and be proficient at trouble shooting Understanding of System Security Plan reviews, NIST and MARS-E standards Reviews of Business Associate Agreements and ensure compliance. What you should expect in this role Remote opportunity

Job Title: Talent Acquisition Specialist Company : Techdefence Labs Solutions Ltd. Location: Ahmedabad Department: Human Resources Job Type: Full-Time, Onsite About Techdefence: Techdefence is a leading cybersecurity solutions provider specializing in offensive and defensive security, AI-powered threat intelligence, and enterprise security frameworks. Our comprehensive services and product portfolio cater to global enterprises, government agencies, and critical infrastructure, ensuring proactive protection against cyber threats. With a strong R&D focus, Techdefence delivers cutting-edge security solutions in the areas of cloud security, network security, application security, penetration testing, SOC solutions, and managed security services. Our expertise in cyber resilience, risk management, and compliance frameworks (ISO 27001, NIST, GDPR, PCI-DSS, etc.) positions us as a trusted partner for organizations worldwide. Role Overview: We are seeking a dynamic and experienced Talent Acquisition Specialist to join our HR team. The ideal candidate should have a strong background in hiring for the Cybersecurity domain, with a deep understanding of niche skill sets such as SOC, SIEM, Threat Intelligence, Penetration Testing, Cloud Security, and more. This role requires a proactive recruiter with strong networking abilities and a proven track record of identifying and hiring top cybersecurity talent. Key Responsibilities:  Contribute to employee engagement initiatives and internal HR communications  Manage end-to-end recruitment cycle for cybersecurity roles (junior to leadership level).  Understand job requirements from hiring managers and translate them into effective sourcing strategies.  Source, screen, and evaluate potential candidates using various sourcing tools like Naukri, LinkedIn, GitHub, etc.  Build and maintain a strong pipeline of qualified cybersecurity professionals.  Develop and maintain relationships with cybersecurity communities, colleges, and relevant industry groups.  Coordinate and schedule interviews, gather feedback, and ensure a smooth recruitment process.  Ensure an excellent candidate experience throughout the hiring process.  Maintain recruitment metrics, dashboards, and reports for analysis and process improvements.  Stay updated on cybersecurity hiring trends and skill demands. Qualifications & Skills:  Bachelor’s/Master’s degree in Human Resources, IT, or related field.  3-6 years of experience in IT/technical recruitment with at least 2 years focused on cybersecurity hiring.  Familiarity with cybersecurity roles and tools such as SOC, SIEM (Splunk, QRadar, etc.), EDR, vulnerability assessment, etc.  Hands-on experience with applicant tracking systems (ATS) and HRMS tools.  Excellent communication and interpersonal skills.  Ability to work in a fast-paced environment with multiple open roles.  Strong analytical and organizational skills. Preferred Skills:  Technical background or certifications in HR/Recruitment or basic cybersecurity (added advantage).  Experience hiring for global or remote cybersecurity roles.  Existing cybersecurity talent network is a plus.

Azure, AWS, GCP, Sentinel, GRC, Threat Analyst, NIST, MITRE ATT&CK, SOC2, ISO27001, ISO27002, Identity, Access management, Security Engineering, Security Automation, Resiliency, DevSecOps, SSDLC, SDLC, Threat Modelling, Risk Assessor, Security Audit, zero trust, ZTNA, conditional access In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advise security controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance.

GF_IT-E406 Cyber Security Consultant - Full Time - Pune, India Sulzer is a leading engineering company with a proud heritage of innovation. Join our global team to grow your expertise and develop innovative solutions that enable a prosperous and more sustainable society. We are looking for a Cyber Security Consultant to join our GF_IT team in India . Your main tasks and responsibilities: Collaborate on the design, implementation, and maintenance of our cutting-edge Third-Party Risk Management System, process and maintain all the landscape of third-party cyber security risks associated with the different solutions and systems. This will require analyzing the vendor and solution posture, having necessary being able to read and interpret data flow and architecture diagrams of the solutions, before implementing them in Sulzer systems. Collaborate on the design, implementation, and maintenance of our cutting-edge Information Security Management System (ISMS). Contribute to the development and management of all ISMS documentation such as security policies, standards, guidelines, and procedures. Work closely with our team on cyber security compliance exceptions, risks assessments, and GRC tickets, and changes. Ensure the compliance alignment of Sulzer with different directives, standards, laws and regulations, with a global scope. Perform a continuous monitoring of our policies, standards, directives, guidelines to maintain them aligned with our Cybersecurity Core framework (based on NIST CSF 2.0., IEC 62443 and NIS2 mainly) Perform and support to the team in the execution of cyber security risk assessment and control framework assessment, aligning it with industry standards. Help in the design of the cyber security and GRC monitoring system, designing KPIs, KRIs, KCIs and other indicators, to evaluate and monitor Sulzer cyber security posture. Support cybersecurity audits and assessments from different customers or legal entities. Play a key role in disaster recovery reviews, ensuring our systems are resilient and can withstand unforeseen challenges. Engage in reviews of vendors, suppliers, as well as contracts, data flow diagrams and questionnaires to guarantee alignment with security standards. Conduct Gap analysis (framework vs directives, regulations) to prioritize security initiatives, as well as to check the alignment of the systems, factories, with our cyber security core framework. Support and conduct vulnerability scans, reviews, to design remediation plans with the involved stakeholders. Collaborate with executives to prioritize regional or global security initiatives, cyber security awareness and training plan and apply risk management methodologies. To succeed in this role, you will need: Bachelor’s in computer science with 5-8 years of relevant work experience. Security Certificates in the area of Governance , RISK and Compliance ( Risk Management, NIST Cyber security Framework and Controls, NIS2 Directive, ISO 22301, ISO 27005, ISO 31000, IEC 62443, and other directives and standards (e.g. ISO 27001, GDPR, etc.) Proficiency in Windows-based operating systems and networks, with the ability to analyze security issues, detect gaps and security threats. Knowledge in Security Architecture, to being able to develop Third-Party Risk Management analysis of the solution. Sulzer is an equal opportunity employer. We believe in the strength of a diverse workforce and are committed to offering an inclusive work environment. We are proud to be recognized as a Top Employer 2025 in Brazil, China, Finland, Germany, Ireland, Switzerland, South Africa, the UK and the USA.

Job Title: Senior Data Architect Year of Experience: 5 - 10 Years Job Description: The Senior Data Architect will design, govern, and optimize the entire data ecosystem for advanced analytics and AI workloads. This role ensures data is collected, stored, processed, and made accessible in a secure, performant, and scalable manner. The candidate will drive architecture design for structured/unstructured data, build data governance frameworks, and support the evolution of modern data platforms across cloud environments. Key responsibilities: · Architect enterprise data platforms using Azure/AWS/GCP and modern data lake/data mesh patterns · Design logical and physical data models, semantic layers, and metadata frameworks · Establish data quality, lineage, governance, and security policies · Guide the development of ETL/ELT pipelines using modern tools and streaming frameworks · Integrate AI and analytics solutions with operational data platforms · Enable self-service BI and ML pipelines through Databricks, Synapse, or Snowflake · Lead architecture reviews, design sessions, and CoE reference architecture development Technical Skills · Cloud Platforms: Azure Synapse, Databricks, Azure Data Lake, AWS Redshift · Data Modeling: ERWin, dbt, Power Designer · Storage & Processing: Delta Lake, Cosmos DB, PostgreSQL, Hadoop, Spark · Integration: Azure Data Factory, Kafka, Event Grid, SSIS · Metadata/Lineage: Purview, Collibra, Informatica · BI Platforms: Power BI, Tableau, Looker · Security & Compliance: RBAC, encryption at rest/in transit, NIST/FISMA Qualification · Bachelor’s or Master’s in Computer Science, Information Systems, or Data Engineering · Microsoft Certified: Azure Data Engineer / Azure Solutions Architect · Strong experience building cloud-native data architectures · Demonstrated ability to create data blueprints aligned with business strategy and compliance.

Job Description Company Description Thinkcloudly is a global IT learning platform dedicated to helping individuals become IT professionals. We offer specialized courses designed to enhance our students’ employability. Our mission is to provide high-quality training and interview preparation aligned with rapidly evolving technology, while making a positive impact on society. Role Description This is a part-time, remote role for an IT Auditing and GRC (Governance, Risk, and Compliance) Trainer . The trainer will be responsible for delivering well-structured and engaging online sessions, preparing relevant instructional materials, and guiding students through practical applications of IT auditing and GRC concepts. Responsibilities also include evaluating student progress, providing personalized feedback, and staying current with industry frameworks and compliance standards. Key Responsibilities Deliver interactive and comprehensive online training sessions on IT Auditing and GRC topics Prepare and update course materials, real-time use cases, and assessments Support students through hands-on guidance, doubt-clearing sessions, and feedback Stay up to date with industry trends, standards (like ISO 27001, NIST, COBIT), and compliance regulations Encourage student engagement and help them prepare for job interviews and certification exams Qualifications Strong knowledge of IT Auditing principles, GRC frameworks (e.g., COBIT, ISO, NIST), and compliance standards Experience in conducting virtual training sessions or corporate workshops Excellent communication, presentation, and mentoring skills Ability to simplify complex topics and deliver real-world examples Prior experience as a trainer or educator in IT Auditing/GRC is an advantage Relevant certifications such as CISA, CRISC, or ISO Lead Auditor are highly preferred Self-motivated with good time management and organizational skills Industry E-Learning Providers Employment Type Part-time | Remote

Job Title : GRC Consultant Location : All Over India (Remote) Experience : 10 + years JD - • 10+ years in Governance, Risk and Compliance • -Expertise in policy development and control mapping • -Experience working cross-functionally with cybersecurity, automation, and cloud domains • -Excellent communication skills enabling them to work closely with executive management on reviewing InfoSec policies across access control and software development • -Extensive background in conducting scheduled vulnerability scans and enterprise risk management assessments • -Deep knowledge of FAIR risk management models for risk assessment • - Knowledge of NIST framework and CIS standards • -Experience implementing best practices in data encryption, business continuity and disaster recovery • -Experience creating service-management metrics, continual improvement roadmaps, and rigorous processes for production test and release requirements

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 3+ years in Cybersecurity, with 2+years hands-on Imperva DAM Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are seeking an experienced ITSM and CIS BenchmarkingSpecialist to drive service management excellence and ensure systems arehardened according to industry best practices. The ideal candidate will havedeep knowledge of ITIL-based ITSM practices and hands-on experience applying CISBenchmarks for endpoint and server security compliance. Itsm Key Responsibilities: Oversee the implementation and continuous improvement of ITSM processes aligned with ITIL framework (e.g., Incident, Change, Problem, Asset, and Configuration Management). Ensure accurate and timely incident/ticket management via ITSM tools (e.g., ServiceNow, BMC Remedy, Freshservice). Develop ITSM dashboards and reports to track SLAs, service availability, and operational KPIs. Collaborate with technical and business teams to streamline service workflows and automate manual tasks. Provide training and guidance on ITSM processes across teams. CIS Benchmarking Perform security baseline assessments of servers, endpoints, and cloud environments using CIS Benchmarks. Coordinate with IT infrastructure and application teams to implement and validate CIS hardening steps. Use tools such as CIS-CAT Pro, SCAP, Tenable, or Qualys for benchmark scanning and reporting. Maintain a central repository of system configurations, benchmark reports, and deviation justifications. Support internal and external audits by providing CIS compliance evidence and remediation plans. Required Skills And Qualifications 1+ years of experience in implementing and managing ITSM processes and tools. 1+ years of experience applying CIS Benchmarks across Windows, Linux, databases, or cloud platforms. Strong understanding of ITIL v3 or v4, with certification preferred. Familiarity with endpoint/server hardening, system configuration management, and patching. Experience using configuration and compliance management tools (e.g., Ansible, Chef, SCCM, GPO). Ability to document policies, procedures, and control deviations. Preferred Qualifications ITIL Foundation or Practitioner certification. Experience in audit/compliance functions, particularly in regulated industries (BFSI, healthcare, government). Familiarity with ISO 27001, NIST 800-53, or other security frameworks. Education Requirements BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification Any ITSM Certification/CEH