Hi Everyone, We are looking Security Operations Centre for one of our MNC client Role: Security Operations Centre (Cybersecurity) Experience: 5+ Years Location: Navi Mumbai Notice Period: Immediate to 15 Days JD: Education : Bachelor’s degree in information technology, or a related field, Cybersecurity (preferred). Experience/ Qualifications • 5 years of technology or other relevant industry experience. Emphasis on security operations, incident management, intrusion detection, and security event analysis. • 3+ years of working experience with UEBA security technologies/vendors (such as Qradar, and Gurucul) • Ability to isolate problems between hardware and software and provide information to appropriate support team(s) • Excellent communication and collaboration skills • Ability to handle pressure and work effectively in a fast paced environment Industry • IT, ITES, Banking (Preferred) Responsibilities Incident Detection and Triage: • Experience with security tools and technologies (e.g., UEBA, SOAR, TIP) • Responsible for lifecycle support in the areas of UEBA strategy, UEBA service delivery, and UEBA infrastructure support. • Responsible for tuning out false positives and creating actionable reports. • Monitor the impact of deploying new content on the health and performance of the UEBA, SOAR & TIP solutions. • Knowledge of legal and regulatory requirements related to data breaches a plus. • Good understanding of Incident life cycle and Triage process. • Good experience in OS logs, WAF, IPS, firewall etc. log analysis. • Knowledge of Threat Intelligence and Security Advisories research and analysis would be added advantage. Communication and Collaboration: • Communicate effectively with internal stakeholders, including system administrators, IT operations, and business units • Collaborate with external vendors and law enforcement as needed • Prepare and deliver incident reports and updates to senior management Threat Intelligence: • Stay up to date on the latest cyber threats and vulnerabilities • Share threat intelligence with other security professionals within the organization • Contribute to the development and improvement of the organization's security posture Industry Certifications • Technical certifications: CompTIA security+ \ CEH or relevant • Security Standard frameworks: ISO/NIST/PCI-DSS • Incident Handling and relevant certification Show more Show less

Security Solution Engineer Bangalore, Karnataka, India + 1 more location Date posted Jun 10, 2025 Job number 1829636 Work site Up to 50% work from home Travel 25-50 % Role type Individual Contributor Profession Digital Sales and Solutions Discipline Digital Technology Specialists Employment type Full-Time Overview Are you insatiably curious and do you lean into uncertainty, take risks, and learn quickly from Are you passionate about cybersecurity? Do you enjoy working on a high-performing, fast-paced sales team? Are you insatiably curious and do you lean into uncertainty, take risks, and learn quickly from your mistakes? If so, we are looking for you! The Microsoft Security organization’s mission of making the world a safer place has never been more important. As threats become more frequent and sophisticated, we should work to keep our customers safe through our Security Solutions. The Solution Specialist Unit team within the Microsoft Security organization is at the forefront of this effort, engaging directly with customers to contribute to their success. With thousands of global security experts worldwide, $1 billion+ invested annually in security research and development, and the cutting edge AI- based Security innovations, Microsoft is ideally placed to think outside of the box and protecting customers, and partners around the world. We are looking for passionate, experienced, and credible Security Technical Specialists with a drive to help solve complex security challenges for our customers, enabling them to help modernize their security architecture and posture. We are keen to hear your thoughts on how we can further achieve our purpose. Join our team and discover unique opportunities to grow, develop and learn. As a Security Technical Specialist , you will be a senior technical sales leader and trusted customer advisor, working with cutting-edge security technologies such as Microsoft M365 Defender, Defender for Cloud and Sentinel. You will lead a virtual team of other internal, partner and consulting resources to help map Microsoft solutions to customer security challenges and priorities, demonstrate and prove our solutions, and win the technical decision enabling the team to achieve and even exceed quarterly and annual revenue targets. You will spend 75% of your work hours a week on qualified customer work – planning and orchestration, preparation, meetings (technical presentations, demos, POCs, compete positioning, workshops, etc.), while the other 25% of your time will be focused on further growing your technical, industry and competition acumen. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. By applying to this role, you will be considered for multiple opportunities within Microsoft across the United States including locations beyond where the role is posted. This role is flexible in that you can work up to 50% from home. Travel percentages will vary according to role. Qualifications 5+ years of Security Technology pre-sales or Security Technology consulting experience. OR Bachelor's Degree in Computer Science, Information Technology, or related field AND 4+ years of technical pre-sales or technical consulting experience. OR Master's Degree in Computer Science, Information Technology, or related field AND 3+ years of technical pre-sales or technical consulting experience OR equivalent experience. Experience with Microsoft security solutions (M365 Defender, Defender for Cloud, Sentinel) or, one or more related technologies such as Prisma Cloud, Crowdstrike, Proofpoint, Splunk, etc. Experience presenting the value of technology solutions and architectures through customer presentations, design sessions, POCs accelerating technical wins. Preferred Qualifications 8+ years technical pre-sales, technical consulting, or technology delivery, or related experience OR equivalent experience. 6+ years experience with cloud and hybrid, or on premises infrastructures, architecture designs, migrations, industry standards, and/or technology management. Certification in relevant technologies or disciplines (e.g., Office 365, Power BI, Azure Architect and Development exams, Cloud Platform Technologies, Information Security, Architecture). Certification in Microsoft 365 Security Administration or Azure Security One or more of Industry certifications such as CISSP, CCSP, iAPP, etc. Hands on technical knowledge of relevant products and solutions, but not limited to: Security Information and Event Management (SIEM) systems Next Gen Web Application Firewalls and Secure Web Gateways. Threat detection technologies Log analysis and Incident Response Cloud security technologies, architectures and concepts such as Zero Trust, cloud security posture management, cloud workload protection, Cloud code security and Cloud infrastructure entitlement management. Cloud Computing: Infrastructure as a service (IaaS), Platform as a Services (PaaS), and Software as a service. Demonstrated knowledge and understanding of one or more cloud security standards and frameworks such as CIS, NIST, CSA, etc. Technical Sales Acumen: Experience presenting the value of technology solutions and architectures through customer presentations, design sessions, POCs accelerating technical wins. Expertise in extended detection and response (XDR), zero trust and cloud security solutions & architectures Professional interpersonal skills, with the ability to present technical information clearly and concisely. Develop and maintain technical expertise: A technical specialist should stay up to date with the latest developments and advancements in security space including new tech, competitors, and internal product and services offerings. Growth Mindset. Experience and passion for learning (technical and professional skills); implementing practices from others; trying, failing, and learning from both successes and failures; sharing practices and knowledge for others’ benefit. Problem Solving: Excellent analytical and problem-solving skills, with the ability to think creatively and develop innovative solutions to technical challenges. Multi-Tasking: Ability to work independently and manage multiple priorities simultaneously. Responsibilities You will be the primary technical point of contact for potential customers during the sales process, owning and driving technical win for security opportunities. Deep technical understanding of cloud security architectures, solutions/technologies including Microsoft M365 Defender, Defender for cloud and Sentinel. Coordinate weekly with sellers and manager to understand opportunities, compete scenarios and engagements to focus on, engaging and driving to own and win the technical decisions Remediate blockers; leads and ensures technical wins for Microsoft Security and adjacent technologies. Engages with and reaches out to customers proactively and independently; builds credibility with customers as a trusted advisor for Microsoft Security; and searches for and uses Microsoft Security customer references; and drives customer intent to buy and facilitates handoff to customer success for post sales deployment. Develop strategies and recommendations to improve the client's security posture, shapes technical win plan and tailors Microsoft messaging to audience for security opportunities. Enhances team capabilities for extended detection and response (XDR), zero trust and cloud security and develops differentiated compete strategies for Microsoft Security for assigned customers. Lead technical presentations, demonstrations, workshops, architecture design sessions, explain, demonstrate, and architect the solution to help solve customer security challenges and priorities. Demonstrates and oversees proof of concepts, presents and applies architecture patterns, proves capabilities and integration into customer environment, and drives cross-workload support for Microsoft solutions for security. Leverages insights and coaches' teams to align new or changing technology to customer security needs. A technical specialist is responsible for engaging with other teams within and outside the organization throughout the sales cycle. Engaging partners in sell-with scenarios and supporting their technical capabilities is key to scaling solution delivery. You will stay sharp, share your knowledge and best practices enabling further scale and growth for the security business. You would spend 20% of your work hours maintaining deep theoretical and experiential technical knowledge of MS security solutions, competitive landscape and industry trends. As a technical specialist you would document and share best practices and learning with others enabling and contributing to the success of others on your team Share knowledge and learnings with partners to drive the sale, deployment, and adoption of Microsoft solutions. Completes required training and obtains relevant product and role certifications aligned to the role and workload/industry. Other Embody our culture and values Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Required Qualifications Bachelors degree in occupational safety, engineering, or related field or equivalent work experience. Comprehensive Safety Knowledge: demonstrates technical understanding and ability to apply general health & safety processes and regulations pertaining to industrial workplace settings. Knowledge of oil & gas industry safety procedures, policies, & regulatory requirements. Experience in developing and communicating business continuity recovery procedures and conducting training for this material. Professional certification in Business Continuity (e.g., CBCP, MBCI, or similar) is preferred. Minimum of 3-5 years of experience in business continuity, disaster recovery, risk management, or a related field. Strong analytical skills with the ability to assess complex risks and develop practical solutions. Excellent communication and interpersonal skills to effectively train staff and coordinate with stakeholders. - Familiarity with industry standards (e.g., ISO 22301, NIST, etc.) and regulatory requirements.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NA Minimum 15 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in strategic discussions to enhance security protocols and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities: - Expected to be a Subject Matter Expert with deep knowledge and experience. - Should have influencing and advisory skills. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Expected to provide solutions to problems that apply across multiple teams. - Facilitate training sessions to enhance team understanding of cloud security practices. - Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM). - Strong understanding of cloud security principles and best practices. - Experience with security incident response and management. - Knowledge of compliance frameworks such as ISO 27001, NIST, or GDPR. - Familiarity with risk assessment methodologies and tools. Additional Information: - The candidate should have minimum 15 years of experience in Security Information and Event Management (SIEM). - This position is based at our Gurugram office. - A 15 years full time education is required. 15 years full time education Show more Show less

Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats. Do Design and develop enterprise cyber security strategy and architecture Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses Identify risks associated with business processes, operations, information security programs and technology projects Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge Identify security design gaps in existing and proposed architectures and recommend changes or enhancements Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. Provide support during technical deployment, configuration, integration and administration of security technologies Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity Provide solution of RFP’s received from clients and ensure overall design assurance Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture Depending on the client’s need with particular standards and technology stacks create complete RFPs Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps Evaluate and recommend solutions to integrate with overall technology ecosystem Tracks industry and application trends and relates these to planning current and future IT needs Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers Provide training to employees on issues such as spam and unwanted or malicious emails Stakeholder Interaction Stakeholder Type Stakeholder Identification Purpose of Interaction Internal Program Manager/Director Regular reporting & updates Infrastructure (CIS team) For infrastructure support External Customer To coordinate for all security breaches & resolutions Display Lists the competencies required to perform this role effectively Functional Competencies/ Skill Leveraging Technology - Knowledge of current and upcoming security technologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) and understanding of compliance regulatory requirement like PCI DSS, HIPAA, etc.- Expert Systems Thinking - Understanding of the Wipro system (interrelatedness, interdependencies and boundaries) and perform problem solving in a complex environment - Expert Leveraging Technology - In-depth knowledge of and mastery over ecosystem technology that commands expert authority respect - Master Technical Knowledge - Certified Information Systems Security Professional (CISSP), Cloud Architect Certification from AWS and Azure, ToGAF or SABSA certification- Master Competency Levels Foundation Knowledgeable about the competency requirements. Demonstrates (in parts) frequently with minimal support and guidance. Competent Consistently demonstrates the full range of the competency without guidance. Extends the competency to difficult and unknown situations as well. Expert Applies the competency in all situations and is serves as a guide to others as well. Master Coaches others and builds organizational capability in the competency area. Serves as a key resource for that competency and is recognized within the entire organization. Behavioral Competencies Effective Communication Managing Complexity Client centricity Technology Acumen Innovation Problem Solving approach Collaborative Working Execution Excellence Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2. Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led

About The Role : Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led

About The Role :About The Role : Technology GRC Manager C1 Role Purpose: As GRC (Governance, Risk, and Compliance) Manager is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. This role involves ensuring that all risk and compliance activities are performed effectively by various control functions. The GRC Manager also serves as an internal consultant, providing guidance to operating functions and business lines on risk-related matters. Additionally, they are tasked with identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to ensure the organization''s overall security and compliance posture. Responsibilities: Ensure strong governance on risk and compliance performed by various control functions. Manage risk assessment, remediation, and monitoring of information and technology process risks. Serve as an internal risk consultant to operating functions and business lines. Identify, assess, quantify, report, communicate, mitigate, and monitor process risks. Support the implementation of information security policies. Discuss risk closure, mitigation, and acceptance with stakeholders. Ensure periodic entitlement reviews are completed, and risks are managed to an acceptable level. Collaborate with control functions to track and mitigate identified risks. Work with technology leaders to identify control gaps. Act as a subject matter expert for risk and controls related to operations. Maintain strong working relationships with stakeholders. Review and refine policies and processes based on industry best practices. Track identified risks and ensured their closure within defined timelines. Prepare and maintain risk heat maps and risk registers. Required Skills: Excellent executive-level communication skills. Strong working relationships with team members and the ability to motivate them. Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits. Solid understanding of Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, NIST Control, etc. Understanding of Security incident response aspects is desirable. Good analytical, problem-solving, and interpersonal skills. B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience. Industry-recognized certification in information security such as CISSP, CISM, CISA, etc.

: When you join Verizon You want more out of a career. A place to share your ideas freely even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What Youll Be Doing... The Threat Management Center (TMC) serves as the initial point of defense for Verizon's networks and information systems, safeguarding them against internal misconduct and cyber-attacks. The TMC Advanced Cyber Defense (TMC-ACD) team is tasked with responding to, investigating, hunting and managing all incidents. Collectively, the teams strive to protect Verizon's employees, customers, brand reputation, and revenue streams through proactive identification, response, and mitigation of potential threats that could adversely affect Verizon or its business partners. What Were Looking For... Verizon is looking for an innovative and motivated professional who will be responsible for safeguarding the Verizon enterprise. This individual will work on identified threats and will neutralize them through proactive hunting and detection, incident response and mitigation strategies, and ensure continuous operation of Verizons on-prem and cloud environments. The Digital Forensics & Incident Response role is an opportunity to work in a fast paced collaborative environment defending Verizon from current and future cyber threats. This position plays a critical role in Verizons enterprise computing defense. Executing the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses. Operating as a trusted advisor on threat analysis during incidents for incident management teams and other stakeholders by following cybersecurity response methodologies such as the NIST CyberSecurity Framework. Serving as a primary point of contact during assigned on-call shifts, responding promptly to incidents, escalations, and critical alerts to minimize downtime and mitigate risks to the enterprise. Deploying security tools and leveraging logs and endpoint forensic analysis in order to complete a detailed and accurate assessment of security alerts and threats affecting the Verizon enterprise and cloud infrastructure. Assisting with the development of security controls for multiple platforms via automated capabilities by using advanced analysis and forensic techniques. Driving identification, analysis, and remediation activities to ensure compliance with relevant regulatory requirements, industry standards, and best practices related to security and data privacy. Providing assistance and analytical evaluations for high-priority and significant security incidents, including composing extensive and comprehensive analysis summaries and facilitating incident-related discussions. Identifying gaps in detections and collaborating with teams across Cyber Security to mitigate threats and improve the overall security posture. Recommending ways to mature and advance the preventive and defensive capabilities of the TMC. This includes leveraging data and knowledge to clearly communicate the use case for alert creation. Collaborating with cross-functional teams to respond, identify, and analyze the root cause of a cybersecurity incident. Conducting risk assessments, in-depth analysis, and forensic investigations to determine the root cause and impact of incidents. Enhancing, and/or implementing DFIR playbooks to ensure cohesive response repeatability. Assisting with producing operational read-outs and case reviews for peers and leadership that accurately capture the effectiveness of the DFIR organization. Continuously honing to build and maintain knowledge, skills, and abilities needed to maintain proficiency in producing thorough and accurate digital forensic analysis. Enhancing techniques, workflows and processes of security controls, compliance assessments, and DFIR procedures to drive the TMC operational and strategic growth (continuous improvement). Where you'll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Youll Need To Have Bachelor's degree or four or more years of work experience. Four or more years of relevant experience required, demonstrated through work experience and/or military experience. Experience working in Digital Forensic, Incident Response, and/or a Security Operations Center (SOC) environment(s). Even better if you have one or more of the following: Awareness of cyber based adversarial frameworks including MITRE ATT&CK and Lockheed Martins Cyber Kill Chain. Proficient knowledge of the cyber threat landscape including types of adversaries, campaigns, and the motivations that drive them. Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents. Programming and Scripting Experience to enhance automations, ad-hoc forensic analysis and speed-up response times. Previous experience with log aggregation platforms such as Splunk, Elastic, Snowflake, LogRhythm, etc. Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and MacOS Operating Systems. Demonstrates leadership and mentoring skills to help advance the overall capabilities of the TMC organization. Ability to work in a highly collaborative environment needing strong communication, presentation, and leadership-like skills. Exhibits initiative, follow-up and follow through with commitments. Certifications like: Network , Security , CISSP, EnCE, CFCE, C|EH, C|HFI, GCFA, GCFE, GCIH and/or cloud-specific security certifications (e.g. AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Cloud Certified Professional Cloud Security Engineer). If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every even better qualification listed above. #CISO Where youll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics. Locations Hyderabad, India Chennai, India Show more Show less

Meet the Team Cisco InfoSec seeks an Information Security Engineer to join some of the industry's brightest minds in Network Security, managing access decisions based on Cisco's security policies, assessment of security risks at various PINs in one of the world's largest networks. In this role, you will gain insight on the detailed functionality of how security is handled at various network layers, through administrative, technical and physical controls. The ideal applicant will have professional understanding of Network Security, Cloud Security, Vulnerability Management, and Security Incident Detection and Response. The candidate should be able to comprehend business requirements, assess and communicate relevant risks, and implement suitable controls in accordance with policies, standards, and guidelines. Your Impact As part of the global infosec organization, this role's responsibilities include establishing and preserving relationships with internal business clients, IT, and engineering management worldwide. In addition, the candidate will oversee projects, collaborate with different functional units within the security organization, and find areas of continuous improvement to maximize operational efficiency. As part of a global organization primarily based out of the US, the candidate may be expected to work outside of normal business hours on a weekly basis. You must evaluate diverse security risks in a fast-moving environment and be technically capable of suggesting and carrying out remediation, in accordance with Cisco's security policies and standards. You must a Foundational knowledge in one or more security domains, including network security, cloud security, server security, and identity/access management. You have experience implementing and maintaining security solutions in an enterprise environment. You have a validated foundation of Secure Development Lifecycle (SDL) and a working knowledge of various SDL requirements. You are familiar with Agile methodologies and CI/CD, as well as relevant expertise in all phases of application development across technology stacks. You possess a solid understanding of security vulnerabilities and remediation documented by organizations like OWASP, NIST, SANS, etc. You demonstrate good communication skills and can articulate application vulnerabilities, defects, technical controls, risks, and other complex security matters with non-technical stakeholders. You should be able to understand complex architectures, make security decisions to enable business and help our stakeholders understand any risks involved. You have innovative thinking, analytical reasoning, and creative problem-solving abilities. You act strategically, diligent, highly motivated, and eager to make a major contribution to making Cisco more secure. Minimum Qualifications: Strong knowledge of Data Center, Virtualization, Cloud, Multi-tier deployment environments and their security operations Strong knowledge in Networking & Security preferably evidenced through certifications and hands-on experience in assessing security risks for large enterprise networks. Systems administration skills with an information security background (Good understanding of Unix and windows environment). Preferred Qualifications Typically requires a bachelor’s degree in computer science or work equivalent of 3+ or more years of experience. Prior experience in information security consulting with the understanding of how to analyze InfoSec policies. Preferred certification(s) CISSP/CISM/CCNA/CCNA Security/CCNP. #WeAreCisco ( This is the Standard and cannot be changed ) #WeAreCisco where every individual brings their unique skills and perspectives together to pursue our purpose of powering an inclusive future for all. Our passion is connection—we celebrate our employees’ diverse set of backgrounds and focus on unlocking potential. Cisconians often experience one company, many careers where learning and development are encouraged and supported at every stage. Our technology, tools, and culture pioneered hybrid work trends, allowing all to not only give their best, but be their best. We understand our outstanding opportunity to bring communities together and at the heart of that is our people. One-third of Cisconians collaborate in our 30 employee resource organizations, called Inclusive Communities, to connect, foster belonging, learn to be informed allies, and make a difference. Dedicated paid time off to volunteer—80 hours each year—allows us to give back to causes we are passionate about, and nearly 86% do! Our purpose, driven by our people, is what makes us the worldwide leader in technology that powers the internet. Helping our customers reimagine their applications, secure their enterprise, transform their infrastructure, and meet their sustainability goals is what we do best. We ensure that every step we take is a step towards a more inclusive future for all. Take your next step and be you, with us! Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Security Consultant Job Summary: As an Information Security Consultant, the individual will be responsible for providing security guidance to IT project teams responsible for delivering business solutions leveraging new market technologies in Travel, Meeting & Events industry. The Information Security Consultant will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout system development life cycle (SDLC). The Information Security Consultant will also be expected to perform risk assessments of 3rd party information systems and infrastructure, develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams, Suppliers and management. The successful candidate should have solid background in application and/or infrastructure development, broad experience over an array of information security and technical disciplines and be able to provide pragmatic, business-aligned security guidance. The Information Security Consultant will be expected to work on multiple projects and tasks concurrently. EY Technology: Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 280,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization. EY Technology supports our technology needs through three business units: Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster, and pursue those opportunities more rapidly. Enterprise Technology (ET) – EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience. Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems. The opportunity The Business Enablement Security Consulting group reports to Deputy CISO of Enterprise Workplace Technology in a hands-on role, focused on the secure design, architecture and development for applications. Most of the work will require dealing with 3rd parties, CBS is engaging with, to procure their Cloud based, mobile enabled services to enhance EY employees experience. This will include working on complex Travel solutions, Meetings & Events apps, Ground Transportation, Workplace Experience enhancement etc. These services are evolving & does offer lot of opportunities to be market leader with Security in mind. EY as an organization is big promoter of such innovative ideas & deploy these services across the globe. The Security Consultant works directly with Architects, Developers, IAM engineers, Project Managers, Supplier and other resources (as deem fit); through collaboration and mentoring, they help teams to deliver secure business solutions. The Security Consultant’s role is a technical position which will support the global strategies and architecture vision as it relates to the development of secure design, build, deployment and operation of business applications and related infrastructure. Your Key Responsibilities This position is an individual contributor capable of supporting multiple project teams in the design, implementation and certification of security controls across IT systems – constituting new platforms/products used with in EY. This requires knowledge of various IT system architecture and technology like Travel solutions, Meeting & Events leaders apps etc hosted in different Cloud environments with mobile apps offerings, as well as supporting technology such as IAM, network security, firewalls, user account management, audit & logging, and other security concepts as outlined in ISO27001, OWASP and related security standards. Also consultants should have knowledge of how to assess 3rd Party security assessments and applicability of SOC1, SOC2 reports and concepts of vendor risk management. Skills And Attributes For Success Significant working security experience (with automation platform is a plus) and knowledge in the design, implementation and operation of security controls in any two or more of the following areas (Application Security & Mobile Security preferable): Application Security - Experience with the design of security controls for multi-tier business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging. Working familiarity with REST API and micro services architecture. Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS services Mobile Security –Technical understanding of Mobile Security standards, mobile platforms, mobile testing and experience designing security configuration and controls within mobile device-based solutions. Add-on experience of Mobile app integration with Microsoft InTune plaftform will be an advantage. Infrastructure Security – Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions. Agile & DevOps Methodologies – Experience as a contributing member of a balanced team within an Agile development or DevOps environment. Identity and Access Management - Active Directory based Identity and Access Management and Authorization design experience and integration with IDaaS and Federation technologies. To qualify for the role you must have Eight or more years of IT industry experience with minimum eight years of relevant experience in Information Security discipline A Bachelor's/Master’s degree in Computer Science or a related discipline, or equivalent work experience Experiencing in reviewing Mobile applications & platforms, with knowledge of Cloud Environment set up, and knowledge of common information security requirements for such platforms is a plus Experience providing and validating security requirements related to information system design and implementation Experience providing and validating security requirements related to a broad range of operating systems and databases Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies Experience in the use of tools and methods to identify security exposures and business risks Familiarity with information system attack methods and vulnerabilities Ideally, you’ll may also have Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT Working experience with the design and engineering of web-based multi-tier information systems and architecture design Working experience with web technologies and programming languages Working experience with operating systems and database platforms Working experience with mobile applications and mobile enterprise application platforms Working experience with more than one of these technologies, i.e. Java, .NET, Oracle, SQL, C++, WebSphere, Sharepoint, IIS, etc. Working experience with Cloud & Mobile solutions. What We Look For Ability to team well with others to facilitate and enhance the understanding & compliance to security policies Ability to work effectively with customers, management, staff members, vendors, and consultants and articulate findings and recommendations Strong English communication and writing skills are required Strong judgment and analytical ability Excellent interpersonal, communication, organizational, and project management skills Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change Demonstrated integrity in a professional environment Willingness to work in CET timezone, to support US & EU initiatives, being flexible when required What Working At EY Offers We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Security Consultant Job Summary: As an Information Security Consultant, the individual will be responsible for providing security guidance to IT project teams responsible for delivering business solutions leveraging new market technologies in Travel, Meeting & Events industry. The Information Security Consultant will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout system development life cycle (SDLC). The Information Security Consultant will also be expected to perform risk assessments of 3rd party information systems and infrastructure, develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams, Suppliers and management. The successful candidate should have solid background in application and/or infrastructure development, broad experience over an array of information security and technical disciplines and be able to provide pragmatic, business-aligned security guidance. The Information Security Consultant will be expected to work on multiple projects and tasks concurrently. EY Technology: Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 280,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization. EY Technology supports our technology needs through three business units: Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster, and pursue those opportunities more rapidly. Enterprise Technology (ET) – EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience. Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems. The opportunity The Business Enablement Security Consulting group reports to Deputy CISO of Enterprise Workplace Technology in a hands-on role, focused on the secure design, architecture and development for applications. Most of the work will require dealing with 3rd parties, CBS is engaging with, to procure their Cloud based, mobile enabled services to enhance EY employees experience. This will include working on complex Travel solutions, Meetings & Events apps, Ground Transportation, Workplace Experience enhancement etc. These services are evolving & does offer lot of opportunities to be market leader with Security in mind. EY as an organization is big promoter of such innovative ideas & deploy these services across the globe. The Security Consultant works directly with Architects, Developers, IAM engineers, Project Managers, Supplier and other resources (as deem fit); through collaboration and mentoring, they help teams to deliver secure business solutions. The Security Consultant’s role is a technical position which will support the global strategies and architecture vision as it relates to the development of secure design, build, deployment and operation of business applications and related infrastructure. Your Key Responsibilities This position is an individual contributor capable of supporting multiple project teams in the design, implementation and certification of security controls across IT systems – constituting new platforms/products used with in EY. This requires knowledge of various IT system architecture and technology like Travel solutions, Meeting & Events leaders apps etc hosted in different Cloud environments with mobile apps offerings, as well as supporting technology such as IAM, network security, firewalls, user account management, audit & logging, and other security concepts as outlined in ISO27001, OWASP and related security standards. Also consultants should have knowledge of how to assess 3rd Party security assessments and applicability of SOC1, SOC2 reports and concepts of vendor risk management. Skills And Attributes For Success Significant working security experience (with automation platform is a plus) and knowledge in the design, implementation and operation of security controls in any two or more of the following areas (Application Security & Mobile Security preferable): Application Security - Experience with the design of security controls for multi-tier business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging. Working familiarity with REST API and micro services architecture. Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS services Mobile Security –Technical understanding of Mobile Security standards, mobile platforms, mobile testing and experience designing security configuration and controls within mobile device-based solutions. Add-on experience of Mobile app integration with Microsoft InTune plaftform will be an advantage. Infrastructure Security – Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions. Agile & DevOps Methodologies – Experience as a contributing member of a balanced team within an Agile development or DevOps environment. Identity and Access Management - Active Directory based Identity and Access Management and Authorization design experience and integration with IDaaS and Federation technologies. To qualify for the role you must have Eight or more years of IT industry experience with minimum eight years of relevant experience in Information Security discipline A Bachelor's/Master’s degree in Computer Science or a related discipline, or equivalent work experience Experiencing in reviewing Mobile applications & platforms, with knowledge of Cloud Environment set up, and knowledge of common information security requirements for such platforms is a plus Experience providing and validating security requirements related to information system design and implementation Experience providing and validating security requirements related to a broad range of operating systems and databases Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies Experience in the use of tools and methods to identify security exposures and business risks Familiarity with information system attack methods and vulnerabilities Ideally, you’ll may also have Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT Working experience with the design and engineering of web-based multi-tier information systems and architecture design Working experience with web technologies and programming languages Working experience with operating systems and database platforms Working experience with mobile applications and mobile enterprise application platforms Working experience with more than one of these technologies, i.e. Java, .NET, Oracle, SQL, C++, WebSphere, Sharepoint, IIS, etc. Working experience with Cloud & Mobile solutions. What We Look For Ability to team well with others to facilitate and enhance the understanding & compliance to security policies Ability to work effectively with customers, management, staff members, vendors, and consultants and articulate findings and recommendations Strong English communication and writing skills are required Strong judgment and analytical ability Excellent interpersonal, communication, organizational, and project management skills Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change Demonstrated integrity in a professional environment Willingness to work in CET timezone, to support US & EU initiatives, being flexible when required What Working At EY Offers We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Security Consultant Job Summary: As an Information Security Consultant, the individual will be responsible for providing security guidance to IT project teams responsible for delivering business solutions leveraging new market technologies in Travel, Meeting & Events industry. The Information Security Consultant will identify and prioritize security-related requirements, promote secure-by-default designs and ensure information systems and infrastructure will be secured throughout system development life cycle (SDLC). The Information Security Consultant will also be expected to perform risk assessments of 3rd party information systems and infrastructure, develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams, Suppliers and management. The successful candidate should have solid background in application and/or infrastructure development, broad experience over an array of information security and technical disciplines and be able to provide pragmatic, business-aligned security guidance. The Information Security Consultant will be expected to work on multiple projects and tasks concurrently. EY Technology: Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 280,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization. EY Technology supports our technology needs through three business units: Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster, and pursue those opportunities more rapidly. Enterprise Technology (ET) – EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience. Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems. The opportunity The Business Enablement Security Consulting group reports to Deputy CISO of Enterprise Workplace Technology in a hands-on role, focused on the secure design, architecture and development for applications. Most of the work will require dealing with 3rd parties, CBS is engaging with, to procure their Cloud based, mobile enabled services to enhance EY employees experience. This will include working on complex Travel solutions, Meetings & Events apps, Ground Transportation, Workplace Experience enhancement etc. These services are evolving & does offer lot of opportunities to be market leader with Security in mind. EY as an organization is big promoter of such innovative ideas & deploy these services across the globe. The Security Consultant works directly with Architects, Developers, IAM engineers, Project Managers, Supplier and other resources (as deem fit); through collaboration and mentoring, they help teams to deliver secure business solutions. The Security Consultant’s role is a technical position which will support the global strategies and architecture vision as it relates to the development of secure design, build, deployment and operation of business applications and related infrastructure. Your Key Responsibilities This position is an individual contributor capable of supporting multiple project teams in the design, implementation and certification of security controls across IT systems – constituting new platforms/products used with in EY. This requires knowledge of various IT system architecture and technology like Travel solutions, Meeting & Events leaders apps etc hosted in different Cloud environments with mobile apps offerings, as well as supporting technology such as IAM, network security, firewalls, user account management, audit & logging, and other security concepts as outlined in ISO27001, OWASP and related security standards. Also consultants should have knowledge of how to assess 3rd Party security assessments and applicability of SOC1, SOC2 reports and concepts of vendor risk management. Skills And Attributes For Success Significant working security experience (with automation platform is a plus) and knowledge in the design, implementation and operation of security controls in any two or more of the following areas (Application Security & Mobile Security preferable): Application Security - Experience with the design of security controls for multi-tier business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging. Working familiarity with REST API and micro services architecture. Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS services Mobile Security –Technical understanding of Mobile Security standards, mobile platforms, mobile testing and experience designing security configuration and controls within mobile device-based solutions. Add-on experience of Mobile app integration with Microsoft InTune plaftform will be an advantage. Infrastructure Security – Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions. Agile & DevOps Methodologies – Experience as a contributing member of a balanced team within an Agile development or DevOps environment. Identity and Access Management - Active Directory based Identity and Access Management and Authorization design experience and integration with IDaaS and Federation technologies. To qualify for the role you must have Eight or more years of IT industry experience with minimum eight years of relevant experience in Information Security discipline A Bachelor's/Master’s degree in Computer Science or a related discipline, or equivalent work experience Experiencing in reviewing Mobile applications & platforms, with knowledge of Cloud Environment set up, and knowledge of common information security requirements for such platforms is a plus Experience providing and validating security requirements related to information system design and implementation Experience providing and validating security requirements related to a broad range of operating systems and databases Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies Experience in the use of tools and methods to identify security exposures and business risks Familiarity with information system attack methods and vulnerabilities Ideally, you’ll may also have Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CISM or CISA Knowledge of common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT Working experience with the design and engineering of web-based multi-tier information systems and architecture design Working experience with web technologies and programming languages Working experience with operating systems and database platforms Working experience with mobile applications and mobile enterprise application platforms Working experience with more than one of these technologies, i.e. Java, .NET, Oracle, SQL, C++, WebSphere, Sharepoint, IIS, etc. Working experience with Cloud & Mobile solutions. What We Look For Ability to team well with others to facilitate and enhance the understanding & compliance to security policies Ability to work effectively with customers, management, staff members, vendors, and consultants and articulate findings and recommendations Strong English communication and writing skills are required Strong judgment and analytical ability Excellent interpersonal, communication, organizational, and project management skills Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change Demonstrated integrity in a professional environment Willingness to work in CET timezone, to support US & EU initiatives, being flexible when required What Working At EY Offers We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Company Description We’re Hiring – ServiceNow IRM/GRC Experts (Architects, Lead Developers, Developers, Business Analysts) Location : Pune - Hybrid / India or REMOTE - USA. Joining : Within 30 Days Interview Rounds : 2 (Telephonic) Are you a ServiceNow IRM/GRC Consultant looking for your next big opportunity? Do you bring domain knowledge from Financial Services, Healthcare, Telecom, or Pharma and are passionate about making risk and compliance smarter, faster, and automated? We are expanding our elite ServiceNow IRM/GRC Team and looking for experienced and committed professionals for multiple roles: Open Positions ServiceNow IRM/GRC Architect [1 position] ServiceNow IRM/GRC Lead Developer [2 positions] ServiceNow IRM/GRC Developers [4 positions] ServiceNow IRM/GRC Business Analysts [2 positions] NOTE: Candidate must have worked at-least in one full IRMGRC project [ end to end ] Job Description REDE Consulting seeks highly qualified professionals for critical roles in ServiceNow IRM/GRC implementation. The successful candidates will be responsible for executing complex projects with significant impact on organizational risk management and regulatory compliance. Key Responsibilities: Implement and manage ServiceNow IRM/GRC modules with a focus on Risk Management, Policy & Compliance, Audit Management, and Continuous Monitoring. Develop and maintain comprehensive workflows, profiles, indicators, scoring models, and dashboards to ensure robust risk and compliance frameworks. Demonstrate in-depth knowledge of regulatory frameworks such as SOX, HIPAA, ISO 27001, NIST, and DORA, applying this expertise to client solutions. For Architect/Lead roles: Design end-to-end solutions, communicate effectively with stakeholders, and provide mentorship to team members. For Business Analyst roles: Analyze complex GRC use cases and translate business requirements into actionable technical stories. Contribute domain expertise in Banking, Healthcare, Telecom, or Life Sciences to enhance project outcomes and client satisfaction. Maintain strict adherence to project timelines and quality standards, ensuring deliverables meet or exceed client expectations. Stay current with evolving regulatory landscapes and ServiceNow platform updates to provide cutting-edge solutions. Qualifications Professional Opportunity Contribute to a high-impact team delivering advanced risk and compliance automation solutions on the ServiceNow platform. Engage with global clients across regulated industries, addressing critical business needs. Assume a pivotal role in leading, innovating, and influencing digital risk transformation initiatives. Benefit from a flexible remote-first work environment, competitive compensation package, and professional development opportunities. Application Process Qualified candidates seeking a challenging career in the IRM/GRC/SecOps domain are encouraged to apply. This position offers significant opportunities for professional growth, leadership development, and meaningful impact in the field of risk management and compliance. To apply, please submit a comprehensive resume detailing your relevant experience and qualifications to: {EMAIL : hr (at) rede-consulting.com } For additional information about our organization and services, please visit: { www (dot) rede-consulting.com } Additional Information Location: Pune, India Why Join REDE? Join a fast-growing ServiceNow-focused firm with a strong presence in the USA, EU, and India. Work on high-impact projects with Fortune 500 companies. Be part of a Center of Excellence (CoE) for ServiceNow IRMGRC, ITAM and ITOM Competitive salary and performance-based incentives. Flexible work hours and a remote-friendly culture. Apply now: Send your updated resume to hr at rede-consulting.com At REDE Consulting, we don’t just build solutions — we build careers. Come be a part of something elite. Freshers with flare for sales and good in communication are welcome to explore opportunities with us. Show more Show less

Understanding of basic networking concepts Familiarity with Active Directory Understanding of MFA and MFA usage scenarios Familiarity with authentication, authorization and single sign-on protocols and concepts Familiarity with IAM industry standards like NIST Familiarity with IAM concepts IGA, PAM, etc- Familiarity with lifecycle management processes & protocols (SCIM, LDAP) Ability to script in a programming language of choice against REST APIs &/or Postman experience Solid troubleshooting skills Experience with Okta, including app integration, policy setup, and MDM integration Web flow troubleshooting Understanding of PKI Motivated and a self-starter Ability to communicate technology concepts to non-technical partners Show more Show less

🚨 We’re Hiring: DevSecOps + Security Analyst 🚨 📍 Remote | 🌙 Night Shift (10 PM – 7 AM IST) 💼 Experience: 5–7 Years | 💰 CTC: ₹16 LPA 📅 Immediate Joiners Preferred Are you passionate about integrating security across the DevOps lifecycle? Join our fast-paced remote team where security meets innovation. 🔧 Key Responsibilities: DevSecOps Focus: ✔️ Integrate security into CI/CD (GitLab CI, Jenkins, GitHub Actions) ✔️ Automate scans (SAST, DAST, SCA, IaC) in pipelines ✔️ Harden infrastructure with Ansible, Terraform, Docker ✔️ Manage secure IaC (Terraform/CloudFormation) Security Analyst Focus: ✔️ Monitor/respond using SIEM tools (Splunk, Sentinel, ELK) ✔️ Conduct vulnerability assessments and remediation ✔️ Support incident response and investigations ✅ What You Must Have: 5–7 years in cybersecurity / DevSecOps / security operations Strong in AWS / Azure / GCP security Hands-on with CI/CD, Python/Bash/PowerShell scripting Familiar with SOC2, NIST, PCI-DSS, HIPAA Experience with SAST, DAST, secrets management, container security 📩 Only apply if you meet all the above requirements and can join immediately or within 15 days. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Operation Automation Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and frameworks.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Operation Automation.- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Knowledge of automation tools and scripting languages to enhance security operations. Additional Information:- The candidate should have minimum 5 years of experience in Security Operation Automation.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Third Party IT Risk Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular assessments of cloud security measures and recommend improvements.- Facilitate training sessions for team members on cloud security best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Third Party IT Risk Management.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment methodologies and tools.- Ability to develop and implement security policies and procedures.- Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information:- The candidate should have minimum 7.5 years of experience in Third Party IT Risk Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Lead and mentor a team of Tier 1, Tier 2, and Tier 3 SOC analysts.- Define and enforce SOC processes, workflows, SLAs, and escalation protocols.- Provide regular performance feedback and conduct training to upskill the team.- Collaborate with IT, DevOps, Risk, and Compliance teams on security initiatives.- Oversee daily security monitoring, triage, and incident response activities.- Ensure timely detection, investigation, and resolution of security incidents.- Maintain incident tracking and reporting for internal stakeholders and audits.- Conduct root cause analysis and ensure lessons learned are documented and implemented.- Manage and optimize SIEM, SOAR, EDR, and other monitoring tools.- Define and tune detection rules, playbooks, and alerts to reduce false positives.- Evaluate and recommend new tools and technologies to improve SOC capabilities.- Ensure log sources and telemetry are complete and properly ingested.- Ensure SOC operations support compliance requirements (ISO 27001, NIST, PCI DSS, GDPR).- Prepare and deliver regular security metrics and executive reports.- Coordinate with internal and external auditors during assessments. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of risk management frameworks and compliance standards.- Experience with cloud security architecture and implementation.- Ability to conduct security assessments and audits.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 12 years of experience in Security Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

The Security Compliance Specialist works with the Security Compliance Leader and will have the execution responsibility around (but not limited to) the following areas: Compliance enforcement: Implementing necessary controls and measure to ensure organization’s overall security compliance, in alignment with internal security standards, applicable regulations and industry standards (e.g., ISO 27001, NIST, GDPR). Ensure adherence to the compliance requirements for network infrastructure, OpenShift environments, and IBM Z systems based on the actionable policies and procedures using approved IBM technology choices. Policy Creation and Management: Maintain and enforce security policies, standards, and controls applicable to network operations, cloud environments, and mainframe systems. Partner with IBM CISO organization to regularly review and update security policies to address emerging threats, regulatory changes, and organizational needs. Risk Management: Conduct risk assessments to identify potential compliance gaps and vulnerabilities within the organization’s IT environment. Collaborate with IT and security teams to develop risk mitigation strategies and implement necessary compliance controls. Audit and Assessment: Prepare for regular compliance audits for network, OpenShift platform, and IBM Z systems. Ensure prompt rectification of any compliance findings and develop action plans for continuous improvement. Training and Awareness: Conduct comprehensive training programs to raise awareness of security compliance requirements and best practices among employees. Foster a culture of security compliance by regularly communicating the importance of adherence to security standards. Monitoring and Reporting: Adopt/leverage metrics and reporting frameworks to continuously monitor compliance status and effectiveness of security controls. Prepare regular reports for executive management on compliance initiatives, audit findings, and the overall status of security compliance across the organization. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Qualifications & Skills 8-10 years of professional experience with at least 5+ years of relevant experience in the information technology security & compliance domain. Bachelor’s degree in Cybersecurity, Information Technology, or a related field; advanced degree or security certifications (e.g., CISSP, CISM, CISA) are a plus. Extensive experience in security compliance management, particularly in network security, cloud security, and mainframe environments. Strong understanding of regulatory requirements and compliance frameworks relevant to the industry. Should be open and willingness to learn new technologies and be open for continuous upskilling experience. Excellent analytical and problem-solving skills to assess compliance issues and risks. Strong Proficiency in working with Secured communications across varied Hybrid platforms (On-Prem, On-Cloud etc). Strong leadership and communication skills to influence and guide cross-functional teams. Ability to work collaboratively with various stakeholders, including technical teams, executive management, and external auditors. Proficiency in compliance management tools and security frameworks. Proficiency in automation tools such as Ansible and pipeline orchestration tools such as Tekton and GitHub Actions.

Key Responsibilities: Compliance Strategy Development: Develop and lead the organization’s overall security compliance strategy, ensuring alignment with internal security standards and applicable regulations and industry standards (e.g., ISO 27001, NIST, GDPR). Identify compliance requirements for network infrastructure, OpenShift environments, and IBM Z systems and translate them into actionable policies and procedures using approved IBM technology choices. Policy Creation and Management: Establish, maintain, and enforce security policies, standards, and controls applicable to network operations, cloud environments, and mainframe systems. Partner with IBM CISO organization to regularly review and update security policies to address emerging threats, regulatory changes, and organizational needs. Risk Management: Conduct risk assessments to identify potential compliance gaps and vulnerabilities within the organization’s IT environment. Collaborate with IT and security teams to develop risk mitigation strategies and implement necessary compliance controls. Audit and Assessment: Plan and oversee regular compliance audits for network, OpenShift platform, and IBM Z systems. Coordinate with external auditors and regulatory bodies during compliance audits and assessments. Ensure prompt rectification of any compliance findings and develop action plans for continuous improvement. Training and Awareness: Design and implement comprehensive training programs to raise awareness of security compliance requirements and best practices among employees. Foster a culture of security compliance by regularly communicating the importance of adherence to security standards. Monitoring and Reporting: Establish metrics and reporting frameworks to continuously monitor compliance status and effectiveness of security controls. Prepare regular reports for executive management on compliance initiatives, audit findings, and the overall status of security compliance across the organization. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Qualifications & Skills: 12+ years of professional experience with at least 8 years of relevant experience in the information technology security & compliance domain. Bachelor’s degree in Cybersecurity, Information Technology, or a related field; advanced degree or security certifications (e.g., CISSP, CISM, CISA) are a plus. Extensive experience in security compliance management, particularly in network security, cloud security, and mainframe environments. Strong understanding of regulatory requirements and compliance frameworks relevant to the industry. Should be open and willingness to learn new technologies and be open for continuous upskilling experience. Excellent analytical and problem-solving skills to assess compliance issues and risks. Strong Proficiency in working with Secured communications across varied Hybrid platforms ( On-Prem, On-Cloud etc). Strong leadership and communication skills to influence and guide cross-functional teams. Ability to work collaboratively with various stakeholders, including technical teams, executive management, and external auditors. Proficiency in compliance management tools and security frameworks. Preferred technical and professional experience Hiring manager and Recruiter should collaborate to create the relevant verbiage.

10+ yrs exp IT & IT Security Certified in ISO 27001: 2013 Enterprise IT Governance including knowledge of IT risk management and controls Strong power point presentation creation and design Func as SPOC for IT GRC & Audits Team Leading Exp preferable Required Candidate profile Manage establishment of operate & tech decision-making process to ensure IT svc are align to organization priorities & risk appetite Prep sec dashboards with KPIs, sec metrics for CISO presentations Perks and benefits Mediclaim + additional 10% performance bonus

5 years in sec ops with focus on SOC operations & incident response Indepth knowledge of sec technologies, tools, & methodologies SIEM, IDS/IPS, EDR Understanding of cyber threats, attack vectors Exp with security compliance frameworks NIST ISO 27001 Required Candidate profile Technical Leadership Soc Process Optimization Tool Evaluation Incident Response & Threat Intelligence Strong Scripting skills- mandatory Exp-Tomcat/JBoss/Apache/Ruby/ NGINX Ability to work with Devops Perks and benefits Mediclaim + Additional 10% variable

TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: GRC Desired Skill Set Any: Governance & Risk, Risk Assessment, Risk Management, GRC Archer, ITGC Control testing, Sox Experience Range: 4+ years Joining Location: PAN INDIA We are currently planning to do a Walk-In Interview on 14th June 2025 at TCS Bengaluru Date – 14th June 2025 (Saturday) Venue - Tata Consultancy Services, Think Campus, JRD Auditorium Cafeteria, Electronic City, Bangalore Job Description Role & Responsibilities: Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001) · SOX Testing for IT Controls · IT Compliance audits · Vendor Risk Assessments · Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures. · Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services · Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls Show more Show less

As one of the world’s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day! Job Description JOB DESCRIPTION Job Title: Sr. Analyst I - VAPT Job Code: Department: Offensive Security Location: Hyderabad Report To: Manager VAPT Direct Reports: No Job Purpose (Job Summary): This role will perform vulnerability assessments against risk-prioritized infrastructure and applications. This position will serve as a security subject matter expert working with technology, and business partners in managing vulnerabilities and implementing adequate security controls to protect Invesco data and network. Key Responsibilities / Duties: Perform vulnerability assessment on various types of technologies and infrastructure using tools (preferably Qualys). This may include: Network infrastructure and wireless networks Servers, platforms, containers, hosting infrastructure and services Application technologies (APIs, middleware, database, enterprise service bus, etc.) Cloud security controls and applications High value assets and critical infrastructure Review and analyze security vulnerability data to identify applicability and false positives. Assist with ongoing assessment of Invesco perimeter assets to identify exposures and weaknesses. Assist with red team assessments to identify security exposures and to evaluate effectiveness of security controls and response. Assist with producing high-quality papers, presentations, recommendations, and findings for Senior Level Management and Enterprise Technology Leaders Execute vulnerability triaging, escalation, and management workflows through innovation and continuous improvement. Provide internal remediation support through the design, implementation and integration of network infrastructure and information security controls. Participate in vulnerability management projects. Track deliverables and provide periodic updates to the leadership team. Escalate security and projects risk timely. Respond appropriately to cyber risk incident, the related investigations, managing situations with discretion, sensitivity, and objectivity, and with due consideration of chain-of-custody. Have a thorough understanding of technological requirements for Invesco’s systems and provide guidelines to effectively mitigate security risks. Have understanding on security compliance and can perform compliance scans through various tools on the IVZ Infrastructure. Review/Analyze the compliance scan reports and help the teams in the remediation activities. Respond timely to ServiceNow tickets as needed. Keep current with industry best practices. Other duties as assigned. Work Experience / Knowledge: Five plus years of Information Security or relevant experience Three plus years of Pen Testing or Vulnerability Assessment experience. Experience in the tool Splunk for vulnerability management automation capabilities. Cloud vulnerability assessment or pen testing experience preferred Experience with security issues in large networks Able to demonstrate experience, knowledge and skills in utilizing common penetration testing and vulnerability assessment tools and techniques Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software Knowledge of security industry best practices (e.g. SANS, NIST, CIS) Technical Skills Required: Good understanding of security controls and common threats and vulnerabilities Knowledge of penetration testing frameworks Knowledge of security industry best practices (e.g. SANS, NIST, CIS) Understanding of common penetration testing methodologies (e.g. OSSTMM, OWASP) Ability to write scripts/tools to assist in automation is preferred Understanding of encryption technologies and common network protocols Ability to review and analyze security vulnerability data to identify applicability and false positives Patch management technologies and processes Wireless protocols and services Sound understanding of security principles, such as infrastructure security, identity and access management, vulnerability management, and secure coding. A keen analytical mind for problem solving, abstract thought, and offensive security tactics. Other Skills Required: Good interpersonal skills (written and oral communication) and ability to articulate complex issues to executives and customers Make fact-based decisions using individual judgement and problem solving. Ability to communicate technical information clearly and concisely, commensurate with the audience Strong analytical skills with ability to define, collect, analyze data, establish facts, draw valid conclusions, and make fact-based decisions. Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently and remotely with limited supervision. Possesses diplomacy and cooperative style necessary to interface effectively with all personalities and across functional disciplines. Must be assertive, methodical and detail oriented Maintain strict confidentiality of all security issues including legal investigations, Compliance, and HR data requests License / Registration / Certification: Preferred certification: Security +, Qualys VM certification, Pentest +, AWS Cloud Practitioner Full Time / Part Time Full time Worker Type Employee Job Exempt (Yes / No) No Workplace Model At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office. Why Invesco In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other’s identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and each other by building on different voices and perspectives. We nurture and encourage each other to ensure our meaningful growth, both personally and professionally. We believe in diverse, inclusive, and supportive workplace where everyone feels equally valued, and this starts at the top with our senior leaders having diversity and inclusion goals. Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups (BRGs). What’s in it for you? As an organization we support personal needs, diverse backgrounds and provide internal networks, as well as opportunities to get involved in the community and in the world. Our benefit policy includes but not limited to: Competitive Compensation Flexible, Hybrid Work 30 days’ Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day In Invesco, we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth. Our AI enabled learning platform delivers curated content based on your role and interest. We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence. To Know More About Us About Invesco: https://www.invesco.com/corporate/en/home.html About our Culture: https://www.invesco.com/corporate/en/about-us/our-culture.html About our D&I policy: https://www.invesco.com/corporate/en/our-commitments/diversity-and-inclusion.html About our CR program: https://www.invesco.com/corporate/en/our-commitments/corporate-responsibility.html Apply for the role @ Invesco Careers : https://careers.invesco.com/india/ Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Title : Regional Client Security Assurance Lead Sub Function: Client Security Assurance Objectives of the role The Regional Client Security Assurance Lead, Associate Director, plays a pivotal role in leading a team responding to security risk assessments and due diligence exercises from clients in the IN/MENA region. This position requires extensive collaboration with various global and local functional teams, such as Data Protection, Risk Management, Compliance, Counsel, Procurement, Information Security, Technology, and EY service lines. This role is responsible for leading and supporting client and regulatory inquiries about EY’s Global Information Security program. It assists EY client engagement teams by addressing client requests regarding how EY secures our client information using comprehensive technical controls and governance processes in line with EY Global Information Security requirements. This position involves managing multiple requests and responsibilities while supporting complex security assessments throughout various stages of the engagement life cycle. Additionally, it requires staying current with updates in EY's Information Security posture and technology offerings, thereby contributing to business growth and the development of new business opportunities. Key Responsibilities The Regional Client Security Assurance Lead serves as a dependable client security relationship manager for key EY clients throughout the client engagement lifecycle, aiming to sustain and expand business operations. Furthermore, this position involves leading a team, projects, performing data analytics, and management of operational processes within IN/MENA Client Security Assurance. Team Lead: Lead team members to foster career growth and help them become knowledgeable about the EY Information Security Program and facilitate client security assessments. Implement operating model for the IN/MENA Client Security Assurance team in alignment with our business objectives. Drive the Evolution of Client Security Assurance: Actively participate in the development, implementation, and ongoing enhancement of the Client Security Assurance function in alignment with industry best practices. Facilitate Security Assessments: Act as a key resource for client and engagement teams by providing expert guidance on inbound security assessments related to EY’s Global Information Security Program, fostering trust and confidence in the EY Global Information Security Program, and the controls in place to protect data along with safeguarding the confidentiality of our security controls. This also helps build EY’s reputation and brand in the market. Clearly communicate with clients and their appointed auditors, pertinent and appropriate details of the EY Global Information Security Program. Provide critical support to EY’s approach to winning new business and sustaining existing business relationships. Provide consulting services to account teams related to client security assessments and their Supplier Risk Management framework. Meet with Clients: Participate in client meetings as an Information Security representative, supporting EY account teams by addressing client inquiries related to the EY Global Information Security Program. Support Request for Proposal (RFP) process: Partner with client engagement teams to support the RFP process by addressing information security questions to help secure more business for EY. Engage with Regulators: Support inquiries and assessments from select local regulators, highlighting EY's commitment to transparency and compliance in governance processes, technologies, and information security controls. Qualifications Minimum ten years of recent progressive IT security compliance, risk management or related IT security experience with a large IT organization; preferably within a professional service firm, software product, cloud-based solutions, or other companies serving clients that are highly regulated entities. Bachelor’s degree from an accredited college or university is preferred. A good understanding of cloud infrastructure, networking, modern software development and technical security controls is required. Strong executive presence, negotiation, presentation, and communication skills are required. Excellent analytical and problem-solving skills to assess and solve complex security issues. Ability to work and navigate through EY’s Global firm understanding diverse perspectives and global client requirements. Ability to maintain calm during client assessments and respond to questions consistently and confirming internally the accuracy of responses before presenting them. Proven experience in client-facing roles, particularly in handling security assessments, ideally from client inquiries, but can also be the result of experience performing security assessment of suppliers. Demonstrated ability to adopt and strive for continuous process improvement, particularly in resulting from the innovation and integration of new technologies. Excellent collaboration skills, with the ability to engage effectively with cross-functional teams and stakeholders. Knowledge of various information security frameworks such as ISO27001/2, AICPA System and Organization Controls (SOC) Reports (SOC1, SOC2, and SOC3), NIST, COBIT and relevant regulatory requirements such as GDPR. Certifications such as CISSP, CISM, CISA, ISO 27001 Auditor, CRISC, CIPP are preferred. Keep up to date with industry trends, emerging technologies and best practices. Good understanding in the following concepts and domains: Governance Risk and Compliance: A system that ensures that organizations enforce governance, implement risk management strategies, and ensure regulatory compliance. Multitier Network Architecture: A design separating resources between the Internet and the internal infrastructure, incorporating multiple network layers. For on-premise solutions, this includes a DMZ (Demilitarized Zone) architecture. In cloud environments, it involves a combination of Network Security Groups (NSG), Virtual Networks (VNETs), IP-based restrictions on connections between resources, and Web Application Firewalls (WAF). Cloud security architecture: Cloud security architecture's purpose is to provide a structured framework for securing data, applications, and infrastructure in cloud environments. It includes the definition of security principles and a governance framework for all cloud services and applications from development through production. Distinction of Cloud Service Models such as IaaS, PaaS and SaaS and shared responsibility matrix: Infrastructure as a Service (IaaS): IaaS provides on-demand access to virtualized computing infrastructure, including servers, storage, and networking, allowing subscribers to build and manage their own applications, operating systems, and data while the cloud provider manages the underlying infrastructure. Platform as a Service (PaaS): PaaS offers a platform for developers to build, deploy, and manage applications without the need to manage the underlying operating systems and infrastructure. Software as a Service (SaaS): SaaS delivers software applications to users over the internet, allowing them to access and use the software without installing or managing it on their own devices. We will be dependent on the SaaS providers for the security controls to protect EY and client information. Application security: Measures taken to protect software applications from threats and vulnerabilities that can compromise the confidentiality, integrity, or availability of the data. Identity and access management: Includes use of authentication mechanisms, authorization measures, and privileged account management. Encryption standards: Standards for cryptography, used to protect data-at-rest and data-in-transit as well as provide a means of validating the authenticity, non-repudiation, and integrity of data. Endpoint security capabilities: Standards to protect endpoints such as laptops, desktops, smartphones, and tablets against cyberattacks. Incident response Plan: The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber-attacks against an organization’s information systems(s). Business impact analysis: Predicts the consequences of a disruption to your business, and gathers information needed to develop recovery strategies. Disaster recovery: Understand the disaster recovery plan for the applications used to support our clients. Stakeholder management This role is a combination of technical and business acumen capable of communicating and advocating EY’s brand as it relates to the Information Security Program, across a wide range of stakeholders. This requires communication skills adaptable to the appropriate audiences that address different perspectives, goals, and levels of technical knowledge. It also requires the ability to gain trust and act as a trusted consultant and liaison between clients, account teams and EY internal security functions. Stakeholders include: Product/Application owners – responsible for the full lifecycle of a technology solution that fulfills a business need or objective. Client Security Assurance provide useful feedback from clients to further enhance their products/applications. Architects and Engineers – EY technology leaders who design and build solutions based on business requirements. Information Security Leadership Team – responsible for all matters for security related to the security program. Extended Security Team – responsible for specific domains such as Security Consulting, Application Security Compliance, Supplier Risk Assessment, Cyber Defense, Business Impact Analysis, Information Security Policies related to the security program. EY Partners and Account teams: Ultimately responsible for the relationship with EY clients and the selection and usage of the technology leveraged for their services and deliverables. EY Clients and Client Security Auditors – The ultimate customer for EY’s technology or service delivery who expect EY’s technology solutions to adequately protect their data and maintain appropriate service levels. The Client Security Assurance Senior Consultant will participate in number of client meetings with the engagement team to answer questions and provide clarification on how EY secure client information. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less