TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: GRC Desired Skill Set Any: Governance & Risk, Risk Assessment, Risk Management, GRC Archer, ITGC Control testing, Sox Experience Range: 4+ years Joining Location: PAN INDIA We are currently planning to do a Walk-In Interview on 14th June 2025 at TCS Pune Date – 14th June 2025 (Saturday) Venue -Tata Consultancy Services, Sahyadri Park SP1, A1 Auditorium & Zone 3, Rajiv Gandhi Infotech Park, Hinjewadi Phase 3, Pune - 411057 Job Description Role & Responsibilities: Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001) · SOX Testing for IT Controls · IT Compliance audits · Vendor Risk Assessments · Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures. · Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services · Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls Show more Show less

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cybersecurity Risk & Controls Assessor Job Description 1–3 years of experience in IT audit, IT risk assessment, or cybersecurity compliance. Experience supporting internal or external audits. Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA. Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security). Strong organizational and analytical skills; ability to work independently and within teams. Strong written and verbal communication skills, particularly around documentation of controls and findings. High attention to detail and ability to manage multiple concurrent assessments. Exposure to IAM systems, cloud security, or endpoint protection technologies. Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer). Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting. Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer). Senior Associate Qualifications 4-6 years of experience in IT audit, IT risk assessment, or cybersecurity compliance Experience supporting internal or external audits. Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA. Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security). Strong organizational and analytical skills; ability to work independently and within teams. Strong written and verbal communication skills, particularly around documentation of controls and findings. High attention to detail and ability to manage multiple concurrent assessments. Exposure to IAM systems, cloud security, or endpoint protection technologies. Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer). Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting. Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer). Key Responsibilities Assist in the execution of IT and cybersecurity control assessments based on regulatory, industry, and internal frameworks (e.g., NIST 800-53, ISO 27001, SOC 2). Collect and review evidence from system owners and control operators to support control testing and validation. Perform control testing and document results in line with internal assessment methodology. Collaborate with SMEs and business teams to understand technical implementations and control applicability. Identify control gaps, exceptions, or risk themes, and support remediation tracking. Support reporting of findings, risks, and recommendations to management and risk stakeholders. Maintain documentation for audit trails and ensure compliance with assessment timelines and procedures. Assist in the continuous improvement of assessment procedures and templates. Leverage tools such as ServiceNow, Archer, or custom GRC platforms for evidence tracking, issue logging, and reporting. Show more Show less

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology. Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments. Our Identity and Access Management Managed Services team helps organisations by designing and implementing end to end IAM programs, as well as providing ongoing operations support with continuous operational improvements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. Associate Qualifications Cybersecurity Inquiry & Response Analyst Job Description 1–3 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Senior Associate Qualifications 4-6 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Key Responsibilities Manage the intake and triage of cybersecurity-related inquiries from internal and external sources. Coordinate with subject matter experts (SMEs) to collect and validate evidence or control documentation. Draft and deliver clear, accurate responses to inquiries, following internal approval workflows. Track inquiry status, response times, and documentation in a centralized tracking system (e.g., ServiceNow, Jira). Identify trends or recurring inquiry themes and collaborate with teams to proactively address root causes. Ensure that all inquiry responses are compliant with internal policies and regulatory requirements (e.g., HIPAA, SOC 2, ISO 27001, NIST). Assist in developing and maintaining response templates, SOPs, and knowledge base articles. Support audit readiness by ensuring completeness of inquiry-related documentation and logs. Partner with cyber compliance, IAM, and GRC teams to improve the inquiry response lifecycle through automation or workflow enhancements. Show more Show less

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cyber Risk & ESG Integration Specialist Job Description 2–5 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Senior Associate Qualifications 5-7 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Key Responsibilities Support the design, implementation, and optimization of cyber development initiatives aligned with eSG strategic priorities. Conduct gap analyses and risk assessments to identify improvement opportunities in cyber governance, controls, and threat mitigation. Assist in the development and refinement of cybersecurity frameworks, policies, and digital trust strategies. Monitor emerging cyber threats, technologies, and regulatory requirements to ensure proactive compliance and defense. Collaborate with cross-functional teams (e.g., IT, legal, compliance, risk) to align cybersecurity goals with business objectives. Develop dashboards, KPIs, and metrics to track cybersecurity program effectiveness and reporting. Contribute to incident response planning and post-event reviews to improve cyber incident readiness. Support training and awareness programs for stakeholders on cybersecurity and digital governance topics. Show more Show less

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cyber Risk & ESG Integration Specialist Job Description 2–5 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Senior Associate Qualifications 5-7 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Key Responsibilities Support the design, implementation, and optimization of cyber development initiatives aligned with eSG strategic priorities. Conduct gap analyses and risk assessments to identify improvement opportunities in cyber governance, controls, and threat mitigation. Assist in the development and refinement of cybersecurity frameworks, policies, and digital trust strategies. Monitor emerging cyber threats, technologies, and regulatory requirements to ensure proactive compliance and defense. Collaborate with cross-functional teams (e.g., IT, legal, compliance, risk) to align cybersecurity goals with business objectives. Develop dashboards, KPIs, and metrics to track cybersecurity program effectiveness and reporting. Contribute to incident response planning and post-event reviews to improve cyber incident readiness. Support training and awareness programs for stakeholders on cybersecurity and digital governance topics. Show more Show less

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology. Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments. Our Identity and Access Management Managed Services team helps organisations by designing and implementing end to end IAM programs, as well as providing ongoing operations support with continuous operational improvements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. Associate Qualifications Cybersecurity Risk & Controls Assessor Job Description 1–3 years of experience in IT audit, IT risk assessment, or cybersecurity compliance. Experience supporting internal or external audits. Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA. Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security). Strong organizational and analytical skills; ability to work independently and within teams. Strong written and verbal communication skills, particularly around documentation of controls and findings. High attention to detail and ability to manage multiple concurrent assessments. Exposure to IAM systems, cloud security, or endpoint protection technologies. Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer). Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting. Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer). Senior Associate Qualifications 4-6 years of experience in IT audit, IT risk assessment, or cybersecurity compliance Experience supporting internal or external audits. Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA. Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security). Strong organizational and analytical skills; ability to work independently and within teams. Strong written and verbal communication skills, particularly around documentation of controls and findings. High attention to detail and ability to manage multiple concurrent assessments. Exposure to IAM systems, cloud security, or endpoint protection technologies. Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer). Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting. Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer). Key Responsibilities Assist in the execution of IT and cybersecurity control assessments based on regulatory, industry, and internal frameworks (e.g., NIST 800-53, ISO 27001, SOC 2). Collect and review evidence from system owners and control operators to support control testing and validation. Perform control testing and document results in line with internal assessment methodology. Collaborate with SMEs and business teams to understand technical implementations and control applicability. Identify control gaps, exceptions, or risk themes, and support remediation tracking. Support reporting of findings, risks, and recommendations to management and risk stakeholders. Maintain documentation for audit trails and ensure compliance with assessment timelines and procedures. Assist in the continuous improvement of assessment procedures and templates. Leverage tools such as ServiceNow, Archer, or custom GRC platforms for evidence tracking, issue logging, and reporting. Show more Show less

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology. Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments. Our Identity and Access Management Managed Services team helps organisations by designing and implementing end to end IAM programs, as well as providing ongoing operations support with continuous operational improvements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. Associate Qualifications Cyber Risk & ESG Integration Specialist Job Description 2–5 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Senior Associate Qualifications 5-7 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Key Responsibilities Support the design, implementation, and optimization of cyber development initiatives aligned with eSG strategic priorities. Conduct gap analyses and risk assessments to identify improvement opportunities in cyber governance, controls, and threat mitigation. Assist in the development and refinement of cybersecurity frameworks, policies, and digital trust strategies. Monitor emerging cyber threats, technologies, and regulatory requirements to ensure proactive compliance and defense. Collaborate with cross-functional teams (e.g., IT, legal, compliance, risk) to align cybersecurity goals with business objectives. Develop dashboards, KPIs, and metrics to track cybersecurity program effectiveness and reporting. Contribute to incident response planning and post-event reviews to improve cyber incident readiness. Support training and awareness programs for stakeholders on cybersecurity and digital governance topics. Show more Show less

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cybersecurity Inquiry & Response Analyst Job Description 1–3 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Senior Associate Qualifications 4-6 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Key Responsibilities Manage the intake and triage of cybersecurity-related inquiries from internal and external sources. Coordinate with subject matter experts (SMEs) to collect and validate evidence or control documentation. Draft and deliver clear, accurate responses to inquiries, following internal approval workflows. Track inquiry status, response times, and documentation in a centralized tracking system (e.g., ServiceNow, Jira). Identify trends or recurring inquiry themes and collaborate with teams to proactively address root causes. Ensure that all inquiry responses are compliant with internal policies and regulatory requirements (e.g., HIPAA, SOC 2, ISO 27001, NIST). Assist in developing and maintaining response templates, SOPs, and knowledge base articles. Support audit readiness by ensuring completeness of inquiry-related documentation and logs. Partner with cyber compliance, IAM, and GRC teams to improve the inquiry response lifecycle through automation or workflow enhancements. Show more Show less

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cybersecurity Inquiry & Response Analyst Job Description 1–3 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Senior Associate Qualifications 4-6 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Key Responsibilities Manage the intake and triage of cybersecurity-related inquiries from internal and external sources. Coordinate with subject matter experts (SMEs) to collect and validate evidence or control documentation. Draft and deliver clear, accurate responses to inquiries, following internal approval workflows. Track inquiry status, response times, and documentation in a centralized tracking system (e.g., ServiceNow, Jira). Identify trends or recurring inquiry themes and collaborate with teams to proactively address root causes. Ensure that all inquiry responses are compliant with internal policies and regulatory requirements (e.g., HIPAA, SOC 2, ISO 27001, NIST). Assist in developing and maintaining response templates, SOPs, and knowledge base articles. Support audit readiness by ensuring completeness of inquiry-related documentation and logs. Partner with cyber compliance, IAM, and GRC teams to improve the inquiry response lifecycle through automation or workflow enhancements. Show more Show less

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Associate Qualifications Cybersecurity Inquiry & Response Analyst Job Description 1–3 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Senior Associate Qualifications 4-6 years of experience in a cybersecurity, compliance, IT audit, or GRC support role. Understanding of cybersecurity principles and frameworks (e.g., NIST CSF, ISO 27001, SOC 2, HIPAA). Exposure to cybersecurity audits or assessments. Familiarity with IAM, Cloud Security, or SOC operations. Strong communication and documentation skills; ability to translate technical content into business language. Experience using ticketing, workflow, or GRC tools (e.g., ServiceNow, Jira, Archer). High attention to detail and ability to manage multiple tasks in a fast-paced environment. Strong problem-solving skills and willingness to learn across a wide range of cyber domains. Fundamental knowledge of data privacy and protection regulations (e.g., CCPA, GDPR). Key Responsibilities Manage the intake and triage of cybersecurity-related inquiries from internal and external sources. Coordinate with subject matter experts (SMEs) to collect and validate evidence or control documentation. Draft and deliver clear, accurate responses to inquiries, following internal approval workflows. Track inquiry status, response times, and documentation in a centralized tracking system (e.g., ServiceNow, Jira). Identify trends or recurring inquiry themes and collaborate with teams to proactively address root causes. Ensure that all inquiry responses are compliant with internal policies and regulatory requirements (e.g., HIPAA, SOC 2, ISO 27001, NIST). Assist in developing and maintaining response templates, SOPs, and knowledge base articles. Support audit readiness by ensuring completeness of inquiry-related documentation and logs. Partner with cyber compliance, IAM, and GRC teams to improve the inquiry response lifecycle through automation or workflow enhancements. Show more Show less

Responsibilities Design, implement, and maintain comprehensive cybersecurity measures for safeguarding systems, networks, and sensitive data. Administer and optimize cybersecurity infrastructure including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), privileged access management (PAM), and cloud security posture management (CSPM) platforms. Perform regular security assessments and audits to proactively identify vulnerabilities, prioritizing and addressing remediations. Continuously monitor network and system activity for suspicious behavior or potential threats, performing detailed risk analysis and incident investigation. Serve as a vital member of the Incident Response Team, effectively addressing cybersecurity breaches and minimizing business impact. Develop, document, and execute emergency response plans, disaster recovery protocols, and incident playbooks. Collaborate closely with IT teams and various business units to integrate robust security practices across the organization. Partner actively with the Security Operations team to stay ahead of emerging ransomware, phishing campaigns, and zero-day vulnerabilities, and implement appropriate preventive measures. Contribute to the creation, review, and enforcement of cybersecurity policies and procedures, ensuring compliance with applicable regulations and industry standards. Generate clear, concise, and timely reports on security posture, threats, incidents, and mitigation measures for senior management. Stay abreast of industry developments, emerging threats, innovative technologies, and best practices to continually enhance cybersecurity defenses. Recommend improvements to security architecture, technology adoption, and procedures based on threat intelligence and industry advancements. Perform additional cybersecurity-related duties as required. Basic Qualifications Minimum 3 years of experience in cybersecurity roles, with a solid understanding of network infrastructure and database security. Demonstrated proficiency in security technologies including firewalls, VPN, IDS/IPS, endpoint protection, encryption, and cloud security. Hands-on experience working in diverse environments such as cloud, hybrid-cloud, multi-cloud, and on-premises systems. Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory standards (e.g., GDPR, HIPAA). Strong analytical, critical thinking, and problem-solving capabilities. Excellent written and verbal communication skills in English, with proven ability to collaborate effectively across teams. Relevant industry certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) strongly preferred. Ability to travel domestically or internationally up to 10% as needed. Preferred Characteristics Bachelor’s or Master's degree in Computer Science, Information Security, or related technical fields. Experience securing Operational Technology (OT) systems in global manufacturing environments. Expertise in defending against sophisticated threats, including nation-state threat actors. Prior U.S. Security Clearance or experience in highly regulated environments. Familiarity and experience conducting audits and maintaining compliance with standards such as SOC, ISO 27001/27017/27018/27701, FedRAMP, SOX 404, HITRUST CSF, HIPAA, GxP, 21 CFR Part 11, EU Annex 11, and NIST guidelines. Proficiency in scripting languages such as Python, Shell, Ruby, or Perl. Previous experience in corporate IT, help desk, or infrastructure support roles. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Title: ServiceNow SIR Module Developer Job Summary: We are seeking a skilled ServiceNow SIR Module Developer to enhance and maintain our security incident response capabilities within the ServiceNow platform. The ideal candidate will have expertise in ServiceNow development, security operations, and automation of security workflows. Key Responsibilities: Develop, configure, and customize the ServiceNow Security Incident Response (SIR) module to meet business requirements. Implement automated workflows for security incident detection, response, and resolution. Integrate ServiceNow SIR with third-party security tools (SIEM, SOAR, threat intelligence platforms). Develop and maintain custom scripts using JavaScript and GlideScript. Ensure compliance with security best practices and regulatory requirements. Collaborate with security analysts and IT teams to optimize incident response processes. Perform ServiceNow upgrades, patching, and enhancements. Create and maintain technical documentation for configurations and workflows. Required Skills & Qualifications: ServiceNow intermediate-level developer (2-5 years) ServiceNow Security Operations modules ServiceNow scripting and Flow Designer/Workflow Editor experience ServiceNow ITIL Service Catalog ServiceNow Certified Developer Strong knowledge of ServiceNow Security Operations (SecOps), including SIR and Vulnerability Response modules. Proficiency in JavaScript, GlideScript, REST APIs, and SOAP web services. Experience with security automation and integrations. Excellent problem-solving and communication skills. Willing to work in night shift. Preferred Qualifications: Familiarity with ITIL processes and security frameworks (NIST, ISO 27001). EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Application Security Perform security reviews, code audits, and threat modeling of web and mobile applications. Work with DevOps and development teams to integrate secure coding practices and tools (e.g., SAST, DAST, SCA). Conduct penetration testing and vulnerability assessments on internal and external applications. Remediate OWASP Top 10 and other emerging threats. Infrastructure & Server Security Harden Linux and Windows servers following CIS/NIST benchmarks. Implement endpoint security solutions (AV, EDR, MDM). Monitor, detect, and respond to system anomalies and unauthorized access. Manage patching and update cycles in coordination with system teams. Network Security Secure network architecture, firewall policies, VPNs, NAT, and VLAN segmentation. Analyze and mitigate threats like DDoS, MITM, spoofing, etc. Configure and manage intrusion detection/prevention systems (IDS/IPS). Perform routine audits and packet-level analysis for suspicious activity. Cloud Security Secure cloud infrastructure (Alibaba Cloud/AWS/Azure/GCP). Manage IAM, WAF, Security Groups, and cloud-native threat detection tools. Audit and improve security configurations in containers, CI/CD pipelines, and serverless deployments. Monitoring, Audit, and Compliance Work closely with compliance teams to meet standards like SAMA-CSF, ISO 27001, and PCI-DSS . Implement and tune SIEM/SOAR systems for proactive monitoring and incident response. Maintain audit trails, security reports, and logs for investigations and audits. Qualifications & Requirements Bachelor’s degree in computer science, Cybersecurity, or a related field. 4+ years of experience in cybersecurity roles with exposure to infrastructure and application security. Proficiency in tools like Burp Suite, Nessus, Wireshark, Nmap, Suricata, OSSEC/Wazuh, etc. Strong knowledge of TCP/IP, Linux security, cloud security, and secure coding principles. Experience with at least one cloud platform (Alibaba Cloud preferred). Familiarity with regulatory and compliance standards in the GCC region is a plus. Security certifications such as CEH, OSCP, CISSP, or CISM are a plus. Preferred Strong problem-solving and analytical skills. Ability to work under pressure in a fast-paced environment. Excellent communication skills to interface with technical and non-technical stakeholders. Self-motivated and able to work independently or as part of a team. Minimum 5 + yrs of exp as security specialists Job Types: Full-time, Permanent Pay: ₹2,000,000.00 per year Benefits: Health insurance Leave encashment Paid sick time Provident Fund Schedule: Day shift Monday to Friday Morning shift Education: Bachelor's (Preferred) Experience: Information security: 5 years (Preferred) audit: 4 years (Preferred) Compliance management: 4 years (Preferred) SoC: 1 year (Preferred) Work Location: In person

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills and Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. We are looking for a motivated and detail-oriented SOC Analyst to join our Security Operations Center team. As a first line of defense, you will be responsible for monitoring, detecting, and responding to security events and alerts in real-time. This is an excellent opportunity for individuals looking to start or grow their career in cybersecurity. Key Responsibilities As an active member of the team, monitor and process response for security events on a 24x7 basis. Perform initial triage, analysis and respond to a security Incident Escalate incidents based on Severity and established protocols Document security incidents and investigation thoroughly Leverage automation and orchestration solutions to automate repetitive tasks. Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships. Coordinate incident response activities across multiple independently managed environments and security teams. Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, Public Cloud, and networking, to offer global solutions for a complex heterogeneous environment. Utilize multiple security/threat intelligence tools and resources to understand threats. Analyze and respond to minor and major incidents, reported SPAM and Phishing e-mails. Partner with the detection engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities. Support 24/7 operations Perform other duties as assigned Skills and Qualifications Strong knowledge of network, backend systems, operating systems, applications, and web services in a manner that allows for the interaction of all as it relates to security and services. 2+ Years as an incident responder Ability to apply analytical expertise and critical thinking to security incidents Ability to assimilate, understand and utilize various security technologies Ability to collaborate within a geographically distributed team of Incident Response Analysts Demonstrated team or functional leadership experience Experience processing and analyzing intelligence in support of management decision making Current Information Security related certification preferred. Current Public cloud related certification preferred. Knowledge of relevant information security and incident response frameworks such as NIST Cyber Security Framework, MITRE ATT&CK Framework. Strong communication skills and ability to work in a collaborative atmosphere Strong attention to detail Ability to deal with ambiguity and translate high level objectives into detailed tasks Ability to prioritize work with multiple, simultaneous work assignments. Ability and willingness to learn new tools and processes. Experience documenting business processes or technical procedures preferred. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Work Location: In person

Security Specialist Brennan. Where true performance thrives. At Brennan, we believe that how technology is delivered is every bit as important as what the technology is. We focus on creating real and relevant value for customers with solutions that fit their specific needs and always reflect their true interests. It’s a claim backed by our True Performance System – a way of working engineered to get us closer, and deliver better, for our customers and their actual experience of technology. Why join Brennan True performance for our customers starts with a true belief in our people. It’s why we’ve structured our business to help our teams, and their talents, shine bright. It's why we’ve created a workplace where people of all backgrounds, beliefs and experiences are welcomed and empowered. And it’s why we’ve built an organisation where real innovation makes a genuine impact and generates true rewards for our team members. True rewards In addition to competitive remuneration, Brennan offers extensive benefits, including: Training and certification bonuses Culture Awards that recognise excellence Brennan Daredevils – our annual, all-expenses paid trip awarded to our top performers and outstanding contributors Vibrant, fun social activities. An environment that embraces learning and development The Role This is a new role within Brennan, and its primary purpose is to support the current CISO, Security Team, and IT Operations Team in ensuring that Brennan is able to deliver to internal and external stakeholders with a high level of operational efficiency and efficacy, with the required security posture. This role requires a person who brings a security-centric mindset to the team, to ensure that Brennan’s governance, protection and defence, detection and response activities are being executed consistently and in alignment with obligations. Role Responsibilities Governance: Ensuring that scheduled and periodic security hygiene activities are completed on time and to expectations, aligned with ISO27001 and NIST CSF frameworks. Protection & Defence: Ensuring that the suite of security platforms used within Brennan are maintained to design, updated to meet requirements, and delivering on objectives. Detection & Response: Working with Brennan’s own SOC and other monitoring teams to ensure that detections are triaged and handled with the required level of rigour and responsiveness This role requires a strong understanding of a broad range of IT and Security technologies, with the ability to work across teams to achieve desired outcomes. The role includes an element of “hands-on” activities and is well supported by a range of IT and Security teams who also operate the IT and OT systems within Brennan. In order to deliver the right security outcomes for Brennan the role requires an eye for detail, and a desire for continual improvement. It requires excellent written and verbal communication skills in order to build relationships across Brennan, which will enable you to be a trusted source for security advice within the business. Key Competencies and Qualifications required Maintenance and upkeep of key security technologies; Completion of scheduled and ad hoc security related tasks across the Brennan network; Reporting and assessment of security-related metrics and outcomes; Working with IT (including OT and Network Teams) on a day to day basis to ensure agreed and desired outcomes are met; Liaising with security and IT leadership to ensure that the security program is run to design and requirement; Maintaining a relationship with other internal teams to foster an open and transparent relationship; Responding to automatically detected and manually notified alerts, and working those incidents based on documented and understood incident response processes; Providing subject matter expertise to colleagues and projects outside of the immediate role; Participate in sharing knowledge with other Brennan team members including preparing and reviewing documentation for same. Brennan is an equal opportunity employer.

Job Title: SOC Analyst Job Summary: We are seeking a dedicated and skilled SOC Analyst to support our Security Operations Center (SOC). The ideal candidate will have strong analytical skills, a deep understanding of cybersecurity threats, and experience in security incident response. This role requires hands-on experience with security tools, cloud platforms, and process improvement methodologies. Key Responsibilities: Monitor, analyze, and respond to security incidents in real-time. Conduct forensic investigations, root cause analysis, and develop remediation strategies. Work with at least 1 cloud security (AWS, Azure, or GCP) to ensure a secure infrastructure. Ensure compliance with security policies, standards, and regulatory requirements. Stay updated with emerging threats, vulnerabilities, and cybersecurity trends. Required Qualifications & Skills: Strong communication skills (verbal and written) to effectively convey security issues and solutions. Strong analytical thinking and intellectual integrity to make data-driven security decisions. Experience in Cybersecurity, Threat Intelligence, Incident Response, and Incident Handling. Hands-on experience with security engineering and forensic investigations. Familiarity with security tools including Splunk, Jira, CrowdStrike, and WIZ. Experience working with at least 1 cloud platforms AWS / Azure / GCP. Basic knowledge of Windows and Unix environments. Strong understanding of OSI Model, TCP/IP Protocols, and network security. Preferred Qualifications: Industry certifications such as Google Cybersecurity Professional Training. Familiarity with compliance frameworks such as NIST, ISO 27001.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. About the job As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we don't just focus on who you are now, but who you can become. We believe that it’s your career and ‘It’s yours to build’ which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. About EY-Parthenon EY-Parthenon is a leading global strategy consulting organization, providing deep sector expertise and strategic insights to help clients navigate complex business challenges. We offer a dynamic work environment that fosters innovation and growth, with a strong emphasis on client impact and personal development. Within SaT – EY Parthenon, the Transaction Strategy and Execution team services clients with a full range of hands-on, operationally focused support and advice across the transaction life cycle, across buyers and sellers. We cover a wide range of operational aspects, including divestiture advisory services, carve-out readiness and support, operational due diligence, synergy assessment and delivery, day-one readiness assessment, 100- day planning, integration process support, carve-out/stand-alone costs assessment and risks, and cost reduction. Our professionals work on transactions and business development across the globe. GDS SaT – Transaction Strategy and Execution – Deal Tech - IT Infrastructure - Manager, India The Opportunity EY-Parthenon’s GDS Transaction Strategy and Execution (TSE) Technology team helps clients with IT-related aspects of M&A transactions: IT diligence: EY-Parthenon professionals evaluate a target's IT infrastructure & Cyber security to help clients assess its attractiveness. Deal tech: The TSE Technology team assesses the technology ecosystem and its role in M&A transactions. Infrastructure: Managing IT due diligence, sign-to-close, and post-integration activities from an IT Infrastructure perspective EY-Parthenon’s GDS TSE Technology professionals help clients navigate transaction risk and increase value from the beginning of a deal to its execution. This role requires prior expertise in managing complex IT integrations, separations, and transitions during mergers, acquisitions with extensive knowledge of IT systems, Datacentre, Cloud, Networking, Microsoft 365 and IT Security. Key Responsibilities Manage large to mid-sized engagements or workstreams of large engagements that help our clients solve some of their most pressing issues during transaction lifecycle. Support key decision makers in developing and executing their transaction strategy to secure deal value. Lead projects that span one or more IT Infrastructure (Hosting, Network, Digital Workplace, Messaging & Collaboration, Active Directory, Service Excellence) and cyber security (identifying vulnerabilities, risks, and gaps) functions in both deal and non-deal environments. Manage engagements, problem-solve, facilitate, ensure engagement success, and quality in delivery, Establish regular connectivity and reporting to the regional TSE partners. Build relationships with EY offices across the globe. Responsible for high degree of GDS user satisfaction with engagement processes and work products Assist in business development activities, including preparing internal materials, GTM content and presentations for client and internal pursuit meetings, engage on larger SaT projects and pitch for potential technology interventions. Ability to analyse the evolving market environment and build solutions / services to cater to the same. Develop Point of View documents and support business development initiatives Provide insights and observations based on technology, industry and functional knowledge and best practices. Leverage expertise in transactions, synergy assessments, and deal implementation on transactions related projects Conduct IT due diligence to assess the IT infrastructure of target companies, including hardware, software, networks, datacentres, and cybersecurity. Develop IT integration plans and roadmaps that align with the overall deal strategy and business objectives. Collaborate with cross-functional teams to ensure seamless IT integration during the sign-to-close phase. Manage the execution of IT integration projects, ensuring they are completed on time, within budget, and to the required quality standards. Identify risks and issues related to IT infrastructure during the deal process and develop mitigation strategies. Provide expertise in IT infrastructure optimization and consolidation post-deal closure. Lead IT infrastructure transitions during M&A, including cloud and datacentre migration, network integration, and identity management, ensuring minimal disruption and security compliance. Oversee Microsoft 365 migration, service desk consolidation, and IT monitoring to enable seamless post-transaction operations. Establish and maintain communication with key stakeholders to provide updates on project status and resolve any concerns. Ensure compliance with regulatory requirements and company policies throughout the deal process. Document lessons learned and best practices to improve future IT deal processes Skills and attributes for success Business and Commercially Driven - work in a fast-paced, exciting environment with strong business acumen to drive value to our clients Capability Development - contribute to our practice development initiatives, supporting the continued focus on our team as a great place to work Learning - learn and develop technical and personal skills to support achievement of career goals, through a blend of structured learning, coaching and experiences Building Relationships - cultivate strong working relationships with clients and support to key decision makers To qualify for the role, you must have A post Graduate degree in business management from a premier institute with 5-8 years of applicable consulting experience At least 4 years of experience in Transaction Strategy, Technology Strategy or Technology Transformation in a top tier consulting firm Lead large IT project execution experience with in-depth knowledge of IT project life cycles. Broad knowledge and deep understanding of one or more technical areas such as Infrastructure and Network, Cyber Security Framework (e.g., NIST, ISO 27001, GDPR, HIPAA), Solution Architecture / Pre-Sales, IT Contracts Management, Enterprise Architecture, Cloud / On-premise Technology etc. Experience in Technology aspects of Transaction lifecycle during Mergers, Acquisitions, Divestitures, and Carveouts. Due Diligence: Working experience in Due Diligence, particularly IT Due Diligence, Cyber Diligence, and Technology Diligence. Post-Deal transaction lifecycle: Working experience in post-deal lifecycle for Sell and Separate and Buy and Integrate transactions: Separation / Integration planning, Standalone models and Costing, Infrastructure Separation, Cutover Management, TSA Costing and Exit, Day-1 planning, and Logical Separation Technology Strategy: Experience in Technology Cost optimization, Technology Business Management, IT Budget forecasting, IT Chargeback, Cloud Economics, Cloud Financial Management, IT Value realization, IT Org sizing Experienced in Business Development activities such as RFPs, opportunity pursuits, winning large to mid-sized deals Strong leadership and team management abilities, with experience in building and motivating high-performing teams Exceptional communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels Good to have relevant certifications (e.g., AWS/Azure/GCP Solution Architect, PMP, ITIL, MCSE, CCNA) What you can look for A Team of people with commercial acumen, technology experience and enthusiasm to learn new things in this fast-moving environment An opportunity to be a part of market-leading, multi-disciplinary team of 3,500+ professionals Opportunities to work with EY SaT practices globally with leading businesses across a range of industries What We Offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Requisition Id : 1578685 As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we don't just focus on who you are now, but who you can become. We believe that it’s your career and ‘It’s yours to build’ which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. The opportunity : Consultant-TMT-Assurance-ASU - TR - Technology Risk - Chennai TMT : Industry convergence offers TMT (Technology, Media & Entertainment, and Telecommunications) organizations the chance to evolve and transform, but it also presents challenges around competitiveness and delivering agile corporate strategies for growth. We help TMT companies create compelling employee and customer experiences, retaining skills and talent while achieving enterprise-wide operational excellence. We help them guard their data, brand and reputation. We also enable the pursuit of M&A strategies that methodically create value, reduce risk and transform TMT companies into powerhouses that will lead the technology revolution of the future – building a better working world for all. ASU - TR - Technology Risk : Assurance’s purpose is to inspire confidence and trust to enable a complex world to work. We do so by protecting and serving the public interest, promoting transparency, supporting investor confidence and economic growth and fostering talent to provide future business leaders. We help clients by: 1) Ensuring their accounts comply with the requisite audit standards 2) Providing a robust and clear perspective to audit committees and 3) Providing critical information for stakeholders. Our Service Offerings include External Audit, Financial Accounting Advisory Services (FAAS), IFRS & US GAAP conversion, IPO and other public offering, Corporate Treasury - IFRS 9 accounting & implementation support etc. Your key responsibilities Technical Excellence Working with clients on SOCR and FAIT (Financial Audit Integration) engagements Sharp focus on ITGC Testing Deep knowledge in OS, Network, DB and ERP control testing Process narrative documentation Deep understanding of Compliance subjects (SOCR, FAIT, NIST, ISO and other Info Sec related compliance requirements) Understanding and performing of Testing methodologies Report writing Teaming skills related to on-site delivery Client interation and expectation management Skills and attributes To qualify for the role you must have Qualification BCOM, BCA, BSC, BE/ B.Tech,, or MSC in Computer Science Experience 3 - 6 years of relevant experience What we look for People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach. What we offer With more than 200,000 clients, 300,000 people globally and 33,000 people in India, EY has become the strongest brand and the most attractive employer in our field, with market-leading growth over compete. Our people work side-by-side with market-leading entrepreneurs, game- changers, disruptors and visionaries. As an organisation, we are investing more time, technology and money, than ever before in skills and learning for our people. At EY, you will have a personalized Career Journey and also the chance to tap into the resources of our career frameworks to better know about your roles, skills and opportunities. EY is equally committed to being an inclusive employer and we strive to achieve the right balance for our people - enabling us to deliver excellent client service whilst allowing our people to build their career as well as focus on their wellbeing. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Join us in building a better working world. Apply now.

About Radian Generation Radian Generation is a global provider of critical technology-forward services designed specifically to support the comprehensive lifecycle of renewable facilities—including solar, wind, and energy storage. Who We Serve Radian Generation’s wide range of commercial, technical, and compliance services provide developers, owners, and operators with critical insights into each aspect of their assets to make better-informed decisions. Radian Generation is committed to supporting greater diversity in the renewable energy industry. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. JOB SUMMARY The SOC L1 position involves supporting the protection and monitoring of critical infrastructure from cyber threats within the security operations center. This role contributes to the continuous operation and resilience of industrial control systems (ICS) and Operational Technology (OT) environments by assisting in incident response, threat analysis, and the application of security measures specifically designed for renewable energy generators’ OT networks. ROLE AND RESPONSIBILITIES Monitor OT networks for security threats and vulnerabilities, assisting in incident responses. Manage user provisioning, including creating and maintaining user accounts, modifying permissions, and managing access control lists. Execute standard operating procedures and adhere to company policies. Maintain system integrity through routine management of backup and recovery services, file and disk management, and virus protection. Engage with internal and external stakeholders to troubleshoot and resolve issues, ensuring timely resolution. Perform design, implementation, and administration of complex computing environments in power generation, involving systems like Windows servers and workstations, network and security hardware from Hirschmann, Palo-Alto, and Cisco, communications via ISP services, storage solutions such as SQL and historians, and substation hardware including SEL, along with UPS and PDU systems. Evaluate and review host, system, and network configurations for newly acquired sites, recommending improvements. Regularly review security, antivirus, traffic, and event logs to ensure optimal operation and security compliance. Report on project & ticket statuses and participate in staff and client meetings as required. Execute assigned work orders, including support tickets and project tasks, to fulfill obligations under Managed Services Provider (MSP) and Managed Security Services Provider (MSSP) contracts for both new and existing customer facilities. Perform routine and scheduled maintenance, address break/fix issues, act as a subject matter expert for programs and products offered and respond to emergent conditions across the fleet. Execute vulnerability assessments using scanning software, implement mitigation plans for vulnerabilities, and review security, antivirus, traffic, and event logs. Adhere to cybersecurity and information security procedures, guidelines, and policies, and edit Access Control Lists and security policies. QUALIFICATIONS: Technical degree or 3 years of relevant OT experience; direct or indirect service experience preferred. Experience in NERC CIP-regulated environments, compliance programs, or standard-driven environments such as PCI-DSS, NIST, ISO-27001. Knowledgeable in server hardware, OS management, networking, cybersecurity, and data storage and recovery. Strong analytical skills with the ability to manage multiple tasks and remain calm under pressure. Effective communication and organizational skills, with a proven ability to work collaboratively and make decisions independently. WORKING CONDITIONS: Floating Role: This position is based in India and requires flexibility to adapt to various schedules as needed. Shift Work: This role operates on a PM shift as part of a 24/7 operation center, requiring staff to work evenings into late nights, including weekends and holidays. PREFERRED EXPERIENCE: Experience working in a SOC, NOC, or similar operation center. Background in network and infrastructure design, deployment, or maintenance, with a focus on power generation, especially renewable energy. Work experience in at least one of the following areas:- SCADA and SCADA historian design, deployment, or maintenance

Development, implementation, monitoring, maintenance, and management of threats, security controls, processes, procedures and systems. Provides trusted advisor overview and management for information security projects and technical requirements. Provides threat management support for firewalls, intrusion detection systems, enterprise anti-virus, web application firewalls, and log monitoring tools. Manages internal/external vulnerability management program and oversight for code reviews or application security scan reviews as part of the Application Security management program. Manages the company’s Incident Response process in coordination with managed SOC vendor to monitor and respond to security alerts from all assets storing, processing, transmitting company confidential/sensitive data including PCI and PII data assets. Provides technical expertise in support of information technology assessments, penetration tests, and/or audits (PCI/SOX/HIPAA/other) of organizational automated systems and processes and will play a critical role in designing, maintaining and enhancing our organization's cybersecurity posture. Works closely with cross-functional teams to identify and implement robust security measures, detect, and respond to security incidents, and ensure the overall integrity and confidentiality of our systems and data. Essential Duties and Responsibilities Other duties may be assigned. In the event of absence, duties for this position will be overseen by the position to which it reports. Conducts analysis, develops technical and programmatic assessments, evaluates security engineering and integration initiatives and provides technical support to facilitate compliance with security policies, procedures, standards and guidelines. Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Analyze and review recent industry breaches for preventive cyber breach strategies. Provide threat intelligence research related to malware/virus identification. Responsible for reviewing and approving corporate, PCI In-scope firewall requests and WAF changes; perform WAF tuning as necessary. Monitor, report, and aid in the resolution of all security-related problems and discrepancies by monitoring assigned systems, maintaining documentation and provide management and any other appropriate areas with reporting as requested. Manage WAF, intrusion detection systems and in coordination with vendor SOC, ensure sufficient coverage to monitor PCI, PII, and all other assets storing, processing, transmitting company confidential/sensitive data. Ensure alerts from current and future systems are properly designed and monitored. Manage internal/external vulnerability management program and as appropriate expand scope of vulnerability scans, application/network penetration tests to cover enterprise and all systems/environments storing, processing, transmitting company confidential/sensitive data. Monitor intelligence sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization's information and systems, and advise management of appropriate measures to eliminate or reduce the organization's risk or exposure to such vulnerabilities. Performs both internal/external vulnerability scanning and penetration testing. Analyzes information from those scans, as well as penetration tests, to mitigate and help IT stakeholders address system vulnerabilities. Provide technical support/oversight for code reviews or App scan reviews as part of Application Security management program. Provide technical support/oversight for security exception request process. Provide technical support for incident management and forensics. Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those tools and techniques that have the potential to improve the organization's ability to protect its information and infrastructure. Assist in the development of appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization. Provide expertise to support timely resolution of findings from information technology assessments, penetration tests, and/or audits of organizational automated systems and processes; as appropriate, develop and communicate recommendations for improvement to management. Provide reporting metrics/create and maintain dashboards for department functions. Proficient in the use of Word, Excel. Assist manager/director in planning, time budgeting and scheduling work for completion. Participate in opportunities that enhance personal and professional growth and the accomplishment of career objectives through continuing education, seminars and participation in field-related professional organizations. Accountable for execution of assigned tasks from start to finish, while fully leveraging the disciplines expected of a cybersecurity engineer according to department standards, procedures and processes. Stay current with emerging issues affecting the Cybersecurity profession. Qualifications (Include Education and Specific Experience) Strong understanding of data network configuration and infrastructure concepts, including TCP/IP, DNS, routers, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes. Knowledge of cloud security concepts (Azure/AWS). Strong experience with IT security standards and best practice frameworks. (like ISO 27001/27002, NIST/NIST CSF, ITIL, PCI, SOX) In depth experience working with internet and web application security frameworks like SANS, OWASP. Detailed technical knowledge of hardening concepts and audit for Unix, Linux, Windows servers and desktop systems, AWS EC2 instances. Excellent understanding of common application, network, and operating system vulnerabilities, current threat vectors and mitigations. Strong working knowledge of networking, routing, protocols, ports and services. Working knowledge of System Information Event Monitoring (SIEM), Intrusion Detection and Prevention System (IDS/IPS), web application firewalls, vulnerability scanning tools, encryption capabilities, Network Access Controls (NAC), Data Loss Prevention (DLP), NMAP, Vulnerability scanners, Wireshark, and other security related tools Experience working with leading security WAF like Akamai, Cloudflare. Experience working with logging and file integrity monitoring tools like LogRhythm, NXLog, Splunk. Demonstrated experience in conducting security assessments. Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet, and other mobile device security issues; OS patching, hardening and anti-virus. Ability to work with subject matter experts and 3rd party MSSP to coordinate activities to complete security related projects or tasks in a timely manner. Proficient with programming logic concepts, scripting experience (like Python, JavaScript, PowerShell) Strong communication and teamwork skills to collaborate with cross-functional teams and convey complex security concepts to non-technical stakeholders. Security certifications like CEH or CISSP are desired. • Bachelor’s degree in Computer Science, Information Security Management, Engineering or equivalent is required. • 3-5 years of experience in network and application security in a multiple operating system environment. Job Type: Full-time Pay: ₹7,000.00 - ₹20,000.00 per month Schedule: Monday to Friday Night shift US shift Work Location: In person

Job requisition ID :: 81455 Date: Jun 8, 2025 Location: Coimbatore Designation: Consultant Entity: SOX,Cloud,Data Management IT/IS controls Testing and Assurance Design and execute controls testing strategies to evaluate the design adequacy and operating effectiveness of controls. Testing Approach Review and Process Documentation Develop methods to monitor and measure risk, compliance, and assurance efforts. Create test plan, test scripts etc. to support the delivery of controls assurance objectives. Prepare detailed testing documentation, workpapers and reports to highlight findings and recommendations. Collaborate with various departments for control walkthroughs, sampling, evidence collection etc. Maintain up-to-date knowledge of industry standards and best practices related to controls testing. Review existing Risk control testing approach and methodology used by client to identify areas for improvement based on IT risk & control frameworks and industry good practices. Develop templates to facilitate the control testing and the documentation and reporting of the control testing outputs in line with the refined control testing approach and methodology Liaise with designated stakeholders to identify the prioritised set of controls and document repeatable test scripts for testing design effectiveness (“DE”) and operational effectives (“OE”) of prioritised IT and IS controls. Experience in Cyber/ IS/ IT risk and control testing, Cyber Risk and compliance. Understanding and experience on ISMS, NIST, COBIT standards or equivalent security frameworks Knowledge/ Experience in GRC tools such as Service now, archer etc. Knowledge/ Experience on cyber compliance regulations - RBI, SEBI, Cert-in. Industry knowledge would be a added advantage

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. GDS SaT – EYP IDD IT – Cyber - Manager – India Competitive business today is all about making intelligent, informed decisions. As a Manager within EY GDS SaT you will help make that happen. You will be an important part of our diversely talented, highly experienced Cyber team and work at the forefront of high-profile transactions. The cyber team is part of the Integrated due diligence (IDD) team which is a competency within SaT EYP. GDS EYP IDD has a market-leading proposition to create and maximize value for our clients, whether they are acquiring or divesting assets, or undertaking operational restructuring. The opportunity Cyber team of EYP IDD competency works on the most complex and high-profile global transactions, across a broad portfolio of clients and industry sectors. We are a group of experienced cyber professionals bringing deep sector and functional knowledge to our clients. As a team, we provide variety of cyber services to our clients helping them with during the transaction life cycle i.e. Predeal, sign to close and post deal stages of any transaction. We offer services like Cyber due diligence, Cyber security (Maturity) assessment, Cyber Red flag assessment, Cyber PMO support for Buy & Integrate / Sell & Separate projects, Target operating model (ToM), etc. We prepare and execute separation and integration plans, identify ideas and sources of value enhancement, as well as advise on risk mitigation. Your key responsibilities As a Manager of Integrated due diligence function, you will be a vital member of the team supporting global EY practice teams to sell, manage and execute Cybersecurity focused projects. Lead client conversations and meetings, guide and mentor junior team members, understand the business requirements in transactions space and develop new cyber services to support the growth of cyber team. Part of your role will also involve developing experience across a range of different type of engagements, including pre-deal (e.g. Cyber due diligence, remediation cost estimates, Security spend benchmarking) and post-deal (e.g. integration / separation planning, Day 1 readiness, TSA support, project tracking etc). Having a commercial mind-set is key to this consulting-based role. Conduct security assessments, identify gaps and red flags assessing client’s on prem / cloud hosted applications, data and infrastructure Conduct research on deep and dark web using various open-source intelligence (OSINT) tools to reveal potential data breaches, provide recommendations and roadmap to mitigate the security gaps. Develop assessment reports, target operating models, target state security strategy, security roadmaps, data privacy and protection assessment reports, Day one readiness plans, 100 days plan, benchmarking analysis from security costing perspectives. You will be exclusively focused on supporting transactions from a Cybersecurity perspective pre and post deal working primarily with Private Equity and Corporate clients executing deal mandates. You will be a vital member of the team advising clients across all industries and sectors. Supporting key decision makers in developing and executing strategies for transactions. You will work in a transaction environment operating under tight M&A timeframes and demands. Develop strong relationships with regional EYP practice teams and establish yourself as a trusted point of contact. You will also assist in aspects of business origination, including pitches and presentations, and attending meetings with clients to generate new business opportunities. Demonstrate strong knowledge in the Information and Cyber security and Data privacy area. Should be able to translate Cyber and data privacy risks in business language for business leaders at client side. Experience on strategic consulting engagements developing detailed, compelling and analytical PowerPoint/Word/Excel/Visio deliverables to convey complex thoughts and ideas. Skills and attributes for success Experience in a range of different type of engagements, including pre-deal (e.g. operational Cyber due diligence, carve-out planning), post-deal (e.g. integration planning, tracking) and restructuring (e.g. rapid cost reduction). Lead work-streams comprising members of the client and colleagues from our transactions and advisory practices. Lead meetings with senior client stakeholders to advise, shape and drive the strategy and planning for pre-deal diligence, integration, carve-out / separation and operational restructuring. Contribute to our practice development initiatives, supporting the continued focus on our team as a great place to work. Have innovative mindset to think out of the box for development of new services as per client needs Act as a role model and support development of junior team members, coupled with the recruitment and training responsibilities. Be flexible to support for broader IT, Cyber & Operational transaction work. Willingness to undertake international travel as per business requirement To qualify for the role, you must have 10-14 years with technical experience in information and cybersecurity management, security testing, privacy and data protection, IT Audits etc B Tech / M. Tech. / MCA/MBA /PGDM (part time / full time) from a reputed institute with a technology background. Excellent presentation and analytical skills to produce quality presentations for client executives. A leading cybersecurity qualification, such as CISSP, CISA, CCSP, CISM or ISO 27001 ISMS. Well versed with cybersecurity and privacy requirements as defined in GDPR & CCPA. Practical exposure to security framework and standards such as PCI, NIST & CIS, ISO 27001. Good understanding about cloud security risks and controls. Hands-on experience with internal/external security audits assessment and readiness around SOC 1, SOC 2 or SOX controls. In-depth knowledge on various security platforms and technologies such as DLP, Firewalls, Vulnerability Scanning, Penetration Testing & Security Incident Response. Ideally, you’ll also have Project management skills Strong communication and presentation skills with proven experience of producing high quality reports, papers, presentations and thought leadership Program and project management expertise with demonstrable experience in managing and being responsible for the delivery of successful cyber programs • What we offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Description The role of Senior Network Security Engineer is to design, implement, maintain and improve security compliance protecting our organization's network infrastructure from Cyber Threats, vulnerabilities, and unauthorized access. This role is primarily responsible for rolling our network security monitoring and visibility tools like Arista, Gigamon, Viavi, Plixer and NDR. This focuses on ensuring that security technologies are optimized for detecting, preventing, and responding to security threats in real-time. This also involves collaboration with Network engineers, IT, and security operations to deploy and support enterprise-level Cyber security platforms and solutions. Responsibilities Define and enforce network security policies, standards, and best practices. Setup network port, IP, rack and stack the hardware for the network visibility tools like Arista, Gigamon & Viavi. Design, deploy, and manage security solutions such as firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and endpoint protections. Conduct regular security assessments, vulnerability scans, and penetration tests to identify and mitigate risks. Monitor network activity, analyse traffic logs, and investigate security incidents or breaches. Perform root cause analysis on incidents and coordinate incident response and remediation efforts to improve security posture and prevent security breaches. Maintain and update security documentation, including policies, incident reports, and network diagrams. Build observability dashboard on the health of the network monitoring tools and the traffic visibility on various network infrastructure and tools. Collaborate with stakeholders, network and cross-functional teams to align security with organizational goals and compliance requirements. Lead or participate in security projects, disaster recovery planning, and business continuity initiatives. Stay updated on emerging threats, vulnerabilities, and security technologies, and recommend improvements. Optimize network security tools and platforms for performance and effectiveness, ensuring they meet compliance and organizational requirements. Maintain comprehensive documentation for network configurations, troubleshooting guides, and operational procedures. Qualifications Technical Skills: Experience with IDS/IPS, and security frameworks (e.g., NIST, ISO 27001). Strong scripting skills in Python, PowerShell, or Bash for automation and tool integration. Experience in Cloud security tools and platforms (GCP, AWS, Azure) and DevOps. Experience in Observability tools (Dynatrace, Splunk, Prometheus Grafana). Understanding of the SIEM tools (e.g., Splunk, QRadar, SecOps or equivalent) Familiarity with ITSM processes, Agile practices, ServiceNow, JIRA. Proficiency with network monitoring tools such as Gigamon, Viavi, Arista or equivalent, NDR tools like Arista, Cisco or equivalent, NetOps like Plixer and SIEM tools like (e.g., Splunk, QRadar, SecOps or equivalent). Strong experience in rack & stack and rolling out network security tools and architecting various tools to build an optimized solution. Strong knowledge of network architectures, protocols (TCP/IP, UDP), routing, switching, and load balancing. Expertise in firewall technologies (e.g., Check Point, Cisco, Fortinet), VPNs (SSL, IPSec), authentication protocols (LDAP, RADIUS), load balancers and cloud security. Experience: Bachelor's or Master’s degree in Computer Science, Information Security, or related field, or equivalent practical experience. Minimum 5-10 years of experience in network engineering and security management. Proven experience in managing security platforms and tools in a large, complex environment. Experience with Network security, analysis, and response, including knowledge of common attack vectors. Certifications: Relevant certifications such as CISSP, CEH, CCNA/CCNP Security, NSE (Fortinet), or equivalent. Cybersecurity certificates (preferred) Show more Show less