Job Description This specialist combines expertise in cybersecurity and AI/ML to design, implement, and maintain security frameworks, ensuring the integrity, confidentiality, and compliance of AI-driven solutions throughout their lifecycle. This also involves collaboration with cross-functional, stakeholders and AI Engineers to build and deploy enterprise-wide AI security framework. Responsibilities Design and maintain structured guidelines and controls to secure AI systems, covering data protection, model security, and compliance requirements. Evaluate and utilize established frameworks such as Google’s Secure AI Framework (SAIF), NIST AI Risk Management Framework, or the Framework for AI Cybersecurity Practices (FAICP) as references or baselines. Identify, assess, and mitigate security risks specific to AI, including adversarial attacks, data poisoning, model inversion, and unauthorized access. Conduct regular vulnerability assessments and penetration testing on AI models and data pipelines. Ensure data used in AI systems is encrypted, anonymized, and securely stored. Implement robust access controls (e.g., RBAC, ABAC, Zero Trust) for sensitive AI data and models Protect AI models from tampering, theft, or adversarial manipulation during training and deployment. Monitor and log AI system activity for anomalies or security incidents Develop and enforce policies to ensure AI systems adhere to industry regulations, ethical standards, and organizational governance requirements. Promote transparency, explainability, and fairness in AI models. Establish real-time monitoring and advanced threat detection for AI systems. Develop and maintain an AI incident response plan for prompt mitigation and recovery. Educate teams on AI security best practices and foster a security-aware culture. Collaborate with IT, data science, compliance, and business units to align AI security with organizational goals. Qualifications Technical Skills: Strong understanding of AI/ML concepts, architectures, and security challenges. Strong programming skills in Python, R, or similar languages. Strong experience in Google Cloud Platform (GCP) or equivalent. Solid understanding of machine learning algorithms, neural networks, NLP, and computer vision. Experience with cloud AI/ML services and deployment pipelines is a plus. Experience with security frameworks (e.g., SAIF, NIST, FAICP) and regulatory compliance. Proficiency in data protection techniques, encryption, and secure access management. Familiarity with adversarial machine learning, model hardening, and input sanitization. Knowledge of incident response, monitoring tools, and threat intelligence platforms. Excellent communication and documentation skills for policy development and stakeholder engagement. Experience: Bachelor’s or Master’s degree in computer science, Data Science, Engineering, or a related field. 5+ years in AI/ML roles, including hands-on model development and deployment. Track record of delivering AI solutions that drive business value. Certifications: Relevant certifications such as CAISF, AICERTs, AI for Cybersecurity Specialization or equivalent. GCP Cloud certification or equivalent in AWS or Azure (preferred). Cybersecurity certificates (preferred). Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

JOB PURPOSE: The Head of mXDR Operations is responsible for leading and managing the operational aspects of cybersecurity at the airport, including oversight of the Managed Security Services Provider (MSSP) delivering SOC operations, Threat Hunting, Detection & Prevention, and Incident Response. The role also encompasses direct accountability for Information Security Operations covering both IT and OT (Operational Technology) domains, ensuring a unified and effective defense posture against cyber threats in a critical infrastructure environment. PRINCIPAL ACCOUNTABILITIES: SOC & mXDR Oversight Lead daily operations and governance of MSSP-managed Security Operations Center (SOC) and mXDR services. Review and validate alerts, use cases, playbooks, and tuning recommendations submitted by MSSP. Define and track service level agreements (SLAs), mean time to detect/respond (MTTD/MTTR), and other performance KPIs. Ensure continuous coverage across IT, cloud, and OT assets within the SOC’s visibility and telemetry scope. Collaborate with MSSP to plan capability upgrades (e.g., EDR, NDR, cloud telemetry integration). Optimize the performance of managed XDR solutions to proactively identify and mitigate risks. Monitor and evaluate partner performance, addressing any issues related to quality, cost, or delivery. Threat Hunting & Detection Engineering Guide the proactive hunting of threats across endpoints, networks, OT environments, and cloud workloads. Review hunting hypotheses and analytics built on threat intelligence, behavior analytics, and anomaly detection. Oversee development and refinement of detection rules, correlation logic, and behavioral models. Drive periodic reviews of MITRE ATT&CK coverage and detection effectiveness. Support threat simulation and emulation exercises (e.g., purple teaming) to enhance detection posture. Incident Response & Management Ensure a well-defined incident response plan is in place and regularly tested through simulations. Continuously improve detection and response capabilities based on threat intelligence and industry trends. Conduct post-incident reviews to identify lessons learned and improve processes. Act as the lead coordinator for high-severity and regulatory-reportable cyber incidents. Ensure MSSP follows incident response procedures and escalates as per predefined thresholds. Maintain and test incident response playbooks, RACI charts, and communication protocols. Coordinate evidence collection, forensic analysis, and root cause investigations. Oversee the implementation and verification of post-incident recovery and lessons learned. OT Cybersecurity Operations Work with the ICS Security SME to oversee deployment and operations of OT-specific security controls (e.g., ICS firewalls, passive monitoring). Support ICS Security SME in working with OT vendors and facilities teams to ensure security of SCADA, BMS, and other critical systems. Track vulnerabilities in OT assets and coordinate with ICS Security SME and stakeholders for safe remediation. Monitor lateral movement risks between IT and OT environments and enforce network segmentation. Ensure OT environments are covered in threat detection, logging, and alerting workflows. Information Security Operations Manage day-to-day internal security operations including DLP, endpoint protection, and access monitoring. Review all Change Requests and provide insight & recommendations ensuring CRs/amendments are fit for purpose, negotiated and executed by working with all stakeholders. Ensure critical patches, vulnerabilities, and security misconfigurations are tracked and remediated. Maintain visibility of high-value assets and enforce control compliance (e.g., logging, backup, access). Investigate user behavior anomalies and enforce insider threat detection measures. Coordinate identity and access management reviews for privileged and third-party access. Governance, Reporting & Compliance Generate monthly and quarterly dashboards covering alerts, incidents, SLAs, and threat trends. Report on MSSP adherence to contract deliverables, including risk exposure and gap analysis. Manage escalations as per contracted frameworks. Ensure unresolved escalations are tabled in governance forums and taken up for resolution. Drive the resolution of such escalations by working with all concerned stakeholders Coordinate with compliance teams for audits and regulatory inspections related to cybersecurity. Contribute to cyber risk assessments for critical airport systems and digital services. Ensure alignment with international frameworks (e.g., NIST CSF, ISO 27001, NIS2) and aviation-specific mandates. Strategic Leadership Provide strategic direction and leadership to the MSSP, fostering a culture of excellence and continuous improvement. Drive innovation in information security solutions and practices, ensuring the organization remains competitive and forward-looking. Act as a key advisor on Information Security matters, contributing to strategic decision-making. DIMENSIONS: Financial Optimize operational expenses while delivering high-value outcomes through effective vendor negotiations. Support financial risk mitigation by safeguarding against data breaches, penalties, and other cyber-related losses. Non-Financial Manage the MSSP (both remote and no-premises resources) with day-to-day tasks, review, and guidance on in-scope activities. Assess the skills, capabilities & expectations of the MSSP from time to time and work with MSSP management for right sourcing in BIAL account. Provide inputs on team capacity planning & hiring plans if any Lead and mentor MSSP team, fostering a high-performing team culture. Enhance the organization's ability to respond to and recover from cyber incidents effectively. Competency - Proficiency Level - Description: Cybersecurity Operations - Expert - Deep knowledge in SOC, SIEM, XDR, endpoint, network, and cloud security Threat Detection & Threat Hunting - Advanced - Experience in proactively identifying advanced threats and anomalies Incident Response & Forensics - Advanced - Skilled in leading structured incident response and root cause analysis OT Security - Intermediate - Understanding of OT systems and securing industrial environments Vendor & MSSP Management - Advanced - Strong experience in managing MSSP contracts and delivery governance Information Security Frameworks - Advanced - ISO 27001, NIST, MITRE ATT&CK, CIS Controls Communication & Reporting - Advanced - Capable of translating technical issues into business impact for leadership Risk Management & Compliance - Intermediate - Knowledge of regulatory and critical infrastructure compliance requirements Team Leadership & Collaboration - Advanced - Experience in leading internal security teams and cross-functional teams JOB SPECIFICATION: Knowledge and work skills: Comprehensive understanding of cybersecurity frameworks, technologies, and methodologies (e.g., NIST CSF, ISO 27001, MITRE ATT&CK, ITIL v3, PMP, TOGAF, ISO 20k & 27k and COBIT). Expertise in managed XDR operations, incident response, threat intelligence, and identity management. Familiarity with security architecture principles, ICS/OT security frameworks, and industrial protocols. Adequate knowledge of regulatory standards applicable to the industry. Proficient in process improvement and development practices Strong knowledge of SLA & service management, and operations management. Knowledge with InfoSec tools like: AV/EDR, Data Leakage Prevention, Metasploit, TripWire, Rapid7, Tenable, Snort, Nessus, Burp Suite, Appscan, Nmap, Wireshark, Firewalls, SIEM, SOAR, , SSE, CASB, PIM/PAM, WAF, O365 suite (Intune, Conditional access, Data classification and protection). Skills Minimum 10–12 years of experience in cybersecurity operations, with at least 5 years in a leadership or MSSP governance role. Experience in driving initiatives centered on continuous improvement, innovation, execution excellence, customer centricity and automation Analytical and problem-solving skills for assessing threats, vulnerabilities, and risks in complex environments. Exceptional communication and stakeholder management skills to influence decision-making and secure buy-in. Proven ability to lead cross-functional teams. Ability to build and maintain relationships with internal teams, partners, and external vendors. Qualifications Bachelor’s degree in computer science, Information Security, or a related field (Master’s degree preferred). Certifications such as CISSP, CISM, CISA, CEH, or equivalent are highly desirable. **Please note that this position requires 5 days work from Office. Show more Show less

We are seeking a highly skilled and motivated Cyber Security Engineer to join our dynamic team. In this role, you will be responsible for developing, implementing, and managing security measures to protect our clients’ sensitive data and ensure compliance with regulatory requirements, including HIPAA and NIST frameworks. The ideal candidate will have a strong background in cybersecurity, with deep expertise in HIPAA compliance , NIST standards , and relevant industry best practices. Key Responsibilities: Security Design & Implementation: Design, implement, and maintain secure network systems, applications, and infrastructure for client environments, ensuring compliance with HIPAA and NIST standards. Risk Assessment & Vulnerability Management: Perform regular risk assessments and vulnerability testing to identify potential threats to systems and data. Develop and implement remediation strategies. Compliance & Documentation: Ensure all security processes and activities are aligned with HIPAA, NIST, and other relevant industry standards. Maintain comprehensive documentation related to security policies, incidents, and procedures. Incident Response & Monitoring: Monitor systems for security breaches and respond to security incidents swiftly, following best practices for remediation. Lead the investigation and analysis of security incidents, including forensic analysis. Policy & Process Development: Develop and implement security policies, procedures, and practices that align with HIPAA and NIST guidelines. Collaborate with other teams to ensure that security is integrated across all operations. Security Audits & Reporting: Perform periodic security audits and assessments to evaluate the effectiveness of security controls. Prepare reports for internal stakeholders and regulatory bodies as needed. Collaboration & Training: Work closely with IT, operations, and management teams to ensure cybersecurity best practices are followed across the organization. Provide training and awareness programs on security protocols and compliance. Required Skills & Experience: Proven experience in cybersecurity roles with a focus on HIPAA compliance and NIST cybersecurity frameworks . In-depth knowledge of industry regulations, including HIPAA, NIST, PCI DSS, and other security standards . Strong experience with security technologies (firewalls, intrusion detection/prevention systems, VPNs, etc.). Familiarity with cloud security platforms and services (AWS, Azure, Google Cloud). Hands-on experience with security monitoring tools and SIEM solutions (Splunk, Sentinel, etc.). Expertise in encryption technologies, vulnerability management, and identity access management. Proficiency in security best practices and disaster recovery planning. Strong analytical and problem-solving skills with attention to detail. Ability to work under pressure, manage multiple tasks, and meet deadlines. Preferred Qualifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified HIPAA Professional (CHP) Experience with incident management and recovery procedures. Familiarity with security automation and orchestration tools. Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

Company Overview We are a fast-growing technology consulting firm specialising in cybersecurity solutions. With a global client base and a strong technical team, we’re looking for an Inside Sales Executive who can take our growth to the next level. About the Role: We are seeking a highly motivated and energetic Inside Sales Executive to join our growing cybersecurity business. You will play a pivotal role in identifying, qualifying, and nurturing leads, driving sales pipeline, and closing business deals by showcasing the value of our cybersecurity solutions to potential customers. What You’ll Do 🔹 Identify and connect with potential B2B clients via cold calls, emails, LinkedIn, and other digital platforms 🔹 Understand client needs and align them with the right solutions 🔹 Schedule demos and technical discussions with presales/solution consultants 🔹 Maintain accurate and up-to-date records in CRM (e.g., Zoho) 🔹 Follow up on inbound leads and conduct discovery calls 🔹 Collaborate with marketing and presales teams on campaigns and proposals 🔹 Consistently meet or exceed monthly/quarterly targets 🔹 Build and nurture long-term client relationships What We’re Looking For ✅ 2–5 years of experience in inside sales, preferably in IT or cybersecurity ✅ Strong communication and consultative selling skills ✅ Familiarity with cybersecurity frameworks like ISO 27001, NIST is a plus ✅ Proficiency in CRM tools like Zoho ✅ Self-driven, target-oriented, and eager to grow ✅ Bachelor’s degree in Business, IT, or related field Why Join Us? Work with cutting-edge cybersecurity technologies Fast-track growth opportunities Collaborative and open culture Exposure to global clients Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. We are looking for a motivated and detail-oriented SOC Analyst to join our Security Operations Center team. As a first line of defense, you will be responsible for monitoring, detecting, and responding to security events and alerts in real-time. This is an excellent opportunity for individuals looking to start or grow their career in cybersecurity. Key Responsibilities As an active member of the team, monitor and process response for security events on a 24x7 basis. Perform initial triage, analysis and respond to a security Incident Escalate incidents based on Severity and established protocols Document security incidents and investigation thoroughly Leverage automation and orchestration solutions to automate repetitive tasks. Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships. Coordinate incident response activities across multiple independently managed environments and security teams. Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, Public Cloud, and networking, to offer global solutions for a complex heterogeneous environment. Utilize multiple security/threat intelligence tools and resources to understand threats. Analyze and respond to minor and major incidents, reported SPAM and Phishing e-mails. Partner with the detection engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities. Support 24/7 operations Perform other duties as assigned Skills And Qualifications Strong knowledge of network, backend systems, operating systems, applications, and web services in a manner that allows for the interaction of all as it relates to security and services. 2+ Years as an incident responder Ability to apply analytical expertise and critical thinking to security incidents Ability to assimilate, understand and utilize various security technologies Ability to collaborate within a geographically distributed team of Incident Response Analysts Demonstrated team or functional leadership experience Experience processing and analyzing intelligence in support of management decision making Current Information Security related certification preferred. Current Public cloud related certification preferred. Knowledge of relevant information security and incident response frameworks such as NIST Cyber Security Framework, MITRE ATT&CK Framework. Strong communication skills and ability to work in a collaborative atmosphere Strong attention to detail Ability to deal with ambiguity and translate high level objectives into detailed tasks Ability to prioritize work with multiple, simultaneous work assignments. Ability and willingness to learn new tools and processes. Experience documenting business processes or technical procedures preferred. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.” Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills And Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.” Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Title : Regional Client Security Assurance Lead Sub Function: Client Security Assurance Objectives of the role The Regional Client Security Assurance Lead, Associate Director, plays a pivotal role in leading a team responding to security risk assessments and due diligence exercises from clients in the IN/MENA region. This position requires extensive collaboration with various global and local functional teams, such as Data Protection, Risk Management, Compliance, Counsel, Procurement, Information Security, Technology, and EY service lines. This role is responsible for leading and supporting client and regulatory inquiries about EY’s Global Information Security program. It assists EY client engagement teams by addressing client requests regarding how EY secures our client information using comprehensive technical controls and governance processes in line with EY Global Information Security requirements. This position involves managing multiple requests and responsibilities while supporting complex security assessments throughout various stages of the engagement life cycle. Additionally, it requires staying current with updates in EY's Information Security posture and technology offerings, thereby contributing to business growth and the development of new business opportunities. Key Responsibilities The Regional Client Security Assurance Lead serves as a dependable client security relationship manager for key EY clients throughout the client engagement lifecycle, aiming to sustain and expand business operations. Furthermore, this position involves leading a team, projects, performing data analytics, and management of operational processes within IN/MENA Client Security Assurance. Team Lead: Lead team members to foster career growth and help them become knowledgeable about the EY Information Security Program and facilitate client security assessments. Implement operating model for the IN/MENA Client Security Assurance team in alignment with our business objectives. Drive the Evolution of Client Security Assurance: Actively participate in the development, implementation, and ongoing enhancement of the Client Security Assurance function in alignment with industry best practices. Facilitate Security Assessments: Act as a key resource for client and engagement teams by providing expert guidance on inbound security assessments related to EY’s Global Information Security Program, fostering trust and confidence in the EY Global Information Security Program, and the controls in place to protect data along with safeguarding the confidentiality of our security controls. This also helps build EY’s reputation and brand in the market. Clearly communicate with clients and their appointed auditors, pertinent and appropriate details of the EY Global Information Security Program. Provide critical support to EY’s approach to winning new business and sustaining existing business relationships. Provide consulting services to account teams related to client security assessments and their Supplier Risk Management framework. Meet with Clients: Participate in client meetings as an Information Security representative, supporting EY account teams by addressing client inquiries related to the EY Global Information Security Program. Support Request for Proposal (RFP) process: Partner with client engagement teams to support the RFP process by addressing information security questions to help secure more business for EY. Engage with Regulators: Support inquiries and assessments from select local regulators, highlighting EY's commitment to transparency and compliance in governance processes, technologies, and information security controls. Qualifications Minimum ten years of recent progressive IT security compliance, risk management or related IT security experience with a large IT organization; preferably within a professional service firm, software product, cloud-based solutions, or other companies serving clients that are highly regulated entities. Bachelor’s degree from an accredited college or university is preferred. A good understanding of cloud infrastructure, networking, modern software development and technical security controls is required. Strong executive presence, negotiation, presentation, and communication skills are required. Excellent analytical and problem-solving skills to assess and solve complex security issues. Ability to work and navigate through EY’s Global firm understanding diverse perspectives and global client requirements. Ability to maintain calm during client assessments and respond to questions consistently and confirming internally the accuracy of responses before presenting them. Proven experience in client-facing roles, particularly in handling security assessments, ideally from client inquiries, but can also be the result of experience performing security assessment of suppliers. Demonstrated ability to adopt and strive for continuous process improvement, particularly in resulting from the innovation and integration of new technologies. Excellent collaboration skills, with the ability to engage effectively with cross-functional teams and stakeholders. Knowledge of various information security frameworks such as ISO27001/2, AICPA System and Organization Controls (SOC) Reports (SOC1, SOC2, and SOC3), NIST, COBIT and relevant regulatory requirements such as GDPR. Certifications such as CISSP, CISM, CISA, ISO 27001 Auditor, CRISC, CIPP are preferred. Keep up to date with industry trends, emerging technologies and best practices. Good understanding in the following concepts and domains: Governance Risk and Compliance: A system that ensures that organizations enforce governance, implement risk management strategies, and ensure regulatory compliance. Multitier Network Architecture: A design separating resources between the Internet and the internal infrastructure, incorporating multiple network layers. For on-premise solutions, this includes a DMZ (Demilitarized Zone) architecture. In cloud environments, it involves a combination of Network Security Groups (NSG), Virtual Networks (VNETs), IP-based restrictions on connections between resources, and Web Application Firewalls (WAF). Cloud security architecture: Cloud security architecture's purpose is to provide a structured framework for securing data, applications, and infrastructure in cloud environments. It includes the definition of security principles and a governance framework for all cloud services and applications from development through production. Distinction of Cloud Service Models such as IaaS, PaaS and SaaS and shared responsibility matrix: Infrastructure as a Service (IaaS): IaaS provides on-demand access to virtualized computing infrastructure, including servers, storage, and networking, allowing subscribers to build and manage their own applications, operating systems, and data while the cloud provider manages the underlying infrastructure. Platform as a Service (PaaS): PaaS offers a platform for developers to build, deploy, and manage applications without the need to manage the underlying operating systems and infrastructure. Software as a Service (SaaS): SaaS delivers software applications to users over the internet, allowing them to access and use the software without installing or managing it on their own devices. We will be dependent on the SaaS providers for the security controls to protect EY and client information. Application security: Measures taken to protect software applications from threats and vulnerabilities that can compromise the confidentiality, integrity, or availability of the data. Identity and access management: Includes use of authentication mechanisms, authorization measures, and privileged account management. Encryption standards: Standards for cryptography, used to protect data-at-rest and data-in-transit as well as provide a means of validating the authenticity, non-repudiation, and integrity of data. Endpoint security capabilities: Standards to protect endpoints such as laptops, desktops, smartphones, and tablets against cyberattacks. Incident response Plan: The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber-attacks against an organization’s information systems(s). Business impact analysis: Predicts the consequences of a disruption to your business, and gathers information needed to develop recovery strategies. Disaster recovery: Understand the disaster recovery plan for the applications used to support our clients. Stakeholder management This role is a combination of technical and business acumen capable of communicating and advocating EY’s brand as it relates to the Information Security Program, across a wide range of stakeholders. This requires communication skills adaptable to the appropriate audiences that address different perspectives, goals, and levels of technical knowledge. It also requires the ability to gain trust and act as a trusted consultant and liaison between clients, account teams and EY internal security functions. Stakeholders include: Product/Application owners – responsible for the full lifecycle of a technology solution that fulfills a business need or objective. Client Security Assurance provide useful feedback from clients to further enhance their products/applications. Architects and Engineers – EY technology leaders who design and build solutions based on business requirements. Information Security Leadership Team – responsible for all matters for security related to the security program. Extended Security Team – responsible for specific domains such as Security Consulting, Application Security Compliance, Supplier Risk Assessment, Cyber Defense, Business Impact Analysis, Information Security Policies related to the security program. EY Partners and Account teams: Ultimately responsible for the relationship with EY clients and the selection and usage of the technology leveraged for their services and deliverables. EY Clients and Client Security Auditors – The ultimate customer for EY’s technology or service delivery who expect EY’s technology solutions to adequately protect their data and maintain appropriate service levels. The Client Security Assurance Senior Consultant will participate in number of client meetings with the engagement team to answer questions and provide clarification on how EY secure client information. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Title : Regional Client Security Assurance Lead Sub Function: Client Security Assurance Objectives of the role The Regional Client Security Assurance Lead, Associate Director, plays a pivotal role in leading a team responding to security risk assessments and due diligence exercises from clients in the IN/MENA region. This position requires extensive collaboration with various global and local functional teams, such as Data Protection, Risk Management, Compliance, Counsel, Procurement, Information Security, Technology, and EY service lines. This role is responsible for leading and supporting client and regulatory inquiries about EY’s Global Information Security program. It assists EY client engagement teams by addressing client requests regarding how EY secures our client information using comprehensive technical controls and governance processes in line with EY Global Information Security requirements. This position involves managing multiple requests and responsibilities while supporting complex security assessments throughout various stages of the engagement life cycle. Additionally, it requires staying current with updates in EY's Information Security posture and technology offerings, thereby contributing to business growth and the development of new business opportunities. Key Responsibilities The Regional Client Security Assurance Lead serves as a dependable client security relationship manager for key EY clients throughout the client engagement lifecycle, aiming to sustain and expand business operations. Furthermore, this position involves leading a team, projects, performing data analytics, and management of operational processes within IN/MENA Client Security Assurance. Team Lead: Lead team members to foster career growth and help them become knowledgeable about the EY Information Security Program and facilitate client security assessments. Implement operating model for the IN/MENA Client Security Assurance team in alignment with our business objectives. Drive the Evolution of Client Security Assurance: Actively participate in the development, implementation, and ongoing enhancement of the Client Security Assurance function in alignment with industry best practices. Facilitate Security Assessments: Act as a key resource for client and engagement teams by providing expert guidance on inbound security assessments related to EY’s Global Information Security Program, fostering trust and confidence in the EY Global Information Security Program, and the controls in place to protect data along with safeguarding the confidentiality of our security controls. This also helps build EY’s reputation and brand in the market. Clearly communicate with clients and their appointed auditors, pertinent and appropriate details of the EY Global Information Security Program. Provide critical support to EY’s approach to winning new business and sustaining existing business relationships. Provide consulting services to account teams related to client security assessments and their Supplier Risk Management framework. Meet with Clients: Participate in client meetings as an Information Security representative, supporting EY account teams by addressing client inquiries related to the EY Global Information Security Program. Support Request for Proposal (RFP) process: Partner with client engagement teams to support the RFP process by addressing information security questions to help secure more business for EY. Engage with Regulators: Support inquiries and assessments from select local regulators, highlighting EY's commitment to transparency and compliance in governance processes, technologies, and information security controls. Qualifications Minimum ten years of recent progressive IT security compliance, risk management or related IT security experience with a large IT organization; preferably within a professional service firm, software product, cloud-based solutions, or other companies serving clients that are highly regulated entities. Bachelor’s degree from an accredited college or university is preferred. A good understanding of cloud infrastructure, networking, modern software development and technical security controls is required. Strong executive presence, negotiation, presentation, and communication skills are required. Excellent analytical and problem-solving skills to assess and solve complex security issues. Ability to work and navigate through EY’s Global firm understanding diverse perspectives and global client requirements. Ability to maintain calm during client assessments and respond to questions consistently and confirming internally the accuracy of responses before presenting them. Proven experience in client-facing roles, particularly in handling security assessments, ideally from client inquiries, but can also be the result of experience performing security assessment of suppliers. Demonstrated ability to adopt and strive for continuous process improvement, particularly in resulting from the innovation and integration of new technologies. Excellent collaboration skills, with the ability to engage effectively with cross-functional teams and stakeholders. Knowledge of various information security frameworks such as ISO27001/2, AICPA System and Organization Controls (SOC) Reports (SOC1, SOC2, and SOC3), NIST, COBIT and relevant regulatory requirements such as GDPR. Certifications such as CISSP, CISM, CISA, ISO 27001 Auditor, CRISC, CIPP are preferred. Keep up to date with industry trends, emerging technologies and best practices. Good understanding in the following concepts and domains: Governance Risk and Compliance: A system that ensures that organizations enforce governance, implement risk management strategies, and ensure regulatory compliance. Multitier Network Architecture: A design separating resources between the Internet and the internal infrastructure, incorporating multiple network layers. For on-premise solutions, this includes a DMZ (Demilitarized Zone) architecture. In cloud environments, it involves a combination of Network Security Groups (NSG), Virtual Networks (VNETs), IP-based restrictions on connections between resources, and Web Application Firewalls (WAF). Cloud security architecture: Cloud security architecture's purpose is to provide a structured framework for securing data, applications, and infrastructure in cloud environments. It includes the definition of security principles and a governance framework for all cloud services and applications from development through production. Distinction of Cloud Service Models such as IaaS, PaaS and SaaS and shared responsibility matrix: Infrastructure as a Service (IaaS): IaaS provides on-demand access to virtualized computing infrastructure, including servers, storage, and networking, allowing subscribers to build and manage their own applications, operating systems, and data while the cloud provider manages the underlying infrastructure. Platform as a Service (PaaS): PaaS offers a platform for developers to build, deploy, and manage applications without the need to manage the underlying operating systems and infrastructure. Software as a Service (SaaS): SaaS delivers software applications to users over the internet, allowing them to access and use the software without installing or managing it on their own devices. We will be dependent on the SaaS providers for the security controls to protect EY and client information. Application security: Measures taken to protect software applications from threats and vulnerabilities that can compromise the confidentiality, integrity, or availability of the data. Identity and access management: Includes use of authentication mechanisms, authorization measures, and privileged account management. Encryption standards: Standards for cryptography, used to protect data-at-rest and data-in-transit as well as provide a means of validating the authenticity, non-repudiation, and integrity of data. Endpoint security capabilities: Standards to protect endpoints such as laptops, desktops, smartphones, and tablets against cyberattacks. Incident response Plan: The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber-attacks against an organization’s information systems(s). Business impact analysis: Predicts the consequences of a disruption to your business, and gathers information needed to develop recovery strategies. Disaster recovery: Understand the disaster recovery plan for the applications used to support our clients. Stakeholder management This role is a combination of technical and business acumen capable of communicating and advocating EY’s brand as it relates to the Information Security Program, across a wide range of stakeholders. This requires communication skills adaptable to the appropriate audiences that address different perspectives, goals, and levels of technical knowledge. It also requires the ability to gain trust and act as a trusted consultant and liaison between clients, account teams and EY internal security functions. Stakeholders include: Product/Application owners – responsible for the full lifecycle of a technology solution that fulfills a business need or objective. Client Security Assurance provide useful feedback from clients to further enhance their products/applications. Architects and Engineers – EY technology leaders who design and build solutions based on business requirements. Information Security Leadership Team – responsible for all matters for security related to the security program. Extended Security Team – responsible for specific domains such as Security Consulting, Application Security Compliance, Supplier Risk Assessment, Cyber Defense, Business Impact Analysis, Information Security Policies related to the security program. EY Partners and Account teams: Ultimately responsible for the relationship with EY clients and the selection and usage of the technology leveraged for their services and deliverables. EY Clients and Client Security Auditors – The ultimate customer for EY’s technology or service delivery who expect EY’s technology solutions to adequately protect their data and maintain appropriate service levels. The Client Security Assurance Senior Consultant will participate in number of client meetings with the engagement team to answer questions and provide clarification on how EY secure client information. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Role Title : Regional Client Security Assurance Lead Sub Function: Client Security Assurance Objectives of the role The Regional Client Security Assurance Lead, Associate Director, plays a pivotal role in leading a team responding to security risk assessments and due diligence exercises from clients in the IN/MENA region. This position requires extensive collaboration with various global and local functional teams, such as Data Protection, Risk Management, Compliance, Counsel, Procurement, Information Security, Technology, and EY service lines. This role is responsible for leading and supporting client and regulatory inquiries about EY’s Global Information Security program. It assists EY client engagement teams by addressing client requests regarding how EY secures our client information using comprehensive technical controls and governance processes in line with EY Global Information Security requirements. This position involves managing multiple requests and responsibilities while supporting complex security assessments throughout various stages of the engagement life cycle. Additionally, it requires staying current with updates in EY's Information Security posture and technology offerings, thereby contributing to business growth and the development of new business opportunities. Key Responsibilities The Regional Client Security Assurance Lead serves as a dependable client security relationship manager for key EY clients throughout the client engagement lifecycle, aiming to sustain and expand business operations. Furthermore, this position involves leading a team, projects, performing data analytics, and management of operational processes within IN/MENA Client Security Assurance. Team Lead: Lead team members to foster career growth and help them become knowledgeable about the EY Information Security Program and facilitate client security assessments. Implement operating model for the IN/MENA Client Security Assurance team in alignment with our business objectives. Drive the Evolution of Client Security Assurance: Actively participate in the development, implementation, and ongoing enhancement of the Client Security Assurance function in alignment with industry best practices. Facilitate Security Assessments: Act as a key resource for client and engagement teams by providing expert guidance on inbound security assessments related to EY’s Global Information Security Program, fostering trust and confidence in the EY Global Information Security Program, and the controls in place to protect data along with safeguarding the confidentiality of our security controls. This also helps build EY’s reputation and brand in the market. Clearly communicate with clients and their appointed auditors, pertinent and appropriate details of the EY Global Information Security Program. Provide critical support to EY’s approach to winning new business and sustaining existing business relationships. Provide consulting services to account teams related to client security assessments and their Supplier Risk Management framework. Meet with Clients: Participate in client meetings as an Information Security representative, supporting EY account teams by addressing client inquiries related to the EY Global Information Security Program. Support Request for Proposal (RFP) process: Partner with client engagement teams to support the RFP process by addressing information security questions to help secure more business for EY. Engage with Regulators: Support inquiries and assessments from select local regulators, highlighting EY's commitment to transparency and compliance in governance processes, technologies, and information security controls. Qualifications Minimum ten years of recent progressive IT security compliance, risk management or related IT security experience with a large IT organization; preferably within a professional service firm, software product, cloud-based solutions, or other companies serving clients that are highly regulated entities. Bachelor’s degree from an accredited college or university is preferred. A good understanding of cloud infrastructure, networking, modern software development and technical security controls is required. Strong executive presence, negotiation, presentation, and communication skills are required. Excellent analytical and problem-solving skills to assess and solve complex security issues. Ability to work and navigate through EY’s Global firm understanding diverse perspectives and global client requirements. Ability to maintain calm during client assessments and respond to questions consistently and confirming internally the accuracy of responses before presenting them. Proven experience in client-facing roles, particularly in handling security assessments, ideally from client inquiries, but can also be the result of experience performing security assessment of suppliers. Demonstrated ability to adopt and strive for continuous process improvement, particularly in resulting from the innovation and integration of new technologies. Excellent collaboration skills, with the ability to engage effectively with cross-functional teams and stakeholders. Knowledge of various information security frameworks such as ISO27001/2, AICPA System and Organization Controls (SOC) Reports (SOC1, SOC2, and SOC3), NIST, COBIT and relevant regulatory requirements such as GDPR. Certifications such as CISSP, CISM, CISA, ISO 27001 Auditor, CRISC, CIPP are preferred. Keep up to date with industry trends, emerging technologies and best practices. Good understanding in the following concepts and domains: Governance Risk and Compliance: A system that ensures that organizations enforce governance, implement risk management strategies, and ensure regulatory compliance. Multitier Network Architecture: A design separating resources between the Internet and the internal infrastructure, incorporating multiple network layers. For on-premise solutions, this includes a DMZ (Demilitarized Zone) architecture. In cloud environments, it involves a combination of Network Security Groups (NSG), Virtual Networks (VNETs), IP-based restrictions on connections between resources, and Web Application Firewalls (WAF). Cloud security architecture: Cloud security architecture's purpose is to provide a structured framework for securing data, applications, and infrastructure in cloud environments. It includes the definition of security principles and a governance framework for all cloud services and applications from development through production. Distinction of Cloud Service Models such as IaaS, PaaS and SaaS and shared responsibility matrix: Infrastructure as a Service (IaaS): IaaS provides on-demand access to virtualized computing infrastructure, including servers, storage, and networking, allowing subscribers to build and manage their own applications, operating systems, and data while the cloud provider manages the underlying infrastructure. Platform as a Service (PaaS): PaaS offers a platform for developers to build, deploy, and manage applications without the need to manage the underlying operating systems and infrastructure. Software as a Service (SaaS): SaaS delivers software applications to users over the internet, allowing them to access and use the software without installing or managing it on their own devices. We will be dependent on the SaaS providers for the security controls to protect EY and client information. Application security: Measures taken to protect software applications from threats and vulnerabilities that can compromise the confidentiality, integrity, or availability of the data. Identity and access management: Includes use of authentication mechanisms, authorization measures, and privileged account management. Encryption standards: Standards for cryptography, used to protect data-at-rest and data-in-transit as well as provide a means of validating the authenticity, non-repudiation, and integrity of data. Endpoint security capabilities: Standards to protect endpoints such as laptops, desktops, smartphones, and tablets against cyberattacks. Incident response Plan: The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of malicious cyber-attacks against an organization’s information systems(s). Business impact analysis: Predicts the consequences of a disruption to your business, and gathers information needed to develop recovery strategies. Disaster recovery: Understand the disaster recovery plan for the applications used to support our clients. Stakeholder management This role is a combination of technical and business acumen capable of communicating and advocating EY’s brand as it relates to the Information Security Program, across a wide range of stakeholders. This requires communication skills adaptable to the appropriate audiences that address different perspectives, goals, and levels of technical knowledge. It also requires the ability to gain trust and act as a trusted consultant and liaison between clients, account teams and EY internal security functions. Stakeholders include: Product/Application owners – responsible for the full lifecycle of a technology solution that fulfills a business need or objective. Client Security Assurance provide useful feedback from clients to further enhance their products/applications. Architects and Engineers – EY technology leaders who design and build solutions based on business requirements. Information Security Leadership Team – responsible for all matters for security related to the security program. Extended Security Team – responsible for specific domains such as Security Consulting, Application Security Compliance, Supplier Risk Assessment, Cyber Defense, Business Impact Analysis, Information Security Policies related to the security program. EY Partners and Account teams: Ultimately responsible for the relationship with EY clients and the selection and usage of the technology leveraged for their services and deliverables. EY Clients and Client Security Auditors – The ultimate customer for EY’s technology or service delivery who expect EY’s technology solutions to adequately protect their data and maintain appropriate service levels. The Client Security Assurance Senior Consultant will participate in number of client meetings with the engagement team to answer questions and provide clarification on how EY secure client information. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

Role Description The Cybersecurity Incident Management and Response Team is responsible for effectively and efficiently managing all information and cybersecurity incidents across the Group on a 24x7 basis. This function is structured into two primary missions: Incident Management: Coordinating and orchestrating the global technical response to cybersecurity incidents, and ensuring timely, effective communication to Global Business and Functional stakeholders, Senior Executive Leadership, and relevant regulatory bodies. Incident Response: Conducting technical and forensic investigations arising from threat intelligence, security testing, and user-reported incidents. The goal is to effectively contain, mitigate, and remediate both active and potential attacks. Key Responsibilities Lead and perform technical and forensic investigations into global cybersecurity events, ensuring timely threat identification and mitigation. Conduct post-incident reviews to assess the effectiveness of controls and response capabilities; drive improvements where necessary. Deliver forensic services including evidence collection, processing, preservation, analysis, and presentation. Stay updated on emerging technology trends and cybersecurity best practices to provide guidance to business and IT functions. Collaborate with Global Cybersecurity Operations (GCO) and business teams to develop and maintain effective incident response playbooks. Contribute to the creation and enhancement of detection mechanisms (use cases) and security automation workflows. Define and refine detailed processes and procedures for managing cybersecurity events. Enhance technical capabilities of security platforms and incident response tools. Support the development of the team’s capabilities, including training and mentoring junior team members. Promote a culture of transparency and continuous improvement by identifying and addressing weaknesses in people, processes, and technology. Drive self-improvement and maintain subject matter expertise in cybersecurity. Engage with global stakeholders to improve cybersecurity awareness and communicate the impact of cybersecurity initiatives. Generate and present management information and incident reports tailored for various audiences, supported by data and expert analysis. Required Skills & Competencies Strong understanding of cybersecurity incident management and investigation techniques. Hands-on experience with IDS/IPS systems, TCP/IP protocols, and common attack vectors. Ability to independently analyze complex problems and determine root causes. Effective communication skills with the ability to convey technical issues clearly to both technical and non-technical audiences. Sound decision-making abilities under pressure, with a focus on risk mitigation and operational resilience. Strong collaboration and stakeholder engagement skills across diverse teams. High level of integrity, urgency, and personal accountability. Demonstrated ethical conduct and commitment to organizational values. Knowledge of cybersecurity principles, global financial services, compliance requirements, and regulatory standards. Familiarity with industry frameworks and standards such as OWASP, ISO 27001/27002, PCI DSS, GLBA, FFIEC, CIS, and NIST. Experience in responding to advanced threats, including offensive security knowledge or experience with deception technologies (honeypots, tripwires, honey tokens, etc.). Preferred Technical Skills Cybersecurity Incident Management Intrusion Detection/Prevention Systems (IDS/IPS) TCP/IP Protocols and Network Analysis Forensics Tools and Techniques Security Automation & Orchestration Platforms Threat Intelligence Integration SIEM Tools (e.g., Splunk, QRadar, etc.) Skills Incident response,Forensic Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

This role is located in Noida. Candidates willing to relocate are welcome to apply. Note: If shortlisted, we’ll contact you via WhatsApp and email. Please monitor both and respond promptly. Location: Noida, India Work Mode: Financials SuppoWork from Office Salary 5–7 years: Up to INR 20,00,000 per annum 8–10 years: Up to INR 25,00,000 per annum Joining Time / Notice Period: Immediate – 30 days About The Client Hiring for a technology-driven organization with a strong focus on cybersecurity, cloud infrastructure, and risk management practices. The company supports global clients in achieving compliance and robust information security postures. Job Overview Seeking a Cyber Risk Management Lead to drive enterprise-level risk governance, compliance assessments, and security control implementation across on-premise and cloud environments. The ideal candidate has 5+ years of experience in cybersecurity risk, infrastructure audits, and cloud (AWS) security. Key Responsibilities Ensure alignment with regulations, guidelines, and industry best practices (e.g., NIST, ISO, OWASP, ITIL) Maintain, develop, and audit security documentation: policies, standards, procedures Monitor control effectiveness for EDR, cloud, email, and server security Conduct internal security risk assessments for ongoing compliance Guide cross-functional teams on their roles in risk management Lead SOC 2 Type 2 assessments and evidence collection Review and respond to cybersecurity-related RFPs Oversee AWS and Office365 security governance and implementation Track and close audit findings; support internal and external audits Create and manage dashboards for tracking IT and IS events Minimum Qualifications Bachelor's degree in IT, Computer Science, or related field 5+ years of relevant experience in cybersecurity and risk management In-depth knowledge of enterprise IT components: O365, firewalls, VPN, IDS/IPS, proxy, AV/EDR, DHCP/DNS, MFA, WAF, DLP Strong experience with AWS Cloud Security (mandatory) and Azure (preferred) Experience with audit frameworks (SOC2, HIPAA, ISO27001) At least one security certification preferred (e.g., CISM, CRISC, CISSP) Strong communication, documentation, and stakeholder management skills Show more Show less

Role Purpose: Responsible for establishing and enhancing the framework for evaluating vendor risk and processes to support third party due diligence, risk assessment and ongoing monitoring. The role is also responsible for leading SBIC third party risk strategy, ensuring adequate resources are align to processes to support due diligence, risk assessment and ongoing monitoring, ensuring inherent risks and control gaps are accurately identified and remediated in timely manner. Role Accountability: Manage risk assessment and due diligence processes, both at on-boarding and throughout the lifecycle as part of SBIC’s Vendor Risk Management Program (VRMP) Lead vendor risk assessment program to ensure that organizational security risks are identified and appropriately mitigated Ensure all vendor relationships are documented and all contracts related to vendors that provide outsourced services are reviewed periodically from information security perspective Actively identify, prioritize and pursue opportunities to enhance SBIC’s third party risk management processes and introduce innovative approaches and solutions to optimize efficiency and effectiveness Oversee vendor risk assessments from information security perspective using ISO27001, PCI DSS, NIST framework to meet the organization standards Monitor and report status of open observations and remedial efforts to SBI Card leadership Define, monitor and report KRIs/ SLAs pertaining to VRM, while ensuring tight integration with the Sourcing processes Represent Third Party Risk in Sourcing, Risk or organization-wide working groups and committees Monitor vendor compliance, undertake extensive vendor evaluations from information security perspective and then make active recommendations to the business / vendor to mitigate the risks and provide risk based clauses for the agreements with the vendor Work with the appropriate business users and experts, ensure that for any identified risk that require mitigating action, including vendor disengagement, a plan is developed and executed that indicates the process and/or service involved, the outgoing vendor, the replacement vendor, the anticipated timeline, measurable milestones, expected completion date and the plan for contingencies Act as a subject matter expert to assist the business in identifying and mitigating risks on their vendor relationships Deliver continuous training and awareness to Business partners on vendor risk Proactively engage on opportunities to work with the business to educate stakeholders on the Third Party Risk Management program Ensure process documentation and compliance adherence Measures of Success: Successful closure of vendor risk assessments within the agreed timelines Increase in maturity of vendor risk Programs (Adoption & Capabilities) Timely and accurate development and maturing of the Vendor risk profiling of SBI Card Timely and accurate delivery of updates, presentations, assessment reports etc. to relevant stakeholders Alignment of Third-Party Risk Management Program with regulatory requirements Timely monitoring and reporting of KRIs/ SLAs pertaining to VRM Timely and accurate publication of MIS/ business dashboards Process Adherence as per MOU Technical Skills / Experience / Certifications: Industry-standard certifications such as ISO27001 LA, CEH, CCNA, CISSP, MCP etc. Knowledge of contract terms and conditions Understanding of the inherent risks associated with engaging suppliers to perform services and support projects/initiatives Knowledge of common assessment control techniques Knowledge of analytic techniques and methods Understanding of security controls from a people, process and technology perspective Should be familiar with PCI-DSS framework Experience managing service providers/supplier relationships Competencies critical to the role: Detail Orientation Process Orientation Stakeholder Management Influencing skills Qualification Bachelor’s Degree in Computer Science / Information Security related areas. Show more Show less

Job Title: ServiceNow SecOps Consultant / Developer Experience: 5+ years in ServiceNow with minimum 2 years in SecOps module Job Description: We are looking for a highly skilled ServiceNow Security Operations (SecOps) Consultant/Developer to join our team. The ideal candidate will have experience in implementing and customizing ServiceNow SecOps modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Security Incident Enrichment. Key Responsibilities: Implement, configure, and maintain ServiceNow Security Operations modules. Integrate external security tools (e.g., Qualys, Splunk, Rapid7, Tenable) with ServiceNow SecOps. Design and develop workflows, automation scripts, and business rules to streamline SecOps processes. Configure and maintain playbooks for automated response actions. Manage security incident lifecycle using ServiceNow SIR module. Enable vulnerability identification and remediation using VR module. Collaborate with InfoSec, IT, and third-party security tools teams. Support continuous improvement efforts and provide recommendations for platform optimization. Required Skills: Strong hands-on experience with ServiceNow Security Operations Suite. Knowledge of ServiceNow CMDB, Discovery, and MID server setup. Experience with Security Incident Response, Vulnerability Response, and Threat Intelligence modules. Proficiency in scripting (JavaScript) and ServiceNow development/customization. Experience with integration tools like REST/SOAP APIs. Familiarity with SIEM tools (e.g., Splunk, QRadar), Vulnerability scanners (e.g., Qualys, Tenable). Good to Have: ServiceNow Certified Implementation Specialist – Security Operations. Experience in SOC processes, NIST/ISO frameworks, and risk management. ITIL certification or working knowledge of ITIL processes. Experience with MITRE ATT&CK framework and threat intelligence feeds. Educational Qualification: Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or related field. Show more Show less

Project Role : Software Development Lead Project Role Description : Develop and configure software systems either end-to-end or for a specific stage of product lifecycle. Apply knowledge of technologies, applications, methodologies, processes and tools to support a client, project or entity. Must have skills : Automotive ECU Software Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Engineer, you will play a critical role in ensuring the security and safety of the client's software. Roles & Responsibilities: 1. Performing threat analyses and conduct risk assessments to identify potential vulnerabilities in automotive systems, software, and communication networks. 2. Reviewing code and software designs to ensure compliance with security best practices and industry standards like ISO 21434 and UNECE R155/R156. 3. Conducting penetration testing and vulnerability assessments to proactively identify and mitigate weaknesses in automotive embedded systems before they can be exploited. 4. Developing and implementing incident response plans to effectively handle cybersecurity breaches or incidents and minimize potential damage. Professional & Technical Skills: 1. In-depth knowledge and practical experience with various vehicle systems, including telematics, CAN bus, remote entry/start, OTA, EV charging are highly desired. 2. Familiarity with relevant security standards and regulations, such as ISO/SAE 21434, ISO 27001, NIST Cybersecurity Framework, and UNECE R155. 3. Experience with security testing tools and techniques, such as penetration testing, vulnerability assessments, and threat modelling. Additional Information: - The candidate should have a minimum of 5 years of experience in Automotive ECU Software - This position is based at our Hyderabad office - A 15 years full-time education is required Show more Show less

Associate Director - Audit & Risk Job Description The person will be responsible for risk-based audit activities across several different business areas within Crisil. As an Associate Director in Crisil Internal Audit team the person will be responsible for leading internal audit process reviews in collaboration with an internal audit service provider, implementing and executing enterprise risk management (ERM) framework defined, leading risk-related projects, and performing technology audits. The role requires strong stakeholder management, risk assessment expertise, and the ability to provide insights on process enhancements. The ideal candidate for this role must be an experienced financial services professional with strong internal control and auditing skills, experience in ERM engagements with a strong level of comfort with data and technology. Roles & Responsibilities Partner with the internal audit service provider to plan and execute the internal audit program. Lead and execute internal audit process reviews, ensuring compliance with regulatory and organizational standards. Conduct technology audits (40-50% focus), including cybersecurity, data privacy, and emerging technology risk assessments. Develop and execute risk-based audit plans, ensuring the identification of key control gaps and associated risks. Oversee Enterprise Risk Management (ERM) governance, including risk identification, assessment, and mitigation strategies. Lead and manage risk-related projects, ensuring timely delivery and alignment with business objectives. Engage with senior stakeholders, providing risk insights and recommendations to enhance internal controls and risk management processes. Monitor regulatory developments and emerging risks, advising leadership on potential impacts. Support process improvements and automation initiatives to enhance audit efficiency and risk assessment frameworks. What We’re Looking For: Strong understanding of internal audit methodologies, risk-based auditing, and industry best practices. Experience in conducting technology audits, including cybersecurity, cloud governance, data analytics, and IT risk management. Strong analytical, problem-solving, and critical-thinking skills with the ability to assess complex business processes. Excellent communication skills (both verbal and written) to engage with senior stakeholders and present audit findings effectively. Ability to work independently, manage multiple assignments, and collaborate with cross-functional teams. Proficiency in risk assessment frameworks (e.g., COSO, NIST, ISO 27001) and regulatory requirements. Basic Qualifications: Minimum 10-11 years of experience in financial services internal audit or related roles (operational risk, credit risk, compliance risk). Experience with integrated audits, electronic work papers and standard productivity tools. Strong academic and professional credentials including an undergraduate degree Professional certifications preferred (CA, CAMS, CRMA, CISA, CISM, CISSP etc.). Mandatory Skills Risk Assessment, Management Audit, Internal Control Review, Stakeholder Management, internal audit, Risk Management Show more Show less

Security Specialist Brennan. Where true performance thrives. At Brennan, we believe that how technology is delivered is every bit as important as what the technology is. We focus on creating real and relevant value for customers with solutions that fit their specific needs and always reflect their true interests. It’s a claim backed by our True Performance System - a way of working engineered to get us closer, and deliver better, for our customers and their actual experience of technology. Why join Brennan True performance for our customers starts with a true belief in our people. It’s why we’ve structured our business to help our teams, and their talents, shine bright. It's why we’ve created a workplace where people of all backgrounds, beliefs and experiences are welcomed and empowered. And it’s why we’ve built an organisation where real innovation makes a genuine impact and generates true rewards for our team members. True rewards In addition to competitive remuneration, Brennan offers extensive benefits, including: Training and certification bonuses Culture Awards that recognise excellence Brennan Daredevils - our annual, all-expenses paid trip awarded to our top performers and outstanding contributors Vibrant, fun social activities. An environment that embraces learning and development The Role This is a new role within Brennan, and its primary purpose is to support the current CISO, Security Team, and IT Operations Team in ensuring that Brennan is able to deliver to internal and external stakeholders with a high level of operational efficiency and efficacy, with the required security posture. This role requires a person who brings a security-centric mindset to the team, to ensure that Brennan’s governance, protection and defence, detection and response activities are being executed consistently and in alignment with obligations. Role Responsibilities Governance: Ensuring that scheduled and periodic security hygiene activities are completed on time and to expectations, aligned with ISO27001 and NIST CSF frameworks. Protection & Defence: Ensuring that the suite of security platforms used within Brennan are maintained to design, updated to meet requirements, and delivering on objectives. Detection & Response: Working with Brennan’s own SOC and other monitoring teams to ensure that detections are triaged and handled with the required level of rigour and responsiveness This role requires a strong understanding of a broad range of IT and Security technologies, with the ability to work across teams to achieve desired outcomes. The role includes an element of “hands-on” activities and is well supported by a range of IT and Security teams who also operate the IT and OT systems within Brennan. In order to deliver the right security outcomes for Brennan the role requires an eye for detail, and a desire for continual improvement. It requires excellent written and verbal communication skills in order to build relationships across Brennan, which will enable you to be a trusted source for security advice within the business. Key Competencies and Qualifications required Maintenance and upkeep of key security technologies; Completion of scheduled and ad hoc security related tasks across the Brennan network; Reporting and assessment of security-related metrics and outcomes; Working with IT (including OT and Network Teams) on a day to day basis to ensure agreed and desired outcomes are met; Liaising with security and IT leadership to ensure that the security program is run to design and requirement; Maintaining a relationship with other internal teams to foster an open and transparent relationship; Responding to automatically detected and manually notified alerts, and working those incidents based on documented and understood incident response processes; Providing subject matter expertise to colleagues and projects outside of the immediate role; Participate in sharing knowledge with other Brennan team members including preparing and reviewing documentation for same. Brennan is an equal opportunity employer. Show more Show less

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Product Security Good to have skills : NA Minimum 12 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: AI Security Architect – Enterprise AI Strategy, Scalable ML Platforms, and Secure AI Design We are looking for a seasoned and visionary AI Architect with 12+ years of experience in designing, securing, and leading scalable, responsible AI systems. This role blends AI solution architecture with security architecture and is ideal for professionals who bring together deep technical knowledge, strategic thinking, and a passion for trustworthy, ethical innovation. As an AI Architect, you will define the enterprise AI and security architecture, embed secure-by-design practices across AI platforms, and ensure alignment with privacy, compliance, and ethical standards across the entire ML lifecycle Roles & Responsibilities: Own the architectural vision for enterprise-wide AI and ML platforms, ensuring scalability, resilience, security, and regulatory compliance. Develop and maintain architectural blueprints for secure and responsible AI, covering areas such as bias mitigation, explainability, threat modeling, and data protection. Define and implement AI security architecture practices, including secure access to models, datasets, APIs, and ML pipelines. Collaborate with MLOps, engineering, DevSecOps, and cloud security teams to develop standardized, reusable, and secured AI infrastructure components. Ensure AI systems comply with global regulations and standards (e.g., GDPR, ISO 42001, NIST AI RMF, and ISO/IEC 27001). Evaluate and introduce tools and frameworks that support privacy-preserving AI, adversarial robustness, model security, and interpretability. Job Title - Industry X + Manager + IMU Management Level : 07 – Manager Location: New Delhi Must have skills: In-depth understanding of Industry X concepts, technologies (e.g., Industrial IoT, Predictive Maintenance, Digital Twins), and their application in discrete manufacturing operations. Strong understanding of lean manufacturing principles and their integration with Industry X solutions. Good to have skills: Experience working with Manufacturing Execution Systems (MES) and other relevant industry-specific software is a plus. Job Summary: As an Industry X expert, you will be responsible to drive client value creation through participating in Industry X (Digital Transformation) related projected deliveries as well as support in end-to-end sales lifecycle (deal origination to sales) Roles & Responsibilities: Drive client value creation through participating in Industry X(Digital Transformation) related projected deliveries as well as support in end-to-end sales lifecycle (deal origination to sales) Conduct in-depth assessments of client manufacturing operations to identify areas ripe for Industry X interventions Strong understanding of digital/AI use-cases and impact in manufacturing operations Analyze client needs and translate them into actionable roadmaps incorporating relevant Industry X technologies such as IoT, Big Data, Cloud, AI, and Machine Learning. Develop and present compelling business cases highlighting the potential return on investment (ROI) associated with Industry X initiatives. Manage and lead client engagements, ensuring successful project execution within budget and timelines. Partner with internal and external stakeholders, including technology vendors and system integrators, to deliver seamless project implementation. Stay abreast of the latest Industry X trends and technologies, continuously expanding your knowledge base to provide clients with cutting-edge insights. Establish self as a trusted advisor with the client C-suite through an in-depth understanding of the client as well as industry Build networks at Accenture to be able to bring the best of Accenture to the client Professional & Technical Skills: Minimum 10+ years of experience in management consulting, with a strong track record in Resources industries such as: Automotive (Auto parts, Cars, Trucks) Electronics & Semiconductors (Integrated circuits, Printed circuit boards) Machinery & Equipment (Industrial machinery, Construction equipment) Proven experience in successfully leading and managing complex client engagements within the discrete manufacturing domain. In-depth understanding of Industry X concepts, technologies (e.g., Industrial IoT, Predictive Maintenance, Digital Twins), and their application in discrete manufacturing operations. Strong understanding of lean manufacturing principles and their integration with Industry X solutions. Experience working with Manufacturing Execution Systems (MES) and other relevant industry-specific software is a plus. Additional Information: The ideal candidate will possess a strong background in using data and technologies such as AR/VR, cloud, AI, 5G, robotics and digital twins, work with market leaders to build resilient and agile businesses that adapt engineering, infrastructure & capital projects, manufacturing operations in the face of change. This position is based at our New Delhi office. About Our Company | Accenture Experience: Minimum 10 year(s) of experience is required Educational Qualification: Bachelor's degree in Engineering, Business Administration, or a related field, with a focus in industrial engineering, manufacturing engineering, or a similar discipline. Show more Show less

TCS is hosting an In-Person Interview Drive on Saturday, 14th June , and we’d like to invite you to join us! This is a great opportunity to explore exciting career opportunities with us and meet our hiring team face-to-face. Role **: GRC Analyst / Consultant Desired Skill Set: C ybersecurity risk assessment, Control testing and Compliance audits Experience Range: 4-10yrs & 10+yrs Joining Location: PAN India Venue : Bangalore: Tata Consultancy Services, Think Campus, JRD Auditorium Cafteria, Electronic City, Bangalore Pune: Tata Consultancy Services, Sahyadri Park SP1, A1 Auditorium & Zone 3, Rajiv Gandhi Infotech Park, Hinjewadi Phase 3, Pune - 411057 Job Description: Technical: Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001) SOX Testing for IT Controls IT Compliance audits Vendor Risk Assessments Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures. Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls Non-Technical: Analytical thinker Collaborative team player Eexcellent written and verbal communication Capable of bridging the gap between business demands and cybersecurity requirements Ability to articulate cybersecurity risks in business terms Demonstrable knowledge of information security standards, data security practices and procedures Understanding of the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols Requires demonstrable knowledge of security principles to a diverse range of risk scenarios to coordinate acceptable solutions between business needs, technology operations, and information security best practices Good-to-Have Familiarity with GRC Tools (RSA Archer, ServiceNow GRC) Certifications like CISA, CISSP, CISM, CRISC etc. Show more Show less

Divisional Information Security Officer (DISO) Location- Bangalore 5Days work form office Interview mode- MS teams Required immediate joiners max 15 to 30 days Notice period. Job Context Cybersecurity is now foundational for businesses to deliver on digital agenda as well as achieve committed objectives & outcomes. The divisional DISO role is created to lead the information security function across the division to ensure consistent and high-quality information security management in support of the division’s business goals. Responsibilities The divisional DISO is responsible for developing and implementing the division’s information security program with consultation from the central DISO organization. It involves, while enabling business to achieve their goals, identify, evaluate and mitigate risks to digital assets, intellectual properties, regulated data and reputation while ensuring statutory compliance. The divisional DISO leads with sound knowledge of cybersecurity technologies covering data centres, cloud, endpoint, network, applications and emerging technologies such as AI, ML, IoT, etc. as well as broader digital ecosystem. The person should be an integrator of people, process and technology within and from the ecosystem. DISO works proactively and assures not only confidentiality, integrity, and availability but also to the safety, privacy and recovery of information assets owned or processed by the business units and ecosystem partners. The divisional DISO articulates the impact of cybersecurity on digital business, and be able to communicate this to the business stakeholders, along with progress of security program & value to the business from time to time. Tasks Develop a comprehensive security program for the division Develop the information security vision and strategy for the division that is aligned to division’s business priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate. Implement, and monitor Information Management (IM) policy across division. Implement and monitor Incident response plan and procedures as laid down by the CISO organization Monitor, track and drive cybersecurity awareness programs for the division Operate the security function Plan and manage the cybersecurity budget for the division Align with CISO organization for integrated coordination in risk management Drive cybersecurity projects within the division Innovate and proactively refresh policies and program to meet emerging needs Continuously evaluate cybersecurity needs, compliance, changes in security posture resulting from change in IT infrastructure, architecture, emerging threats, laws, standards, regulations and technologies. Build relationship with external ecosystem partners, service providers, industry peers, vendors to ensure that the division maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Work with divisions and extended IT leaders, member of the IT strategy committee, business leaders, non-IT functions, thus ensuring that the information security requirements are implicit in these architectures and security is built in the design. Establish governance and oversight of security program Facilitate operational oversight of security operations governance through the division’s cybersecurity committee. Provide periodic metrics-based progress report and develop appropriate KPIs to reflect improvements in value/performance/efficiency/compliance etc. Requirements Experience Demonstrated experience and success in middle management roles in risk management, information security, compliance, and cybersecurity in dynamic environment. Hands on experience in network, system, application, perimeter, endpoint, cloud and data centre security management, and security operations. Managing vulnerability using tools like Nessus, Qualys guard etc. Working in ISO27K environment, report preparing, leading internal and external security audits Knowledge of ISO 27K, ISO20K, GDPR, COBIT, NIST, CSF frameworks/standards Skills Ability to communicate effectively across the reporting chain, external and internal customers, leadership, peers etc. Excellent written and verbal communications skills, collaborative skills and effectively communicating technical stuffs to non-technical audience. Reasonably good analytical skills, ability to manage complex projects, under strict timelines as well as ability to work well in demanding, dynamic environment and meet overall objectives. Project management skills, financial/budgeting management, resource and schedule management Relevant industry certification on cybersecurity is desirable Personal Characteristics Poise and ability to act calmly and competently in high-pressure, high-stress situations. Strong problem solving and trouble-shooting skills. High level of personal integrity and maturity, as well as the ability to handle confidential matters. Show more Show less

Security Consultant (QSA) Location: India, Remote Shift Time: UK shift hours No of positions: 2 positions This Position As a Qualified Security Assessor (Sr. QSA) you will provide assessments and consulting to our clients. The Senior Security Consultant will focus their efforts on client-facing delivery of various security regulatory and best practice consulting engagements, including PCI DSS, Secure Software (SSF), PIN, 3DS, P2PE, and Card Production Assessments. You will manage your own book of work and be the master of your own work schedule to the degree that it coincides with your clients’ requirements (that have been assigned to you) and delivery times required. You will conduct remote assessment activities and travel to client locations which usually last anywhere from 3-5 days for on-site activities over a 3–5-month timeframe for a single engagement. You will be working on an average of 3-4 active projects at any given time. What you’ll do As a Qualified Security Assessor (QSA) you will provide assessments and consulting to our clients. The Senior Security Consultant will focus their efforts on client-facing delivery of various security regulatory and best practice consulting engagements, including PCI DSS, Secure Software (SSF), PIN, 3DS, P2PE, and Card Production Assessments. You will manage your own book of work and be the master of your own work schedule to the degree that it coincides with your clients’ requirements (that have been assigned to you) and delivery times required. You will conduct remote assessment activities and travel to client locations which usually last anywhere from 3-5 days for on-site activities over a 3–5-month timeframe for a single engagement. You will be working on an average of 3-4 active projects at any given time. Responsibilities Mandatory to have QSA certification with any one Technical Certification 1) CISM OR 2) CISSP Perform both consulting, advisory and assessment services. Must maintain relevant certification required by industry and complete relevant ongoing continuing education required by certifications. Provide competent and relevant cybersecurity, governance, compliance, risk, and auditing in the technical space in accordance with various regulations and standards. Provide engagement management and high-level project management for delivery of services to multiple client which have been assigned to you by management. Evaluate client compliance with regulations such as Payment Card Industry Data Security Standard (PCI DSS), ISO 27K series, NIST, or other compliance standards and frameworks. Conduct audits and risk assessment based on National Institute of Science (NIST) standards like NIST Risk Management Framework, NIST Cyber Security Framework, NIST Privacy Framework, and International Standards organization (ISO) frameworks for risk and cybersecurity. Consultative support with clients in using risk assessment and audit based on National Institute of Science (NIST) or ISO27002. Sharing your expertise with clients and colleagues to aid in making decisions on topics like strategy and scope as well as deep and highly technical projects like web application architecture and security. Providing clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance. Producing detailed, high-quality reports for clients and industry third parties like payment card brands and the PCI Security Standards Council. Learning from our close-knit group of consultants as well as contributing your thoughts, tools, industry news or lessons learned. Working with clients to implement practices to produce secure applications and identify and eliminate security vulnerabilities. Working independently, undertaking information security engagements including working co-ordination and project management (client interaction, deliverables, work plans, escalation’s, etc.). Growing the business by identifying up-sells with existing and potential clients. Providing regular status reports on all projects assigned. Being a team player and having the capability to expand having the capability to expand/adapt your skills in a fast-paced ever-changing industry. Qualifications/ Experience Bachelor’s degree or similar, and/or at least seven (5) + years of experience in a consulting or audit role, alternatively have experience in Information Security or IT security. Have at least one industry-recognized professional certification from each list below: List A: (ISC)2 Certified Information System Security Professional (CISSP) ISACA Certified Information Security Manager (CISM) Certified ISO 27001 Lead Implementer List B: ISACA Certified Information Systems Auditor (CISA) Certified ISO 27001, Lead Auditor, Internal Auditor 1 IRCA ISMS Auditor or higher (e.g., Auditor/Lead Auditor, Principal Auditor) IIA Certified Internal Auditor (CIA) PCI DSS QSA certification beneficial (although not required, we will get you certified). Experience working in sectors such as retail, banking, fintech, software development (or any other industry where card payments are accepted). Strong understanding of IT infrastructure including applications, servers, databases, network devices and security solutions. Strong understanding of IT and security processes including change control, patch management, vulnerability management, configuration management, incident response etc. Experience with software development methodologies and practices. Virtualization experience beneficial. Cloud security (AWS, Oracle) experience beneficial. Understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection. VikingCloud is an equal opportunities employer. Show more Show less