3740 Nist Jobs - Page 23

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Position Title Compliance Lead Panchkula, India - Date Posted July 22, 2025 Description Were hiring a skilled Compliance Lead to join our Information Security Group (ISG) at Grazitti Interactive. In this high-impact role, youll spearhead Governance, Risk, and Compliance (GRC) initiatives, drive external audit processes, develop compliance frameworks, and ensure organizational alignment with key regulatory standards. If you have a solid background in risk management, policy development, and IT audit readinesswith a deep understanding of frameworks like ISO27001, COBIT, and NISTthis is your opportunity to lead and create tangible impact. Skills Key Skills 8 years in GRC, compliance, or IT risk management. Bachelors degree in a relevant field; CISA, CISSP, or CISM preferred. Hands-on experience with ISO27001/2, ISO31000, NIST, COBIT, COSO, ITIL. Knowledge of GDPR, HIPAA, CCPA, ITGC, and SOX compliance. Strong understanding of internal controls and security policies. Experience in external/internal audits and incident response planning. Excellent communication and stakeholder management skills. Process-oriented with strong documentation and analytical capabilities. Responsibilities Roles And Responsibilities Design and execute enterprise-wide GRC strategies. Ensure compliance with GDPR, HIPAA, ISO, and other global standards. Lead documentation efforts for SOX controls and ITGCs. Collaborate with legal teams to interpret regulations. Act as the primary contact for external auditors. Lead planning, documentation, and closure of compliance audits. Conduct in-depth risk assessments and advise mitigation strategies. Maintain up-to-date risk registers and track remediation actions. Draft and implement information security policies. Establish and enforce internal controls for IT and SaaS environments. Apply COSO, COBIT, and ITIL best practices for governance. Review control effectiveness through regular audits. Design incident response plans and lead resolution efforts. Build awareness programs and train teams on compliance best practices. Drive a culture of compliance and operational integrity. Communicate risk and compliance posture to executive leadership. Document and maintain audit trails for transparency. Position: Compliance Lead Name * E-mail * Phone * CV & Documents * Add file Required fields Phone Thank you for submitting your application. We will contact you shortly! Contacts Email: careers@grazitti.com Address HSIIDC Technology Park, Plot No 19, Sector 22, 134104, Panchkula, Haryana, India

Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future? If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match. What You Will Do Your Mission Is to define Volvo strategic direction and related roadmaps for part of our Network infrastructure, and to steer transformations accordingly. You focus on the business benefits thanks to best possible sourcing of deliveries, in the context of a primarily outsourced delivery model for infrastructure services. You are also in charge of ensuring that all services under your responsibility are delivered according to contracted supplier obligations. You will be reporting to the Service Area Manager of Network services area within Volvo Group Digital & IT / Infrastructure and Onsite Services and will work in close collaboration with our partners, infrastructure service providers and business stakeholders in a multicultural and global environment. Summary We are seeking an accomplished and experienced Service Leader to oversee Wide Area Network (WAN) Services and Cloud Connectivity Services, delivered by a service provider as fully managed services. The selected candidate will be responsible for managing the relationship with the service providers, ensuring optimal performance, reliability, and compliance across our global WAN and Cloud connectivity infrastructure. This role requires a strategic thinker with strong leadership qualities and a deep understanding of WAN technologies, Cloud interconnect solutions, and best practices in network governance and operations. Your Key Responsibilities Manage the relationship with the WAN and cloud connectivity service providers, ensuring that all Service Level Agreements (SLAs) and performance metrics are met. Oversee the deployment, operation, and enhancement of WAN and cloud connectivity solutions provided by the service provider, including MPLS, SD-WAN, dedicated cloud interconnects, VPNs, and other related technologies. Ensure the service provider adheres to the organization’s network governance frameworks, operational policies, and performance standards. Conduct regular service assessments and operational audits in collaboration with the service provider and other stakeholders to identify areas for improvement and ensure compliance with industry standards and regulatory requirements. Collaborate with other IT teams (such as Network Security, Cloud Infrastructure, and Application teams) and business units to ensure seamless, secure, and scalable integration of WAN and cloud connectivity solutions, aligned with organizational objectives. Stay abreast of the latest trends, technologies, and best practices in WAN and cloud connectivity, providing recommendations and roadmaps for continuous service improvement. Manage the escalation process for WAN and cloud connectivity incidents, working closely with the service provider to ensure timely resolution and minimal business impact. Oversee and manage the global WAN and Cloud Connectivity Management functions, including support for exception requests, capacity planning, and change management. Prepare and present regular reports on WAN and cloud connectivity service status, incidents, operational performance, and improvement initiatives to senior management. Commercially responsible for services delivered by the supplier, which includes both budgeting and follow-up, notably approving all service volumes invoiced by the supplier Competences Fluency in English for the international context & ability to comprehend contractual written English Good practice in negotiation and facilitation of decision making. Ability to convince and manage stakeholders (internal or external) in scope Excellent communication & presentation skills At ease in a multi-cultural environment Understanding and ability to present and explain business use cases and value proposition of using services in different contexts Strong quality focus and a personal drive to reach the objectives and targets set for your unit Ability to assess service delivery by suppliers and identify performance gaps or need for improvement Proven experience as overseeing runtime and financial activities for IT infrastructures in an international context Proven experience working with ITIL & SIAM services context Ability to get things done and execute as planned Ability to prepare, present and propose decisions at management (Director, VP) level Experience in managing network policies and governance in large enterprise WAN and multi-cloud environments. Strong understanding of network infrastructure components used to deliver WAN and cloud connectivity, including security integration and QoS mechanisms. Familiarity with regulatory requirements and industry standards such as ISO 27001, NIST, GDPR, and experience with associated audits from a connectivity perspective. Experience working in enterprise-scale IT environments, with a background in network architecture, operations and service management. Ready for the next move? If you are curious to explore how we put our words into actions, follow us on LinkedIn and volvogroup.com. If you want to make a real impact in your career, we look forward to meeting you. Are you excited to bring your skills and disruptive ideas to the table? We can’t wait to hear from you. Apply today! Due to summer vacation, the screening of CVs will begin at the end of august. Please expect delay for an answer to your application. We value your data privacy and therefore do not accept applications via mail. Who We Are And What We Believe In We are committed to shaping the future landscape of efficient, safe, and sustainable transport solutions. Fulfilling our mission creates countless career opportunities for talents across the group’s leading brands and entities. Applying to this job offers you the opportunity to join Volvo Group . Every day, you will be working with some of the sharpest and most creative brains in our field to be able to leave our society in better shape for the next generation. We are passionate about what we do, and we thrive on teamwork. We are almost 100,000 people united around the world by a culture of care, inclusiveness, and empowerment. Group Digital & IT is the hub for digital development within Volvo Group. Imagine yourself working with cutting-edge technologies in a global team, represented in more than 30 countries. We are dedicated to leading the way of tomorrow’s transport solutions, guided by a strong customer mindset and high level of curiosity, both as individuals and as a team. Here, you will thrive in your career in an environment where your voice is heard and your ideas matter.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Conduct regular assessments of cloud security measures to identify areas for improvement. - Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform. - Good To Have Skills: Experience with CyberArk Privileged Access Management, SailPoint IdentityNow. - Strong understanding of cloud security principles and best practices. - Experience in designing and implementing security frameworks for cloud environments. - Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. Additional Information: - The candidate should have minimum 3 years of experience in Saviynt Identity Platform. - This position is based at our Noida office. - A 15 years full time education is required., 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture Design Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Engage in continuous learning to stay updated with the latest security trends and technologies. - Assist in the development of security policies and procedures to enhance organizational security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management. - Good To Have Skills: Experience with Security Architecture Design. - Strong understanding of risk assessment methodologies and frameworks. - Experience in implementing security controls in cloud environments. - Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. Additional Information: - The candidate should have minimum 3 years of experience in Integrated Security Risk Management. - This position is based at our Noida office. - A 15 years full time education is required., 15 years full time education

JOB_POSTING-3-72806 Job Description Role Title: L12, VP JSOC India Leader Company Overview: Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more. We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies. Synchrony celebrates ~52% women talent. We offer Flexibility and Choice for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being. We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles. Organizational Overview The mission of the Synchrony Cybersecurity Joint Security Operations Center (JSOC) is to rapidly detect, assess and respond to cyber threats against Synchrony, its employees, its customers and partners. The Cybersecurity JSOC team is within the Cyber Operations organization and works closely with the Insider Risk Management team and the Threat Intelligence, Operations & Automations team. Role Summary/Purpose The JSOC India Leader drives operational excellence and 24/7/365 monitoring. This role fosters a culture of innovation and collaboration while maintaining steady state operations. The JSOC India Leader will contribute to cyber threat detection and incident response. The individual will grow our strategy and identify adversaries through current tactics, techniques and procedures. The Synchrony Cybersecurity JSOC has transformed to a next generation center of excellence requiring an individual passionate about cyber threats and leading a team of cyber detection and incident responders. Key Responsibilities Utilize key performance indicators to track analyst workloads as well as the efficiency of detection signatures/rules and associated monitoring technologies. Interface with fellow team members, colleagues on the security team, business partners, management, vendors, and external parties on best practices. Support incident response activities, assisting with the artifact collection, triage and remediation processes while documenting lessons learned. Benchmark and implement industry best practices to mitigate potential threats to Synchrony's digital infrastructure and operations such as MITRE ATT&CK and NIST CSF. Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals Required Skills/Knowledge Prior cyber incident response experience and/or experience working in high tempo cyber operations environments. People Leadership: The Leader must have a demonstrated history of leading cybersecurity professionals and be able to administer to one or more Leadership Philosophies to drive the continual development and maturity of the cybersecurity JSOC India team. Strong oral and written communications skills. Strong interpersonal and critical thinking skills. Desired Skills/Knowledge Results driven, strategic, conceptual, and innovative thinker. Experience presenting to senior management. Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems. Expertise to clearly define complex issues despite incomplete or ambiguous information. Eligibility Criteria Bachelor’s degree in Computer Engineering or related field, with a minimum of 10+ years of experience in Information Technology or in lieu of a degree 12+years of relevant experience. Must have expertise and exposure in Content Development, Threat Intel & Hunting and SOC Continuous Monitoring WORK TIMINGS : 3:00 PM to 12:00 AM IST This role is responsible for ensuring proper oversight of the Cybersecurity JSOC team during standard operations/business hours. Primary work hours are from 2:30pm Indian Standard Time (5am USA Eastern Time) until 11:30pm Indian Standard Time (2pm USA Eastern Time). We understand that working in an Operations Center requires flexibility, and changes to this work schedule will be accommodated as necessary. For Internal Applicants Understand the criteria or mandatory skills required for the role, before applying Inform your manager and HRM before applying for any role on Workday Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format) Must not be any corrective action plan (First Formal/Final Formal, PIP) L10+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible. L10+ Employees can apply Level /Grade : 12 Job Family Group Information Technology

1 Role title: Cyber Security Architect Grade Required Qualifications Advanced degree in Computer Science 5+ years of cyber security engineering experience Any of the following: CISSP, CISM, CEH along with Azure, GCP or AWS certifications Experience with security tools and technologies (e.g., firewalls, IPS, Email Security, SOAR, Threat Intel, SIEM, DLP, EDR, encryption, etc.). Experience in global manufacturing, pharma, and/or a life sciences company Summary of Role Duration Key responsibilities Required skills The Security Architect role is a pivotal position within the Cyber Security Office, reporting directly to the Security Architecture Lead. This role offers an exciting opportunity to collaborate with cross-functional teams from IT, Cyber Security, and Business Units to architect and design robust security solutions that effectively protect organisation's enterprise networks from evolving cyber threats. As an individual contributor, you will focus on strategic design and innovation, ensuring that our security strategies align with industry standards and best practices such as TOGAF, SABSA, Purdue, and NIST frameworks. This role is designed for individuals who are passionate about cybersecurity, possess strong expertise in security, and are eager to make a significant impact on organisation's security posture Drive the strategic design and implementation of innovative security solutions and controls Stay at the forefront of industry standards, regulations, and best practices related to IT and OT security, ensuring continuous improvement Generate comprehensive documentation, certification, and testing protocols for the deployment of new security solutions Continuously monitor and analyze current cybersecurity threats, trends, and emerging technologies to inform strategic security initiatives Work closely with engineering and architecture teams to ensure security requirements are integrated into all phases of the system development lifecycle Define and implement advanced security configurations, policies, and procedures for IT and OT assets and systems Effectively communicate with stakeholders at all levels, translating complex technical concepts into actionable security strategies Support the development and implementation of security architectures across various domains, including data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, and platform security Conduct security assessments and gap analyses to identify and mitigate security risks Provide technical guidance and mentorship to security engineers and other team members Perform assessments of capabilities and tools to ensure alignment with GSK business and security needs Assist with product Proof of Concept (POC) evaluations to validate security solutions Create and execute test plans to rigorously evaluate security controls and document results to provide unbiased outcomes that demonstrate alignment with GSK business and security needs in a seamless manner Proven experience in developing security strategies and reference architectures Familiarity with TOGAF, SABSA, or Purdue Enterprise Reference Architecture Experience in designing and deploying network security controls and solutions Extensive knowledge of security technologies, including encryption, authentication, authorization, security protocols, data and privacy, AI/ML, and application development Strong communication and interpersonal skills, ability to effectively manage stakeholders Proficiency in writing, developing, and maintaining technical documentation, including security standards, strategies, and implementation plans Ability to prioritize and filter actions to focus on those with significant impact on the program Capability to work with multiple stakeholders to promote practical solutions to complex security problems Excellent problem-solving and analytical skills, with the ability to work under pressure Hands-on experience in at least three of the following security domains: data security, AI, cloud, network security, monitoring detection and response, threat, risk, vulnerability asset and configuration management, or platform security Experience with threat modeling and risk assessment methodologies Experience in security automation and orchestration Knowledge of AI and machine learning security considerations Understanding of regulatory requirements/industry standards (e.g., GDPR, HIPAA, PCI)

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Technology Risk – Senior As part of our EY- Technology Risk team you will contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You will also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We are looking for a senior to join the Cyber COE group of our EY-Technology Risk Team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Competencies and Expertise Needed Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices. Strong consulting and advisory skills, capable of understanding and addressing clients’ needs. Hands-on experience with Privileged Access Management (PAM) tools and strategies, including the implementation of solutions like PAM services. In-depth knowledge of identity lifecycle management processes, encompassing user provisioning, de-provisioning, and role management, as demonstrated in various IAM implementation projects. Skilled in analysing security risks associated with identity and access, and formulating effective mitigation strategies, as evidenced by successful project outcomes. Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations. Interest in working on security compliance projects related to IAM. Experience or interest in leading workshops, trainings, or presentations for clients. Desire to work collaboratively with IT teams to implement IAM and PAM solutions by ensuring seamless integration and operational efficiency. Responsible for ISO 27001 based Information Security Management System implementation and sustenance Assess client information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk Responsible to assist client in review / implement Information Security controls in areas as mentioned, but not limited to: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Media handling & Exchange of information, Physical and environmental Security, and Media & Information Handling Responsible for conducting clients’ vendors risk assessment and providing a holistic view of client’s risk exposure due to outsourcing Responsible for advising and assisting clients to develop and implement Information classification framework Conduct Information Systems audits covering IT infrastructure assets Serves as technical lead or subject matter specialist on security and privacy implementation projects, responsible for design, build, testing and deployment of solutions Technical Knowledge of Security Capabilities such as, CSPM, EDR, SIEM/SOAR, Vulnerability Management will be a plus. Have a knowledge of cyber security concepts around Vulnerability Management, Identity Management, Risk Management, etc. Good understanding of overall cyber security objective of the organization and having an ability translate data into actionable metrics to drive initiatives to improve cyber security posture. Understanding of Senior stakeholder’s requirements in the organization such CISO, CIO, CRO and ability to communicate with them in an effective manner with excellent verbal and written communication skills. Experienced in conducting information security assessments including business continuity plan audits, network security audits, GenAI Audit, and infrastructure audits. Performed NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. Familiar with IT industry frameworks such as ISO27001, ISO42001, NIST, PCI-DSS, TISAX, DSA/DMA, GDPR, NIS2 and HITRUST. Your Key Responsibilities Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies Standards Assessment, Software Development Lifecycle (SDLC), System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. Collaborate with your team to manage control owners and other stakeholders, ensuring the success of each assigned reviews, minimising contention where possible and requesting support, where deemed necessary. Apply judgement and risk management concepts to identify, formulate findings and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. Review IT Policies and Standards and ensure that they are as per the different industry standard. Stay current with cybersecurity regulations and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. To qualify for the role, you must have. Graduate (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc. with at least 4-7 years of experience. Having industry certification such as CISSP, CISM, CRISC or CISA a strong plus Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments (b) NIST assessments (c) Data privacy audits (d) Network and Infrastructure audits (e) Cyber Maturity Assessment (f) IT Policies and Standards Assessment (g) IAM and IT Asset Management (h) IT Health Check (i) BCP/DR audit (j) Application security audits. What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment Opportunities to work with EY Assurance practices globally with leading businesses across a range of industries. What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" Hybrid Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! The IZOT product line includes BMC’s Intelligent Z Optimization & Transformation products, which help the world’s largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications’ security, while reducing operational costs and risks. We acquired several companies along the way, and we continue to grow, innovate, and perfect our solutions on an ongoing basis. We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles And Responsibilities Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you’re set up for success, you will bring the following skillset & experience: 5+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes. CA-DNP Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 2,117,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply.

As a PC@IBM Windows Engineer, you will be responsible for designing, managing, configuring, and maintaining PC@IBM’s M365 tenant for managing IBM employee devices. You will ensure the availability, security, and reliability of PC@IBM services while collaborating with various teams to meet their technical requirements. Your responsibilities will include: Implement and manage policies required for IBM security compliance. Monitor Microsoft Intune service health, swiftly addressing issues to maintain system integrity. Implement stringent security measures such as multi-factor authentication. Conduct regular security assessments to strengthen data protection and ensure compliance with regulations. Develop detailed user documentation to facilitate system navigation and troubleshooting. Design and implement backup strategies and disaster recovery plans to safeguard M365 data. Employ PowerShell for monitoring system performance and service metrics, proactively identifying potential issues. Required education Master's Degree Required technical and professional expertise Required Professional and Technical Expertise: Overall 10+ years of experience in security and compliance roles. In-depth knowledge of compliance frameworks such as NIST, CMMC, ITAR/EAR, GDPR, HIPAA, and PCI. Expertise in Intune MDM for device security and management. Strong understanding of Microsoft 365 security and compliance capabilities. Excellent analytical and problem-solving skills. Ability to work in a fast-paced, high-stakes environment. Preferred technical and professional experience Preferred Professional and Technical Expertise: Mastery in PowerShell for automation and system management. Exceptional problem-solving skills and the ability to communicate complex technical concepts clearly.

Who We Are We are an organisation that exists to drive progress. That's the “red thread” that connects everyone at The Economist Group (TEG). Our businesses share a devotion to innovation, independence and rigour in their fields of expertise. We empower people to understand and tackle the critical challenges and changes facing the world. Our analytical rigour, global expertise and evidence-based insights enable individuals and organisations to make sense of these shifts and chart a course through them. We deliver analysis and insights in many formats to subscribers and clients in 170 countries through our four businesses, The Economist, Economist Impact, Economist Intelligence and Economist Education, which uphold our global reputation for excellence and integrity. Job Summary The Cyber Security Team Lead will support the Head of Information Security in the development, implementation, and management of the organisation’s information security strategy. This role involves overseeing daily operations, ensuring the security of information assets, managing security incidents, and fostering a security-conscious culture within the organisation. Key Responsibilities Strategic Support: Assist in the development and execution of the organisation's information security strategy and policies. Provide strategic guidance and leadership in all areas of information security. Operational Management: Oversee day-to-day security operations, including monitoring, threat management, and incident response. Ensure effective 24/7 monitoring and incident handling. Risk Management: Identify and assess security risks, and develop mitigation strategies. Conduct regular security audits and vulnerability assessments. Incident Response: Lead the response to security incidents and breaches, ensuring timely and effective resolution. Develop and maintain the incident response plan, including conducting regular drills. Compliance and Governance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR). Maintain up-to-date documentation of security policies, procedures, and incidents. Team Leadership: Supervise and mentor the information security team, providing guidance and support. Foster a collaborative and high-performance team environment. Training and Awareness: Develop and deliver security training and awareness programs for employees. Promote a culture of security awareness throughout the organisation. Stakeholder Collaboration: Collaborate with IT, legal, HR, and other departments to ensure cohesive security practices. Serve as a key point of contact for security-related matters with external partners and vendors. Qualifications Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master’s degree is a plus. Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Experience: Minimum of 10 -15 years of experience in information security, with at least 3 - 5 years in a leadership role. Proven experience in managing security operations, incident response, and risk management. Skills And Competencies Technical Expertise: Strong knowledge of information security principles, technologies, and best practices. Experience with security tools and technologies such as SIEM, firewalls, IDS/IPS, and endpoint protection. Analytical Skills: Ability to analyse complex security issues and develop effective solutions. Strong risk assessment and management skills. Leadership and Communication: Excellent leadership and team management skills. Strong verbal and written communication skills, with the ability to convey complex security concepts to non-technical stakeholders. Problem-Solving: Strong critical thinking and problem-solving abilities. Ability to remain calm and effective in high-pressure situations. Additional Requirements Availability for on-call duties and to respond to security incidents outside regular working hours. Willingness to travel as needed. Hybrid Policy - 2 to 3 days in a month work from Office* Benefits What we offer We offer excellent benefits including an incentive programme, generous annual and parental leave policies, volunteering days and well-being support throughout the year, as well as free access to all Economist content. Country specific benefits are also offered. Our Values Our values are a collective set of beliefs and behaviours that strengthen The Economist Group's purpose and demonstrate where we want to be as an organisation. They reflect on our mission to pursue progress for individuals, organisations and the world. Independence We are not bound to any party or interest and encourage exploration and free-thinking. We champion freedom, both within our organisation and around the world. Integrity We are bold in our efforts to uncover the truth and stand up for what we believe in. We inspire trust through our rigour, fact-checking and transparency. Excellence We aspire to the highest standards in all we do. We are ambitious and inquisitive in our pursuit of continuous progress and innovation. Inclusivity We value diversity in thought and background and encourage healthy debate with a breadth of perspectives. We treat our colleagues and customers fairly and respectfully. Openness We foster a collaborative and empathetic culture conducive to the interests, wit and initiative of our colleagues. New ideas are our lifeblood. The Economist Group values diversity. We are committed to equal opportunities and creating an inclusive environment for all our colleagues and potential colleagues regardless of ethnic origin, national origin, gender, gender identity, race, colour, religious beliefs, disability, sexual orientation, age, marital status or any other status.

Job Summary Information Security GRC Analyst The Information Security GRC Analyst provides expertise in the areas of Information Security policy creation and development, security awareness and training, metrics reporting, presentation development, project management, and governance of an enterprise security program. The ideal candidate has experience identifying and incorporating cyber security policy development best practices and proactively crafting policy recommendations that can be applied to technology systems and business process. RESPONSIBILITIES Develop and support information governance policies and processes in collaboration with business and technical teams that are aligned with business goals Support processes for regulatory audits and efficiency improvements in collaboration with stakeholders. Understanding of data privacy laws and regulations. Communicate effectively and actively seek alignment with business expectations Act as a liaison and conduit for information flow between the IT organization and the business Identify project issues and risks and develop risk mitigation plan to address Ensure adherence to established company and PMO and Governance processes Assist with the reporting of key performance indicators related to the information security program Prepare information security training, education, and awareness activities appropriate for campus audiences. Collaborate with information security technical experts as needed to augment or further develop information security training, education, and awareness activities appropriate for campus audiences. Maintain knowledge of PCI DSS, ISO27001, and NIST Cybersecurity Framework Perform other duties, as assigned MINIMUM REQUIREMENTS Proficiency in using GRC tools and software to streamline and automate risk and compliance processes (i.e., AuditBoard) Skilled in audit management and experience liaising with third party auditors Able to work in a complex, global environment, actively and effectively managing relationships with other business units and stakeholders Skilled in communicating technical requirements with non technical stakeholders Excellent oral and written communication skills Excellent problem solving and analytical skills Strong time management skills, including effective responsibility prioritization Strong analytical and problem solving skills to identify and assess security risks and develop appropriate mitigation strategies Familiarity with various cybersecurity frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc.

Job Summary Define and enforce cloud security policies and compliance requirements. 2. Governance & manage dedicated security OU and centralized log management accounts through tools like AWS Cloud watch, Cloud trail, guard durty, S3, AWS security Hub for security related event, alert & logs. 3. Onboard new AWS accounts with GuardDuty, fine tune policies, and monitor for threats. 4. Use Security Hub to evaluate compliance (e.g., CIS, NIST, PCI), follow up on findings, and ensure mitigation. 5. Administer AWS native security tools including Security Hub, GuardDuty, Macie, Cloud Conformance Pack etc. 6. Governance & oversight of SCP, Guardrails and compliance assurance through monitoring event. 7. Monitor and validate key and secret usage via AWS KMS and Secrets Manager and monitoring event. 8. Oversight of IAM policy, access audit, monitoring events for non compliace, IAM posture management. 9. Manage cloud native WAF and DDoS services. 10. Configure WAF rules, apply signature updates, and manage both on premises and cloud based WAF deployments.

Morgan Stanley Technology Risk Management (Control Testing) _Vice President_ Risk & Resiliency Management Profile Description We're seeking someone to join our CDRR team as a Vice President in Firm Resilience function. The Review Lead is a leading role within ITCT accountable for planning, executing, and reporting control testing reviews which must stand up to high-quality expectations, as well as project management of control testing reviews from start to finish CDRR_Technology The Cybersecurity organization's mission is to create an agile, adaptable organization with the skills and expertise needed to defend against increasingly sophisticated adversaries. This will be achieved by maintaining sound capabilities to identify and protect our assets, proactively assessing threats and vulnerabilities and detecting events, ensuring resiliency through our ability to respond to and recover from incidents and building awareness and increase vigilance while continually developing our cyber workforce. Firm Resilience Firm Resilience leads and coordinates initiatives to proactively prepare the Firm to be resilient against operational threats as well as identify and manage material operational risk. Risk & Resiliency Management This is Associate position that Identifies, assesses, and mitigates risks to ensure operational continuity and resilience in the face of potential threats or disruptions that could impact the organization, plus management of ongoing incidents. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. At Morgan Stanley India, we support the Firm’s global businesses, with critical presence across Institutional Securities, Wealth Management, and Investment management, as well as in the Firm’s infrastructure functions of Technology, Operations, Finance, Risk Management, Legal and Corporate & Enterprise Services. Morgan Stanley has been rooted in India since 1993, with campuses in both Mumbai and Bengaluru. We empower our multi-faceted and talented teams to advance their careers and make a global impact on the business. For those who show passion and grit in their work, there’s ample opportunity to move across the businesses for those who show passion and grit in their work. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on… What You'll Do In The Role The InfoSec, Technology, and Cybersecurity (ITCT) program assesses Firmwide control compliance with the Global Technology Policy, InfoSec Policy, and Cybersecurity Policy, as well as control testing and validation activities, as agreed with management, in relation to emerging risks, regulatory remediation, and findings from other assessments. Planning Reviews Define the scope of controls for each review depending on regulatory commitments and mandate requirements. Schedule and lead kick-off meetings with PCOs and Risk Officers to review scope, timeline, and approach. Executing Reviews Review evidence request lists developed by Control Testers prior to submission to control contacts. Support Control Testers by being available to help them review unclear evidence and make decisions on acceptable evidence as the testing evolves. Reporting Review Results and Managing Risk Issues Present potential risk issues to control contacts and/or PCOs soon as possible. Review draft issue descriptions and risk ratings for potential issues drafted by Control Testers. Project Management Of Reviews Complete responsibilities described above in line with milestone dates and regulatory commitments. Regularly provide the wider ITCT team and Global Head with status updates on ongoing activities, What You'll Bring To The Role 10 + years of career experience & Working knowledge of key Technology, Information Security, and Cybersecurity concepts (e.g., data security, identity and access management, network security, change management, etc.) Understanding of relevant regulations and industry standards (e.g., ISO 27001, COBIT, NIST, etc.) including principles and key concepts related to risk assessment, controls, and testing. Working knowledge of technology applications and infrastructure (e.g., server, network, platform desktop environment) and ability to identify risk and controls. Ability to employ process-based thinking to effectively obtain, analyze, and interpret information, identify root causes of problems, and draw logical conclusions. Excellent written and verbal communication skills. Good organizational skills with diligence and ability to manage multiple priorities. Proficient use of Microsoft Excel and other Microsoft Office products What You Can Expect From Morgan Stanley We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work. To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser. Morgan Stanley is an equal opportunities employer. We work to provide a supportive and inclusive environment where all individuals can maximize their full potential. Our skilled and creative workforce is comprised of individuals drawn from a broad cross section of the global communities in which we operate and who reflect a variety of backgrounds, talents, perspectives, and experiences. Our strong commitment to a culture of inclusion is evident through our constant focus on recruiting, developing, and advancing individuals based on their skills and talents.

**About REA Group:** In 1995, in a garage in Melbourne, Australia, REA Group was born from a simple question: “Can we change the way the world experiences property?” Could we? Yes. Are we done? Never. Fast forward 30 years, REA Group is a market leader in online real estate in three continents and continuing to grow rapidly across the globe.The secret to our growth is staying true to that ‘day one’ mindset; the hunger to innovate, the ambition to change the world, and the curiosity to reimagine the future. Our new Tech Center in Cyber City is dedicated to accelerating REA Group’s global technology delivery through relentless innovation. We’re looking for the best technologists, inventors and leaders in India to join us on this exciting new journey. If you’re excited by the prospect of creating something magical from scratch, then read on. **While no two days are likely to be the same, your typical responsibilities will include:** + Lead, recruit, coach, and develop a high-performing Security Engineering team, building an inclusive and collaborative culture aligned with REA’s values and commitment to diversity. + Act as a mentor for both junior and senior engineers, fostering a growth mindset, curiosity, and technical excellence. + Collaborate with product and design teams to transform user needs into technical specifications. + Contribute to REA’s technical strategy and roadmap, aligning with business goals and stakeholders. + Embed secure-by-design principles in all aspects of system, platform, application, and identity architecture spanning cloud, enterprise, and product environments. + Coach teams to embed security practices throughout the full DevSecOps lifecycle, including code reviews, threat modelling, vulnerability management, and incident response. + Define, advocate and exemplify best practices within the team like writing clean and reusable code using TDD, pair programming, and design patterns. + Champion innovation adopting and adapting next-gen approaches such as AI-driven security, zero trust, and “paved road” patterns to stay ahead of the threat landscape. + Actively collaborate with Product, Engineering, Platform, and other business units to ensure security is embedded and enables speed, quality, and trust. **Who we’re looking for:** + 8-13 years of progressive experience in software engineering, security engineering, or product / application security. + Demonstrated experience leading, mentoring, and managing security engineering or product security teams in a high-scale, agile technology environment (preferably SaaS, cloud-native, or platform-centric). + Track record of successfully delivering security programs, initiatives, or platforms in partnership with engineering leadership and technical program managers. + Strong technical skillset (across one or more of) product / application security, enterprise IAM, endpoint security, cloud security, DevSecOps, vulnerability management, and security automation. + Solid understanding of relevant security frameworks (e.g. OWASP Top 10, ASVS, NIST, MITRE ATT&CK), CI/CD security integration, and modern infrastructure-as-code. + Practical knowledge of secure cloud services (e.g. AWS, Azure), with ability to design “paved roads” and security guardrails for developers. + Is committed to lifelong learning, staying updated on the latest web development trends to tackle complex challenges. + Collaborative, open-minded and experienced in scaling healthy team culture and contributing to diversity and inclusion. + Networking or Endpoint Security. + Knowledge of delivery approaches such as TDD, CI and infrastructure automation. + Skilled communicator, able to influence and explain complex technical risks to diverse audiences, including engineers, business leaders, and executives. **As a Bonus:** + Well-versed in two or more languages (JavaScript, TypeScript, React, and Node.js.) + Advocate for code quality and security. Lead code reviews, unit testing, and deployments to ensure users trust the reliability and security of the code. **What we offer:** + A hybrid and flexible approach to working. + Transport options to help you get to and from work, including home pick-up and drop-off. + Meals provided on site in our office. + Flexible leave options including parental leave, family care leave and celebration leave. + Insurance for you and your immediate family members. + Programs to support mental, emotional, financial and physical health & wellbeing. + Continuous learning and development opportunities to further your technical expertise. **The values we live by:** Our values are at the core of how we operate, treat each other, and make decisions. We believe that how we work is equally important as what we do to achieve our goals. This commitment is at the heart of everything we do, from the way we interact with colleagues to the way we serve our customers and communities. **Our commitment to Diversity, Equity, and Inclusion:** We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We believe teams with diverse ideas and experiences are more creative, more effective and fuel disruptive thinking be it cultural and ethnic backgrounds, gender identity, disability, age, sexual orientation, or any other identity or lived experience.We know diverse teams are critical to maintaining our success and driving new business opportunities. If you’ve got the skills, dedication and enthusiasm to learn but don’t necessarily meet every single point on the job description, please still get in touch. **REA Group in India** You might already recognise our logo. The REA brand does have an existing presence in India. In fact, we set up our new tech hub in Gurugram to be their neighbours! REA Group holds a controlling interest in REA India Pte. Ltd., operator of established brands Housing.com, Makaan.com and PropTiger.com, three of the country’s leading digital property marketplaces.Through our close connection to REA India, we’ve seen first-hand the incredible talent the country has to offer, and the huge opportunity to expand our global workforce.Cyber City Tech Center is an extension of REA Group a satellite office working directly with our Australia HQ on local projects and tech delivery. All our brands, across the globe, connect regularly, learn from each other and collaborate on shared value initiatives.

**About REA Group:** In 1995, in a garage in Melbourne, Australia, REA Group was born from a simple question: “Can we change the way the world experiences property?” Could we? Yes. Are we done? Never. Fast forward 30 years, REA Group is a market leader in online real estate in three continents and continuing to grow rapidly across the globe. The secret to our growth is staying true to that ‘day one’ mindset; the hunger to innovate, the ambition to change the world, and the curiosity to reimagine the future. Our new Tech Center in Cyber City is dedicated to accelerating REA Group’s global technology delivery through relentless innovation. We’re looking for the best technologists, inventors and leaders in India to join us on this exciting new journey. If you’re excited by the prospect of creating something magical from scratch, then read on.”While no two **days are likely to be the same, your typical responsibilities will include:** + Help teams navigate security for their projects and systems, making sense of controls (technical, procedural, physical) and risks. + Conduct cyber risk assessments, third-party due diligence and Business Impact Analyses (BIAs) for new tech and systems, designing smart ways to manage those risks. + Perform technical security control assessments and contribute to ensuring our key systems meet security standards and compliance needs. + Work with delivery partners and internal teams to clearly communicate security requirements and ensure they’re met. + Advise on secure solution architectures, identify potential risks in designs, and propose effective countermeasures. + Contribute to our vulnerability assessment efforts by analysing assets, performing assessments, and helping teams adopt the right controls. + Assist in investigating suspected attacks and support our incident response efforts with your security expertise. + Help maintain and optimize operational security processes, especially for our cloud and automated systems. + Engage effectively with stakeholders across REA, understanding their needs and championing good security practices. + Provide detailed and specific advice on security topics where you have expertise, helping teams make informed decisions. **Who we’re looking for:** + Solid understanding of security controls, risk assessment methodologies, and Business Impact Analysis. + Can break down security concepts, risks, and requirements for diverse audiences. + Experience performing security risk assessments, technical security assessments, or contributing to assurance / accreditation activities. + You can spot potential security issues in designs, processes, and systems and suggest practical, effective solutions. + You enjoy working with different teams (tech, business, partners) to embed security and achieve shared goals. + Knowledge of frameworks like NIST, ISO 27001, or specific compliance areas (e.g., PCI, Privacy) + You can manage your advisory workload, contribute effectively to projects, and keep good records. + Maybe it’s cloud security, application security, identity, or a specific GRC area – we value focused expertise. + You can work effectively with stakeholders, understand their perspectives, and provide valuable, respected advice. + You’re keen to stay updated on security trends, threats, and best practices. + You’ve got experience working with different cloud environments like AWS, Google or Azure. We believe great ideas come from everywhere. If you’re excited about this space, we want to hear from you, even if you don’t tick every single box. **What we offer:** + A hybrid and flexible approach to working. + Transport options to help you get to and from work, including home pick-up and drop-off. + Meals provided on site in our office. + Flexible leave options including parental leave, family care leave and celebration leave. + Insurance for you and your immediate family members. + Programs to support mental, emotional, financial and physical health & wellbeing. + Continuous learning and development opportunities to further your technical expertise. **The values we live by:** Our values are at the core of how we operate, treat each other, and make decisions. We believe that how we work is equally important as what we do to achieve our goals. This commitment is at the heart of everything we do, from the way we interact with colleagues to the way we serve our customers and communities. **Our commitment to Diversity, Equity, and Inclusion:** We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We believe teams with diverse ideas and experiences are more creative, more e?ective and fuel disruptive thinking – be it cultural and ethnic backgrounds, gender identity, disability, age, sexual orientation, or any other identity or lived experience. We know diverse teams are critical to maintaining our success and driving new business opportunities. If you’ve got the skills, dedication and enthusiasm to learn but don’t necessarily meet every single point on the job description, please still get in touch. **REA Group in India** You might already recognise our logo. The REA brand does have an existing presence in India. In fact, we set up our new tech hub in Gurugram to be their neighbours! REA Group holds a controlling interest in REA India Pte. Ltd., operator of established brands Housing.com, Makaan.com and PropTiger.com, three of the country’s leading digital property marketplaces. Through our close connection to REA India, we’ve seen first-hand the incredible talent the country has to offer, and the huge opportunity to expand our global workforce. Our Cyber City Tech Center is an extension of REA Group; a satellite office working directly with our Australia HQ on local projects and tech delivery. All our brands, across the globe, connect regularly, learn from each other and collaborate on shared value initiatives.

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

TJX Companies At TJX Companies, every day brings new opportunities for growth, exploration, and achievement. You’ll be part of our vibrant team that embraces diversity, fosters collaboration, and prioritizes your development. Whether you’re working in our four global Home Offices, Distribution Centers or Retail Stores—TJ Maxx, Marshalls, Homegoods, Homesense, Sierra, Winners, and TK Maxx, you’ll find abundant opportunities to learn, thrive, and make an impact. Come join our TJX family—a Fortune 100 company and the world’s leading off-price retailer. Job Description: About TJX: At TJX, is a Fortune 100 company that operates off-price retailers of apparel and home fashions. TJX India - Hyderabad is the IT home office in the global technology organization of off-price apparel and home fashion retailer TJX, established to deliver innovative solutions that help transform operations globally. At TJX, we strive to build a workplace where our Associates’ contributions are welcomed and are embedded in our purpose to provide excellent value to our customers every day. At TJX India, we take a long-term view of your career. We have a high-performance culture that rewards Associates with career growth opportunities, preferred assignments, and upward career advancement. We take well-being very seriously and are committed to offering a great work-life balance for all our Associates. What will you discover? Inclusive culture and career growth opportunities A truly Global IT Organization that collaborates across North America, Europe, Asia and Australia, Challenging, collaborative, and team-based environment What will you do? The Infrastructure and Operations (I&O) organization embodies the hub of lifecycle engineering at TJX, delivering, maintaining, and optimizing our technology portfolio at rapid scale. We are a service-oriented team aimed at providing extraordinary experiences to thousands of TJX associates, business partners, and application delivery teams across the portfolio. As a Senior Engineer within our Application Hosting Services (AHS) team, you will be critical for the continuous improvement, feature development, and secure delivery of the base compute platforms our product teams require to meet their business objectives. Creating and championing DevSecOps best practices to ship high-quality code using modern Infrastructure as Code (IaC) toolsets. You will be expected to work following a Kanban methodology as part of an autonomous team working globally alongside engineers and architects to deliver solutions suitable for daily operations, ease of troubleshooting, and business continuity facets. What will you need? The Application Hosting Services Team We seek creative, customer-focused individuals with technical expertise and a mindset for continuous improvement. We rethink how software and infrastructure are delivered at rapid scale and work closely with other teams to improve key services. Break down complex problems into steps that drive product development while keeping product quality and security as the priority. Minimum Qualifications Bachelor’s Degree or equivalent Engineering skillset / training / work experience in relevant technical domain 5+ years of strong storage engineer & system administration tasks while working in an Agile (Scrum / Kanban / SAFe) environment Hands-on experience in leading and delivering medium to large scale projects end to end whilst maintaining good understanding of Coding standards, Performance tuning and database concepts Demonstrated delivery of storage and data protection systems, installs, upgrades, migrations / re-platforming Strong communication and influence skills. Solid team player with mentorship skills Ability to understand the work environment and competing priorities in conjunction with developing/meeting project goals Shows a positive, open-minded, and can-do attitude Strong automation and engineering mindset Experience In the Following Technologies Rubrik Dell Isilon, Dell eNAS, Dell Unity, PMax, HPe 3 Par Fibre Channel Networking IaC – Powershell, Rest API concepts IT Security, RBAC, certificate management Vulnerability Management Knowledge of IT Security & Compliance, CIS Benchmarks, NIST Framework Other Operating systems such as AIX, Oracle Linux, Microsoft Windows Server Nice To Have Python, Go programming languages Experience in hyper-converged & virtualization platforms such as VMware, Nutanix Experience with tools such as JIRA, Confluence, Service NOW. In addition to our open door policy and supportive work environment, we also strive to provide a competitive salary and benefits package. TJX considers all applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, gender identity and expression, marital or military status, or based on any individual's status in any group or class protected by applicable federal, state, or local law. TJX also provides reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act and applicable state and local law. Address: Salarpuria Sattva Knowledge City, Inorbit Road Location: APAC Home Office Hyderabad IN

Job Title: Network Security Engineer Location: Hyderabad-IN Job Type: Full-Time No.of Positions : 2 Exp: 2-3yrs Budget : 12-18LPA + Key Responsibilities: Design, implement, and manage secure network architecture (firewalls, VPNs, IDS/IPS, NAC) Monitor networks for security breaches and investigate incidents Configure and manage firewalls, security appliances, and intrusion detection/prevention systems Conduct vulnerability assessments and penetration testing; remediate findings Develop and enforce security policies, standards, and procedures Manage secure access controls (e.g., AAA, RBAC, 802.1x) Analyze security alerts and provide appropriate responses and escalations Maintain and update security infrastructure (patches, firmware, rule sets) Perform risk analysis and provide recommendations for improvements Support compliance efforts (ISO 27001, NIST, GDPR, SOC 2, etc.) Collaborate with IT teams on secure deployment of new infrastructure or services Document all configurations, incidents, and procedures for auditing and knowledge sharing Required Skills & Qualifications: Bachelor’s degree in Computer Science, Infra Security, or related field 3+ years of experience in network and/or security engineering roles Strong understanding of network protocols and security technologies (TCP/IP, SSL, IPSec, DNS, etc.) Experience with firewalls and security platforms (e.g., Palo Alto, Fortinet, Cisco ASA, Check Point) Proficiency in intrusion detection/prevention systems, VPNs, and endpoint security Familiarity with SIEM tools (Splunk, QRadar, LogRhythm, etc.) Knowledge of authentication mechanisms (LDAP, RADIUS, SAML, MFA) Security certifications such as CEH, CCNP Security, Palo Alto PCNSA/PCNSE , or CompTIA Security+ Preferred Qualifications: Experience in cloud security (AWS, Azure, GCP) Scripting skills (Python, PowerShell, Bash) for automation Exposure to Zero Trust Network Architecture (ZTNA) and SASE frameworks Understanding of threat modeling and advanced persistent threats (APT) Familiarity with regulatory standards (HIPAA, PCI-DSS, etc.) Job Type: Full-time Pay: ₹1,200,000.00 - ₹1,800,000.00 per year Work Location: In person

Company Description Simelabs, part of the Astek Group, is a leading provider of innovative software solutions, specializing in business mobility, Artificial Intelligence, Data Science, Machine Learning, IoT, Cloud Computing, and AR/VR technologies. Headquartered in Kochi, Kerala, we excel at transforming traditional IT infrastructures and implementing digital solutions, helping businesses thrive in today’s dynamic digital landscape. Our team of passionate professionals delivers sophisticated and impactful technological solutions to a global clientele, including six Fortune 500 companies. As part of the Astek Group, we leverage a global network to bring greater innovation and scale to our services. Role Description - Cyber Incident Response Commander (US Timing) Maintain documentation and process particularly the incident response plan (IRP): o Maintain up to date IRP & appendix o Maintain the Plan in relationship with other plans and policies in effect o Refine the specific incident playbooks so that each actor is as relevant as possible o Improve process with legal, communication departments o Write IRPs contextualized to a specific scope (Ships, Region, Subsidiaries…) o Regroup lessons learned and provide improvement recommendations o Establish links between incidents o Provide evidence to external or internal auditors Manage information security incidents: o Assume the Incident Commander role, bringing business and technical units to the table o Assess the incident severity o Declare major incidents officially based on risk and regulation criteria o Manage incidents according to the Plan and the included playbooks o Ensure each team member operates within their defined responsibilities and collaborates effectively with others o Prioritize Forensic activities o Analyse & prioritise Incidents o Follow mitigation & recovery o Communicate, notify, report o Participate to Cyber Defense Center transversal collaboration activities o Participate to projects, improvements and compliance efforts related to CERT matters Qualifications You hold relevant cybersecurity industry certifications, including: GCFA CIH CISSP CEH ECSA ITIL Foundation Knowledge of security tools and techniques Understanding of SOC and forensics techniques You are from a STEM, cybersecurity or equivalent academic background, focused on rigor and optimization You have 5 or more years of experience in a role with similar responsibilities, including CERT, SOC, SecOps or GRC You have a good understanding of information security incident management processes and methodologies (e.g.: ISO 27035, NIST framework or SANS 6-steps) You can convey an information security message to an organization’s management/executive Experience in the transportation/shipping/logistics is a plus You master oral and written English in a professional context You know how to keep your cool under pressure and think straight in moments of chaos

THIS JOB IS FOR HYDERABAD LOCATION. Overview Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunketc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Microetc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organizations way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned. Uphold the companys core values of Integrity, Innovation, Accountability, and Teamwork. Demonstrate behavior consistent with the companys Code of Ethics and Conduct. It is the responsibility of every employee to report to their manager or a member of senior management any quality problems or defects in order for corrective action to be implemented and to avoid recurrence of the problem. Duties may be modified or assigned at any time to meet the needs of the business. Qualifications B. Tech, B.E or M.C.A 2-5 years Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills