3740 Nist Jobs - Page 24

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About The Role We are seeking a highly skilled and experienced Security Consultant to join our team. The ideal candidate will have expertise in designing, implementing, and managing advanced security solutions, with hands-on experience in Cisco ISE, FTD, Palo Alto Firewall, Cisco Secure Workload (Tetration), and Secure Network Analytics (StealthWatch). The role requires a deep understanding of network security, threat mitigation, and compliance frameworks. Key Responsibilities Design, implement, and manage Cisco ISE for network access control and identity-based security policies. Deploy, configure, and optimize Cisco Firepower Threat Defense (FTD) solutions to enhance perimeter security. Manage and maintain Palo Alto Firewalls, including policy creation, threat prevention, and logging. Cisco SD-Access & Catalyst Center (DNAC) Experience – Supports DNAC automation, SD-Access fabric deployment, and troubleshooting, including greenfield/brownfield deployments, fabric builds, and endpoint onboarding. Implement and optimize Cisco Secure Workload (Tetration) for workload protection, micro-segmentation, and policy enforcement. Utilize Cisco Secure Network Analytics (StealthWatch) for network traffic analysis, anomaly detection, and threat response. Conduct security assessments and provide recommendations to improve network security posture. Collaborate with IT teams to design security architectures that align with business needs and regulatory requirements. Perform incident detection, response, and forensic analysis to mitigate security threats. Document security policies, procedures, and configurations for compliance and operational efficiency. Basic Qualifications B. Tech / B.E. in computers or master’s degree in computer science. Hands-on expertise with Cisco ISE, Cisco SD-Access & Catalyst Center (DNAC). Proven experience in network security consulting, design, and implementation. Hands-on expertise with Cisco ISE/DNAC, FTD, Palo Alto Firewall, Tetration, and StealthWatch. Strong knowledge of firewall policies, VPNs, IDS/IPS, and threat intelligence. Understanding of zero-trust architecture, micro-segmentation, and endpoint security. Preferred Qualifications Excellent troubleshooting, analytical, and problem-solving skills. Strong communication and client-facing skills. Certifications such as CISSP, CCNP Security, PCNSE, or equivalent are preferred. Familiarity with industry standards and frameworks such as ISO 27001, NIST, CIS Controls, and GDPR will be added advantage. Excellent communication and leadership skills. Strong analytical and problem-solving abilities. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Summary: We are looking for a skilled Network Security Engineer with 2–3 years of hands-on experience in configuring, managing, and troubleshooting Palo Alto Networks security appliances. The ideal candidate should have a strong understanding of firewall policies, threat prevention features, and security best practices. Key Responsibilities: Configure, deploy, and manage Palo Alto Next-Generation Firewalls (NGFWs) Maintain and optimize security policies, NAT rules, and VPN tunnels (site-to-site and remote access) Monitor firewall logs, generate reports, and analyze security incidents Implement security features, including Threat Prevention, URL Filtering, App-ID, and WildFire Conduct regular firmware upgrades and patch management for Palo Alto appliances Collaborate with network and system teams to ensure secure architecture and deployment Perform routine audits and vulnerability assessments using Palo Alto tools Create and maintain documentation for configurations, processes, and security procedures Document configurations, processes, and troubleshooting steps clearly and professionally Communicate effectively with clients and team members to explain technical details. Work collaboratively with network, systems, and application teams to ensure secure deployments Required Skills and Qualifications –3 years of hands-on experience with Palo Alto NGFWs Solid knowledge of network protocols (TCP/IP, DNS, HTTP/S, VPNs) Experience with Panorama and Strata Cloud Manager for centralized firewall management Familiarity with security standards such as NIST, ISO, and compliance frameworks Strong troubleshooting skills and attention to detail Preferred Qualifications: Any Graduate or PCNSA or PCNSE certification Knowledge of SIEM tools and integration

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We need skilled Ping Identity Engineer with strong experience implementing and supporting customer identity and access management (CIAM) solutions using the Ping Identity suite, including PingOne, Ping DaVinci, and PingFederate. You will design, deploy, and maintain modern CIAM capabilities, working closely with business stakeholders, developers, and security teams to deliver secure and seamless customer authentication experiences. Roles & Responsibilities:-Develop customer authentication and authorization workflows-Integrate with third-party identity providers, directories, and social logins-Configure PingOne platform (PingOne MFA, PingOne Risk, PingOne DaVinci orchestration)-Set up policies for adaptive authentication, step-up authentication, and user journeys-Implement PingFederate for SSO and federation use cases-Support provisioning and lifecycle management via PingOne-Ping DaVinci:Design and build drag-and-drop workflows for identity verification, fraud detection, and progressive profiling-Integrate DaVinci flows with APIs, third-party tools, and identity proofing services Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Knowledge of security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with risk assessment methodologies and compliance requirements. Additional Information:- The candidate should have minimum 5 years of experience in Ping Identity.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity and Access Management (IAM) Operations Good to have skills : Microsoft Azure Active DirectoryMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Senior Entra ID Engineer/Architect to lead the design, implementation, and support of our cloud-based identity and access management solutions leveraging Microsoft Entra ID (formerly Azure Active Directory). This role will focus on securing user identities, implementing conditional access, enabling secure hybrid identity, and driving modern identity governance initiatives to protect organizational assets. Roles & Responsibilities:-Integrate on-prem Active Directory with Entra ID via Azure AD Connect or Entra Connect-Evaluate and design SSO integrations with SaaS applications-Configure and manage Entra ID features, including groups, roles, dynamic group assignments, and administrative unitsSet up secure hybrid identity models and synchronization-Enable and manage Entra ID Conditional Access, Identity Protection, Privileged Identity Management (PIM), and entitlement managemen-Implement secure app registrations and enterprise application integrations-Support SCIM-based provisioning for connected apps-Perform advanced troubleshooting and root cause analysis of authentication, authorization, and provisioning issue-Oversee directory synchronization health and support hybrid identity operations-Implement Zero Trust principles using Entra ID security capabilities--Support secure privileged identity workflows (PIM, Just-In-Time access)-Align Entra ID deployments with compliance and governance frameworks (e.g., CIS, NIST, ISO 27001)-Stay current with new Entra ID features, roadmap, and best practices-Identify opportunities for automation (PowerShell, Graph API)-Recommend improvements to enhance the overall security and efficiency of the identity platform Professional & Technical Skills: Perform advanced troubleshooting and root cause analysis of authentication, authorization, and provisioning issue-Oversee directory synchronization health and support hybrid identity operations-Implement Zero Trust principles using Entra ID security capabilities--Support secure privileged identity workflows (PIM, Just-In-Time access)-Align Entra ID deployments with compliance and governance frameworks (e.g., CIS, NIST, ISO 27001)-Stay current with new Entra ID features, roadmap, and best practices-Identify opportunities for automation (PowerShell, Graph API)-Recommend improvements to enhance the overall security and efficiency of the identity platform Additional Information:- The candidate should have minimum 5 years of experience in Microsoft Azure Active Directory- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Technical Architect – Hybrid Infrastructure, Cloud & Security As enterprises operate in hybrid environments—balancing legacy systems with public cloud adoption—the need for a security-aware infrastructure architect has become mission-critical. This role ensures that architectural decisions are secure by design, scalable, and compliant across on-prem, cloud, and emerging AI-driven ecosystems. The position exists to enable governed transformation while aligning IT infrastructure and cloud strategies with enterprise risk posture, regulatory compliance, and AI/GenAI governance principles. Reporting Line Reports To: AVP – Global IT Security and Compliance Works Closely With: Cloud Engineering, Infrastructure Operations, Cybersecurity, Compliance, Enterprise Architecture, and Data Governance Teams What We Are Looking For We are looking for a strategic Technical Architect with a deep understanding (hands-on not mandatory) of: - Hybrid infrastructure design principles (on-prem and cloud) - Cybersecurity best practices (Zero Trust, segmentation, data protection) - Enterprise governance frameworks (TOGAF, COBIT) - AI/ML platform governance, including GenAI tool oversight, risk assessment, and policy alignment The ideal candidate should be able to evaluate, influence, and architect platforms that align with the organization's security, compliance, and digital transformation goals. Technical & Governance Focus Areas - Cloud Architecture (Azure/AWS/GCP): Understanding of services, architectural patterns, IAM, encryption, and secure connectivity - Infrastructure Design: DC/DR, segmentation, SD-WAN, perimeter design, and HA models - Cybersecurity Alignment: Security zones, threat modeling, CSPM, CNAPP, and DLP strategies - DevOps & Automation Governance: IaC awareness, CI/CD pipeline oversight, policy-as-code understanding - AI/ML & GenAI Governance: - Familiarity with model lifecycle management, data privacy, auditability, and usage control - Alignment to ISO 42001, NIST AI RMF, and enterprise AI/GenAI policy frameworks Governance & Framework Alignment - Strong knowledge of TOGAF, COBIT, ISO 27001, and risk-driven architecture - Participates in Architecture Review Boards, Cloud Governance Councils, and AI oversight groups - Aligns with DSPM, Cloud Compliance Posture, and Zero Trust strategies Preferred Certifications - Cloud: Azure Solutions Architect, AWS SA-Professional, or GCP Architect - Architecture: TOGAF Certified, COBIT 2019 Foundation - Security: CISSP, CCSP (preferred) - AI Governance (Nice to Have): Familiarity with ISO 42001, NIST AI RMF Expanded Cybersecurity Alignment (Updated with OWASP) - Zero Trust and Segmentation: Familiarity with secure network and identity architecture patterns - Data Protection Lifecycle: Understanding of encryption, tokenization, DLP, and secure access - Threat Modeling: Awareness of techniques such as STRIDE, DREAD, and OWASP Top 10 risks, especially relevant for APIs, cloud-native apps, and AI-driven interfaces - API and Web Security: Ensures compliance with OWASP API Security Top 10 and Secure Coding Guidelines - Collaborates with AppSec teams to embed secure architecture practices into CI/CD pipelines AI/ML & GenAI Governance (Extended) - Ensures that GenAI tools and APIs adhere to secure integration principles, including OWASP AI Security & Privacy Guidelines - Participates in defining secure usage boundaries, input sanitization, and output validation frameworks - Collaborates with data scientists and ML engineers to map AI flows to threat models and control objectives Qualifications [Some qualifications you may want to include are Skills, Education, Experience, or Certifications.] Example: Excellent verbal and written communication skills

10+ years in Governance, Risk and Compliance -Expertise in policy development and control mapping -Experience working cross-functionally with cybersecurity, automation, and cloud domains -Excellent communication skills enabling them to work closely with executive management on reviewing InfoSec policies across access control and software development -Extensive background in conducting scheduled vulnerability scans and enterprise risk management assessments -Deep knowledge of FAIR risk management models for risk assessment -Knowledge of NIST framework and CIS standards -Experience implementing best practices in data encryption, business continuity and disaster recovery -Experience creating service-management metrics, continual improvement roadmaps, and rigorous processes for production test and release requirements

Job Summary: We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools. Key Responsibilities: Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation. Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques. Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities. Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations. Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST. Act as a technical lead and mentor for junior VAPT team and QA team members. Identify gaps in the current testing methodologies and implement process improvements. Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting. Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications. Present the client meeting for the future VAPT assignments. Stay updated with emerging threats, tools, techniques, and frameworks. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 3 to 5 years of hands-on experience in VAPT and penetration testing. In-depth knowledge of web, network, mobile, cloud, and API security. Strong understanding of secure coding practices and vulnerability management. Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc. Familiarity with SIEM, IDS/IPS, EDR tools is a plus. Excellent report writing and documentation skills. Strong communication and overseas client-interaction skills. Preferred Certifications: OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) CREST / GPEN / GWAPT / CISSP – Optional but desirable ISO 27001 Lead Auditor or Lead Implementer – Added advantage

Experience: 8-15 years Designation: Manager – Information Security Location: Gift City, Gandhinagar, Gujarat Qualifications: B.E or Equivalent graduation Excellent Spoken and Written communication in English and Gujarati Knowledge / Experience of Market Infrastructure Institutions would be preferred. Working in Gandhinagar Reports to: Chief Technology Officer Primary Responsibilities: Security Planning: Develop and implement a comprehensive security strategy to protect the company’s information assets and infrastructure. Risk Management: Identify, assess, and mitigate risks related to information security, ensuring the company’s resilience against cyber threats. Regulatory Compliance: Ensure compliance with relevant Market Infrastructure Institutions (MII) (SEBI & IFSCA) regulations, standards & Frameworks like Data Protection, PII, ISO 27001, NIST, COBIT and industry-specific guidelines. Security Incident Management & Response: Lead the response to security incidents, including investigation, containment, and remediation efforts. Security Policies and Procedures: Establish and enforce security policies, standards, and procedures to maintain a robust security posture. Developing Security Policies: Create and implement security policies, standards, and procedures to protect the organization’s data and systems.  Risk Management: Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats. Security Audits: Coordinate and perform security audits and assessments to ensure up to date Information & Technology security posture, compliance with relevant laws, regulations, and standards. Perform Internal Information security assessment & audits of the company and Perform company’s participants Information security assessment & audits. Employee Training: Train and educate employees on information security best practices and promote a culture of security awareness. Collaboration: Work with Information Technology, Application development and other departments to enhance security measures and ensure alignment with business objectives. Work closely with CTO, to align security initiatives with business objectives and regulatory requirements. Skills and Qualifications Educational Background: A degree in computer science, information technology, cybersecurity, or a related field. Professional certifications: Certifications like CISSP, CISM, CISA or other relevant cyber security professional certification is must. Experience: Extensive experience in information security, particularly within the MII/financial sector, typically 8+ years. Technical Proficiency: Deep understanding of security technologies, threat modelling, and risk management frameworks, policies & procedures. Knowledge of security frameworks like ISO 27001, NIST, or COBIT, and familiarity with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM). Interpersonal skills: Project management skills, with the ability to work with cross functional teams. Communication, Presentation and writing: Excellent written and verbal communication skills to effectively convey security concepts to both technical and non-technical stakeholders. Draft / update security policies, procedures, training materials, security documentation Key Focus Areas Data Protection: Implement measures to protect sensitive business data from breaches and unauthorized access. Cyber Threat Intelligence: Stay updated on the latest cyber threats and trends and adapt security strategies accordingly. Business Continuity: Develop and maintain business continuity and disaster recovery plans to ensure operational resilience.

As a Program Manager you are responsible for driving the connected Stakeholder agenda, bringing the best capabilities for improving stakeholder experience and building and maintaining senior Stakeholder relationships. We are looking for someone with strong work ethic to join a dynamic and fast growing division, and who will play a key role in delivering firm critical projects. We are seeking a dynamic and detail oriented Identity Technology Delivery Manager to lead initiatives that enhance our organization s security framework. This role will involve overseeing the planning, execution, and delivery Identity projects aimed at securing access, ensuring compliance, reducing the risk of insider threats and enabling modern streamlined Identity management across on prem, cloud and SaaS. Role description: Lead stakeholder engagements and work streams related to the specific program or portfolio in conjunction with the CTO values and principles. Provide oversight of highly skilled project resources and project deliverables throughout the project lifecycle and help ensure timely execution of project deliverables. Apply well developed consulting skills and indepth industry and functional knowledge in the execution of assignments. Establish right framework, governance, and metrics to manage the programs effectively. Help lead proposal development and other new business development activities by leveraging existing relationships with Clevel executives. Provide input into engagement decisions including work plan and timeline, project management, resource allocation and career development of staff members. Develop program strategies and plans, including stakeholder assessment, leadership alignment, organization transition, change readiness, capability transfer, and end-user training. Develop short and long-term goals, KPIs, and objectives, and develop and execute against operational plan. Managing risks and issues and taking corrective measurements. Be a mentor to the team and constantly evaluate opportunities of learning/upskilling and lead/coach the team to fulfil any gaps. Key competencies required: Understand clients needs and issues, provide solutions utilizing Nomura Group company s resources and earn the clients trust. Acquire a wide range of knowledge as an employee of Nomura and play a part in improving the company s service level and corporate value. Take on new challenges for improvement and cultivate a corporate culture of challenge by driving change in business operations. Ensure views are not biased, accept different opinions and perspectives, and collaborate with other members to create common values. Provide appropriate guidance to others and act in a manner that places emphasis on the performance and growth of the organization. Improve further the understanding and awareness of corporate philosophy, professional ethics, compliance, risk management, and code of conduct, and make decisions and take actions from a managerial position. Skills, experience, qualifications and knowledge required: Education: Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field; relevant certifications (PMP, PRINCE2) are a plus. Regulatory Knowledge: Comprehensive understanding of compliance requirements related to identity and access management, such as GDPR, HIPAA, and NIST. Minimum 10+ years of experience in consulting or handling change programs within investment banking. Proven experience as a Program Manager; Thorough understanding of project/program management techniques and methods (Agile and Waterfall). Experience in managing full complex, firmwide infrastructure related transformation project delivery, which require coordination across multiple Corporate functions and Technology partners. Excellent Knowledge of performance evaluation and changemanagement principles. Excellent Communication, Leadership skills, Organization Skills along with experience in conflict management/ issue resolution. Flexibility (Openness to Change) Adapts effectively to changing plans, domains, and priorities; is open and flexible when faced with changing project constraints and timelines. Detailed knowledge of all Microsoft Office products, Jira, Confluence and PowerBI will be preferred. Attention to detail and high quality standards of documentation, processes and control environment. Deals comfortably with ambiguity Stays on target to complete goals regardless of obstacles or adverse circumstances. An understanding of investment banking functions and standard financial products like Derivatives, Bonds, Loans and Equity will be useful. 3-5 years experience of project / delivery management experience, managing or strongly contributing to delivery of Public Cloud build out and application transformation programs is required.

The ideal candidate will have a strong background in controls testing within financial services and excellent analytical and problem-solving skills. Key responsibilities: Design and execute controls testing strategies to evaluate the design adequacy and operating effectiveness of controls. Create test plan, test scripts etc. to support the delivery of GCIO controls assurance objectives. Prepare detailed testing documentation, workpapers and reports to highlight findings and recommendations. Collaborate with various departments within GCIO for control walkthroughs, sampling, evidence collection etc. Maintain up-to-date knowledge of industry standards and best practices related to controls testing. Support the creation of GCIO Controls Assurance management information (MI) Participate in audits and assessments, providing support and insights as needed. Provide training and support to junior team members on controls testing methodologies. Support Controls Assurance Lead to continuously identify and implement improvements within the assurance framework. Skills Experience Required 8-10 years experience in controls testing and/or internal audit. Strong understanding of industry standards like NIST and ITIL Excellent analytical and problem-solving skills Strong understanding of regulatory requirements and industry best practices related to controls assurance, relevant to GCIO risks - such as Information Technology (IT), Information Security (IS), and/ or Data Management Exceptional communication skills, both verbal and written, with the ability to influence and engage stakeholders at all levels. Experience operating in a regulated environment and managing stakeholders across the Three Lines of Defense. Strong organization skills and attention to detail. Familiarity with cyber security, resilience and related domains preferred. Prior experience with Service Now Integrated Risk Management (SNOW - IRM) preferred. Qualifications Bachelor s degree in Information Technology (IT), Computer Science, or a related field; relevant certification (e.g., CISA, CISSP) preferred.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30187465 Job Category Digital Technology Role: Cyber GRC Innovation Location :Bangalore Full/ Part-time: Full time Build a career with confidence Carrier Global Corporation, global leader in intelligent climate and energy solutions is committed to creating solutions that matter for people and our planet for generations to come. From the beginning, we've led in inventing new technologies and entirely new industries. Today, we continue to lead because we have a world-class, diverse workforce that puts the customer at the center of everything we do. About the role: We are seeking a highly motivated and detail-oriented Cyber GRC Innovation Analyst to enhance coordination across Governance, Risk, and Compliance (GRC) functions. The ideal candidate will quality management methodologies and innovation frameworks to improve cybersecurity governance processes, ensure compliance, and drive continuous improvement across GRC initiatives . Key Responsibilities Cross-Functional Coordination: Serve as a central point of contact across GRC teams (Governance, Risk Management, Compliance, Audit). Facilitate communication, workflow integration, and status tracking between GRC, Cybersecurity, IT, and Business units. Maintain and improve documentation, dashboards, and reporting for GRC activities. Innovation and Process Improvement: Identify inefficiencies or gaps in existing GRC processes and propose scalable, innovative solutions. Use Lean, Six Sigma, Kaizen, or other quality management tools to streamline GRC workflows. Research and recommend emerging GRC technologies or automation solutions to enhance team effectiveness. Risk & Compliance Support: Assist in risk identification, assessment, treatment, and monitoring activities. Support compliance initiatives across regulatory frameworks such as ISO 27001, NIST CSF, SOC 2, PCI DSS, or GDPR. Contribute to policy and control framework updates and help manage the compliance calendar. Data-Driven Insights: Analyze data from GRC platforms (e.g., ServiceNow, Archer, LogicGate) to track KPIs, trends, and improvement opportunities. Develop and maintain metrics to demonstrate GRC performance, innovation impact, and risk posture over time. Training & Awareness: Contribute to GRC awareness campaigns and training content development. Promote innovation culture within the GRC team by organizing workshops or collaborative improvement initiatives. Requirements Bachelor's degree in Cybersecurity, Information Systems, Business, or related field. Certifications such as CRISC, CISA, ISO 27001 LA, or Lean Six Sigma (Green Belt or higher) preferred. Experience: 2–5 years in Cybersecurity, IT Risk, GRC, or Quality Assurance roles. Experience working in a matrixed environment with cross-departmental stakeholders. Skills: Strong understanding of GRC frameworks and cybersecurity risk principles. Familiarity with GRC tools/platforms (e.g., Archer, OneTrust, ServiceNow GRC). Analytical mindset with a passion for process optimization and data analysis. Strong communication, project coordination, and change management skills. Proficiency with MS Excel, Power BI, or similar tools for metrics reporting. What we offer: Collaborative and innovative work environment. Opportunities for professional development and certifications. The chance to contribute to a critical cybersecurity function with a measurable business impact. Benefits We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary. Have peace of mind and body with our health insurance Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way . Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Facilitate training sessions to enhance team knowledge and skills in security practices. - Evaluate emerging security technologies and recommend improvements to existing security frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting. - Good To Have Skills: Experience with cloud security tools and frameworks. - Strong understanding of risk assessment methodologies and threat modeling. - Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. - Experience in incident response and security operations. Additional Information: - The candidate should have minimum 7.5 years of experience in Security Threat Hunting. - This position is based at our Gurugram office. - A 15 years full time education is required.

About Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope. About the position: We are seeking a results-driven IT Product Owner (Quote to Cash) to lead the development, delivery, and continuous improvement of IT products and services. As the IT Product Owner, you will act as the voice of the business, ensuring alignment between IT solutions and organizational needs. You will collaborate closely with stakeholders to define product vision, roadmap, and priorities, driving innovation and delivering measurable business value. This role requires a strong understanding of agile principles, excellent stakeholder management skills, and a deep passion for building scalable and user-focused IT products. We are looking for candidates that have prior IT product ownership experience and/or operational experience in the following domains: Configure, Price, Quote (CPQ) Order Management & Fulfillment Licensing, Entitlements & Provisioning Hardware Logistics Responsibilities: Define and communicate the product vision, strategy, and roadmap to align with organizational goals. Act as the primary bridge between business stakeholders and the IT delivery team, ensuring product objectives are met. Create, prioritize, and maintain the product backlog, incorporating business needs, user feedback, and technical considerations. Develop clear and concise user stories, acceptance criteria, and success metrics. Collaborate with cross-functional teams—including engineering, operations, and business stakeholders—to gather requirements and drive alignment. Champion the voice of the customer, advocating for user experience enhancements and product improvements. Work closely with the IT development team to ensure the timely delivery of high-quality products and services. Actively participate in Agile ceremonies, including stand-ups, sprint planning, backlog refinement, and retrospectives. Analyze product performance and leverage data-driven insights to drive continuous improvement. Ensure IT products and services adhere to compliance, governance, and security standards. Own the product’s value proposition and expected ROI, ensuring alignment with business objectives. Clearly articulate the rationale behind product decisions, ensuring all stakeholders understand the "why" and the intended benefits. Requirements: 10+ years of experience in IT product management, product ownership, or as a business/process subject matter expert. 5+ years of experience delivering successful outcomes in complex projects. Proven track record of working in agile environments and effectively managing product backlogs. Strong understanding of IT systems, applications, and services. Excellent communication and stakeholder management skills, bridging the gap between technical teams and business leaders. Strong process mapping, analytical and problem-solving abilities, leveraging data to drive informed decisions. Proficiency with agile project management tools such as Jira, Confluence, or similar platforms. Tenacious problem-solver, comfortable making decisions amid uncertainty. Skilled in leading brainstorming sessions, requirements gathering, and design feedback. Exceptional listening comprehension and empathy. Clear, concise, and articulate written and verbal communication. Strong bias for action and results-oriented mindset. Fluent in English. Preferred Skills & Expertise: Strong understanding of product operating models and experience transitioning from project-based to product-focused IT delivery. Knowledge of enterprise SaaS applications (e.g., Salesforce, CPQ, Workday, NetSuite) and their integrations. Experience in user journey mapping, Lucid process design, and driving customer-centric solutions. Relevant certifications, such as Certified Scrum Product Owner (CSPO) or SAFe Product Owner/Manager, are a plus. Familiarity with governance, compliance frameworks, and privacy laws, including but not limited to: NIST 800-53, ISO/IEC 27001, SOC 2, SOX, GDPR, CCPA/CPRA. Education: Bachelor’s degree (BSc) preferred. Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate. Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Facilitate training sessions to enhance team knowledge and skills in security practices. - Develop and maintain comprehensive documentation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations. - Strong understanding of cloud security frameworks and best practices. - Experience with risk assessment and management methodologies. - Familiarity with compliance standards such as ISO 27001, NIST, and GDPR. - Ability to analyze security incidents and implement corrective actions. Additional Information: - The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations. - This position is based at our Indore office. - A 15 years full time education is required.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Cyber Threat Intelligence Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements. - Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cyber Threat Intelligence. - Strong understanding of cloud security principles and frameworks. - Experience with threat modeling and risk assessment methodologies. - Familiarity with security compliance standards such as ISO 27001, NIST, and GDPR. - Ability to analyze and respond to security incidents effectively. Additional Information: - The candidate should have minimum 3 years of experience in Cyber Threat Intelligence. - This position is based at our Pune office. - A 15 years full time education is required., 15 years full time education

Job Description KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including - SOX, Internal Audits, External Audits Conducting controls assessment in manual/ automated environment Prepare/Review of Policies, Procedures, SOPs Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Qualifications IT Audit + SAP experience with knowledge of IT governance practices Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Strong project management, communication (written and verbal) and presentation skills Knowledge of security measures and auditing practices within various applications, operating systems, and databases. Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal Employment Opportunity Information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As a Risk consultant, you'll contribute technically to Risk Consulting client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for EY within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY's commitment to quality, you'll confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you'll help to create a positive learning culture, coach and counsel junior team members, and help them to develop. The opportunity We're looking for Senior Consultants to join the leadership group of our EY-Consulting Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities include: - Participating in IT Risk and Assurance engagements. - Working effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. - Helping prepare reports and schedules that will be delivered to clients and other parties. - Developing and maintaining productive working relationships with client personnel. - Managing reporting on assurance findings and ensuring control owners take remediation action as required. - Identifying, leading, and managing the continuous improvement of Internal Controls through the implementation of continuous control monitoring and automation. - Reviewing evidence of compliance for adherence to standards. - Understanding key domains of compliance controls, including change management, access to system, network and data, computer operations, and system development. - Staying current with and promoting awareness of applicable regulatory standards, upstream risk, and industry best practices across the enterprise. - Understanding Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Conducting performance reviews and contributing to performance feedback for staff. - Adhering to the Code of Conduct which sets the standards of behavior, actions, and decisions expected from EY's people. Skills and attributes for success include: - Experience in application controls and Information security experience. - Understanding of risk management systems and processes. - Ability to build relationships with key stakeholders across different levels of seniority. - Strong written and verbal communication skills. To qualify for the role, you must have: - Preferably a bachelor's degree in (Finance/Accounting, Electronics, Electronics & Telecommunications, Comp. Science)/MBA/M.Sc./CA. - Minimum of 1-2 years of experience in internal controls and Internal Audit. - Enterprise risk services with a specific focus on IT and related industry standards. - IT Risk Assurance framework. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Preferred security skills related to a broad range of operating systems, databases, or security tools such as UNIX, Linux, Windows 2000 and NT, firewalls, and IDS systems. - Familiarity with IT analysis, delivery, and operations methods, including SDLC and CM. - Familiarity with security and risk standards such as ISO 27001-2, PCI DSS, NIST, ITIL, COBIT. - Experience of security testing methods and techniques including network, operating, and application system configuration review. - Application controls and security experience: sensitive access and SOD testing, controls testing. - Knowledge of data analysis tools like MS Excel, MS Access, MS SQL Server, ACL, Monarch, etc. - Preferred Certifications: CISA. What we look for: We believe that you should own and shape your career. But we'll provide the support and opportunities to develop the skills, knowledge, and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you'll interact and team with individuals from various geographies and sectors. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

Position Overview Job Title: PMO Risk Reduction and Service Owner for Key Vendors Corporate Title: VP Location: Pune, India Role Description The Project Manager – Risk reduction is responsible for leading risk and audit remediation initiatives for Hybrid Cloud Infrastructure division. This includes managing end to end delivery of risk mitigation plans, ensuring timely closure of audit findings and strengthening control environments. Strong project management, stakeholder engagement and risk oversight are key success to the role. The Service Owner (SO) is responsible for managing the entire lifecycle of third-party relationships within the organization. This role involves ensuring that all risk assessment tasks and activities are completed accurately and in a timely manner, overseeing the selection and screening of third parties, and ensuring compliance with regulatory requirements. The SO will work closely with various stakeholders to mitigate risks, manage subcontractors, and ensure continuous risk monitoring. What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy, Best in class leave policy. Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Project Manager – Risk Reduction : Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting and keeping GTI risk profile up to date Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments Identify material remediation priorities for GTI and key cross divisional priorities impacting GTI (control / remediation book of work) Track project status, maintain action logs, and ensure documentation Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums Ensure alignment with internal risk frameworks and regulatory expectations. Service Owner Risk Assessment and Management: Complete risk assessments, ensure proper screening, and report third-party issues. Regulatory Compliance: Nominate Local Service Owners and ensure compliance with local regulatory requirements. Third-Party Selection and Screening: Select third parties, consider risk aspects, and review screening outputs. Control Assessments and Mitigation: Ensure third parties complete required tasks, develop continuity plans, and manage risk mitigation actions. Continuous Monitoring and Termination: Update risk assessments, perform post go-live controls, and execute termination strategies. Contracting and Payment: Complete risk assessments before service commencement, ensure contractual clauses are included, and execute risk process activities for contract renewals or amendments. Stakeholder Management – Identify, Partner, and Collaborate Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans. Partner with 2nd LoD functions within the bank to ensure alignment towards Group wide minimum control standards Collaborate closely and proactively with Divisional Control teams and Embedded Risk teams to manage the audit finding lifecycle Promote and support proactive IT/IS risk culture at the Bank Your Skills And Experience Overall experience in similar roles for 5-8 years in a global Bank withing Technology division or IT/IS audit Minimum 5 years of experience within Risk and Control domain steering technology risk framework / control implementation in a global organization Proven experience in Project management in Risk related programs, including managing vendor governance in a global organization Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001 etc Deeper understanding of industry wide risk landscape and regulatory expectations Cloud Computing Technology (GCP, AWS, Azure etc.) certifications or similar domains Other professional qualifications and certifications in Technology risk management How We’ll Support You Training and development to help you excel in your career. Coaching and support from experts in your team. A culture of continuous learning to aid progression. A range of flexible benefits that you can tailor to suit your needs. About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

SailPoint, the industry leader in Identity Security, is looking for an Identity professional to contribute to our company’s internal corporate Identity program. The Privileged Access Management Engineer will be a key team member in our growing and impactful organization as SailPoint continues to scale globally as the industry leader in Identity Governance. This position will report to the Manager of Identity & Access Management (IAM) and will support SailPoint’s internal Privileged Access Management (PAM) and Endpoint Privilege Management (EPM) systems and operations. As the Privileged Access Management Engineer, you will be responsible for the design, installation, operation and maintenance of the Privileged Access Management (PAM), Endpoint Privilege Management (EPM) and Privileged Password Management (PPM) infrastructure(s) and capabilities. You will analyze, develop and build processes and technology to ensure the comprehensive and timely delivery of PAM, EPM and PPM services. Expect to work in cross-functional teams across IT, Cybersecurity, DevOps & Desktop Engineering, Support, Professional Services, and Corporate Compliance in support of the PAM Program. Come make your mark in a high energy environment at one of the most consistently highest rated “best places to work” in Austin over the past 10 years! Job Responsibilities Design, build, configure and deploy SailPoint’s PAM, EPM and PPM solution(s), including accounts management, access policies, SSH & API key management, secrets management, endpoint privilege management and reporting. Conduct analysis, generate designs & procedures, work closely with stakeholders to define use-cases, keep & maintain inventories, and develop comprehensive documentation & diagrams. Integrate SailPoint’s PAM / EPM / PPM solutions with other core enterprise technologies, such as ServiceNow, VMWare. SailPoint and other IDM systems. Support PAM / EPM / PPM infrastructure operations, including troubleshooting user issues, implementing changes and performing system administration & maintenance. Monitor and respond to any capacity and/or performance needs, including rotational on-call support for the PAM / EPM / PPM infrastructure. Provide regular reports to leadership regarding security, data governance, capacity, performance, usage and licensing. Lead projects, provide security consultation(s), and develop detailed project plans for various projects & phases (PoC, Pilot, Production rollouts). Deploy software clients on workstations, servers & Macs. Recommend and implement modifications that will enhance system usability & reliability while analyzing all aspects of the existing infrastructure. Proactively establish and grow a broad collaboration with business analysts, app / system owners, architects and engineers focusing on strategy, proliferation of automation & integrations, as well as defining / building and refining enterprise services & capabilities. Provide training on changes to user experience (UX), document support procedures, and analyze user feedback in order to minimize impacts to the business. Devise, develop and implement SOPs, SLAs and supporting workflows and approval criteria. Collect, analyze and decipher customer metrics & event data in order to provide meaningful recommendations to improve current policy configurations, and improvements to the UX. Essential Skills Bachelor’s degree in Information Security, Computer Science, Engineering, or equivalent experience in an enterprise setting. 4+ years of experience using, installing, and administering PAM, EPM and PPM solutions such as CyberArk, Delinea and BeyondTrust. Solid understanding of PAM, EPM & PPM concepts, associated controls, terminology & technology. Experience administering and integrating tier zero identity infrastructure that provides AAA services such as MS Active Directory, Azure Active Directory, and RSA. Experience with ISO27001, SOC2, NIST, or similar compliance frameworks preferred Experience managing compliance projects and effectively collaborating with stakeholders and partners Good knowledge / understanding of Active Directory, GPO, JAMF, Azure Active Directory, and other cloud platforms such as AWS and GCP. Experience with developing automated solutions using PowerShell for Windows and BASH for Unix / Linux. Strong customer service and interpersonal skills. Good knowledge of managing infrastructure & endpoints in an enterprise setting. Must be a team player and analytical thinker, with robust troubleshooting skills and a creative problem-solving approach. Must be able to work with stakeholders & end-users who are located across the globe. Ability to work independently, present and describe highly technical topics in a non-technical manner and effectively communicate with / educate business stakeholders at all levels, from individual contributors to C-level executives. Ability to produce and maintain detailed technical documentation, business processes and training material. Basic understanding of QA methodology including usability testing, performance testing, automated testing, test scripts, test cases and test plans. Familiarity with continuous delivery model and agile development processes. Must be flexible, willing to undertake a wide variety of new and challenging tasks all while driving results. Preferred Skills Significant experience working within a large enterprise, with responsibility for administering & supporting the technology and processes in the PAM, EPM and PPM domains; ideally, within the software vertical. Significant knowledge / experience designing, implementing, managing, and supporting BeyondTrust PASM, PEDM and remote access solutions. Experience building, managing & maintaining ISO27001, SOC2, FedRAMP & SOX environments. Strong development (SDLC-based) & QA experiences with upgrading MAC OS, using Homebrew & other UI tools such as Microk8s, Keka, VirtualBox, etc. 4+ years of experience with APIs and scripting languages (e.g. JavaScript, Python, etc.). Experience with JSON, XML, SOAP and REST web-services Roadmap for Success:Within first 30 days: Onboarding activities - HR Trainings, meet with the team, understand the roadmap, projects and processes Gain access to necessary systems and tools. Understand current processes for: Identity and Access Management Identity Governance and Administration Privileged Access Management (PPM/EPM) IT Compliance – UAR, Audit process By 90 Days Collaborate on projects with team members and cross-functional teams. Be fully integrated with the team’s workflows and culture. Propose initiatives to: Improve team efficiency Enhance PAM and compliance processes Automate manual tasks across the team By 6 Months Become a subject matter expert in PAM and IT Compliance. Automate manual processes and explore AI-driven enhancements. Partner with extended IT teams to drive automation efforts. Develop and refine operational practices and procedures. Proactively meet standards for information security and compliance. Perform operational tasks at a comparable workload to their peers. SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law. Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security threats and solutions. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Facilitate training sessions to enhance team knowledge and skills in security practices. - Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting. - Strong understanding of cloud security principles and frameworks. - Experience with incident response and threat intelligence. - Familiarity with security compliance standards such as ISO 27001 and NIST. - Ability to analyze security incidents and develop mitigation strategies. Additional Information: - The candidate should have minimum 7.5 years of experience in Security Threat Hunting. - This position is based at our Gurugram office. - A 15 years full time education is required.

Job Summary Job Summary: We are seeking a skilled and detail oriented professional to lead or support the implementation, administration, and optimization of the OneTrust GRC platform. The ideal candidate will be responsible for configuring modules, enabling workflows, and aligning the platform capabilities with enterprise risk management, compliance, audit, and policy management frameworks. Key Responsibilities: 1. Platform Management & Configuration Administer and configure OneTrust GRC modules (Risk Management, Audit Management, Compliance, Policy Management, TPRM, etc.) Customize templates, workflows, and dashboards to align with organizational processes. Manage user roles, access control, and data governance within the OneTrust platform. 2. Risk & Compliance Operations Support enterprise and operational risk assessments, including issue and control management. Facilitate policy lifecycle management, including drafting, review, approval, and publication using OneTrust. Enable regulatory compliance tracking and reporting aligned with frameworks (ISO 27001, NIST CSF, GDPR, SOX, etc.) 3. Integration & Automation Coordinate OneTrust integration with other systems such as ServiceNow, Azure AD, Jira, CMDB, etc. Develop automated reporting, notifications, and workflows to enhance GRC efficiency. 4. Stakeholder Engagement Collaborate with Information Security, Legal, Internal Audit, and Business Unit leaders to gather requirements and deliver OneTrust solutions. Conduct training sessions and develop user guides for platform users. 5. Audit & Reporting Generate compliance reports, control assurance outputs, and risk dashboards.

The role involves contributing to various transversal topics related to the security of Digital Workplace environments. This includes providing recommendations to project management and architecture to consider security constraints in accordance with group guidelines, conducting risk analysis on different subjects, presenting risks to the business/sponsor for acceptance, implementing mitigation measures, drafting PASFs for outsourced services, piloting pen tests on entrusted perimeters, and contributing to the activities of the entity's Security Run. Additionally, responsibilities include resolving incidents on managed perimeters and monitoring vulnerabilities on managed perimeters. The key deliverables expected in this role are security specifications for new projects and solutions, security and risk analysis aligned with Societe Generale Processes, mitigation proposals, presentations to the worldwide security community, follow-up on mitigation implementation and pen tests, risk reviews with management or ORM, security rules and SSAP documents for external services and contractors, incident/vulnerability follow-up on target perimeters, control definition and industrialization, recurrent risk reviews, and security validation for flows, rights, exceptions, and profiles. The ideal candidate for this position should have 8-12 years of relevant experience, expertise in MS Exchange/IronPort, MS Windows administration and hardening, Teams Telephony/SBC EBC, and familiarity with security standards such as ISO 27001/27005, NIST, CIS, and EBIOS. At Socit Gnrale, it is believed that people are drivers of change, shaping the world of tomorrow through their initiatives. Joining the team offers an opportunity to have a positive impact on the future, with a focus on creating, daring, innovating, and taking action. Employees are encouraged to engage in solidarity actions, supporting the Groups ESG strategy, and promoting diversity and inclusion within the organization.,

Position Title SOC Analyst L2 Panchkula, India - Date Posted July 21, 2025 Description Were hiring a detail-oriented and experienced SOC Analyst L2 to join our Information Security Group (ISG) at Grazitti Interactive. In this role, youll investigate complex incidents, perform in-depth threat analysis, lead proactive threat-hunting efforts, and mentor junior analysts. If youre looking to deepen your cybersecurity expertise, manage critical incidents, and contribute to a mature SOC environment, this opportunity is tailor-made for you. Skills Key Skills 23 years of experience in SOC or a similar cybersecurity-focused role Strong understanding of networking protocols, subnetting, routing, and addressing Proficient in Linux and Windows OS, system hardening, and architecture Deep understanding of Active Directory attacks and defense mechanisms Expertise in ELK Stack (Elasticsearch, Logstash, Kibana) for threat detection Experience in incident response, threat hunting, and forensic investigation Familiarity with OWASP Top 10, digital forensics, and malware analysis Proficiency in tools like TheHive, Cortex, MISP, OpenCTI, and Jira Ability to write detection rules for OWASP vulnerabilities and custom use cases Skilled in KQL, ESQL, and other query languages for log analysis Excellent communication and documentation skills Certifications like CompTIA Security , CEH, OSDA, or BTL1 (preferred) Knowledge of frameworks such as MITRE ATT&CK and NIST CSF (a plus) Responsibilities Roles and Responsibilities Monitor security events and logs to detect advanced threats Conduct detailed investigations and lead real-time incident response Perform in-depth threat analysis using digital forensics tools Develop and optimize detection use cases and custom rules for SOC monitoring Harden Linux and Windows environments to prevent potential exploits Analyze threat intelligence and simulate attack scenarios to test detection readiness Collaborate across departments to embed cybersecurity into operations Mentor and guide junior SOC team members Regularly communicate security incidents and progress updates to stakeholders Position: SOC Analyst L2 Name* E-mail* Phone* CV & Documents* Add file Required fields Phone Thank you for submitting your application. We will contact you shortly! Contacts Email: careers@grazitti.com Address HSIIDC Technology Park, Plot No 19, Sector 22, 134104, Panchkula, Haryana, India

At Franklin Templeton, we’re driving our industry forward by developing new and innovative ways to help our clients achieve their investment goals. Our dynamic and diversified firm spans asset management, wealth management, and fintech, offering many ways to help investors make progress toward their goals. Our talented teams working around the globe bring expertise that’s both broad and unique. From our welcoming, inclusive, and flexible culture to our global and diverse business, we offer opportunities not only to help you reach your potential but also to contribute to our clients’ achievements. Come join us in delivering better outcomes for our clients around the world! What is the Security Operations responsible for? Security Operations is responsible for continuous monitoring and improving organization’s security posture while preventing, detecting, analyzing, and responding to Cyber Security incidents with the aid of both technology and well-defined processes and procedures. Security Operations is expected to possess extensive knowledge of incident response methodologies, a deep understanding of cybersecurity threats, and hands-on experience in managing and mitigating security incidents. What are the ongoing responsibilities of Analyst – Security Operations? Lead and coordinate incident response activities, ensuring timely and effective resolution. Develop and maintain incident response playbooks and procedures. Perform threat hunting using SIEM, EDR, and threat intelligence. Conduct digital forensics and malware analysis to determine the scope and impact of incidents. Collaborate with IT, legal, and business teams to contain and remediate threats. Stay current with emerging threats, vulnerabilities, and security trends. Mentor and guide junior SOC analysts. Required Qualifications Experience: 6–8 years in cybersecurity, with a focus on SOC operations and incident response. Environment: Experience in a 24x7 operational environment, preferably across multiple geographies. Technical Skills Good understanding of networking protocols, operating systems (Windows/Linux), and security technologies. Exposure to malware analysis and digital forensics. Familiarity with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Hands-on experience with tools such as: SIEM: Splunk, CrowdStrike, QRadar EDR: CrowdStrike, Carbon Black, SentinelOne SOAR: Palo Alto XSOAR, Splunk SOAR Forensics: FTK Imager, Autopsy, Wireshark, Procmon Preferred Certifications GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Soft Skills & Attributes Strong analytical and problem-solving mindset. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. High integrity and a proactive, team-oriented attitude. Strategic and tactical thinking with attention to detail. Work Shift Timings - 6:00 AM – 3:00 PM / 2:00 PM - 11:00 PM IST Experience our welcoming culture and reach your professional and personal potential! Our culture is shaped by our diverse global workforce and strongly held core values. Regardless of your interests, lifestyle, or background, there’s a place for you at Franklin Templeton. We provide employees with the tools, resources, and learning opportunities to help them excel in their career and personal life. Hear more from our employees By joining us, you will become part of a culture that focuses on employee well-being and provides multidimensional support for a positive and healthy lifestyle. We understand that benefits are at the core of employee well-being and may vary depending on individual needs. Whether you need support for maintaining your physical and mental health, saving for life’s adventures, taking care of your family members, or making a positive impact in your community, we aim to have them covered. Highlights Of Our Benefits Include Professional development growth opportunities through in-house classes and over 150 Web-based training courses An educational assistance program to financially help employees seeking continuing education Medical, Life and Personal Accident Insurance benefit for employees. Medical insurance also cover employee’s dependents (spouses, children and dependent parents) Life insurance for protection of employees’ families Personal accident insurance for protection of employees and their families Personal loan assistance Employee Stock Investment Plan (ESIP) 12 weeks Paternity leave Onsite fitness center, recreation center, and cafeteria Transport facility Child day care facility for women employees Cricket grounds and gymnasium Library Health Center with doctor availability HDFC ATM on the campus Learn more about the wide range of benefits we offer at Franklin Templeton Franklin Templeton is an Equal Opportunity Employer. We are committed to providing equal employment opportunities to all applicants and existing employees, and we evaluate qualified applicants without regard to ancestry, age, color, disability, genetic information, gender, gender identity, or gender expression, marital status, medical condition, military or veteran status, national origin, race, religion, sex, sexual orientation, and any other basis protected by federal, state, or local law, ordinance, or regulation. Franklin Templeton is committed to fostering a diverse and inclusive environment. If you believe that you need an accommodation or adjustment to search for or apply for one of our positions, please send an email to accommodations@franklintempleton.com. In your email, please include the accommodation or adjustment you are requesting, the job title, and the job number you are applying for. It may take up to three business days to receive a response to your request. Please note that only accommodation requests will receive a response.

Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry -leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Description Who are we? Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 40 percent of all Fortune 100 companies, including Siemens, Airbus, Salesforce, Stellantis, Adidas, Walmart, and Sanofi. What are we looking for? We are seeking a proactive and detail-oriented GRC Analyst to join our Information Security team. In this role, you will support and enhance the organization’s Governance, Risk, and Compliance programs by conducting Vendor Risk Management (VRM) assessments, performing risk evaluations, and supporting internal and external audits, including SOC 2 Type 2 and ISO 27001. You will ensure alignment with industry standards such as NIST and ISO, enhance our security posture, and promote a culture of compliance and risk awareness across Checkmarx. How will you make an impact? Risk Management & Assessments: Identify, assess, and prioritize organizational risks. Conduct comprehensive VRM assessments to evaluate third-party risks. Develop and implement risk mitigation strategies and monitor remediation progress. Perform risk assessments and maintain updated risk registers and reports. Compliance & Audits: Ensure compliance with relevant laws, regulations, and standards (e.g., SOC 2, ISO 27001, NIST, GDPR). Support internal and external audits, including evidence collection, documentation preparation, and stakeholder coordination. Maintain and update compliance with documentation, policies, and procedures. Assist in developing, reviewing, and maintaining governance frameworks, controls, and policies. Promote a culture of security, compliance, and risk awareness. Collaboration & Program Improvement: Collaborate with cross-functional teams, including Legal, Procurement, R&D, and IT, to address GRC-related matters. Assist in the continuous improvement of GRC programs and initiatives. Develop and deliver training and awareness sessions to enhance employee understanding of governance, risk, and compliance practices. Requirements What is needed to succeed? 2+ years of experience in GRC, risk management, or similar roles. Bachelor’s degree in computer science, Information Security, Cyber Security, Risk Management, or related fields. Familiarity with VRM processes, SOC 2 Type 2, and ISO 27001 audits. Working knowledge of privacy regulations and information security frameworks (e.g., NIST, CIS, ISO 27001, GDPR). Strong analytical thinking, attention to detail, and problem-solving abilities. Excellent written and verbal communication skills in English. Ability to manage multiple tasks, prioritize effectively, and work independently and collaboratively with various stakeholders. One or more of the following Certificates (Highly desirable): CISSP, CRISC, CISA, CISM, CGRC. What we have to offer