About General Mills We make food the world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Häagen-Dazs, we’ve been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out http://www.generalmills.com General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of our global organization, delivering business value, service excellence, and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC), Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI), Global Shared Services (GSS), Finance Shared Services (FSS) and Human Resources Shared Services (HRSS). For more details, check out https://www.generalmills.co.in We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. Job Overview Function Overview Digital and Technology is the largest team in GIC, which focuses on understanding the latest and innovative trends in technology and leading the adoption of cutting-edge technologies at General Mills. The team closely collaborates with global business teams to understand business models and assess where technology can be leveraged to bring efficiency and disruption. Be it AI/ML, Data Science, IoT, NLP, Cloud, Infrastructure, RPA and Automation, Digital Transformation, Cyber Security, Blockchain or Enterprise Architecture, GIC Digital and Technology has something for every technology enthusiast who wants to work here. Our MillsWorks initiative is where we bring the agile@scale delivery model to life. Here, business and technology teams work cohesively in pods as ONE team, driven by a singular mission and focused on delivering value for the Company. Our employees, who work on large technology projects of strategic importance, are the Digital Transformation change agents. Our service partnerships and employee engagement are centered on advancing equity and strengthening communities. We believe in an inclusive culture and trust in the power of people who have a passion for learning and growing with technology. We believe in “Work with Heart”. Work with Heart is focused on results, not face time. If you are passionate about the latest in technology and want to make an impact on the digital transformation journey of a Fortune 500 company, we're waiting for you. For more details about the Function, please visit this Link. Purpose of the role This role will provide input to the EVM strategic direction and have a focused responsibility for one or more EVM tools. This role is responsible for implementing and managing enterprise vulnerability management processes to reduce technical risks, which include identifying and evaluating vulnerabilities and remediation activities. Should be able to provide inputs and work on key development strategies for EVM. Having Cyber Security knowledge and understanding of various areas of Vulnerability management, like Penetration tests, DAST, SAST, and Infrastructure Vulnerability management, is a must. An understanding of Networks and network security would be a plus point. Key Accountabilities 90% of Time: Functional Responsibilities: Areas of responsibility include, but are not limited to, advancing the Penetration testing program and bringing enhancements to it. Working on various areas of Vulnerability Management, including but not limited to DAST, SAST, and Cloud. Should be able to manage and collaborate for internal and external pen testing procedures end-to-end. Should be able to provide inputs and work on key development strategies for the EVM processes Research, consultation, and guidance of business partners on the most effective approach for GMI to address critical vulnerabilities identified Building awareness amongst stakeholders about Vulnerability management and translating technical discussions for Senior Leadership Responsible for maintaining and enhancing configuration and procedural documentation of the current and future Vulnerability Management processes, where required Leverage appropriate learning opportunities for technical and professional growth Knowledge of ongoing market trends and technologies, and ensuring the team is well updated, or transitions are made where required 10% of Time: Personal and Team Development Responsibilities: Networks with stakeholders and builds strong connections in Cyber Security Share knowledge and trends within the Cyber Security team to improve General Mills' cyber security awareness. Minumum Qualifications Bachelor’s degree from an accredited university 5+ years of related experience Comfort with the shift time of: 11.30 am to 8.30 pm Specific Job Experience Or Skills Needed Practical knowledge of IT Security-related technologies, procedures, and best practices Process-based understanding of how Penetration tests work Should be able to mentor and train the team where required for various processes Should be able to propose VM solutions, prepare presentations, and coordinate vendor demonstrations Should be able to work and drive pen testing projects and identify/collaborate requirements for the same. Should be able to present the strategies and process developments in EVM to the business Prior experience in Information Technology Understanding of CI/CD application development processes Experience doing risk assessments Strong knowledge in information security standards and frameworks such as NIST 800-53 Ability to prioritize and complete multiple tasks on tight deadlines. Competencies/Behaviors Required For The Job Fosters an environment of teamwork, positive relationships, accountability, and results within and across teams Strong learning agility and willing to learn new tools and technologies. Actively coaches group members in developing their skills Strong communication skills with the ability to communicate complex issues to a diverse audience Self-starter with the ability to drive an item from concept to full implementation independently Ability to conduct thorough analysis and recommend data-driven actions The aptitude to innovate—to integrate new and better technologies and methods into our processes Highly organized and able to tackle issues efficiently. Company Overview We exist to make food the world loves. But we do more than that. Our company is a place that prioritizes being a force for good, a place to expand learning, explore new perspectives and reimagine new possibilities, every day. We look for people who want to bring their best — bold thinkers with big hearts who challenge one other and grow together. Because becoming the undisputed leader in food means surrounding ourselves with people who are hungry for what’s next. Show more Show less

Req ID: 125023 Remote Position: Hybrid Region: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary The Senior Specialist, IT Solutions is a key role that evaluates, implements, and manages Security solutions to protect Celestica's systems and data. Responsibilities include implementing automation technologies, performing risk assessments, contributing to automation policies and standards, and advising on automation best practices. This role also mentors junior team members and provides advanced technical support for automation solutions. Detailed Description Performs tasks such as, but not limited to, the following: Maintain security infrastructure for operational efficiencies collaborate with other IT infrastructure, application and network teams to ensure seamless integrations of tools and technology. Develop and implement playbooks for security automation and orchestration to respond to security events and incidents. Design and implement integrations between security tools such as EDR, SIEM, and ServiceNow, to automate incident response and threat intelligence sharing. Automate security processes, such as vulnerability scanning, patching, and user provisioning, using scripting and configuration management tools. Develop custom scripts and tools, such as parsers and data enrichment scripts, to automate repetitive security tasks and integrate disparate security data sources. Create and maintain comprehensive documentation and runbooks for security automation processes and integrations. Collaborate with other security team members, such as threat intelligence analysts and incident responders, to identify automation opportunities and implement effective security automation solutions. Stay up-to-date on emerging security threats and technologies to proactively identify and address potential security risks through automation. Knowledge/Skills/Competencies Expert knowledge of information security principles, practices, and technologies. Expert knowledge of EDR, SIEM, and ServiceNow Strong understanding of data integration and API development In-depth knowledge of information security standards and regulations (e.g., ISO 27001, NIST). Strong understanding of software design processes and data modeling. Excellent problem-solving and analytical skills. Strong leadership, mentoring, and communication skills. Ability to work independently and as part of a team. Physical Demands Duties of this position are performed in a normal office environment. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required. Typical Experience 6 to 8 years of experience in information security, with a proven track record of evaluating, implementing, and managing security solutions. Typical Education Bachelor's degree in Software Engineering, Computer Science, Information Security, or a related field. Relevant industry certifications (e.g., CISSP, CISM) are highly desirable. Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law). At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them. Company Overview Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers. Celestica would like to thank all applicants, however, only qualified applicants will be contacted. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services. Show more Show less

Job Title: Cyber Security Assessments & Security Domain-Specific Audits Consultant (E3.2) Location: Noida, India Company: HCL Technologies Job Type: Full-time Experience Level: Mid-Senior (E3.2) About HCL Technologies: HCL Technologies is a global IT services company, providing a comprehensive range of technology solutions across diverse industries. We are committed to driving digital transformation and building secure, innovative, and future-ready enterprises. At HCLTech, we leverage next-gen technologies like AI, IoT, and cybersecurity to deliver value and make a real-world impact. Role Overview: As a Cyber Security Assessments & Security Domain-Specific Audits Consultant , you will be responsible for conducting detailed cybersecurity assessments, audits, and evaluations to assess the security posture of client organizations. You will specialize in security domain-specific audits and work closely with clients to identify vulnerabilities, recommend improvements, and ensure compliance with industry standards and best practices. You will collaborate with cross-functional teams to provide actionable insights, and deliver solutions that mitigate security risks and enhance the overall security landscape of the organization. Key Responsibilities: Cybersecurity Assessments: Conduct comprehensive security assessments of enterprise IT systems, networks, and applications. Identify, evaluate, and prioritize security vulnerabilities, risks, and gaps. Develop and execute penetration testing and vulnerability scanning procedures. Review security policies, protocols, and incident response procedures. Analyze security architecture and make recommendations for improvements. Security Domain-Specific Audits: Lead security domain-specific audits (e.g., network security, cloud security, application security). Perform risk-based assessments in specific security domains to ensure compliance with internal policies and external regulatory requirements. Identify security gaps, misconfigurations, and potential threats within various security domains. Work with clients to ensure that they meet industry standards such as ISO 27001, NIST, GDPR, PCI-DSS, etc. Security Controls & Compliance: Assess the design, implementation, and effectiveness of security controls. Ensure compliance with internal and external security requirements. Work with clients to prepare for external audits, and facilitate internal compliance reviews. Generate audit reports, track action items, and provide recommendations for improvements. Security Best Practices: Share best practices, methodologies, and frameworks for implementing robust security measures. Mentor and guide junior team members on security audit methodologies and techniques. Assist in the development and review of security policies, guidelines, and standards. Stakeholder Communication: Present findings to technical and non-technical stakeholders, including senior management. Provide clear and actionable reports on the security posture of client systems. Collaborate with client teams to implement remediation plans for identified vulnerabilities. Continuous Learning & Research: Stay updated on the latest trends in cybersecurity and threat intelligence. Research new vulnerabilities, emerging threats, and industry-specific security concerns. Apply new knowledge to improve security assessments and audits. Show more Show less

Job Description Who we are looking for - Alpha Platform is looking for an experienced risk professional to join their Business Risk Management (BRM) team. A candidate for this position is expected to work in a fast-paced environment akin to a commercial software company in order to meet the expectations of this rapidly growing business. Risk management skills, especially those acquired at G-SIFI organizations and/or large public accounting firms, balanced with technology and data skills will contribute to a candidate’s success in this position. This is a full-time position located at our Burlington, Massachusetts office. Why this role is important to us - Effective risk management is a top priority for a G-SIFI organization. As a member of the BRM team you will assist in the execution of a risk management program aimed at governing, overseeing and managing risks, in support of the firm’s risk excellence goals. What You Will Be Responsible For - Identify and assess risks and controls within business and technology processes Test design and operating effectiveness of controls as part of periodic required process and control reviews Self-identify, and assist the business in self-identifying, control issues, analyze their root causes, draft / assist in drafting appropriate and timely remediation plans, and continuously monitor remediation progress Advise the business on risks and control design, adopting a partnership approach, especially during introduction of new technology and business processes Assist with the execution of key business risk programs, including regular risk reviews, risk reporting, oversight and governance activities (including issue and incident management), and monitoring control performance Assist with the preparation and coordination of outside reviews, including audit events and/or regulatory examinations Escalate any perceived violations of rules, regulations, policies, procedures and recommend a course of action What We Value - Ability to effectively prioritize multiple tasks and work independently in non-routine situations Willingness to learn new technologies and processes Strong analytical, interpersonal, organizational, research, and communication (verbal and written) skills Good understanding of the role of first, second and third line of defense Strong influencing, collaboration, and project management skills Critical thinking and intellectual curiosity Initiative, ownership and energetic Excellent analytical skills Self-motivation, self-assurance and self-management Excellent team player and treating others with respect Education & Preferred Qualifications - University degree in information systems, computer science, or related field Proficiency in IT and risk management Knowledge of industry Risk and Control frameworks (COSO, COBIT, NIST, ISO, etc.) Experience with Microsoft Tools, Archer platform, Open Pages, Tableau, SharePoint Technical certifications preferred e.g. CISA, CISM, CRISC, CISSP Who We Are - Alpha Platform builds and operates technology platforms and harmonizes data for use across the end-to-end investment management cycle so clients can overcome silos, work smarter and stay in sync. The Alpha Platform organization includes Alpha Data Platform, Charles River Development, Mercatus, Commercialization, and Platform Management. We are part of State Street, a Global Systemic Important Financial Institution (G-SIFI), who is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark in the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in location, but you may expect generous medical care, insurance and savings plans among other perks. You’ll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential. We truly believe our employees’ diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you. State Street is an equal opportunity and affirmative action employer. Interested in learning more about us? Visit our www.statestreet.com www.ssga.com www.crd.com LinkedIn page: State Street on LinkedIn Job ID: R-772428 Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior - IT audit – General skills Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Work you’ll do Lead client engagements and provide strategic guidance on OT/ICS security initiatives. Participate in OT incident response activities, including investigation, analysis, and mitigation of security incidents in the OT environment. Oversee the monitoring and detection of security threats and incidents in the OT environment, ensuring timely response and resolution. Establish trusted advisor relationships with key client stakeholders, including C-level executives, OT managers, and IT security teams. Lead and mentor a team of OT security professionals, providing guidance, support, and professional development opportunities. Conduct regular assessments and audits of OT security controls, identifying gaps and recommending remediation measures. Conduct Passive Vulnerability testing for OT environment Conduct Risk Assessment and gap assessment in OT environment Foster a culture of collaboration, innovation, and continuous learning within the team. Contribute to the development of the OT/ICS cybersecurity practice within the firm, including thought leadership, methodologies, and service offerings. Identify market trends, emerging technologies, and regulatory developments in the OT/ICS cybersecurity space. Collaborate with firm leadership to develop go-to-market strategies and business development initiatives. Manage complex OT/ICS cybersecurity projects from initiation to closure, ensuring quality, timeliness, and client satisfaction. Develop project plans, budgets, and resource allocations to meet project objectives and deliverables. Monitor project progress, identify risks and issues, and implement mitigation strategies as needed. Provide subject matter expertise on OT/ICS cybersecurity technologies, standards, and best practices. Develop and implement cybersecurity controls and solutions to mitigate risks and protect critical infrastructure. Assist clients in developing and implementing governance frameworks, policies, and procedures to manage OT/ICS cybersecurity risks. Deliver client presentations, workshops, and training sessions on OT/ICS cybersecurity topics. Contribute to thought leadership activities, including whitepapers, articles, and conference presentations. Participate in industry forums, working groups, and conferences to share insights and best practices. Ensure compliance with relevant OT/ICS cybersecurity regulations, standards, and frameworks (e.g., NERC CIP, IEC 62443). Lead pursuit qualification, proposals, response and closing of opportunities. The key skills required are as follows: Lead and manage the OT SOC team, providing guidance, direction, and mentorship to analysts and engineers. Knowledge of advanced persistent threats, malware, emergingthreats as well as experience in a large corporate environment. Strong understanding of malware analysis,threat taxonomy and threat indicators Ability to work with multiple securitytechnologies, platforms includingSIEMs, IDS /IPS, Firewalls, Web application firewalls etc. Hands on experience for configuration and working on tools as Claroty, Tenable, Nazomi Extensive experience in Pre-Sales, Securityoutsourcing, Marketing and Alliances Experience of assessment / implementation of OT Security controls basis various standard such as NIST, ISO 27001, NERC CIP and IEC 62443 etc. Understanding of various OT security architectures and ability to review the same. In-depth knowledge of OT protocols, technologies, and systems, including SCADA, PLCs, DCS, and HMI. Hand-on experience of working on OT Technologies such as SIEMENS, Yokogawa, Honeywell, Rockwell etc. Experience with OT security tools and technologies, such as SIEM, IDS/IPS, firewall, and endpoint protection. Excellent communication and interpersonal skills, with the ability to effectively communicate technical concepts to non-technical audiences. Qualifications B.Tech / BE / M.Tech / MCA /MBA/MS 8+ Years of relevant Exp. Preferred: GISCP and IEC 62443 Desirable: CISSP and CISM Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purposely challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Show more Show less

Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Your work profile As Assistant Manager in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - We are looking for a highly skilled QRadar Implementation Engineer to design, deploy, and configure the QRadar SIEM platform across multiple customer environments within our MSSP platform. The ideal candidate will have strong expertise in QRadar implementation and the ability to customize solutions based on individual client requirements while ensuring scalable, efficient, and secure SIEM operations in a multi-tenant environment. Key Responsibilities: • QRadar Deployment & Configuration: Design and implement QRadar SIEM solutions for MSSP clients, including the installation and configuration of QRadar components (Console, Event Processors, Data Nodes, etc.). • Multi-Tenant Environment: Configure and maintain QRadar in a multi-tenant MSSP environment, ensuring proper segmentation and secure data handling for each client. • Log Source Integration: Integrate diverse log sources (network devices, endpoints, applications, cloud services) into QRadar for continuous monitoring and threat detection across different client environments. • Customization for Clients: Develop and customize correlation rules, dashboards, and alerts specific to client needs, including use cases tailored to each customer’s threat landscape. • Use Case Development: Work closely with client SOC teams to develop security use cases, tune rules, and optimize detection capabilities based on emerging threats and business requirements. • Performance Optimization: Ensure the optimal performance of QRadar across all tenants, including EPS management, storage, and event processing in high-volume environments. • Client Onboarding: Collaborate with internal and external teams for seamless onboarding of new clients onto the MSSP platform, ensuring successful integration with existing security tools and services. Security Monitoring and Threat Detection: Assist in the development of effective monitoring strategies, leveraging QRadar to detect and respond to threats for multiple clients. • Compliance and Reporting: Ensure that QRadar deployments align with regulatory requirements (PCI-DSS, GDPR, HIPAA, etc.) and provide detailed reporting and audits for each client as needed. • Troubleshooting & Support: Provide Level 2/3 support for QRadar issues, ensuring timely resolution of problems related to log ingestion, parsing, rule execution, and system performance. • System Upgrades & Maintenance: Plan and execute regular system upgrades, patching, and maintenance activities for QRadar instances across all client environments. Desired qualifications • Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience. • 5+ years of experience in deploying and managing QRadar SIEM in large-scale environments, preferably within an MSSP. • In-depth understanding of QRadar architecture, components, and deployment scenarios. • Strong experience in managing and securing multi-tenant SIEM environments. • Expertise in log source integration, event normalization, and tuning for different client environments. • Familiarity with scripting and automation tools (Python, Bash, etc.) for custom integrations and log parsing. • Solid understanding of networking and security technologies (firewalls, IDS/IPS, EDR, etc.). • Hands-on experience with security frameworks such as MITRE ATT&CK, NIST, or ISO 27001. Preferred Certifications: • IBM Certified QRadar SIEM Administrator or Architect. • CISSP, CEH, or other relevant cybersecurity certifications. Location and way of working • Base location: Mumbai/Gurgaon • Professional is required to work from office Your role as a Assistant Manager We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: • Inspiring - Leading with integrity to build inclusion and motivation • Committed to creating purpose - Creating a sense of vision and purpose • Agile - Achieving high-quality results through collaboration and Team unity • Skilled at building diverse capability - Developing diverse capabilities for the future • Persuasive / Influencing - Persuading and influencing stakeholders • Collaborating - Partnering to build new solutions • Delivering value - Showing commercial acumen • Committed to expanding business - Leveraging new business opportunities. Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization • Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities • Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) • Managing change - Responding to changing environment with resilience • Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision • Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems • Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte • Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Show more Show less

About Us We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead. Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today! Principal Functional Responsibilities Develop, implement, and maintain cybersecurity policies, standards, and procedures in alignment with industry frameworks and regulatory requirements. Conduct risk assessments, security control evaluations, and gap analyses to identify and mitigate risks. Support internal and external audits, ensuring compliance with frameworks such as NIST CSF, ISO 27001, CIS Controls, SOC 2, and regulatory obligations. Assist in the management of third-party risk assessments and vendor security evaluations. Track, monitor, and report on cybersecurity risks, controls, and compliance metrics. Work with cross-functional teams to ensure security controls are embedded in business processes and IT operations. Develop and maintain risk registers, compliance documentation, and audit evidence repositories. Provide cybersecurity awareness training and guidance to employees on security best practices and compliance requirements. Stay current with evolving cybersecurity threats, regulatory changes, and best practices to enhance the organization's security and compliance posture. Basic Requirements Bachelor’s degree in computer science, Information Systems, or related degree plus three (3+) years of experience or equivalent combination of education and experience. Strong knowledge of security and risk management frameworks like NIST CSF, CIS Critical Security Controls, ISO 27001, NIST 800-53, FAIR, and CIS Must possess excellent oral and written communication skills and the ability to communicate in technical and business terms. Additionally, must be comfortable developing presentations and delivering them to senior management. 3+ years of experience in cybersecurity, governance, risk, and compliance. Experience conducting risk assessments, control evaluations, and compliance audits. Strong knowledge of cybersecurity best practices, policies, and procedures. Excellent analytical, problem-solving, and communication skills. Ability to work independently and collaboratively in a dynamic environment. Professional certifications in IT and Cybersecurity a plus (e.g., Security+, GCRP, CGRC etc.). Preferred Requirements Bachelor’s degree in computer science, Information Systems, or related degree plus eight (3-4) years of experience or equivalent combination of education and experience 3-4 years of experience in Cybersecurity roles (i.e., incident response, security operations, application security, etc.) Ability to simultaneously handle multiple projects and adjust to changing priorities while multitasking effectively. Self-starter, strong initiative, critical thinker, self-directed with a proven track record to collaborate and inspire change. Experience designing and implementing cybersecurity reporting and metrics (i.e., KPI/KRI development) Fluent in English; additional languages are a plus. Competencies Tech Savvy: Anticipating and adopting innovations in business-building digital and technology applications. Optimizes Work Processes: Knowing the most effective and efficient processes to get things done, focusing on continuous improvement. Plans & Aligns: Planning and prioritizing work to meet commitments aligned with the interpersonal goals. Business Insight: Applying knowledge of business and the marketplace to advance the organization’s goals. Communicates Effectively: Developing and delivering multi-mode communications that clearly understand the different audiences' unique needs. Our Commitment to Our People Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That’s why everything we do is geared toward a sustainable future—for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial. Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally. Flexible and competitive benefits plans offer the right options to meet your individual/family needs. We provide employees with flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave. Together, we have the opportunity – and the power – to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team! Our Commitment to Inclusion & Belonging At Copeland, we cultivate a strong sense of inclusion and belonging where individuals of all backgrounds, and with diverse perspectives, are embraced and treated fairly to enable a stronger workforce. Our employee resource groups play an important role in culture and community building at Copeland. Equal Opportunity Employer Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. Show more Show less

Job Description Role: IAM and Cloud Security Delivery Manager Location: Offshore Job Summary –  10+ years of IT experience with 6+ yrs of relevant experience in managing IAM and Cloud Security delivery(s), People Care, Customer & Stakeholders relationship, project transition for global IAM and Cloud Security service delivery. Years of experience needed –  10+ years of experience Technical Skills  Previous work experience managing IAM and Cloud Security delivery engagements –  Designs, develops and implements new cloud security technologies to support business and technology solutions  Create, maintain and deliver to project schedules and budgets  Identify, manage and maintain KPI and other metrics for core processes.  Review and assess the current supported tools, apps and processes to determine gaps for meeting the needs of the stakeholders  Design and Implement changes to existing security tools, applications and processes based on changes in scope or needs.  Work directly with internal infrastructure teams to align and execute infrastructure changes to support the tools, apps and processes.  In depth understanding of PAM use cases, features, processes, components, services and dependencies  Previous experience leading PAM product consulting, architecture and design, deployment and integration activities  Previous experience preparing implementation plans with detailed activities and dependencies  Good knowledge and experience working with Active Directory, LDAP, Databases, SQL and Scripting for PAM integrations  Audit principles and associated compensating controls  Cloud Security  Vulnerability Management  E-Mail security  Manage & maintain steady state global delivery operations (Green)  Manage Operational/delivery issues & escalations  Ensure continuous communication & coordination with client in the event of issue/ escalation  Ensure SLA/SLO attainment & process compliance along with high customer satisfaction  Act as first point of escalation for the day-to-day functioning of delivery operations team  Handling escalations- identifying the gap, preparing action plans, and driving towards resolution  Identify opportunities for SIP’s/CIP’s and drive those towards achieving the desire goal  Define & maintain governance model, best practices & operating procedures  Driving & ensuring seamless transition of new service/ customer to operations team (if any)  Drive/Manage Crisis situation  Actively participate in Service Operations Meetings, Service Quality Review governance  Facilitates Business Continuity for the account during regional/ location outages.  Data Protection and Security  Threat Intelligence & Forensics  Authentication & Password Management  Cloud Security  Identity & Access Management  Governance, Risk and Compliance  Audit principles and associated compensating controls  Basic Knowledge on security models such as ISO/IEC 27001 , PCI DSS and Cobit 5, OWASP & NIST, ITIL.  Experience on Cyber Security tools & technologies.  Good Understanding of IT security policy, procedure, design, and implementation.  Acts as a trusted advisor to the clients  Interlock with Management to define operations strategy and action plan based on Customer feedback & CSAT result  Analyzing customer requirements, identify business opportunity, provide guidance and support  Monitor delivery health and process adherences, identifying improvement areas and implementing adequate measures to maximize customer satisfaction level  Ensure continuous communication & coordination with client  Ensure positive client satisfaction and client relationship is maintained for service delivery  Support Delivery Manager to determine, monitor, and review project financials include operational costs, budgets, staffing requirements, resources, and risk etc.  Work towards improving efficiency, utilization, compliance, and accuracy  Assist Delivery Manager to achieve target Residual/ Efficiency by planning resources allocation, tracking accurate labor utilization and maintaining low operating costs  Deliver in transition project & program in line with the recognized best practice methodology (managing risk, governance, quality assurance, issue resolution, reporting)  Conduct due diligence activities to comprehend business activities of the client and document these in the form of a due diligence report along with recommendations and next steps  Act as the primary point of contact for all transition activities  Liaise with business lines and functions on training, recruitment, and system requirements for transition deliverables  Responsible for monitoring & execution of transition deliverables as per agreement transition plan  Manage day-to-day transition project communication with stakeholders, project delivery team, account team & Client stakeholders.  Review the outcomes of the transition projects to capture learnings & disseminate across organization Education Qualification Bachelor’s degree preferably in Computer Science or Information Systems and /or equivalent formal training or work experience. Certifications Needed Certificates in relevant fields are added advantage. About Mphasis Mphasis applies next-generation technology to help enterprises transform businesses globally. Customer centricity is foundational to Mphasis and is reflected in the Mphasis’ Front2Back™ Transformation approach. Front2Back™ uses the exponential power of cloud and cognitive to provide hyper-personalized (C=X2C2TM=1) digital experience to clients and their end customers. Mphasis’ Service Transformation approach helps ‘shrink the core’ through the application of digital technologies across legacy environments within an enterprise, enabling businesses to stay ahead in a changing world. Mphasis’ core reference architectures and tools, speed and innovation with domain expertise and specialization are key to building strong relationships with marquee clients. Show more Show less

Key Responsibilities JOB DESCRIPTION Identity and Access Management (IAM) Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments. Administer user accounts, roles, and permissions following the principle of least privilege. Perform periodic access reviews and audits to ensure compliance with organizational policies. Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols. Vulnerability Management Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent. Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams. Maintain and improve patch management processes to address identified vulnerabilities. Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders. Security Operations Monitor and respond to security incidents, ensuring quick containment and resolution. Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions. Conduct root cause analysis for incidents and implement preventive measures. Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures. Collaboration and Governance Work closely with DevOps, infrastructure, and application teams to integrate security best practices. Participate in security assessments, audits, and risk analysis exercises. Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders. Documentation and Reporting Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities. Provide periodic compliance and risk reports to management and relevant stakeholders. Qualifications And Skills Proven experience in IAM, vulnerability management, and security operations. Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys). Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions. Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud. Strong analytical and problem-solving skills with attention to detail. Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable. Show more Show less

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. As a risk management generalist at PwC, you will provide advisory and practical support to teams across a wide range of specialist risk and compliance areas. Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Respond effectively to the diverse perspectives, needs, and feelings of others. Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems. Use critical thinking to break down complex concepts. Understand the broader objectives of your project or role and how your work fits into the overall strategy. Develop a deeper understanding of the business context and how it is changing. Use reflection to develop self awareness, enhance strengths and address development areas. Interpret data to inform insights and recommendations. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. As a Senior Associate, you will be aligned to our Strategy, Risk, & Compliance team which is focused on helping clients with their cybersecurity risk, compliance and governance efforts. You will be working as a part of the Risk & compliance team which is responsible for helping clients and organizations identify risks and create mitigation plans. you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. Position Requirements Security strategy and governance projects (security strategy, operating model, org structure etc.) Assessments: Maturity assessment, Audit readiness, planning and framework assessment, cloud migration requirements, business case development, comparisons and vendor evaluation Frameworks: Design framework program objectives, first/second/third line of defense, vision and mission statements, current state assessment and gap analysis, roadmap planning and estimation for the program, program governance and target operating model for NIST, PCI-DSS, HIPAA, HITRUST, ISO, COBIT etc. and vendor evaluation. Good experience in performing Organization Standard/Policy GAP assessment and Maturity assessments with Industry best practices (NIST/ISO/PCI...etc.). Policy management (policy writing, policy review, policy lifecycle) projects Cloud architecture definition and assessment: development of cloud reference architecture, target state cloud architecture definition, compliance requirements, migration strategies. Must have hands on experience and well proficient in Cybersecurity standard creation, policy writing and maintenance Good understanding of Legal, Regulatory and Privacy requirements to integrate within the Cybersecurity Program. Good understanding of various components of an enterprise Cybersecurity program, including governance structures, Risk and Threat Management, key controls, key processes, Security architecture and Security training program Recommending Cybersecurity action plans for organizations to achieve their overall cybersecurity objective Good Knowledge and experience with GRC tools such as MetricStream, Open Pages, Archer and data analytics & \visualization tools used in the Industry such as PowerBI, Alteryx and Tableau. Experience in partnering with various functions within the Cybersecurity organization to capture and document the services and associated core processes, work instructions, and templates. Analyze the security posture of the organizations by assessing the design and implementation of security controls. Experience in Vendor risk management, Outsourcing risk management, Technology Risk, Information Security. Strong understanding of Cybersecurity and Risk Control frameworks and their adoption in the Supplier management domain. Experience in implementing effective and innovative technology solutions. Desired Knowledge Excellent written and oral communication skills, can express thoughts clearly, knows how to listen and is able to contribute in a team environment. Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance. Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs. Ability to create domain specific training content and deliver trainings effectively Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities. Develop/implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture. Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts. Professional & Educational Background MCA / BE / B Tech / MS (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). Certification(s) Preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Additional Information Travel Requirements: Not Applicable Line of Service: Advisory Industry: Consulting Must be ready to work on-site full-time (timings will be 2 pm or sooner until 11 pm IST) Minimum Years Of Experience 3 - 8 years Show more Show less

Partner - GRC, Cybersecurity Compliance & Generative AI Consulting Practice Location: Pune, Maharashtra, India About eGyanamtech: We are building a robust "Make in India" consulting practice, leveraging our cutting-edge GenAI powered Parham platform – an integrated security management system that provides unified visibility for vulnerabilities, assets, and incidents, enabling proactive cyber defense and streamlined compliance. We are at the forefront of integrating emerging technologies like Generative AI into our consulting offerings to provide unparalleled value to our clients The Opportunity: We are seeking an entrepreneurial and highly experienced Partner to lead and expand our Governance, Risk, and Compliance (GRC), Cybersecurity Compliance, and Generative AI consulting practice. This is a unique opportunity for a seasoned professional with a strong track record in the Big4 or similar top-tier consulting environments to contribute significantly to building a truly "Make in India" consulting powerhouse. The ideal candidate will be a visionary leader, an expert in their domain, and passionate about leveraging technology, particularly GenAI and our Parham platform, to solve critical client challenges. Key Responsibilities: Practice Leadership & Growth: Business Development and Sales is going to be central for this position. Develop and execute the strategic vision for eGyanamtech's GRC, Cybersecurity Compliance, and Generative AI consulting practice, aligned with the company's "Make in India" ethos. Build and mentor a high-performing team of consultants, fostering a culture of excellence, innovation, and continuous learning. Develop and implement go-to-market strategies for new service offerings, particularly those incorporating GenAI and the Parham platform Client Engagement & Delivery Excellence: Lead complex GRC, cybersecurity compliance, and GenAI consulting engagements from proposal to delivery, ensuring client satisfaction and project profitability. Act as a trusted advisor to C-suite executives and senior leadership on matters related to cyber risk, regulatory compliance, data governance, and the secure and ethical adoption of GenAI. Oversee the design and implementation of GRC frameworks (e.g., ISO 27001, NIST, COBIT, PCI DSS), security policies, procedures, and controls. Qualifications: Experience: Minimum of 15+ years of Marketing & sales experience in GRC, cybersecurity consulting, and compliance, with a significant portion at a Partner or equivalent leadership level. Preferably, extensive Practice Development experience with a "Big4" consulting firm (PwC, EY, Deloitte, KPMG) or other leading global consulting organizations, demonstrating a proven track record of building and managing successful consulting practices. Strong understanding and practical experience with various cybersecurity compliance frameworks and regulations relevant to the Indian context (e.g., IT Act, GDPR, RBI guidelines, SEBI regulations, etc.). Technical Skills: Deep expertise in Governance, Risk, and Compliance (GRC) principles, methodologies, and tools. In-depth knowledge of cybersecurity frameworks such as ISO 27001, NIST CSF, COBIT, CIS Controls, etc. Proficiency in risk assessment methodologies, security architecture review, and incident response planning. Strong understanding of Generative AI concepts, large language models (LLMs), machine learning, and their practical applications in enterprise environments. Familiarity with cloud security principles and compliance in cloud environments Why Join eGyanamtech? Be a foundational leader in building a cutting-edge "Make in India" consulting practice. Work with an innovative company at the intersection of cybersecurity, GRC, and Generative AI. Leverage and influence the development of our proprietary Parham platform. Opportunity for significant impact and career growth in a dynamic and supportive environment. Show more Show less

Req ID: 125185 Remote Position: Yes Region: Americas Country: USA State/Province: New Hampshire City: Remote Employee US Summary The Cybersecurity Manager is critical in protecting enterprise systems, data, and infrastructure by proactively identifying and mitigating security risks. This role requires a deep understanding of cyber threats, risk management, and security technologies to safeguard the organization's digital assets. The individual will provide expert guidance, lead security initiatives, and mentor junior analysts while collaborating with cross-functional teams to strengthen the overall security posture. Key Responsibilities Security Operations & Risk Management Oversee the configuration, administration, and optimization of enterprise-wide security solutions. Monitor an enterprise-wide endpoint security solution with a base of 25,000+ endpoints, ensuring optimal security and performance. Provide expert-level (Tier 3/4) security solution support, responding to and resolving critical incidents within established SLAs. Lead incident response efforts, analyzing security events, conducting root cause analysis, and implementing corrective actions. Utilize advanced threat intelligence methodologies to predict, detect, and respond to sophisticated cyber threats. Develop, refine, and implement advanced SIEM use cases, security monitoring content, and correlation rules for improved threat detection. Forensics & Compliance Conduct digital forensics investigations and support internal audits by providing detailed forensic analysis of security incidents. Ensure compliance with regulatory and industry standards (e.g., ISO 27001, NIST, GDPR, CMMC, ITAR), advising stakeholders on security best practices. Participate in vulnerability management programs, including penetration testing, red/blue team exercises, and security assessments. Security Architecture & Engineering Assist in the deployment and hardening of security solutions such as firewalls, IDS/IPS, EDR, SIEM, IAM, and DLP. Consult on developing zero-trust security frameworks and strategies for endpoint and network security. Leadership & Collaboration Mentor and guide junior analysts and engineers, providing technical leadership and career development support. Partner with IT, DevOps, and business teams to ensure security is integrated into all aspects of IT operations. Act as a security advisor to executives and stakeholders, translating complex security concepts into business-friendly language. Knowledge/Skills/Competencies Technical Expertise Proficiency in cybersecurity frameworks, risk management, and threat modeling. Extensive knowledge of security operations, incident response, and digital forensics. Advanced experience with penetration testing, vulnerability management, and ethical hacking methodologies. Strong proficiency in cloud security, network security, identity and access management (IAM), and endpoint protection. Understanding of encryption standards, PKI, and secure application development. Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) to enhance security operations. Advanced ability to analyze and correlate security data from diverse sources (logs, SIEM, EDR, etc.). Knowledge of database security (MySQL, SQL, Oracle). Business & Soft Skills Strong leadership and mentoring capabilities. Excellent verbal and written communication skills, with the ability to translate technical security risks into business impact. Understanding regulatory requirements such as ISO 27001, ITAR, CMMC, SOX, and GDPR. Proven track record of working with cross-functional teams to drive security initiatives. Physical Demands Duties are primarily performed in an office environment but may require occasional on-call availability and emergency response. Extended periods of sitting, as well as visual concentration on security dashboards, logs, and reports. Typical Experience 6 - 10 years of experience in cybersecurity, IT security operations, or related fields, with a demonstrated history of technical leadership. Experience managing and responding to advanced persistent threats (APT), malware analysis, and insider threats. Typical Education Bachelor's Degree in Computer Science, Information Security, or a related field Preferred Professional certifications: CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) OSCP (Offensive Security Certified Professional) CEH (Certified Ethical Hacker) GIAC Certifications (GSEC, GCIA, GCIH, etc.) Cloud Security Certifications (CCSP, AWS Security Specialty, Azure Security Engineer, GCP Professional Security Engineer) Compensation Data The salary range provided in this posting is an estimate by the company and may change based on various factors. These factors can include, but are not limited to, changes in the job responsibilities, the credentials and experience of the successful candidate, or the geographic location of the candidate. Salary Range: $102,000 to $140,000. Celestica offers a range of benefits to eligible employees (those scheduled to work 30 hours or more per week). These benefits include medical, dental, and vision insurance, short-term and long-term disability insurance, life insurance, voluntary benefits, and a 401(k) plan with a company match. Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law). At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them. Company Overview Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers. Celestica would like to thank all applicants, however, only qualified applicants will be contacted. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services. Show more Show less

Overview: Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities: Conduct cybersecurity and privacy risk assessments in alignment with internal frameworks and regulatory requirements. Engage with risk owners and business stakeholders to manage and mitigate identified risks. Develop and present risk reports to senior leaders and governance forums. Advise on cybersecurity architecture and leading practices to strengthen the enterprise risk posture. Assist global agency teams and networks with compliance to cybersecurity regulations and requirements. Monitor the global threat landscape and identify emerging risks; implement proactive control measures. Contribute to the maintenance and effectiveness of the Information Security Management System (ISMS). Participate in risk governance, compliance programs, and strategic risk reduction initiatives. Qualifications: 3–5 years of experience in information risk management, cybersecurity, or GRC domains. Proficiency in risk assessment methodologies, threat modelling, and risk mitigation practices. Strong knowledge of cybersecurity frameworks and standards (e.g., ISO 27001, NIST, CIS, GDPR). Experience preparing risk reports and dashboards for leadership audiences. Excellent collaboration and stakeholder engagement skills across global teams. Analytical mindset with the ability to evaluate and prioritize risks effectively. Preferred Qualifications Industry certifications such as CRISC, CISM, CISSP, ISO 27001 Lead Implementer, or similar. Exposure to cloud security risk and compliance monitoring tools. Experience working within enterprise ISMS or regulatory compliance programs.

Overview: Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Let’s build this together! Responsibilities: Operate day-to-day Information Security Governance, Risk, and Compliance (GRC) activities across the organization. Support alignment and implementation of security standards including ISO 27001, PCI, NIST, and TISAX. Assist in the execution of Information Security Risk Management policies and procedures. Collaborate on internal and external audit activities, and track remediation efforts to closure. Support documentation, reporting, and evidence gathering for compliance and regulatory assessments. Contribute to the continuous improvement of governance processes, control effectiveness, and risk posture. Coordinate with business units and IT teams to ensure governance standards are understood and adhered to. Qualifications: 3–5 years of experience in information security governance, risk, compliance, or audit. Working knowledge of ISO 27001, PCI-DSS, NIST, TISAX, or other major regulatory frameworks. Experience with policy implementation, risk assessment methodologies, and audit coordination. Ability to evaluate and articulate compliance requirements to technical and non-technical teams. Strong documentation, analytical, and reporting skills with attention to detail. Excellent interpersonal and communication skills to work cross-functionally. Preferred Qualifications Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar. Experience with GRC platforms and tools. Exposure to vendor risk management and compliance monitoring.

Job Description: Job Summary: We are seeking a skilled Delinea Active Directory bridging Operations Specialist. The ideal candidate will be responsible for managing and maintaining the Delinea Active Directory bridging privileged access security platform. This includes ensuring its continuous operation and optimization. The specialist will play an integral role in AT&T's privileged access program by managing privileged accounts and reducing overall risk to AT&T. Key Responsibilities: Manage the day-to-day operations of the Delinea Active Directory bridging solution, including user provisioning, vault management, and policy enforcement. Monitor and maintain system health, performance, and security of the Delinea PAM infrastructure Troubleshoot and resolve issues related to Delinea components, including agents, Access Manager, Audit components etc. Implement, configure, and maintain policies and workflows in Active Directory and Delinea Access Manager. Manage onboarding, rotation, and access workflows for privileged accounts. Conduct regular health checks, patch management, and system upgrades for Delinea infrastructure. Collaborate with security architects, engineers, and the IT operations team to ensure smooth integration of Delinea with other security tools and services. Ensure compliance with organizational policies, industry standards, and best practices related to PAM. Maintain documentation for system configurations, changes, and procedures. This role requires to work from office and flexible to provide operations support in a 24/7 environment Experience working with global teams located across USA and International regions Required Qualifications: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Minimum 7 years of experience working with Delinea Active Directory bridging, including deployment, administration, and troubleshooting. Expertise in Delinea or Centrify components: Agents, Access Manager, Audit components etc.. Strong understanding of Privileged Access Management (PAM) principles, Delinea AD Bridging, and Active Directory (AD) integration. Proficient with CyberArk API usage and integration with external systems. Hands-on experience with CyberArk upgrades, patches, and best practice implementations. Familiarity with information security standards (NIST, ISO, etc.) and regulatory compliance requirements (SOX, PCI, etc.). Preferred Qualifications: Delinea Privilege Manager or Server PAM certification. Experience with scripting languages (e.g., PowerShell, Python) to automate tasks within the CyberArk and Delinea environment. Knowledge of DevOps and CI/CD pipelines as they relate to PAM solutions. Experience working in a large-scale, complex, multi-domain environment. Soft Skills: Strong problem-solving abilities and attention to detail. Excellent communication and documentation skills. Ability to work independently as well as collaborate with cross-functional teams. Capable of working in a high-pressure environment while handling multiple tasks. #Cybersecurity Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Atria Building, Plot 17 - Adm: Atria Building, Plot No 17 It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made. Job ID R-64585 Date posted 06/06/2025 Benefits Your needs? Met. Your wants? Considered. Take a look at our comprehensive benefits. Paid Time Off Tuition Assistance Insurance Options Discounts Training & Development

Overview: ormation Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Job Code Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area. Responsibilities: Should have process knowledge and technical knowledge on any of the SIEM tools ( like Qradar, LogRhythm, AlienVault, Splunk…etc). L2/L3 level is added advantage. Should have process knowledge and technical knowledge in AV tools like Symantec, McAfee, Trend Micro…etc. L2/L3 level is added advantage. Should have knowledge in managing Vulnerability tools and various remediation efforts. Review security logs generated by applications, devices and other systems, taking action or escalating to appropriate teams as needed. Enforce incident response service level agreement. Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks Vulnerability management assessment and remediation Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks Research the latest information technology (IT) security trends Help plan and carry out an organization’s way of handling security Develop security standards and best practices for the organization Recommend security enhancements to management or senior IT staff Document security breaches and assess the damage they cause. Performs other duties as assigned Qualifications: B. Tech, B.E or M.C.A 2-5 years’ Experience working in a Security Operations Center 2 years minimum in the computer industry Knowledge working with complex Windows environments Knowledgeable in various security frameworks such as NIST 800-53 / NIST 800-171 / ISO27001 Knowledge in design and administration of security tools Good written and verbal communication skills

Gurgaon 1 7 to 11 years Full Time About the Role We are hiring an experienced IT Security Manager to lead our enterprise-wide security initiatives in the Banking & Financial Services domain. You will be responsible for defining and enforcing security standards across applications, infrastructure, data, and user environments, ensuring compliance with RBI and other regulatory requirements. This is a strategic and hands-on role suited for a security leader who understands the unique challenges of financial systems and enterprise-grade IT infrastructure. Key Responsibilities Define and implement enterprise-level security policies, frameworks, and controls aligned with RBI guidelines, ISO 27001, and other BFSI regulations. Lead end-to-end security operations: vulnerability management, threat detection, incident response, and security monitoring. Work closely with Compliance, DevOps, Cloud, and Infrastructure teams to embed security into all layers of IT. Oversee data protection and privacy efforts, including encryption, data classification, DLP, and secure data sharing. Conduct regular internal/external audits, third-party risk assessments, and compliance checks. Establish and manage Identity & Access Manage enterprise security tools such as SIEM, endpoint protection, firewalls, IDS/IPS, and antivirus. Lead employee security awareness and training programs across the organization. Coordinate with regulators, auditors, and client teams for security reviews and certifications. Stay updated with BFSI-specific cyber threats and regulatory changes. Required Skills & Qualifications Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. 7+ years of experience in IT Security, with 3+ years in a BFSI or regulated enterprise environment. Strong knowledge of RBI cybersecurity guidelines, ISO 27001, NIST, SOC 2, and data privacy laws (DPDP/GDPR). Experience in securing enterprise applications (core banking, lending, payments, etc.) and cloud infrastructure (AWS, Azure). Hands-on experience with tools like SIEM, WAF, EDR, DLP, IAM, vulnerability scanners, and endpoint security platforms. Deep understanding of network security, application security (including mobile/web), and secure SDLC practices. Security certifications preferred: CISSP, CISM, CEH, CRISC, ISO 27001 Lead Implementer/Auditor.

Cybersecurity, third-party risk management -client audit role. Gurgaon, India Sales 309387 Job Description About The Role: Grade Level (for internal use): 10 Department overview: The Customer Experience Team, a new shared capability within Market Intelligence, partners closely with Sales, account management, and product to deliver a differentiated customer experience. This group enables our revenue team by overseeing customer success, revenue operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowerment of accelerated growth and delivery by putting the customer at the core of everything we do – driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team, within Revenue Operations & Transformation, plays a crucial role in driving new revenue generation and ensuring superior customer satisfaction. The team supports key workflows such as RFPs, due diligence, risk assessments, client audits, and other customer inquiries, by providing high-quality proposals and relevant information throughout the pre- and post-sales cycles. Serving a diverse range of clients across various geographies, the team is committed to a client-first mindset, forging strong partnerships and delivering exceptional results. Position Summary: Track and maintain a central repository of all the issues, findings, and gaps identified by customers during due diligence and audits. Collaborate with product, technology, and functional teams to identify the best possible way to remediate client-identified gaps and answer client inquiries. Coordinate preparation, execution, and delivery of formal responses. Track and report weekly, biweekly, and monthly statistics on the open, remediated, and in-progress issues to the leadership and senior stakeholders. Foster positive relationships with customers, maintain open and transparent communication with the customer throughout the process, acknowledge receipt of audit findings and provide regular updates on progress. Develop a deep understanding of product solutions and platforms for effective communication. Maintain awareness of internal controls and audit/due diligence trends to ensure the process remains effective. Maintain thorough documentation of the entire audit findings process, including correspondence with the customer, supporting documentation provided, and actions taken to address issues or concerns. Lead Cross-Functional Programs & Projects: Oversee key milestones and activities; communicate program details, project risks, and mitigations to leadership, ensuring timely project completion. Develop and Manage Project Plans & Reporting: Create project plans, tools, reports, and narratives for identified programs. Re-prioritize based on impact and effort and provide tactical support for implementation. Education and experience: Bachelor’s degree in a related field, with 8+ years of project management and execution experience. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record in project delivery with excellent communication, time management, organizational, presentation, and stakeholder management skills. Demonstrated success in planning, directing, and implementing multiple, complex projects concurrently. Ability to set priorities independently and meet deadlines in a fast-paced environment. Experience working in a collaborative environment, building strong relationships at all organizational levels, and effectively working with diverse styles, skills, and cultures. Personal competencies: Exceptional communication and interpersonal skills, able to engage and influence stakeholders at all levels with flexibility and negotiation expertise to drive optimal outcomes. Strong analytical and problem-solving abilities, skilled in assessing complex data and developing actionable strategies. Self-motivated with a keen eye for detail, ensuring high-quality execution in all tasks. Highly proficient in managing multiple projects simultaneously, demonstrating adaptability as priorities shift, and showing creativity and perseverance in problem-solving. Demonstrates consistent creativity and initiative across all tasks and projects. Fosters strong collaborative relationships with internal teams, enhancing synergy and teamwork. About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. For more information, visit www.spglobal.com/marketintelligence. What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 20 - Professional (EEO-2 Job Categories-United States of America), SLSGRP202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 309387 Posted On: 2025-05-30 Location: Gurgaon, Haryana, India

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your key responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills and attributes for success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Portfolio Compliance Enablement Compliance Specialist Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 1000 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The Opportunity As a Senior Associate in the Information Security Portfolio Compliance Enablement function, you will support EY's commitment to secure digital services by helping to ensure compliance with Information Security policies. This role involves actively participating in projects to strengthen risk management, collaborating with various business teams, and contributing to the maintenance of the technology compliance posture through detailed work and analysis. You will also assist in aligning data protection, privacy, and software development practices with legal and regulatory standards. Key Responsibilities Contribute to projects that aim to improve EY's risk posture and compliance with Information Security policies. Assist in developing and implementing compliance strategies and remediation plans. Manage delivery of one or more processes and/or solutions with a focus on quality and effective risk management. Support the translation of technical vulnerabilities into business risk terms for clear communication to stakeholders. Participate in the use and enhancement of compliance assessment toolkits. Be involved in assessments for technology infrastructure, applications, and third-party dependencies. Collaborate with compliance specialists and contribute expertise to specific projects and initiatives. Skills and Attributes for Success Experience in compliance management within Information Security. Ability to understand the impact of security requirements on business operations. Good organizational skills and a proactive approach to problem-solving. Effective communication skills for building relationships and promoting compliance with security policies. Experience in conducting risk assessments, supporting remediation strategies, and writing technical documentation Familiarity with technical infrastructure, applications, and compliance frameworks. To Qualify for the Role, You Must Have A minimum of 3 years of experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, CRISC, CISSP, CISM, CISA, or equivalent are desirable. Knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. Awareness of regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and the ability to work effectively within a team. Ideally, You’ll Also Have Strong analytical and decision-making skills. The ability to adapt to new challenges and evolving project requirements. Strong interpersonal skills and the ability to communicate technical concepts effectively. Experience with GRC platforms like RSA Archer or IBM Open Pages is beneficial. What we look for We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that are supporting the growth strategy of a global professional services firm. What we offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Microsoft Endpoint Protection. Experience: 8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Portfolio Compliance Enablement Compliance Specialist Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 1000 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The Opportunity As an Associate in the Information Security Portfolio Compliance Enablement function at EY, you will contribute to the firm's digital services by supporting the adherence to Information Security policies. This entry-level role involves assisting with projects that enhance risk management, collaborating with team members, and learning about the maintenance of technology compliance posture. You will also help ensure that data protection, privacy, and software development practices are aligned with legal and regulatory standards. Key Responsibilities Support projects aimed at improving EY's risk posture and adherence to Information Security policies. Assist in the development and execution of, and alignment to compliance strategies and remediation plans under the guidance of more experienced team members. Contribute to the delivery of processes and/or solutions, focusing on quality and effective risk management. Help document and translate technical vulnerabilities into business risk terms for stakeholder communication. Participate in the use and improvement of compliance assessment toolkits under supervision. Support assessments for technology infrastructure, applications, and third-party dependencies. Collaborate with the team and contribute to specific compliance-related tasks and initiatives. Skills and Attributes for Success Basic knowledge and understanding of compliance management within Information Security. Eagerness to learn and understand the impact of security requirements on business operations. Good organizational skills and a proactive approach to problem solving and tasks. Strong communication skills for effective collaboration within the team and advocating for adherence to security policies. Interest in conducting risk assessments and learning about remediation strategies. Familiarity with or willingness to learn about technical infrastructure, applications, and compliance frameworks. To Qualify for the Role, You Must Have At least 2 years’ experience in Cyber Security, Information Security, or a related field. A degree in Cyber Security, Information Security, Computer Science, or a related discipline. Certifications such as Security+, Network+, or an interest in pursuing relevant certifications like CRISC, CISSP, CISM, CISA. Basic knowledge of information security standards like ISO 27001/27002, NIST, PCI DSS. An understanding of or interest in learning about regulatory requirements such as PCI, SOX, HIPAA, GDPR. Strong communication skills and technical writing skills and the ability to work effectively within a team environment. Ideally, You’ll Also Have Analytical skills and the ability to make informed decisions. Flexibility and adaptability to new challenges and changing project requirements. Desire to learn and grow within the role. Strong interpersonal skills and the ability to communicate effectively. A willingness to engage with GRC platforms and other compliance tools. What we look for We are looking for individuals with a passion for information security and demonstrated ability to apply their knowledge to new and emerging technologies that are supporting the growth strategy of a global professional services firm. What we offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. We ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodations. EY is committed to being an inclusive employer, and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Information Security Analyst Job ID: R0391410 Full/Part-Time: Full-time Regular/Temporary: Regular Listed: 2025-06-06 Location: Bangalore Position Overview Job Title: Information Security Analyst Corporate Title: Associate Location: Bangalore, India Role Description Information Security Analyst role within Universal Governance – IS Control Design & Frameworks team is responsible for supporting the CSO Capability Owners and Control Design Owners in maintaining their control set fit for purpose. This includes assessment of control wording and attributes against control design standard, providing guidance to control design owners regarding the execution of IS control lifecycle, identifying gaps and/or executing the tasks relevant with IS control framework implementation. Maintaining the control inventory in alignment with the control design owners acting as a delegate. Supporting the end-to-end alignment of control objectives, control processes and control definitions. What we’ll offer you As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities Participate in the daily team activities that are managed by control objective, control process and control design streams Execute a gap assessment between control design proposals and control design standards Support the control design owner with regards to maintenance of their control set Support delivery of the team milestones and identify challenges to bring timely transparency for resolution/escalation Your skills and experience Very Good Communication skills, both written and verbal Information Security Governance, Risk and Control domains know-how Familiarity with industry best practices and standards such as ISO27001, NIST, CRI Profile Can-do attitude and flexibility against change How we’ll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About us and our teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Ping Identity Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Engage in continuous learning to stay updated with the latest security trends and technologies. - Assist in the development of security policies and procedures to enhance the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Ping Identity. - Strong understanding of cloud security principles and practices. - Experience with identity and access management solutions. - Familiarity with security frameworks such as NIST, ISO 27001, or CIS. - Ability to conduct risk assessments and vulnerability assessments. Additional Information: - The candidate should have minimum 3 years of experience in Ping Identity. - This position is based at our Chennai office. - A 15 years full time education is required. 15 years full time education