3740 Nist Jobs - Page 25

About the Role As an Associate Manager , youll play a key individual contributor role in driving security policies, ensuring adherence to compliance frameworks, and mitigating risks within Meeshos internal and external environments. Youll manage end-to-end compliance activities, oversee audits, and contribute to building a secure and compliant ecosystem. As part of the Security Compliance team, youll own and be accountable for the overall Information Security framework and program, helping to uphold the highest standards of security and privacy. What you will do Lead and own the end-to-end security compliance and certification charter. Define, roll out, and enforce Information Security policies and procedures. Define and ensure adherence to data privacy and data protection laws (e.g., DPDP). Collaborate with third-party vendors to maintain robust third-party security practices. Ensure compliance with IT Act, e-commerce guidelines, and regulations related to cryptography, information security, and data privacy. Conduct periodic information security awareness training programs for employees. Oversee information security risk management and privacy impact assessments. Develop and maintain Business Continuity Plans (BCP) and conduct Business Impact Assessments (BIA) to ensure organizational resilience Draft and enforce Data Protection Agreements and Information Security Agreements. Manage and coordinate internal and external audit-related activities. Collect and present audit evidence to ensure successful compliance assessments. Develop, implement, and maintain internal audit policies and procedures in line with standards such as ISO 27001, SOC 2, PCI DSS, or any other opted frameworks. Audit data, systems, and processes for policy and regulatory compliance. Provide actionable insights and reporting on the effectiveness of compliance programs. Conduct vendor audits and produce comprehensive reports. Plan and execute ad-hoc audits as necessary. What you will need Educational Qualification : Bachelor's/Master's degree in Computer Science, Information Security, or a related technical field. Experience : 4-7 years in information security, compliance, or audit roles. Demonstrated experience in startup environments or knowledge of regulatory frameworks (e.g., PCI DSS, ISO 27001). Strong problem-solving skills and hands-on experience implementing compliance standards. Familiarity with frameworks like ISO27001, NIST, Cyber Kill Chain, and MITRE ATT&CK. Working knowledge of cloud platforms (AWS, GCP) is highly advantageous. Excellent project planning, stakeholder management, and communication skills. Ability to adapt to evolving regulatory landscapes and implement best practices. Certifications like ISO Lead Auditor/Implementer, CISSP, CISM, CISA, or CCSP are a plus.

Date 14 Jul 2025 Location: Bangalore, KA, IN Company Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling, and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Your future role Take on a new challenge and apply your engineering expertise in a new cutting-edge field. Youll work alongside passionate, motivated, and dedicated teammates. You'll analyze project and program security needs (including laws and local regulations), determine security objectives, and develop strategies to address key security risks. Day-to-day, youll work closely with teams across the business on cybersecurity architecture definition, requirement allocation, and much more. Youll specifically take care of defining the cybersecurity context and conducting cybersecurity risk analyses, but also contribute to the implementation of security measures and governance. Well look to you for: Leading and contributing technically to the architectural elements in the tender and project design phases Planning security activities within the development lifecycle, estimating costs and durations, and identifying training needs Providing expertise and governance to ensure adherence to product standards in technical design meetings for tenders and projects Obtaining agreements from project/program stakeholders and customers on the set of security measures to be implemented Promoting the Alstom Code of Ethics and adhering to the highest standards of ethical conduct Reporting on program/project cybersecurity status related to architectural elements Playing the role of project cybersecurity manager on selected projects, delivering on project quality, cost, and delivery (QCD) objectives while adhering to methodologies and standards All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Computer Engineering or Software Engineering Experience with direct responsibility for hands-on architecture, design, and development Experience related to cybersecurity, including deployment of security technologies Knowledge of Alstom Products & Solution Portfolio Experience in embedded or industrial systems (e.g., railway or aeronautics) Familiarity with cybersecurity solutions and areas Understanding of architecture concepts and techniques for systems, networks, operating systems, and associated programming languages Knowledge of key cybersecurity standards and regulations, such as ISO 2700X, 62443, NIST, NIS, and French LPM Expertise in network deployment (train communication system standpoint) Experience with integrating networks (between Alstom networks and customer networks) Ability to manage dataflow matrices between subsystems in external firewalls Experience deploying ePo and syslog for standalone projects Experience deploying IDS on-site Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges, and a long-term career free from boring daily routines Collaborate with transverse teams and helpful colleagues Contribute to innovative projects Utilise our hybrid working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development through award-winning learning programs Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Our vision is to transform how the world uses information to enrich life for . Micron Technology is a world leader in innovating memory and storage solutions that accelerate the transformation of information into intelligence, inspiring the world to learn, communicate and advance faster than ever. Key Responsibilities Document and maintain comprehensive IT disaster recovery plans for manufacturing and enterprise systems Coordinate risk assessments and business impact analysis to identify critical systems, gaps and recovery priorities Lead DR Exercises and simulations, ensuring effective response and recovery capabilities Collaborate with IT, manufacturing, facilities and business continuity teams to align DR strategies with operational requirements Manage DR projects, including timelines, resources and budgets Ensure Compliance with regulatory and industry standards (e.g. ISO 22301, NIST, SEMI Standards) Maintain DR Documentation, playbooks and recovery scripts Provide regular reporting to IT Leadership and executive standards on DR readiness and Gaps Support incident response efforts during actual disaster events serving as a key point of contact Qualifications: Bachelor's degree in Computer Science, Information Technology, Engineering or related field 5+ years of experience in IT disaster recovery, business continuity, IT risk management Experience in a manufacturing or semiconductor environment is preferred Strong project management and communication skills Experience in DR Tools, backup technologies, and cloud recovery solutions Certifications such as CBCP, CISSP, MBCP, or PMP are a plus

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, & Data Privacy Management solutions, experience in developing value based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15 year full time educationThe candidate should have minimum 12 years of experience This position is based at our Bengaluru office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Zscaler Architecture Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and driven Cloud Security Engineer with a strong focus on Zscaler security technologies, email security, and cloud security best practices. The ideal candidate will have a solid background in enterprise security solutions, cloud architectures, and SaaS-based security platforms. Roles & Responsibilities:- Configure, manage, and troubleshoot Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) platforms.- Design and implement security policies in Zscaler cloud firewall and proxy modules.- Monitor and enhance email security platforms (e.g., valimail, abnormal security , Microsoft Defender for Office 365).- Ensure protection against phishing, spoofing, and malware through DKIM, SPF, and DMARC implementation and tuning.- Perform cloud security posture management (CSPM) and support secure cloud migration.- Work closely with network and application teams to enforce zero trust architecture using Zscaler.- Analyze security logs, alerts, and incidents to drive continuous improvement.- Respond to security incidents and conduct RCA (Root Cause Analysis).- Support compliance and audit activities across cloud and email platforms.- Maintain documentation and assist in developing security playbooks and SOPs. Professional & Technical Skills: - Strong working knowledge of Zscaler ZIA / ZPA, including policy creation, traffic forwarding, and troubleshooting- Expertise in email security technologies (O365 ATP, DMARC, SPF, DKIM, etc.)- Good understanding of cloud platforms (Azure, AWS, GCP) and associated security models- Familiarity with SIEM, DLP, CASB, and Secure Web Gateway (SWG)- Ability to interpret logs and perform packet capture analysis (e.g., Wireshark)- Knowledge of industry standards such as NIST, ISO 27001, CIS Benchmarks- Scripting knowledge (PowerShell, Python) is a plus Additional Information:- 3+ years of hands-on experience in cloud security, email security, and network security- Preferred certifications:-Zscaler Certified Professional (ZCP/ZIA/ZPA) and Microsoft Certified:Security, Compliance, and Identity Fundamentals- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Create asset list and prioritize assets, conduct regular vulnerability assessments based on the Tenable tool, identify security weaknesses in systems and applications, work with peer teams till closure of the Vulns, track patching as per proposed timelines. Roles & Responsibilities:- Create correct asset list-Perform Vuln assessment-Relevant request to be raised thorough SNow.-Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder.-Analyse scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates.-Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact.-Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines.-Maintain and update documentation related to vulnerability management processes, policies, and procedures.-Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the policies, and procedures Professional & Technical Skills: -Familiarity with vulnerability scanning tools, particularly Tenable and Snow.-Understanding of security frameworks and standards (e.g., NIST, ISO 27001).-Strong analytical and problem-solving skills with attention to detail.-Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus.-To succeed in this role, you should have the following skills and experience-Experience in vulnerability management or security operations. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Looking for an experienced Senior CyberArk Cloud Engineer to lead the design, implementation, and support of our privileged access management (PAM) program leveraging CyberArk Privilege Cloud. The ideal candidate will have a deep understanding of privileged access controls in cloud and hybrid environments, hands-on CyberArk experience, and the ability to drive security best practices across the organization. Roles & Responsibilities:-Define secure vaulting, session isolation, credential rotation, and privileged task automation-Develop architecture diagrams and documentation for hybrid and multi-cloud PAM solutions-Integrate CyberArk Privilege Cloud with cloud platforms (AWS, Azure, GCP) and on-prem systems-Lead CyberArk Privilege Cloud onboarding and migration initiatives-Configure privileged account onboarding, safe structures, access controls, and policies-Set up session recording, monitoring, and auditing-Integrate with directories (AD/Azure AD) and identity providers (SSO)-Act as senior escalation point for CyberArk issues-Support upgrades, patching, and ongoing maintenance of the CyberArk SaaS environment-Monitor vault performance, logs, and incident trends-Perform troubleshooting and root cause analysis of PAM issues Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Familiarity with compliance standards such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Who are we? Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, including 40 percent of all Fortune 100 companies, including Siemens, Airbus, Salesforce, Stellantis, Adidas, Walmart, and Sanofi. What are we looking for? We are seeking a proactive and detail-oriented GRC Analyst to join our Information Security team. In this role, you will support and enhance the organization’s Governance, Risk, and Compliance programs by conducting Vendor Risk Management (VRM) assessments, performing risk evaluations, and supporting internal and external audits, including SOC 2 Type 2 and ISO 27001. You will ensure alignment with industry standards such as NIST and ISO, enhance our security posture, and promote a culture of compliance and risk awareness across Checkmarx. How will you make an impact? Risk Management & Assessments: Identify, assess, and prioritize organizational risks. Conduct comprehensive VRM assessments to evaluate third-party risks. Develop and implement risk mitigation strategies and monitor remediation progress. Perform risk assessments and maintain updated risk registers and reports. Compliance & Audits: Ensure compliance with relevant laws, regulations, and standards (e.g., SOC 2, ISO 27001, NIST, GDPR). Support internal and external audits, including evidence collection, documentation preparation, and stakeholder coordination. Maintain and update compliance with documentation, policies, and procedures. Assist in developing, reviewing, and maintaining governance frameworks, controls, and policies. Promote a culture of security, compliance, and risk awareness. Collaboration & Program Improvement: Collaborate with cross-functional teams, including Legal, Procurement, R&D, and IT, to address GRC-related matters. Assist in the continuous improvement of GRC programs and initiatives. Develop and deliver training and awareness sessions to enhance employee understanding of governance, risk, and compliance practices. What is needed to succeed? 2+ years of experience in GRC, risk management, or similar roles. Bachelor’s degree in computer science, information security, cybersecurity, risk management, or related fields. Familiarity with VRM processes, SOC 2 Type 2, and ISO 27001 audits. Working knowledge of privacy regulations and information security frameworks (e.g., NIST, CIS, ISO 27001, GDPR). Strong analytical thinking, attention to detail, and problem-solving abilities. Excellent written and verbal communication skills in English. Ability to manage multiple tasks, prioritize effectively, and work independently and collaboratively with various stakeholders. One or more of the following certificates (highly desirable): CISSP, CRISC, CISA, CISM, CGRC.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Identity Management Good to have skills : Test Data Management ImplementationMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in strategic discussions to align security initiatives with organizational objectives, providing guidance and expertise to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate workshops and training sessions to enhance team understanding of security protocols.- Continuously evaluate and improve security processes and frameworks to adapt to evolving threats. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Identity Management.- Good To Have Skills: Experience with Test Data Management Implementation.- Strong understanding of cloud security principles and practices.- Experience in designing and implementing security architectures.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 15 years of experience in ForgeRock Identity Management.- This position is based at our Mumbai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Zscaler Architecture Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking an experienced and driven Cloud Security Engineer with a strong focus on Zscaler security technologies, email security, and cloud security best practices. The ideal candidate will have a solid background in enterprise security solutions, cloud architectures, and SaaS-based security platforms. Roles & Responsibilities:- Configure, manage, and troubleshoot Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) platforms.- Design and implement security policies in Zscaler cloud firewall and proxy modules.- Monitor and enhance email security platforms (e.g., valimail, abnormal security , Microsoft Defender for Office 365).- Ensure protection against phishing, spoofing, and malware through DKIM, SPF, and DMARC implementation and tuning.- Perform cloud security posture management (CSPM) and support secure cloud migration.- Work closely with network and application teams to enforce zero trust architecture using Zscaler.- Analyze security logs, alerts, and incidents to drive continuous improvement.- Respond to security incidents and conduct RCA (Root Cause Analysis).- Support compliance and audit activities across cloud and email platforms.- Maintain documentation and assist in developing security playbooks and SOPs. Professional & Technical Skills: - Strong working knowledge of Zscaler ZIA / ZPA, including policy creation, traffic forwarding, and troubleshooting- Expertise in email security technologies (O365 ATP, DMARC, SPF, DKIM, etc.)- Good understanding of cloud platforms (Azure, AWS, GCP) and associated security models- Familiarity with SIEM, DLP, CASB, and Secure Web Gateway (SWG)- Ability to interpret logs and perform packet capture analysis (e.g., Wireshark)- Knowledge of industry standards such as NIST, ISO 27001, CIS Benchmarks- Scripting knowledge (PowerShell, Python) is a plus Additional Information:- The candidate should have 3+ years of hands-on experience in cloud security, email security, and network security- This position is based at our Pune office.- Preferred certifications:Zscaler Certified Professional (ZCP/ZIA/ZPA) and Microsoft Certified:Security, Compliance, and Identity Fundamentals- A 15 years full time education is required. Bachelors degree in computer science, Information Security, or related field Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a skilled and proactive Delinea (Thycotic) Engineer to join our cybersecurity team. The candidate will be responsible for deploying, configuring, maintaining, and supporting Delineas Privileged Access Management solutions, ensuring secure access to critical systems and data Roles & Responsibilities:-Deploy, configure, and administer Delinea Secret Server and other Delinea modules.-Onboard privileged accounts, secrets, and credentials according to best practices.-Integrate Delinea with enterprise systems including Active Directory, LDAP, SIEM, and ticketing tools (e.g., ServiceNow).-Develop, maintain, and optimize access policies, role-based access controls (RBAC), and approval workflows.-Monitor PAM solution health, usage, and generate audit/compliance reports.-Troubleshoot issues related to access, authentication, performance, and integration.-Collaborate with InfoSec, IT, and Compliance teams to implement governance policies.-Participate in regular reviews and audits of privileged accounts and activities.-Document configuration details, procedures, and runbooks.-Stay updated on Delinea platform updates and security best practices. Professional & Technical Skills: -3+ years of experience in Privileged Access Management (PAM).-Hands-on experience with Delinea Secret Server or similar PAM platforms (e.g., CyberArk, BeyondTrust, Centrify).-Strong understanding of Active Directory, LDAP, Windows/Linux environments, and authentication protocols (RADIUS, SAML, OAuth).-Knowledge of RBAC, password vaulting, session recording, and audit logging.-Experience with scripting (PowerShell, Python) for automation and reporting.-Familiarity with compliance standards such as ISO 27001, NIST, PCI-DSS, or SOX.-Excellent problem-solving, communication, and documentation skills Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Conduct regular assessments of security frameworks to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security principles and practices.- Experience with risk assessment methodologies and tools.- Ability to design and implement security controls in cloud environments.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 7.5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Information Security Analyst Job Description: Position Summary: The position will support the organizational initiatives and activities on Cyber Security/Information Security. This involves the development, im plementation, and support of various security programs, processes, best practices and controls across the organization. It also requires to continuously monitor, review and report of the compliance & security posture of the organization. Responsibilities: . Conduct Risk assessments, information security internal audits . Provide consultation on remediating controls and follow up . Perform reviews and conduct internal security audits on Cyber Security/Information security and ensure the organizational security controls are appropriate and effective . Ensure compliance to client security requirements . Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc. . Participate in various organizational initiatives and activities to maintain the Information Security Management System (ISMS) based on ISO 27001 . Develop and maintain Information Security policies, procedures, standards and guidelines . Coordinate response to information security incidents . Provide awareness and training in relevant areas . Collaborate with IT, Finance, HR and other departments for various security related activities . Conduct security research and keep abreast of latest security trends and issues Desired Skills/Experience: . 4+ years of experience in Information Security . Knowledge of Information security standards & best practices (e.g., ISO 27001, NIST, etc.), and regulations related to information security and privacy . Strong analytical and problem solving skills . Excellent communication and interpersonal skills . Knowledge of security tools, techniques and methodologies . Professional/Technical Certifications (Security +, ISO 27001 LA, CISA, CISSP, CCSE, CCSP, etc.) desirable

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NAMinimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Solution Architect (SA), candidate would be primarily responsible for solution architecture/presales effort on medium to large complexity or owns multiple components of large complex deals. Lead or work as Lead Solution Architect on complex deals. Independently and with little oversight can come up with the solution. Conduct the solution reviews with SMEs and the delivery approver. Attend calls with the client team to understand the requirement to bring value and differentiated solution. Roles & Responsibilities:Able to participate in requirements gathering, gathering data requirements, and assisting in the reconciliation of technical requirements.Prepare end to end solution including effort estimation & costing.Involved in preparing the client proposal & response. Develop statement of workPerforms reviews with the delivery leadership.Participation in the client Orals or presentations.Leads negotiations or develop business terms & conditions.Has led solution development for multiple deal types.Work with delivery leads for the approval of solution/efforts.Bring out technical differentiators and value in the solution.Active ownership or accountability in delivering the solution within the specified time frame.Should be good to work as individual contributor and good team player. When assigned responsibilities to lead the team, candidate should show leadership qualities to manage the team and get the work done. Professional & Technical Skills: Candidate must have been a Presales experience with maximum coverage around following GRC or Privacy or Strategy domains. Skill around domains like Risk & Compliance Advisory and Operation, Compliance Management, Security Strategy Frameworks, Risk and Compliance Strategic Advisory, Cyber Security Assessments, Security Architecture Advisory, NIST CSF, Data Privacy, Third Party Risk Assessment ISO 27001, SOX, GDPR, Risk Assessment Services and GRC automation platforms like Archer, ServiceNowInterpret customer needs and design appropriate GRC, eGRC, Cyber Security Strategy, Data Privacy Management solutions, experience in developing value-based customer proposal closely working with delivery and sales teams.Hands on delivery experience across these domains would be added advantage to utilize the experience while solutioning.Maintain current knowledge of applicable Risk and Data Privacy requirements and accreditation standards, and monitor changes in technology impacting privacy, risk, and compliance posture.Knowledge of leveraging innovation, automation, Gen Ai in GRC solutioning Work with delivery and capability team keep abreast with latest assets, offerings, solution accelerators to bring in value adds while solutioning.Overall knowledge of GRC, TPRM, Data Privacy tool stackPre-Sales knowledge on Non GRC Security domains will be an added advantage to work in cross functional deals.Flexibility on need basis in line with the nature the nature of SA Strong verbal and written communication are a must to be able to document and present complex topics and solutions.Strong interpersonal and problem-solving skillsStay informed about new products, services, technologies, and other information as required to deliver effective solutionsCISSP, CISM, CISA, CGRC Cloud Security knowledge and certification AWS, AzureISO 27k1, 22301, Privacy, Archer, ServiceNow GRC certifications Additional Information:Minimum 15- year full time educationThe candidate should have minimum 15 years of experience This position is based at our Gurugram office. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Familiarity with security compliance frameworks such as ISO 27001 or NIST.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 2 years of experience in SailPoint IdentityNow.- This position is based at our Hyderabad office.- A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualification BE or MCA or MSc with Good Computer Science Background with good academic record.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required: 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

We’re on an exciting journey with our client and we want you to join us. With our client, you will be exposed to the latest technologies and work with some of the brightest minds in the industry. Our client is Big Investment Banking company so you will be playing a key role as a Vice President - Data Security who can assist with the below: Global CISO (Chief Information Security Office) is looking for a seasoned Data Protection Operations Lead to oversee the day-to-day execution, governance, and enhancement of our enterprise data protection technologies. This role is critical in safeguarding sensitive and regulated data across the organization using platforms such as BigID, Microsoft Information Protection (MIP), Truffle Hog for secrets discovery, Data Loss Prevention (DLP) tools (e.g., Symantec, Forcepoint, MIP), and Thales for data obfuscation and encryption. The ideal candidate will have 13–15+ years of information security experience, with at least 8 years specifically focused on data protection and governance, preferably in large, regulated environments (e.g., BFSI, Healthcare, or Tech). Responsibilities: Lead operational execution of enterprise data protection tools including BigID, MIP, DLP, Thales, Truffle Hog, etc. Manage end-to-end incident response workflows related to data leakage, sensitive data discovery, and misconfiguration. Ensure operational efficiency of data discovery, classification, and protection capabilities across endpoints, cloud, and on-prem environments. Collaborate with engineering, compliance, legal, and business teams to define and implement data protection policies. Oversee and optimize data classification strategies (manual, suggestive, and automated). Track and report key metrics including incident trends, false positives, and SLA adherence. Drive adoption and user training programs related to data classification and labeling. Participate in and lead audits, risk assessments, and regulatory readiness reviews. Own tool lifecycle—from onboarding, configuration, integration to tuning and decommissioning. Serve as escalation point for high-priority incidents, executive reporting, and stakeholder briefings. Knowledge, Skill, Experience Required: 13–15+ years of overall experience in Information Security. 8+ years of direct experience in data protection, DLP, or data privacy. Proven experience managing enterprise-grade tools like BigID, MIP, Symantec/Forcepoint DLP, Thales Cipher Trust, Truffle Hog, and/or others. Strong understanding of data discovery, classification, encryption, rights management, and related regulatory standards (e.g., GDPR, HIPAA, DPDP, CCPA). Solid background in cloud security controls (M365, AWS, Azure, GCP) and hybrid deployments. Expertise in SIEM and SOAR integrations, incident response, and threat modeling. Experience with scripting or automation (e.g., Python, PowerShell) a plus. Familiarity with compliance frameworks such as ISO 27001, NIST, RBI, etc. Beneficial: Symantec and Forcepoint DLP Certification Microsoft Certified: Information Protection Administrator Associate (SC-400) Certifications such as CIPT, CIPP, CISSP, CISM, or equivalent preferred. Azure Security / Microsoft 365 Security certifications Personal Characteristics: Strategic thinker with hands-on execution capability. Excellent communication and stakeholder management skills across technical and non-technical audiences. Strong problem-solving and analytical skills. High degree of professional integrity, ownership, and accountability. Proactive and collaborative team leader, able to operate in cross-functional and matrixed environments. Adept at working under pressure with strong prioritization and decision-making skills.

Job Description Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.). Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades. Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks. Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools. Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation. Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions. Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience. Mentor junior automation engineers and provide code reviews, best practices, and process guidance. Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation. Stay abreast of emerging SOAR trends, threat landscapes, and new platform features. Required Qualifications: 3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable. Strong scripting experience in Python, especially within automation workflows. Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors. In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.). Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques. Experience with version control (Git), CI/CD pipelines, and structured testing of automation code. Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance. Strong written and verbal communication skills, especially in cross-functional team environments.

Ready to build the future with AI? At Genpact, we don’t just keep up with technology—we set the pace. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, innovation-driven environment, love building and deploying cutting-edge AI solutions, and want to push the boundaries of what’s possible, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Lead Consultant – Cloud specialist role We are seeking a highly skilled and experienced Cloud Specialist – Lead Consultant to design, implement, and manage cloud infrastructure and solutions across public cloud platforms such as AWS, Azure, or GCP. The ideal candidate will have deep technical expertise in cloud architecture, automation, security, and best practices, along with the ability to lead client engagements, drive solution delivery, and mentor team members. Responsibilities Monitor cloud environments (Azure & AWS) using tools like CloudWatch, Azure Monitor, Datadog, Dynatrace, or similar. Lead the end-to-end design, implementation, and optimization of cloud infrastructure across AWS, Azure, or GCP platforms. Engage with stakeholders to assess current cloud infrastructure, define cloud adoption strategies, and architect secure, scalable, and cost-effective solutions. Drive infrastructure automation using Terraform, ARM, CloudFormation, or other IaC tools. Design and implement CI/CD pipelines using tools like Jenkins, GitLab CI, GitHub Actions, or Azure DevOps. Lead migration of on-prem workloads to the cloud using lift-and-shift or cloud-native approaches. Enforce cloud governance, compliance, and security controls including IAM, encryption, network security, logging, and monitoring. Collaborate with DevOps, Security, and Application teams to support modern deployment and release practices. Provide technical leadership, mentorship, and guidance to junior cloud engineers and consultants. Troubleshoot complex issues, conduct root cause analysis, and implement preventative solutions. Develop and maintain cloud architecture documents, standards, runbooks, and knowledge base articles. Stay current with emerging cloud technologies, trends, and certifications. Qualifications we seek in you! Minimum Qualifications / Skills Bachelor's degree in information technology, Computer Science, or a related field. Hands-on experience with AWS, Azure, or Google Cloud Platform (certification preferred). Strong expertise in Terraform, CloudFormation, or equivalent IaC tools. Experience with containerization and orchestration: Docker, Kubernetes, EKS/AKS/GKE. Proficiency in scripting (Python, Bash, PowerShell) and cloud automation. Deep understanding of cloud security best practices, identity/access management, and compliance (CIS, NIST, etc.). Experience in setting up and managing CI/CD pipelines. Good understanding of networking concepts (VPC, subnets, VPN, load balancing, DNS). Familiarity with tools like Ansible, Packer, Vault, Prometheus/Grafana, CloudWatch, Azure Monitor, or Stackdriver. Strong client-facing, consulting, and communication skills. Preferred Qualifications/ Skills AWS Certified Solutions Architect – Professional Microsoft Certified: Azure Solutions Architect Expert Google Cloud Professional Cloud Architect HashiCorp Certified: Terraform Associate Why join Genpact? Lead AI-first transformation – Build and scale AI solutions that redefine industries Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career —Gain hands-on experience, world-class training, mentorship, and AI certifications to advance your skills Grow with the best – Learn from top engineers, data scientists, and AI experts in a dynamic, fast-moving workplace Committed to ethical AI – Work in an environment where governance, transparency, and security are at the core of everything we build Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the 140,000+ coders, tech shapers, and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Lead Consultant Primary Location India-Hyderabad Schedule Full-time Education Level Bachelor's / Graduation / Equivalent Job Posting Jul 22, 2025, 6:40:50 AM Unposting Date Ongoing Master Skills List Consulting Job Category Full Time

Project Role : Software Development Lead Project Role Description : Develop and configure software systems either end-to-end or for a specific stage of product lifecycle. Apply knowledge of technologies, applications, methodologies, processes and tools to support a client, project or entity. Must have skills : Automotive ECU Software Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : Bachelor's degree in Computer Science Engineering or a related field (or equivalent experience). Summary: As an Automotive Cybersecurity Engineer, you will play a critical role in ensuring the security and safety of the client's software. Roles & Responsibilities: 1. Performing threat analyses and conduct risk assessments to identify potential vulnerabilities in automotive systems, software, and communication networks. 2. Reviewing code and software designs to ensure compliance with security best practices and industry standards like ISO 21434 and UNECE R155/R156. 3. Conducting penetration testing and vulnerability assessments to proactively identify and mitigate weaknesses in automotive embedded systems before they can be exploited. 4. Developing and implementing incident response plans to effectively handle cybersecurity breaches or incidents and minimize potential damage. Professional & Technical Skills: 1. In-depth knowledge and practical experience with various vehicle systems, including telematics, CAN bus, remote entry/start, OTA, EV charging are highly desired. 2. Familiarity with relevant security standards and regulations, such as ISO/SAE 21434, ISO 27001, NIST Cybersecurity Framework, and UNECE R155. 3. Experience with security testing tools and techniques, such as penetration testing, vulnerability assessments, and threat modelling. Additional Information: - The candidate should have a minimum of 5 years of experience in Automotive ECU Software - This position is based at our Hyderabad office - A 15 years full-time education is required Bachelor's degree in Computer Science Engineering or a related field (or equivalent experience).

About the Role: Grade Level (for internal use): 13 The Team: The SPGI Market Intelligence (MI) InfoSec team works to increase value in our products through strong security posture. When we can show our customers their information is protected with us, they are more apt to bring new opportunities. Additionally, our work to reduce risk contributes to the value returned to our customers and shareholders. We engage closely with product teams to deliver security practices, capabilities, and advisory services to continually improve and ensure security is incorporated throughout the product lifecycle. Responsibilities and Impact: The security resource will be aligned to an MI Tech business segment to collaborate in-depth with developers, SREs, DBAs, and other personnel to both instill a security mindset and support security improvement efforts. The individual will use their experience strategically and tactically in supporting products teams to find the most efficient and effective methods to close vulnerabilities, implement security capabilities and respond to issues or alerts. Product engagement Identify and prioritize critical business functions in collaboration with organizational stakeholders. Engage with business units to understand their security requirements and align security capabilities accordingly. Determine the protection needs (i.e., security controls) for the information systems, environments, and networks and document appropriately. Document and/or review security standards, architectures and blueprints for adoption by product teams to improve protection, visibility and transparency. Collaborate with stakeholders to implement security standards and procedures. Security Assessments Perform security reviews, identify gaps in security architecture and controls to develop security risk management plans. Support and expand ACF process to mature security oversight. Conduct security assessments of third-party applications and vendors as provided by the division or centralized teams. Support the M&A processes with security assessments, third-party engagements and integration or divestiture oversight. Education and enablement Provide technical guidance and support to the security and product teams in incident response, control adoption, and threat mitigation. Facilitate educational opportunities within the division to increase security awareness, secure coding practices and secure architecture and design. Application Security Design and implement secure coding practices and guidelines for application development teams. Collaborate with development teams to integrate security controls into the software development lifecycle. What We’re Looking For: Requirements: Minimum of 8 years of experience in information security. Strong knowledge of security frameworks, such as ISO 27001 and NIST Cybersecurity Framework. Expertise in designing and implementing security controls, including cloud architectures, networks, monitoring, technical security policies. Stays up-to-date with the latest security technologies, approaches, and best practices. Experience with cloud security, network security, and secure coding practices. Excellent communication and interpersonal skills to collaborate with cross-functional teams. Relevant certifications such as CISSP, CISM, or CEH are preferred. About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. For more information, visit www.spglobal.com/marketintelligence . What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert: If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com . S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, “pre-employment training” or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here . ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.2 - Middle Professional Tier II (EEO Job Group) Job ID: 315845 Posted On: 2025-07-23 Location: Gurgaon, Haryana, India

Requirements Position Overview: Seeking Cloud Security & Cybersecurity Expert for designing and implementing cloud security strategies to protect government data and infrastructure on cloud. This role will ensure compliance with security regulations, mitigate potential risks, and address emerging threats within cloud environments. Key Responsibilities: Develop and implement cloud security policies, frameworks, and protocols to protect sensitive government data. Lead efforts to design secure cloud architectures and ensure compliance with government regulations related to data protection, privacy, and cybersecurity. Monitor and manage cloud security threats and vulnerabilities, implementing mitigation strategies as necessary. Collaborate with government and third-party stakeholders to assess and improve cloud security posture. Conduct security audits and assessments of cloud platforms and services Stay up-to-date on cybersecurity trends and threats, ensuring proactive security measures are implemented across cloud environments. Qualifications: Minimum B.E./ B.Tech./ MCA/ M.Tech or four years graduate program in Computers/IT or equivalent from a recognized university /institute. Minimum of 6+ years of experience in cybersecurity, cloud security, or IT security Hands-on experience with cloud security tools and platforms (AWS, Azure, Google Cloud, etc.). In-depth knowledge of security best practices, compliance requirements, ISO standards, and regulatory frameworks. Strong understanding of encryption, firewalls, intrusion detection systems, and vulnerability management Experience working with government or public sector organizations is an advantage Desirable Skills: Certifications in cloud security Familiarity with cybersecurity frameworks (NIST, Cetner for Internet Security Controls, etc.) Experience with advanced threat detection and incident response Familiarity with digital transformation initiatives in the public sector

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities: Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to "explore" the customer main systems under consideration. Understand basic OT flows : client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats . Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have: Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have: Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer: Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-RS1 Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

A minimum of 5+ years of experience in server environment + System Administration. Worked on cloud Azure/ AWS Hyper V / Active Directory. Exp 4+ yr CTC upto 12 LPA Shift - Rotational / Night Kindly share your exp for the following skills: - Azure -AWS -Hyper V -Active Directory - Microsoft 365 services - Powershell/Python/Bash Your must be flexible with the rotational shift. CTC - 12 LPA / Per Month On hand = 80000/mth + Relocation Allowance up to 50,000 + (Hotel stay for 8 days+ travel reimbursement + per diem allowances). Required Skills/Experience: Bachelor's degree in Computer Science, Information Technology, or a related field. Master's degree preferred. 5+ years of experience in system administration, with a focus on Windows Server environments. MCSE or equivalent certification. Proficiency managing on-premises/cloud Windows server deployments in Hyper-V, Azure and AWS. Proficiency in hybrid Active Directory environments. Proficiency in scripting languages (e.g., PowerShell, Bash) Excellent verbal, written, and interpersonal skills with a proven ability to communicate at various levels within the organization and with external parties. Ability and confidence to take calculated risks in uncertain or ambiguous situations. Excellent organizational skills and demonstrated ability to manage multiple competing priorities and assignments. Passion for delivering business value and willingness to perform other assigned tasks. Ability to deliver regular quick updates, system solutions, and communicate issues to management Preferred Skills/Experience: AZ-104T00-A: Microsoft Azure Administrator Certification Experience with NIST Cybersecurity Framework 1.1 and NYDFS 500.03 Experience successfully working with remote or distributed teams, particularly in a global context. Familiarity with IT service management tools, such as ServiceNow or Jira Service Desk. Experience in the legal services or healthcare industry is a plus. Job Types: Full-time, Permanent Pay: ₹700,000.00 - ₹1,100,000.00 per year Benefits: Health insurance Provident Fund Schedule: Day shift Fixed shift Monday to Friday Morning shift UK shift Supplemental Pay: Yearly bonus Application Question(s): Must be able to onboard in 0-15 days and be ok with the rotational shift and must have AZ104 certification Max offered is 80K in had (after all deduction)- this is work from office at our Vadodara - Travel and initial hotel stay of upto 7 days provided Work Location: In person

Key Responsibilities Monitor, identify, and respond to security incidents across systems and networks. Implement and maintain security measures such as firewalls, intrusion detection systems (IDS), and endpoint protection. Conduct regular vulnerability assessments and penetration tests on systems and applications. Collaborate with DevOps and Engineering teams to integrate security best practices into CI/CD pipelines. Manage and review access controls, identity management, and secure configurations. Investigate and remediate security breaches, threats, and anomalies. Stay current with the latest security trends, vulnerabilities, and threat intelligence. Document security processes, policies, incident response plans, and risk assessments. Assist in compliance efforts (e.g., ISO 27001, SOC 2, GDPR) as applicable. Required Skills and Qualifications Bachelor’s degree in Computer Science, Information Security, or related field. Proven experience in system/network/application security. Strong knowledge of cybersecurity frameworks and standards (OWASP, NIST, CIS). Familiarity with tools such as Wireshark, Nessus, Burp Suite, Metasploit, or similar. Hands-on experience with cloud platforms (AWS, Azure, or GCP) and securing cloud infrastructure. Understanding of secure coding practices and code review for security flaws. Scripting knowledge (e.g., Python, Bash, PowerShell) is a plus. Nice to Have Security certifications like CEH, CISSP, OSCP, or CompTIA Security+. Experience in automating security tasks or using SIEM tools. Knowledge of container security (e.g., Docker, Kubernetes). Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹800,000.00 per year Benefits: Flexible schedule Paid sick time Paid time off Provident Fund Ability to commute/relocate: Gandhinagar, Gujarat: Reliably commute or planning to relocate before starting work (Required) Experience: Security Engineer: 2 years (Required) Work Location: In person