3740 Nist Jobs - Page 27

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads. Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive , threat-informed , risk-based , intelligence-driven approach to detecting and responding to threats. Our mission is to help our customers: Defend against new and emerging risks that impact their business. Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments. Reduce their exposure to risks that impact their identity and brand. Develop operational resilience. Maintain compliance with legal, regulatory and compliance obligations. What were looking for To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Endpoint Security to support Rackspaces strategic customers. This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level Endpoint Security platforms or delivering Managed Endpoint Detection & Response (EDR) services to customers. The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native Endpoint Detection & Response (EDR) platforms such as Crowdstrike Falcon or Microsoft Defender for Endpoint; used by the Rackspace Cyber Defence Center to deliver managed security services to our customers. You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security. Skills & Experience Should have 8+ years experience in Security Engineering. Experience working in either large, enterprise environments or managed security services environments with a focus on Endpoint Detection & Response. Experience of working with cloud native Endpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud. Experience of working in two (or more) of the following additional security domains: SIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc. AWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail . Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. Knowledge of Malware reverse engineering, threat detection and threat hunting. Computer science, engineering, or information technology related degree (although not a strict requirement) Holds one, or more, of the following certificates (or equivalent): - Microsoft Certified: Azure Security Engineer Associate (AZ500) Microsoft Certified: Security Operations Analyst Associate (SC-200) Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) GIAC Certified Incident Handler (GCIH) GIAC Security Operations Certified (GSOC) CrowdStrike admin Certified A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. An individual who shows a willingness to go above and beyond in delighting the customer. A good communicator who can explain security concepts to both technical and non-technical audiences. Key Accountabilities Ensure the Customers operational and production environment remains healthy and secure at all the times. Assist with customer onboarding customer/device onboarding, policy configuration, platform configuration and service transition to security operations team(s). Advance platform administration. Critical platform incident handling & closure. As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership across Endpoint Security and Endpoint Detection & Response. Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams. Drive continuous improvement of Rackspace Managed EDR services through custom development, automation and integration; in collaboration with SecOps Engineering and other Security Engineering team(s) Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc. Co-ordinate with vendor for issue resolution. Required to work flexible timings.

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to "explore" the customer main systems under consideration. Understand basic OT flows: client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats. Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to "explore" the customer main systems under consideration. Understand basic OT flows: client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats. Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to "explore" the customer main systems under consideration. Understand basic OT flows: client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats. Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Job Title: TPRM Manager Location: Chennai Experience: 6+ Years Employment Type: Full-Time Job Summary: We are seeking an experienced and proactive Third Party Risk Management (TPRM) Manager to join our growing risk and compliance team. The ideal candidate will be responsible for managing the end-to-end third-party risk lifecycle, driving compliance with regulatory and organizational standards, and collaborating with cross-functional teams to ensure robust information security and risk management practices. Key Responsibilities: Lead and manage third-party risk assessments across vendors, service providers, and partners. Evaluate vendor controls around cybersecurity, data privacy, compliance, and operational risk. Collaborate with procurement, legal, IT security, and business teams to ensure third-party risks are identified, assessed, monitored, and mitigated effectively. Ensure compliance with ISO 27001, regulatory requirements, and internal GRC frameworks. Develop and maintain TPRM documentation, policies, processes, and metrics. Work closely with audit and compliance teams for periodic reviews, internal audits, and external regulatory audits. Monitor vendor performance and maintain an updated risk register. Conduct control testing, review vendor SOC reports, and track remediation plans for non-compliance or control gaps. Provide training and awareness sessions on third-party risk, GRC, and IT security standards to stakeholders. Required Skills and Experience: Minimum 6 years of hands-on experience in Third Party Risk Management (TPRM) . Strong knowledge of GRC frameworks , ISO 27001 , IT Audit , and Network Security . Experience with cloud security and assessing cloud-based vendors (AWS, Azure, GCP). Familiarity with regulatory frameworks such as GDPR, RBI, SEBI, etc. Experience in risk assessment methodologies, control frameworks (NIST, COBIT), and issue tracking/remediation processes. Strong stakeholder management, analytical thinking, and problem-solving skills. Excellent communication, documentation, and presentation skills. Preferred Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. Certifications such as CISA , CRISC , ISO 27001 Lead Auditor/Implementer , CISSP , or similar are a plus. Prior experience working in BFSI, IT/ITES, or consulting firms will be advantageous. Immediate joiners preferred.

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: Deliver and execute the assigned project / work package on time with good quality, cost effectiveness and customer satisfaction. Ensure technical deliverables matches project / work package requirements. Save engineering cost for GEBS team through application and technical expertise. Ensure site activities are completed as desired by customer and in specified time frame. You will report to the Execution Manager. Your Responsibilities Conduct risk assessments for OT systems (e.g., SCADA, PLCs, and DCS). Develop and implement OT-specific GRC frameworks. Ensure compliance with standards like IEC 62443, NIST CSF, and ISO 27001. Creating Business Continuity, Incident Response, Disaster Recovery plans and procedures. Collaborate with cybersecurity teams to align OT and IT governance. Advise on regulatory requirements (NERC CIP, GDPR, local safety laws). Support audits and incident response planning for OT environments. Deliver training and awareness programmes for OT personnel. Understand routing and segmentation concepts like VLANs. Technical knowledge of firewalls, IDS and similar. Technical knowledge of OT technologies, networking, and protocols. Have a good understanding of an OT environment (common OT areas, personnel involved, OT constraints). Being able to "explore" the customer main systems under consideration. Understand basic OT flows: client-server, user operativity, user permissions. Basic knowledge about different OT vendors (Siemens, ABB, Schnieder, Mitsubishi. Understand a network diagram being able to identify the different assets and understand, on a high level, how are they connected. Identify network equipment being able to identify a switch, wireless Access Points, routers, net diodes, and firewalls. Identify and trace physically connected assets and documenting them in a network topology. Extract switches configuration and capture traffic. Understand general system configurations like O.S group policy, VMs, update mechanism. Being able to identify potential vulnerabilities and threats. Being able to identify current installed countermeasures/controls including, monitoring, end points security solutions, hardening measures (antivirus/EDR, GPO). Need to create ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. The Essentials - You Will Have Bachelor's degree in electrical engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. 8+ years of experience in Manufacturing Control Systems, Network Engineering, and Industrial Security Controls. Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. 8+ years of hands-on experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443. Previous experience working as part of a large, multi-disciplinary global team completing full project life-cycle implementations. Travel Requirements. Flexibility for travel 20% - 30% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. Recognized Security certifications such as IEC 62443, CISSP, GISP, CSSK, or CISM is required. The Preferred - You Might Also Have Master's Degree in Cybersecurity. Configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA). Experience with AV, EDR or NAC. Experience with monitoring, analyzing, and understanding log sources for threat hunting. Knowledge of common system exploits, network attacks, phishing techniques, and malware. What We Offer Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Role Overview The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. Collaborate with OT security engineers and external vendors to escalate and remediate incidents. Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. Experience in vulnerability management and patch advisory for OT assets with limited patch cycles. ________________________________________ Nice To Have Exposure to Red Team/Blue Team exercises focused on OT/ICS. Familiarity with GRC platforms and risk assessment tools tailored to OT.

Job Title: TPRM Manager Location: Gurgaon & Bangalore Experience: 6+ Years Employment Type: Full-Time Job Summary: We are seeking an experienced and proactive Third Party Risk Management (TPRM) Manager to join our growing risk and compliance team. The ideal candidate will be responsible for managing the end-to-end third-party risk lifecycle, driving compliance with regulatory and organizational standards, and collaborating with cross-functional teams to ensure robust information security and risk management practices. Key Responsibilities: Lead and manage third-party risk assessments across vendors, service providers, and partners. Evaluate vendor controls around cybersecurity, data privacy, compliance, and operational risk. Collaborate with procurement, legal, IT security, and business teams to ensure third-party risks are identified, assessed, monitored, and mitigated effectively. Ensure compliance with ISO 27001, regulatory requirements, and internal GRC frameworks. Develop and maintain TPRM documentation, policies, processes, and metrics. Work closely with audit and compliance teams for periodic reviews, internal audits, and external regulatory audits. Monitor vendor performance and maintain an updated risk register. Conduct control testing, review vendor SOC reports, and track remediation plans for non-compliance or control gaps. Provide training and awareness sessions on third-party risk, GRC, and IT security standards to stakeholders. Required Skills and Experience: Minimum 6 years of hands-on experience in Third Party Risk Management (TPRM) . Strong knowledge of GRC frameworks , ISO 27001 , IT Audit , and Network Security . Experience with cloud security and assessing cloud-based vendors (AWS, Azure, GCP). Familiarity with regulatory frameworks such as GDPR, RBI, SEBI, etc. Experience in risk assessment methodologies, control frameworks (NIST, COBIT), and issue tracking/remediation processes. Strong stakeholder management, analytical thinking, and problem-solving skills. Excellent communication, documentation, and presentation skills. Preferred Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. Certifications such as CISA , CRISC , ISO 27001 Lead Auditor/Implementer , CISSP , or similar are a plus. Prior experience working in BFSI, IT/ITES, or consulting firms will be advantageous. Immediate joiners preferred.

Your potential, unleashed India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team The Enabling Area – Information Technology team is responsible for building & maintaining different applications for Deloitte South Asia that focuses on providing employee experience. Your work profile Primary purpose of the role This role will be responsible for ensuring the security of our information systems and data. This role involves maintaining security policies, procedures, and controls to protect against unauthorized access, data breaches, and other security threats. The ideal candidate will have a strong background in information security, risk management, and compliance. To manage client security assessments, To review and provide comments on contractual information security terms To support information security activities Major responsibilities & deliverables Review and respond to client security questionnaire. Review and interpret information security clauses in Master service agreement, Engagement letters. Collaborate with legal teams, IT teams ,different business teams to align client requirements with internal information security policies. Maintain evidence and documentation for client assessments. Contribute to internal security awareness and trainings. Ensure compliance with relevant security standards and regulations, such as ISO 27001, NIST, GDPR Prepare and present security reports to senior management and stakeholders. Stay up-to-date with the latest security trends, threats, and technologies. Skills Required Knowledge of Security standards such as ISO 27001 , NIST Strong written and verbal communication skills Ability to work independently and manage multiple information security related activities with timelines. Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams. Ability to handle sensitive information with discretion and maintain confidentiality. Experience required, Any Specific Industry / Company exposure 8 to 12 years of experience in Information Security , Cyber Security Experience in MSA review, client security questionnaires. Experience in working in MNCs preferred Desired qualifications Bachelor’s degree in Information Technology, Computer Science, or a related field. Professional certifications such as CISSP, CISM, CEH, or equivalent are desirable. Location and way of working Base location: Mumbai, Delhi, Pune, Bengaluru preferred. This profile may involve travel for work. Hybrid is our default way of working. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterized by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident, and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

About The Team The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information. About Role Rubrik is seeking a passionate and motivated Penetration Testing Engineer to join our Information Security team. In this role, you will work to simulate real-world attack scenarios to identify vulnerabilities, evaluate security posture, and develop methods to defend against attacks. The successful candidate will be technically savvy, customer-oriented, results-driven, and passionate about security. You will partner with the vulnerability management engineers, Engineering, IT and other internal stakeholders to enhance Rubrik’s overall security posture. What You'll Do Design and execute real-world attack scenarios by replicating the tactics, techniques and procedures (TTPs) of threat actors and highlight gaps impacting Rubrik’s products and enterprise security posture. Assist with the planning, execution, and reporting of penetration tests on Rubrik’s products, services, and internal systems. Develop and refine exploitation techniques consistently to conduct penetration testing exercises successfully. Deliver detailed reports of technical findings to stakeholders and assist with the development of mitigation plans. Assist in security investigations, root-cause analysis and corrective measures as required. Coordinate with the security researcher community in reviewing the identified vulnerabilities and drive the issues to closure. Drive vulnerabilities to closure within the established SLAs. Navigate escalations when necessary to raise visibility into risk and drive the risk down when SLAs are not met. Collaborate with the senior security team members to identify areas for improvement in security posture. Contribute to the continuous improvement of Rubrik’s penetration testing framework and processes. Help develop and maintain testing documentation, including methodologies, procedures, and post-engagement reports. Track and monitor penetration testing metrics to scale the pentest program and continuously improve the coverage and depth of penetration testing. Stay updated with emerging security threats, innovative defense measures, and industry trends to recommend improvements proactively. Experience you'll need Bachelor’s degree required; BE/BTech or MS in Computer Science, Information Technology, or related field 2-4 years of hands-on experience in penetration testing, red team, vulnerability exploitation, product security and/or cloud security roles Ability to perform targeted cyberattacks with or without the use of automated tools such as (e.g., Burp Suite, Metasploit, Nmap, Wireshark, etc.). Experience in system internals (windows, linux) and cloud security (AWS, Azure, GCP) In-depth knowledge of exploit frameworks, obfuscation/evasion techniques, application security, IDS/IPS and web proxies Strong understanding of security best practices and frameworks (OWASP Top 10, NIST, CIS). Demonstrated programming skills in one or more of: Python, Perl, Ruby, Java IT security certifications (OSCP, OSCE, GPEN, GWAPT, GXPN) is a plus Strong analytical and problem-solving skills. Ability to work independently as well as part of a team in a fast-paced environment. Excellent verbal and written communication skills Join Us in Securing the World's Data Rubrik (NYSE: RBRK) is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked. Linkedin | X (formerly Twitter) | Instagram | Rubrik.com Inclusion @ Rubrik At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world’s data. Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential. Our inclusion strategy focuses on three core areas of our business and culture: Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here. Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries. Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities. Equal Opportunity Employer/Veterans/Disabled Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact us at hr@rubrik.com if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. EEO IS THE LAW NOTIFICATION OF EMPLOYEE RIGHTS UNDER FEDERAL LABOR LAWS

Job Description WHO WE ARE Led by the Chief Information Security Officer (CISO), Technology Risk secures Goldman Sachs against hackers and other cyber threats. We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has global presence across the Americas, APAC, India and EMEA. Within Technology Risk, Global Cyber Defense and Intelligence (GCDI) team identifies malicious activity, manages the lifecycle of vulnerabilities within GS technologies, and investigates and manages threats across the firm. We are a team of security, software, and product engineers that allow the firm to respond appropriately to firm risks using detection models, security architecture, and cutting-edge cyber threat analysis to manage internal and external threats against the firm. YOUR IMPACT In this role, you will have the opportunity to significantly enhance the organization's security posture by being part of the Security Orchestration and Automated Response (SOAR) program to automate and streamline incident response, reducing reaction times and improving overall threat management efficiency. Technical expertise and leadership will drive continuous improvement, ensuring robust protection against evolving cyber threats. How You Will Fulfill Your Potential As a Security Engineer in GCDI’s Threat Management Center, you will be an integral part of a technical team that is responsible for providing the GCDI organization with security sensors and data sets that increase awareness of current and potential Cyber Threats. This role offers the chance to fully harness and expand your technical expertise in advanced SOAR technologies, driving critical security initiatives that directly impact the organization’s resilience against cyber threats. The position also provides continuous exposure to the latest innovations in automated threat response, allowing the candidate to stay ahead of emerging threats and industry trends. This will not only solidify their standing as an expert in the field but also open up opportunities for further career growth and influence within the cybersecurity domain. Job Responsibilities Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of the intent, objectives, and activity of cyber threat actors Work at the forefront of designing an innovative threat and security incident management solution Develop and optimize SOAR playbooks, integrating various security tools and platforms to automate threat detection, incident response, and remediation processes. Work closely with cross-functional teams, including SOC, IT, DevOps, and Risk Management, to align SOAR capabilities with organizational security objectives. Customize SOAR workflows, scripts, and connectors to meet the specific needs of the organization, ensuring seamless interoperability between systems. Participate in a 24x7 coverage model to prevent and remediate security threats against Goldman Sachs’ global business network Basic Qualifications Strong verbal and written communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders. Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security challenges. In-depth understanding of security frameworks (MITRE ATT&CK, NIST), threat intelligence, and automation strategies. Strong sense of ownership and driven to manage tasks to completion Proficient scripting skills utilizing both Python and PowerShell Preferred Qualifications 1+ years of experience in cybersecurity, with SOAR technologies and incident response. Proficiency in SOAR platforms (e.g., Splunk Phantom, Demisto, Siemplify), scripting languages (Python, PowerShell), and integration with security tools (SIEM, EDR, etc.). Knowledge conducting incident response within a major public cloud (i.e. AWS, Google, Azure) Any of following certifications: GNFA, GCFE, GCFA, CCFP, CFCE, ACE, OSCP, GCFR #TechRiskCybersecurity About Goldman Sachs At Goldman Sachs, we commit our people, capital and ideas to help our clients, shareholders and the communities we serve to grow. Founded in 1869, we are a leading global investment banking, securities and investment management firm. Headquartered in New York, we maintain offices around the world. We believe who you are makes you better at what you do. We're committed to fostering and advancing diversity and inclusion in our own workplace and beyond by ensuring every individual within our firm has a number of opportunities to grow professionally and personally, from our training and development opportunities and firmwide networks to benefits, wellness and personal finance offerings and mindfulness programs. Learn more about our culture, benefits, and people at GS.com/careers. We’re committed to finding reasonable accommodations for candidates with special needs or disabilities during our recruiting process. Learn more: https://www.goldmansachs.com/careers/footer/disability-statement.html © The Goldman Sachs Group, Inc., 2023. All rights reserved. Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Veteran/Sexual Orientation/Gender Identity

About REA Group: In 1995, in a garage in Melbourne, Australia, REA Group was born from a simple question: “Can we change the way the world experiences property?” Could we? Yes. Are we done? Never. Fast forward 30 years, REA Group is a market leader in online real estate in three continents and continuing to grow rapidly across the globe. The secret to our growth is staying true to that ‘day one’ mindset; the hunger to innovate, the ambition to change the world, and the curiosity to reimagine the future. Our new Tech Center in Cyber City is dedicated to accelerating REA Group’s global technology delivery through relentless innovation. We’re looking for the best technologists, inventors and leaders in India to join us on this exciting new journey. If you’re excited by the prospect of creating something magical from scratch, then read on."While no two days are likely to be the same, your typical responsibilities will include: Help teams navigate security for their projects and systems, making sense of controls (technical, procedural, physical) and risks. Conduct cyber risk assessments, third-party due diligence and Business Impact Analyses (BIAs) for new tech and systems, designing smart ways to manage those risks. Perform technical security control assessments and contribute to ensuring our key systems meet security standards and compliance needs. Work with delivery partners and internal teams to clearly communicate security requirements and ensure they're met. Advise on secure solution architectures, identify potential risks in designs, and propose effective countermeasures. Contribute to our vulnerability assessment efforts by analysing assets, performing assessments, and helping teams adopt the right controls. Assist in investigating suspected attacks and support our incident response efforts with your security expertise. Help maintain and optimize operational security processes, especially for our cloud and automated systems. Engage effectively with stakeholders across REA, understanding their needs and championing good security practices. Provide detailed and specific advice on security topics where you have expertise, helping teams make informed decisions. Who we are looking for: Solid understanding of security controls, risk assessment methodologies, and Business Impact Analysis. Can break down security concepts, risks, and requirements for diverse audiences. Experience performing security risk assessments, technical security assessments, or contributing to assurance / accreditation activities. You can spot potential security issues in designs, processes, and systems and suggest practical, effective solutions. You enjoy working with different teams (tech, business, partners) to embed security and achieve shared goals. Knowledge of frameworks like NIST, ISO 27001, or specific compliance areas (e.g., PCI, Privacy) You can manage your advisory workload, contribute effectively to projects, and keep good records. Maybe it's cloud security, application security, identity, or a specific GRC area – we value focused expertise. You can work effectively with stakeholders, understand their perspectives, and provide valuable, respected advice. You're keen to stay updated on security trends, threats, and best practices. You’ve got experience working with different cloud environments like AWS, Google or Azure. We believe great ideas come from everywhere. If you're excited about this space, we want to hear from you, even if you don’t tick every single box. What we offer: A hybrid and flexible approach to working. Transport options to help you get to and from work, including home pick-up and drop-off. Meals provided on site in our office. Flexible leave options including parental leave, family care leave and celebration leave. Insurance for you and your immediate family members. Programs to support mental, emotional, financial and physical health & wellbeing. Continuous learning and development opportunities to further your technical expertise. The values we live by: Our values are at the core of how we operate, treat each other, and make decisions. We believe that how we work is equally important as what we do to achieve our goals. This commitment is at the heart of everything we do, from the way we interact with colleagues to the way we serve our customers and communities. Our commitment to Diversity, Equity, and Inclusion: We are committed to providing a working environment that embraces and values diversity, equity and inclusion. We believe teams with diverse ideas and experiences are more creative, more e?ective and fuel disruptive thinking - be it cultural and ethnic backgrounds, gender identity, disability, age, sexual orientation, or any other identity or lived experience. We know diverse teams are critical to maintaining our success and driving new business opportunities. If you've got the skills, dedication and enthusiasm to learn but don't necessarily meet every single point on the job description, please still get in touch. REA Group in India: You might already recognise our logo. The REA brand does have an existing presence in India. In fact, we set up our new tech hub in Gurugram to be their neighbours! REA Group holds a controlling interest in REA India Pte. Ltd., operator of established brands Housing.com, Makaan.com and PropTiger.com, three of the country’s leading digital property marketplaces. Through our close connection to REA India, we’ve seen first-hand the incredible talent the country has to offer, and the huge opportunity to expand our global workforce. Our Cyber City Tech Center is an extension of REA Group; a satellite office working directly with our Australia HQ on local projects and tech delivery. All our brands, across the globe, connect regularly, learn from each other and collaborate on shared value initiatives.

Responsibilities Lead security operations activities, managing and maintaining the organization's security monitoring and detection capabilities. Coordinate and execute incident response strategies, swiftly identifying, containing, and mitigating cybersecurity incidents. Conduct detailed incident investigations to determine root cause, document findings, and implement proactive measures to enhance detection and response effectiveness. Collaborate cross-functionally with IT and business units to facilitate the prompt remediation of identified vulnerabilities, minimizing operational disruptions. Monitor and analyze emerging threat intelligence feeds, integrating insights into proactive security measures to defend against advanced threats. Regularly review, assess, and optimize security controls and incident response protocols. Develop and maintain clear documentation, including incident response playbooks, security reports, and post-incident analyses. Provide actionable recommendations based on lessons learned from security events to continuously enhance security posture. Contribute actively to the development and refinement of cybersecurity policies, procedures, and standards in alignment with regulatory and compliance requirements. Collaborate closely with IT and other internal teams to implement integrated and effective cybersecurity practices. Create and maintain real-time security monitoring dashboards to provide visibility into organizational cybersecurity health. Stay current with cybersecurity trends, threat intelligence, and evolving risks to ensure proactive defense measures. Participate in cybersecurity awareness training initiatives, promoting a security-focused culture throughout the organization. Serve on an on-call rotation to ensure timely response to cybersecurity incidents outside regular business hours, including nights and weekends. Basic Qualifications Minimum 3 years of professional experience in Security Operations (SecOps) or related cybersecurity roles. Comprehensive understanding of cybersecurity principles, threat intelligence methodologies, and frameworks (NIST, ISO 27001, MITRE ATT&CK). Proven experience in cybersecurity incident response, threat detection, and threat intelligence analysis. Proficiency in configuring and managing advanced security monitoring tools such as SIEM, EDR, and threat intelligence platforms. Exceptional analytical and problem-solving capabilities with a focus on rapid incident containment and remediation. Strong communication and collaboration skills, with fluency in English. Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) strongly preferred. Ability and willingness to travel domestically and internationally up to 10%. Preferred Characteristics Bachelor’s or Master's degree in Computer Science, Information Security, or a closely related discipline. Operational Technology (OT) security experience, particularly within a global manufacturing context. Experience responding to sophisticated cyber threats, including nation-state actors. Prior United States Security Clearance or equivalent. Familiarity with regulatory frameworks and compliance requirements, including SOC 1/2/3, ISO 27001, FedRAMP, SOX, HIPAA, NIST, and others. Scripting and automation skills in Python, shell scripting, Ruby, or similar languages. Previous experience in corporate IT support or help desk roles is beneficial.

Job Title: SOC Analyst Job Summary We are seeking a dedicated and skilled SOC Analyst to support our Security Operations Center (SOC). The ideal candidate will have strong analytical skills, a deep understanding of cybersecurity threats, and experience in security incident response. This role requires hands-on experience with security tools, cloud platforms, and process improvement methodologies. Key Responsibilities Monitor, analyze, and respond to security incidents in real-time. Conduct forensic investigations, root cause analysis, and develop remediation strategies. Work with at least 1 cloud security (AWS, Azure, or GCP) to ensure a secure infrastructure. Ensure compliance with security policies, standards, and regulatory requirements. Stay updated with emerging threats, vulnerabilities, and cybersecurity trends. Required Qualifications & Skills Strong communication skills (verbal and written) to effectively convey security issues and solutions. Strong analytical thinking and intellectual integrity to make data-driven security decisions. Experience in Cybersecurity, Threat Intelligence, Incident Response, and Incident Handling. Hands-on experience with security engineering and forensic investigations. Familiarity with security tools including Splunk, Jira, CrowdStrike, and WIZ. Experience working with at least 1 cloud platforms AWS/Azure/GCP. Basic knowledge of Windows and Unix environments. Strong understanding of OSI Model, TCP/IP Protocols, and network security. Preferred Qualifications Industry certifications such as Google Cybersecurity Professional Training. Familiarity with compliance frameworks such as NIST, ISO 27001.

Key Responsibilities Leadership & Strategy Lead and mentor the incident response (IR) team, fostering a culture of continuous improvement and collaboration. Develop, implement, and maintain the organization’s incident response strategy, processes, and playbooks. Act as the primary escalation point for significant cybersecurity incidents. Incident Management Oversee the detection, analysis, containment, eradication, and recovery phases of cybersecurity incidents. Coordinate cross-functional teams and third-party vendors during incident response efforts. Ensure timely reporting to stakeholders, including executive management and regulatory bodies, as required. Threat Analysis & Forensics Conduct root cause analyses of incidents and oversee digital forensics investigations. Collaborate with threat intelligence teams to stay ahead of emerging threats and ensure proactive response measures. Training & Preparedness Organize regular tabletop exercises and incident simulations to prepare the team and stakeholders for real-world scenarios. Develop and deliver training programs to enhance the technical capabilities of the IR team. Compliance & Reporting Ensure incident response practices align with regulatory requirements (e.g., GDPR, HIPAA, PCI DSS). Prepare detailed incident reports and lessons-learned documentation for internal and external audiences. Required : Bachelor’s degree in Computer Science, Information Security, or a related field. Advanced degree preferred. 10–15 years of experience in cybersecurity, with a minimum of 5 years in incident response or security operations leadership roles. Deep understanding of security frameworks and standards (e.g., NIST CSF, ISO 27001, MITRE ATT&CK). Proficiency with incident response tools (e.g., SIEM, EDR, SOAR platforms) and forensic tools. Strong knowledge of network security, malware analysis, and threat hunting techniques. Exceptional communication and crisis management skills. Preferred: Relevant certifications such as CISSP, CISM, GIAC Certified Incident Handler (GCIH), or Certified Ethical Hacker (CEH). Experience working in regulated industries or government organizations. Familiarity with AI-driven incident detection and response tools Regards Shyam J Senior HR Analyst 106-109, Anna Salai, Guindy, Chennai – 600032 M: +91 8925900151 exelatech.com • About EXELA • Instagram • LinkedIn

Job Description Key Responsibilities, Deliverables / Outcomes: Project Leadership: Lead and manage large, complex penetration testing and security testing engagements end-to-end. Act as the primary technical and engagement lead for key client accounts. Ensure timely delivery, quality assurance, and stakeholder communication throughout project lifecycles. Provide mentorship and guidance to junior and mid-level consultants. Technical Execution: Perform and review web, mobile, API, network, cloud, and configuration security assessments. Maintain technical excellence across multiple service lines, staying updated on the latest vulnerabilities, tools, and attack techniques. Conduct business logic reviews, threat modeling, and red teaming exercises as needed. Client Engagement: Act as a trusted advisor to clients, providing strategic security recommendations and actionable insights. Be ready for onsite visits, workshops, and executive-level presentations when required. Handle sensitive engagements with professionalism and discretion. Presales Support: Support RFP responses, proposal writing, and technical solutioning. Participate in client sales meetings and scoping discussions. Provide accurate effort estimations and help define delivery models. Practice Development: Contribute to the development and refinement of security testing services and methodologies. Drive internal initiatives to improve quality, efficiency, and innovation in service delivery. Create technical content, whitepapers, or knowledge base articles to support team growth. Key Skills 3–5 years of hands-on experience in penetration testing or offensive security. Proven track record of leading complex security assessments with large clients. Expertise in Web, Mobile, Network, API, Cloud, Configuration Reviews, and/or Red Teaming. Familiarity with security standards such as OWASP, PTES, NIST, and MITRE ATT&CK. Strong communication and client-facing skills. Experience supporting presales efforts, including proposals, SOWs, and client discussions. Certifications such as OSCP, OSWA, CRTO, CREST CRT/CCT, or similar are preferred. Key Competencies 1. Accountability 2. Communications - Oral & Written 3. Analysis Skills 4. Passion 5. Adaptability

About Atlas Hello and welcome! Atlas Consolidated Pte Ltd. owns and operates two brands: Hugosave, a B2C consumer finance app, and HugoHub, a B2B Banking as a Service platform. Atlas is Headquartered in Singapore. Hugosave Hugosave is a personal financial management application that puts saving first. Our initial market is Singapore, but regional and global expansion is taking place swiftly. Through our product vision of Better Budgeting, Smarter Spending, and Sustainable Saving, we aim to build financially healthy and thriving communities. HugoHub HugoHub is a standalone B2B technology platform consisting of both frontend experience layer and backend platforms that offer a full suite of modular banking services through a single integration. HugoHub comprises 5 key Product Pillars: 1. Accounts, Wallets & Payments, 2. Card Programmes, 3. Wealth, Savings & Investments, 4. Full Stack BaaS (Banking as a Service) and 5. Bank of API’s Using these Product Pillars built on our platform, our clients can build financial products that delight their customers in any part of the world. A regulated entity with strong credentials Atlas Consolidated Pte Ltd satisfies stringent corporate governance, operations, and regulatory integrity requirements to maintain licenses from regulatory bodies, such as: Monetary Authority of Singapore - Major Payment Institution license and Financial Advisors license Ministry of Law, Singapore - Regulated Precious Metals Dealers license Visa Inc. - Principal Members Issuing licence About the Role We are seeking an experienced Product Security Engineer to join our team and help build security into every aspect of our product development lifecycle. In this role, you'll work closely with engineering, product, and DevOps teams to identify, assess, and mitigate security risks while enabling rapid and secure product delivery. Key Responsibilities Threat Modeling & Risk Assessment Design and conduct comprehensive threat modeling sessions for new features and system architectures Identify potential attack vectors and security vulnerabilities early in the development process Collaborate with product and engineering teams to prioritize security requirements based on risk assessment Develop and maintain threat models for existing and new products Security Testing & Validation Perform security testing of web applications, mobile applications, and APIs Conduct static and dynamic application security testing Execute penetration testing and vulnerability assessments Review code for security vulnerabilities and provide remediation guidance Validate security controls and defensive measures DevSecOps Integration Implement and maintain Static Application Security Testing (SAST) tools in CI/CD pipelines Deploy and optimize Dynamic Application Security Testing (DAST) solutions Establish cloud security best practices and tooling for AWS environments Build security gates and quality checks into development workflows Collaborate with DevOps teams to secure infrastructure as code Security Automation & Tooling Develop automated security testing frameworks and scripts Build tools and integrations to streamline security processes Automate vulnerability scanning and reporting workflows Create self-service security tools for development teams Implement security orchestration and response automation Security Analytics & Monitoring Design and implement security metrics and KPIs for product security Analyze security testing results and trends to identify systemic issues Build dashboards and reporting for security posture visibility Conduct security data analysis to inform strategic decisions Monitor and respond to security alerts and incidents Cross-functional Collaboration Partner with engineering teams to provide security guidance and support Educate developers on secure coding practices and security requirements Work with product managers to balance security and business requirements Collaborate with infrastructure and platform teams on security architecture Requirements Required Qualifications 5+ years of experience in product security, application security, or related cybersecurity roles Strong background in threat modeling and secure design review. Extensive experience with web application security testing and mobile application security for iOS and Android platforms Hands-on experience with DevSecOps practices and security tool integration Proficiency with SAST, DAST, Cloud Security tools Experience with security automation and scripting (Python, Bash) Background in security analytics and data analysis for security insights Preferred Qualifications Experience with container security (Docker, Kubernetes) Knowledge of infrastructure as code security (Terraform, CloudFormation) Familiarity with security frameworks (NIST, ISO 27001, SOC 2) Experience with bug bounty programs and responsible disclosure Experience with compliance requirements (PCI DSS, GDPR)

Category IT Security / Cyber Security Location Hyderabad, Telangana Job family IT Security Shift Evening Employee type Regular Full-Time Job Description (Summary) The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention View more

Job Title: PKI Engineer / PKI Specialist Job Summary: We are looking for a skilled PKI Engineer to design, implement, and manage our Public Key Infrastructure systems. This role will be responsible for ensuring secure digital identity, encryption, and authentication mechanisms across the enterprise. The ideal candidate will have deep knowledge of certificate management, cryptographic standards, and experience with tools such as Microsoft ADCS, Venafi, DigiCert, or similar. Key Responsibilities: Design, deploy, and maintain PKI infrastructure , including Certificate Authorities (CAs), Registration Authorities (RAs), and OCSP/CRL services. Manage digital certificates for users, devices, services, and applications, ensuring proper issuance, renewal, and revocation. Support SSL/TLS certificate lifecycle management , including integration with web servers, load balancers, and cloud services. Configure and maintain Microsoft ADCS (Active Directory Certificate Services) or third-party PKI solutions (e.g., Venafi, DigiCert, Keyfactor). Define and enforce certificate policies and practices (CP/CPS) and align with regulatory and internal compliance standards. Implement automated certificate management using scripts or tools to reduce risk and operational overhead. Troubleshoot PKI-related issues including certificate chain validation, enrollment errors, or CRL distribution problems. Provide subject matter expertise on cryptographic standards , such as X.509, RSA, ECC, SHA-2, and quantum-safe practices. Collaborate with cybersecurity, cloud, and infrastructure teams to ensure secure, scalable PKI deployments. Assist in audits, penetration testing, and risk assessments related to encryption and identity assurance. Required Qualifications: Bachelor’s degree in computer science, Cybersecurity, or a related field; or equivalent work experience. 3+ years of experience in PKI design, administration, and support. Hands-on experience with Microsoft ADCS and/or enterprise PKI platforms (e.g., Venafi, DigiCert, Keyfactor, AppViewX). Deep understanding of certificate lifecycle , cryptographic algorithms, and standards (X.509, RSA, ECC, SHA, etc.). Familiarity with HSMs (Hardware Security Modules) and key management practices. Working knowledge of TLS/SSL , S/MIME, code signing, email encryption, and secure authentication protocols. Scripting skills in PowerShell , Python , or Bash for automation. Preferred Qualifications: Professional certifications (e.g., GIAC GPEN, GCLD, CISSP, Microsoft Certified: Identity and Access Administrator Associate ). Experience with DevOps/DevSecOps integration for certificate issuance in CI/CD pipelines. Knowledge of quantum-resistant cryptography and NIST PQC standards. Experience with cloud PKI integration (e.g., AWS ACM, Azure Key Vault, Google Cloud KMS).

Job requisition ID :: 86283 Date: Jul 21, 2025 Location: Bhubaneswar CEC Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Technology & Transformation is about much more than just the numbers. It’s about attesting to accomplishments and challenges and helping to assure strong foundations for future aspirations. Deloitte exemplifies what, how, and why of change so you’re always ready to act ahead. Learn more about Technology & Transformation Practice What impact will you make? Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Work you’ll do Lead client engagements and provide strategic guidance on OT/ICS security initiatives. Participate in OT incident response activities, including investigation, analysis, and mitigation of security incidents in the OT environment. Oversee the monitoring and detection of security threats and incidents in the OT environment, ensuring timely response and resolution. Establish trusted advisor relationships with key client stakeholders, including C-level executives, OT managers, and IT security teams. Lead and mentor a team of OT security professionals, providing guidance, support, and professional development opportunities. Conduct regular assessments and audits of OT security controls, identifying gaps and recommending remediation measures. Conduct Passive Vulnerability testing for OT environment Conduct Risk Assessment and gap assessment in OT environment Foster a culture of collaboration, innovation, and continuous learning within the team. Contribute to the development of the OT/ICS cybersecurity practice within the firm, including thought leadership, methodologies, and service offerings. Identify market trends, emerging technologies, and regulatory developments in the OT/ICS cybersecurity space. Collaborate with firm leadership to develop go-to-market strategies and business development initiatives. Manage complex OT/ICS cybersecurity projects from initiation to closure, ensuring quality, timeliness, and client satisfaction. Develop project plans, budgets, and resource allocations to meet project objectives and deliverables. Monitor project progress, identify risks and issues, and implement mitigation strategies as needed. Provide subject matter expertise on OT/ICS cybersecurity technologies, standards, and best practices. Develop and implement cybersecurity controls and solutions to mitigate risks and protect critical infrastructure. Assist clients in developing and implementing governance frameworks, policies, and procedures to manage OT/ICS cybersecurity risks. Deliver client presentations, workshops, and training sessions on OT/ICS cybersecurity topics. Contribute to thought leadership activities, including whitepapers, articles, and conference presentations. Participate in industry forums, working groups, and conferences to share insights and best practices. Ensure compliance with relevant OT/ICS cybersecurity regulations, standards, and frameworks (e.g., NERC CIP, IEC 62443). Lead pursuit qualification, proposals, response and closing of opportunities. The key skills required are as follows: Lead and manage the OT SOC team, providing guidance, direction, and mentorship to analysts and engineers. Knowledge of advanced persistent threats, malware, emerging threats as well as experience in a large corporate environment. Risk Advisory Cyber Risk Strong understanding of malware analysis, threat taxonomy and threat indicators Ability to work with multiple security technologies, platforms including SIEMs, IDS /IPS, Firewalls, Web application firewalls etc. Hands on experience for configuration and working on tools as Claroty, Tenable, Nazomi Extensive experience in Pre-Sales, Security outsourcing, Marketing and Alliances Experience of assessment / implementation of OT Security controls basis various standard such as NIST, ISO 27001, NERC CIP and IEC 62443 etc. Understanding of various OT security architectures and ability to review the same. In-depth knowledge of OT protocols, technologies, and systems, including SCADA, PLCs, DCS, and HMI. Hand-on experience of working on OT Technologies such as SIEMENS, Yokogawa, Honeywell, Rockwell etc. Experience with OT security tools and technologies, such as SIEM, IDS/IPS, firewall, and endpoint protection. Excellent communication and interpersonal skills, with the ability to effectively communicate technical concepts to non-technical audiences. Qualifications 1.B.Tech / BE / M.Tech / MCA /MBA/MS 2.Preferred: GISCP and IEC 62443 3.Desirable: CISSP and CISM Your role as a leader At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. Risk Advisory Cyber Risk In addition to living our purpose, Associate Director across our organization: Identifies and embraces our purpose and values and puts these into practice in their professional life Develops self by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador Seeks opportunities to challenge self; teams with others across businesses and borders to deliver and takes accountability for own and team results Builds relationships and communicates effectively in order to positively influence peers and other stakeholders Understands objectives for clients and Deloitte, aligns own work to objectives and sets personal priorities How you’ll grow At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our purpose Deloitte is led by a purpose: To make an impact that matters. Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work—always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloitte's impact on the world

Additional Information Job Number 25104117 Job Category Information Technology Location Mumbai Area Office, 303A-304 Fulcrum B Wing Hiranandani Business Park, Mumbai, Maharashtra, India, 400099VIEW ON MAP Schedule Full Time Located Remotely? N Position Type Management Job Summary The Manager, Continent Information Security Partnerships, Property Security Compliance is a key role in continent security aspects relating to planning, executing and managing the Marriott Security Compliance Assessment program, providing the necessary support to above property and on property teams. The objective for this role is to attain maximum security compliance status and ensure that all IT Operations in the continent follow the company security standards. Enforce Marriott Security Standards and requirements for properties. The role will perform tracking and reporting on the established security policies and processes as implemented at the hotels and will have a direct reporting line to the Senior Director/Director, Continent Information Security Partnerships. This position maintains strong relationships with and provides support to Area Operation/IT Leaders with continent operations and provides assistance in liaising with additional teams within Information Security and will require to travel for up to 75% of the work capacity. CANDIDATE PROFILE Education And Experience 5+ years Information Technology or information security work experience including: 3+ years in executing technology plans and/or information security projects, programs, and/or portfolios 2+ years’ in implementing enterprise security risk management frameworks and processes. Bachelor’s degree in Computer Sciences, Information Technology, Information Security, Cybersecurity or related field or equivalent field experience. Fluent in English, both spoken and written. Preferred: Professional certifications related to security assessment, such as CISA, CRISC, PCI ISA, ISO/IEC 27001 Lead Auditor, etc. Hotel IT Management. Cybersecurity experience. Good understanding of PCI DSS and NIST CSF. Expert level understanding of key network and technical security controls. Experience participating in and coordinating activities for security incident responses. Knowledge of global regulatory standards to include GDPR and CCPA. Ability to demonstrate security experience via certifications (CISSP, CISM, etc.) or significant career accomplishments. Demonstrated ability to apply organizational information security policies at a discipline unit level. Knowledge of IT security within an infrastructure environment. Proven ability to effectively prioritize and execute tasks in a high-pressure environment. Experience in business systems and process planning. Graduate/postgraduate degree. CORE WORK ACTIVITIES Lead and execute audits, security assessments, and control reviews across infrastructure, applications, data, cloud, and third-party services. Evaluate the effectiveness of information security controls (technical and administrative) aligned with corporate standards. Perform risk-based assessments and identify vulnerabilities, non-compliances, and improvement opportunities. Review historical audit and assessment findings and real-time observations, both internal and external, to determine areas for improvement, including developing and disseminating best practices, standardized configurations, and implementation guides across the hotel portfolio. Review artifacts, interview key stakeholders and identify areas for improvement. Develop and manage the end-to-end audit or assessment program, including planning, scoping, scheduling, stakeholder engagement, fieldwork, and follow-up. Organize and facilitate kick-off meetings, status updates, walkthroughs, and closing sessions. Track and report audit timelines, milestones, and risk issues to ensure timely completion. Build relationships and collaborate with key stakeholders to develop pragmatic remediation plans and track closure progress through defined follow-up cycles. Prepare clear, concise, and well-structured audit reports with actionable findings and risk ratings. Provide input on risk treatment strategies, control enhancements, and policy updates. Develop effective communication plans to collaborate with the stakeholders by customizing individual needs. Contribute to the maturity of the information security internal audit methodology, templates, and knowledge base. Additional Functions Represents Security in signing off on new property openings reviewing the implemented policies and controls. Provides tactical communications and issues remediation planning and implementation with the continent IT Operations team. Signs off the new property openings including tracking that all necessary information on the property systems and security readiness is registered, such as application inventory. Facilitates educational calls, materials and meetings to the Continent IT Operations and field associates Tracks the compliance performance of the continent and work with on property IT associates along with the Area IT Managers towards issues remediations, providing necessary escalations and follow ups to the respective teams. Reporting on security & compliance related metrics to different stakeholders including GIS, Continent leadership Provides answers to general questions and queries around IT security and other related queries. Identifies learning and knowledge gaps and facilitates educational calls, materials and meetings to the Continent IT Operations and field associates Additional Responsibilities Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner. Attends and participates in all relevant meetings. Presents ideas, expectations and information in a concise, organized manner. Uses problem solving methodology for decision making and follow up. Maintains positive working relations with internal customers and department managers. Manages time effectively and conducts activities in an organized manner. Performs other reasonable duties as assigned by manager. Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law. Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you.

About The Opportunity We are a high-growth technology leader in the Cloud Security and Cybersecurity sector, specializing in designing and implementing cutting-edge security frameworks for cloud infrastructures. Operating in India on an on-site basis, our team is dedicated to delivering robust security solutions that protect critical data and ensure compliance with global industry standards. Role & Responsibilities Design and implement secure cloud architectures across multi-cloud and hybrid environments. Collaborate with cross-functional teams to integrate security best practices into cloud deployments and applications. Monitor and respond to security incidents, performing risk assessments and threat modeling. Develop and enforce security policies and procedures to meet regulatory requirements and industry standards. Continuously evaluate and enhance security automation tools and SIEM solutions. Mentor junior engineers and contribute to developing a culture of security awareness and excellence. Skills & Qualifications Must-Have Bachelor’s degree in Computer Science, Information Technology, or a related field, with 3+ years of hands-on cloud security engineering experience. Proven experience with major cloud platforms (AWS, Azure, Google Cloud) and implementing enterprise-grade security solutions. Deep understanding of cybersecurity protocols, regulatory frameworks (e.g., NIST, ISO 27001), and risk assessment methodologies. Proficiency in network security, identity and access management, and encryption technologies. Preferred Professional certifications such as CISSP, CCSP, or AWS/Azure Security certifications. Experience with security automation, SIEM tools, and vulnerability scanning techniques. Benefits & Culture Highlights Work on-site in a dynamic and innovative environment in India, collaborating with industry experts. Access to continuous professional development programs and a supportive, forward-thinking culture. Competitive compensation along with comprehensive rewards and benefits packages. If you are passionate about safeguarding cloud environments and eager to drive impactful security solutions, we encourage you to apply and join our transformative journey in the realm of cloud security. Skills: risk assessment,siem,aws,risk,regulatory frameworks,google cloud,identity and access management,access,encryption technologies,cloud security,network security,risk assessment methodologies,vulnerability scanning techniques,azure,siem tools,incident response,security automation,security,automation,cybersecurity protocols,cloud security engineering,cloud

Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats Responsibilities: Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications - CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets: · IT Risk, ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets: · Stakeholder Management, Team Management Years of Experience: · 3-6 Years Educational Qualification: · BE, B.Tech, M.Tech, MCA, MBA graduates.

Job Title: SOC Manager / Senior Manager Location: Gurgaon / Bangalore Experience: 6+ Years Position Type: Full-time Immediate Joiners Preferred Job Description: We are looking for an experienced SOC Manager / Senior Manager to lead and mature our Security Operations Center. The candidate will be responsible for managing SOC teams, overseeing security operations, driving incident response, and working with senior leadership and clients to enhance security postures. Key Responsibilities: Lead the SOC team including analysts and incident responders Design and implement SOC strategy, processes, and automation workflows Oversee SIEM tuning, threat intelligence, and use-case development Manage end-to-end incident response lifecycle and post-incident reviews Coordinate with stakeholders across IT, compliance, and management functions Prepare executive reports and dashboards on SOC performance Ensure adherence to cybersecurity regulations and standards (ISO 27001, NIST, etc.) Mentor team members and promote continuous improvement and upskilling Required Skills: 6+ years of experience in cybersecurity with at least 3+ years in a leadership SOC role Proven experience with SIEM/SOAR platforms, EDR, UEBA, and threat intelligence tools Deep understanding of threat detection, incident response, and security analytics Experience managing 24x7 operations or large-scale SOC environments Strong client-facing and stakeholder management experience Ability to lead cross-functional teams and communicate with executive leadership Certifications (Preferred): CISSP / CISM / OSCP / GCIA / GCIH / SC-100 or equivalent

Company Description Quick Heal Technologies Limited is a leading provider of IT Security and Data Protection Solutions with a strong presence in India and a growing global footprint. Founded in 1995, we cater to B2B, B2G, and B2C segments, offering solutions across endpoints, network, data, and mobility. Our state-of-the-art R&D center and deep threat intelligence enable us to deliver top-tier protection against advanced cyber threats. Known for our renowned brands 'Quick Heal' and 'Seqrite', we are committed to our employees' development, and societal progress through cybersecurity education and awareness initiatives. Quick Heal is the only IT Security product company listed on both BSE and NSE. Role Description We are seeking a Data Science Manager to lead a high-performing team of data scientists and ML engineers focused on building scalable, intelligent cybersecurity products. You will work at the intersection of data science, threat detection, and real-time analytics to identify cyber threats, automate detection, and enhance risk modelling. Responsibilities Lead and mentor a team of data scientists, analysts, and machine learning engineers. Define and execute data science strategies aligned with cybersecurity use cases (e.g., anomaly detection, threat classification, behavioral analytics). Collaborate with product, threat research, and engineering teams to build end-to-end ML pipelines. Oversee development of models for intrusion detection, malware classification, phishing detection, and insider threat analysis. Manage project roadmaps, deliverables, and performance metrics (precision, recall, F1 score, etc.). Establish MLOps best practices and ensure robust model deployment, versioning, and monitoring. Drive exploratory data analysis on large-scale security datasets (e.g., endpoint logs, network flows, SIEM events). Stay current on adversarial ML, model robustness, and explainable AI in security contexts. Required Qualifications Bachelor's or Master’s degree in Computer Science, Data Science, Statistics, or a related field. Ph.D. is a plus. 7+ years of experience in data science or ML roles, with at least 2+ years in a leadership role. Strong hands-on experience with Python, SQL, and ML libraries (e.g., scikit-learn, TensorFlow, PyTorch). Experience working with security datasets: EDR logs, threat intel feeds, SIEM events, etc. Familiarity with cybersecurity frameworks (MITRE ATT&CK, NIST, etc.). Deep understanding of statistical modelling, classification, clustering, and time-series forecasting. Proven experience managing cross-functional data projects from conception to production. Preferred Skills Experience with anomaly detection, graph-based modelling, or NLP applied to security logs. Understanding of data privacy, encryption, and secure data handling. Exposure to cloud security (AWS, Azure, GCP) and tools like Splunk, Elastic, etc. Experience with MLOps tools like MLflow, Kubeflow, or SageMaker.