About The Role We are hiring an experienced IT Security Manager to lead our enterprise-wide security initiatives in the Banking & Financial Services domain. You will be responsible for defining and enforcing security standards across applications, infrastructure, data, and user environments, ensuring compliance with RBI and other regulatory requirements. This is a strategic and hands-on role suited for a security leader who understands the unique challenges of financial systems and enterprise-grade IT infrastructure. Key Responsibilities Define and implement enterprise-level security policies, frameworks, and controls aligned with RBI guidelines, ISO 27001, and other BFSI regulations. Lead end-to-end security operations: vulnerability management, threat detection, incident response, and security monitoring. Work closely with Compliance, DevOps, Cloud, and Infrastructure teams to embed security into all layers of IT. Oversee data protection and privacy efforts, including encryption, data classification, DLP, and secure data sharing. Conduct regular internal/external audits, third-party risk assessments, and compliance checks. Establish and manage Identity & Access Manage enterprise security tools such as SIEM, endpoint protection, firewalls, IDS/IPS, and antivirus. Lead employee security awareness and training programs across the organization. Coordinate with regulators, auditors, and client teams for security reviews and certifications. Stay updated with BFSI-specific cyber threats and regulatory changes. Required Skills & Qualifications Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. 7+ years of experience in IT Security, with 3+ years in a BFSI or regulated enterprise environment. Strong knowledge of RBI cybersecurity guidelines, ISO 27001, NIST, SOC 2, and data privacy laws (DPDP/GDPR). Experience in securing enterprise applications (core banking, lending, payments, etc.) and cloud infrastructure (AWS, Azure). Hands-on experience with tools like SIEM, WAF, EDR, DLP, IAM, vulnerability scanners, and endpoint security platforms. Deep understanding of network security, application security (including mobile/web), and secure SDLC practices. Security certifications preferred: CISSP, CISM, CEH, CRISC, ISO 27001 Lead Implementer/Auditor. APPLY NOW Show more Show less

Management Level F Core Duties/Responsibilities Risk Identification, Assessment and Analysis As a Senior Information Security Risk Analyst, you will lead and conduct comprehensive security risk assessments across EQ’s internal systems, infrastructure, cloud platforms, third-party services, applications, mobile environments, and networks. Your role will be pivotal in identifying and evaluating potential cybersecurity threats and vulnerabilities, ensuring robust risk mitigation strategies are in place to protect EQ’s data and systems. You will work cross-functionally with stakeholders to embed security best practices and ensure alignment with regulatory and organisational standards. Review cloud architecture, deployment models, and services to identify gaps against industry best practices (e.g., CIS Benchmarks, NIST, ISO 27001). Collaborate with DevOps and Cloud Engineering teams to advise on security controls and risk mitigation strategies in AWS, Azure. Lead the analysis and interpretation of security data from diverse sources—including technical assessments, penetration test reports, and code reviews—to identify systemic vulnerabilities, inform strategic risk decisions, and guide enterprise-level remediation efforts. Drive the development and strategic recommendation of risk mitigation initiatives, translating assessment findings into actionable improvements to security policies, enterprise controls, and technical architectures Maintain Risk records and Risk Acceptances regarding IT, Information or Cyber Security in the Company’s Risk Register/GRC tool. Regulatory Requirements Identification Lead the interpretation and strategic integration of evolving cybersecurity regulations and standards (e.g., GDPR, NIST, ISO 27001, SOX, AI Act, DORA), in collaboration with Legal and Compliance, to ensure enterprise-wide alignment and risk-informed decision-making. Lead enterprise-level compliance assessments and cybersecurity gap analyses to evaluate EQ’s adherence to relevant regulations and frameworks. Embed these requirements into the broader Risk Management lifecycle, ensuring systematic enforcement across all new and evolving IT systems and applications Third-Party Risk Management Conduct Risk Analysis of existing and new third-parties playing a significant role in the Company’s supply chain and with access to Company or customer data or the Company’s systems Track any significant risk issues arising to completion over agreed timescales. Information Security Metrics & Reporting Oversee the aggregation and analysis of enterprise-wide risk data to identify emerging threats, and deliver strategic, data-driven insights and reports to Executive and senior leadership teams. Stakeholder Engagement Engage with various developers and stakeholders across the business in selecting tailored security training on the training platform. Engage in knowledge sharing sessions on emerging threats and security risk trends. Risk Method Development Lead the evolution and governance of the enterprise Security Risk Management Framework, collaborating across IT and security teams to embed effective technical controls (e.g. firewalls, encryption, MFA) and ensure policies, standards, and procedures align with best practice and regulatory requirements. Advise and enable secure software development by defining secure coding standards, guiding development teams, and integrating application security testing tools into the SDLC. We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships. Please note any offer of employment is subject to satisfactory pre-employment screening checks. Show more Show less

Job Description Applications Software Technology (AST) was founded on one simple thought, we put our people and our customers first, and you can never lose. AST is a globally recognized award-winning full-service enterprise Cloud transformation and systems integrator, specializing in Oracle Cloud, NetSuite, JD Edwards and Salesforce, serving clients in the Public and Commercial Sectors for 29 years. Clients look to AST for leadership and assistance in systems integration, business process redesign, project management, systems administration, and training. From on-premises applications to modern Cloud technology, AST’s services encompass all aspects of Enterprise Resource Planning, Business Intelligence, Enterprise Performance Management, Customer Experience, and Middleware. AST also offers flexible Managed Services, supporting the needs of over 200 Public Sector and Commercial customers around the globe. If you're someone with energy, drive, and creativity, AST might be the place for you. Currently, we are looking for an experienced Senior Oracle Cloud Security Consultant to join our team. AST’s Advanced Technology Practice helps our clients transform their business through innovative technology and hyper-automation solutions. Part of that journey includes helping our clients enable innovation, reinventing their customer experience, and exploring new markets. You will be immersed in a variety of different projects, groups, and locations while getting inspired through your community to grow as an individual as well as a team. Our diverse client service teams encourage out-of-the-box thinking, problem-solving, a great team mentality, and a curiosity for understanding the latest in technology. What You'll Do Work independently on client projects Collaborating with team and client on day-to-day basis Work on requirements, design, and development of project requirements Designing and implementing cloud security strategies and policies that meet an organization's specific needs Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats Conducting regular security assessments and audits to identify vulnerabilities and develop plans to address them Collaborating with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes Staying up to date on the latest cloud security technologies, trends, and best practices What You'll Bring 10+ Years in Oracle IDM experience in various capacities Solution Architecture, Development, and Implementation Experience with successful implementation experiences in Oracle Identity Management 12c and Access Management 12c Experience in Oracle Access Manager integration with applications such as Oracle ERP/EBS, CRM, WebSphere, Oracle, WebLogic, etc. Experience in integrating Oracle ERP/EBS, AD, Exchange, CRM, OID, databases, and Unix with Oracle Identity Manager for user provisioning Strong hands-on experience with Oracle IAM, including solutions such as Oracle Identity Manager (OIM), Oracle Access Manager (OAM), and Oracle Identity Cloud Service (IDCS) Expertise in cloud platforms such as AWS, Azure, and Oracle Cloud, with a focus on securing cloud-native applications and infrastructure Familiarity with IAM protocols such as SAML, OAuth, OpenID Connect, and LDAP Strong knowledge of Multi-Factor Authentication (MFA), Single Sign-On (SSO), Federated Identity Management (FIM), and Role-Based Access Control (RBAC) Understanding security frameworks and compliance standards (e.g., NIST, SOC2, GDPR, ISO 27001) Ability to design and implement secure cloud architectures, focusing on least privilege and segregation of duties principles Hands-on experience with cloud security tools and services for IAM, encryption, and threat protection Proficient in scripting languages (e.g., Python, PowerShell, Bash) for automating IAM tasks and integrating with cloud-native tools Good knowledge of Active Directory, UNIX, Linux, Windows, etc. Knowledge of any other non-oracle IAM Suite would be a plus Good to have experience with Saviynt (Identity Governance and Administration) platform and related identity lifecycle management functionalities 4-year Bachelor’s degree (or equivalent experience) A strong understanding of cloud computing technologies, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) Our Culture At AST, people are at the center of everything we do. In over 27 years of business, we know that putting our people first is the key to success. Our passion for people has earned us multiple awards. Here are some of the most recent: 2022 Top Workplaces in the Nation by Energage 2022 National Cultural Excellence for Leadership by Energage 2022 National Cultural Excellence for Innovation by Energage 2022 Chicago Tribune Top Workplaces by Energage 2022 Dallas Fort Worth’s 2022 Best and Brightest Companies to Work For by National Association for Business Resources (NABR) AST India- 2022 Great Place to Work® Certification 2021 Best & Brightest Companies to Work For by National Association for Business Resources (NABR) 2021 National Cultural Excellence for Remote Work by Energage 2021 National Cultural Excellence for DE& I Practices by Energage 2021 Chicago Tribune Top Workplaces by Energage AST India- 2021 Great Place to Work® Certification We foster a culture of trust, ownership, and innovation at every level of the organization. All doors are open and everyone’s ideas matter, giving our people the ability to quickly understand our customers’ needs and translate those needs into action. While we celebrate individual wins, we always strive for shared success. We are One AST. Statement of Non-Discrimination : We value global diversity and are committed to building a diverse and inclusive workplace where we learn from each other. AST is proud to be an equal opportunity employer, making all employment decisions, including recruiting, hiring, training, and promoting without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other characteristic or classification protected by law. Privacy Statement “AST is an IBM subsidiary which has been acquired by IBM and will be integrated into the IBM organization. AST will be the hiring entity. By proceeding with this application, you understand that AST will share your personal information with other IBM affiliates involved in your recruitment process, wherever these are located. More Information on how IBM protects your personal information, including the safeguards in case of cross-border data transfer, are available here: https://www.ibm.com/careers/us-en/privacy-policy/ ”. Show more Show less

Senior Information Security Engineer Exp: 10 yrs + Location Baner, Pune/Ahemdabad Immediate to 15 Days Roles and Responsibilities Candidate will work as a member of the Corporate Security Team and assist in various day to day operational activities such as: Drive customer's Corporate Security Program based on the NIST CSF – Identify, Detect, Protect, Respond and Recover. Develops, publishes, and maintains a comprehensive organization-wide information privacy and security plans, policies, procedures, and guidelines. Function as primary liaison with auditors, internal teams and vendors and be the resident expert on systems and services in use for PCI compliance and reporting Responsible for managing all aspects of the Vulnerability Risk Management Program including vulnerability identification, analysis, remediation coordination and reporting. Lead the development, implementation, and maintenance of security policies, standards, and guidelines. Identify and Monitor Customer's Corporate Networks to determine if there have been any attacks. Analyze network traffic to identify anomalies and test information security controls for weaknesses. Design and implement safeguards to protect the system with the help of network engineers and other members of the Technology Services team. Respond to threats by taking mitigating actions to contain the activity and minimize damage. Participate in risk assessments and breach readiness exercises for incident management. Facilitate forensics analysis to determine the source of the threat. Document lessons learned as well as identify process improvements. Communicate security issues to management via reports, dashboards. Provide weekly metrics on overall security posture. Research emerging threats and work with the Security Operations Center (SOC). Drive the Third party vendor security evaluation. Participate in the security toll-gates on SSDLC projects. Implement innovative solutions to scale the program with emphasis on automation where applicable. Qualifications Basic Qualifications: Bachelor's Degree in Business, Computer Science or in a STEM major (Science, Technology, Engineering, or Math). Minimum of 8 years of experience in Information Security Experience in at least one full lifecycle supporting PCI compliance is a must have Experience in managing and maintaining a vulnerability management program using Qualys is a must have Experience in developing content in Splunk – searches, alerts (including POC and tuning), dashboards, Apps. Experience of Security Incident and Event Management (SIEM) tools (Splunk) – ingesting data (Forwarders, HTTP Event Collectors, add-ons), troubleshooting Splunk Installation. Experience in Endpoint security (EDR) – Detection and Response. Help create policies and SOP for Response workflow. Experience in Cortex XDR preferred. Experience in Security evaluation of third-party tools. Experience in Email Security and running phishing campaign Experience in Incident Management Experience in system and network security. Experience in Network Penetration testing. Knowledge of software development, computer networks and Internet threat activity. Programming experience in python, perl and HTML/JS Previous enterprise or platform/cloud vulnerability management experience and Cloud Security is a plus Excellent written and verbal communication skills, including experience engaging with executive and technical audiences. Must be able to work in a fast paced, high profile environment Show more Show less

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends—we set them and drive change. As a market leader in enterprise analytics and mobility software, we've pioneered BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But that's not all. Strategy is also leading to a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategy's stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee; you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels Tune-in and configure SIEM performance and events data quality to maximize log correlation efficiency Work closely with the network team to implement and maintain network access control technologies Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks Expertise in shell scripting and other programming languages, such as Python and/or Power Shell Proficiency in understanding and using regular expressions (regex) Solid understanding of REST/SOAP/WSDL/XML (Web Services), HTTP Request Methods. Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001 Guide the network and operations teams in implementing security best practices Work with network, and systems engineering teams to promote automation, automated monitoring and administration functionality Implement, and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management Support the efforts to develop operational best practice procedural documentation for operations staff Assist in the development and documentation of various systems, policies, procedures, and customer deliverables Research new products and make appropriate recommendations Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed Conduct on-going security assessments, document and track findings and remediation activities Provide on-call support as needed Ideal candidates should be able to work 9am – 6pm ET (US Hours) Qualifications BS in Computer Science, Engineering or related field desired Minimum 3 years of experience supporting enterprise level environment Must have a good understanding of the following: Log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, Log Rhythm, Splunk, etc.), IDS/IPS technologies, Vulnerability Scanners (Nessus, Qualys, etc.) and other related technologies Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX. etc. Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS Working knowledge of firewall and web filtering technologies Experiences practicing ITIL framework-based processes such as Change, Problem, and Incident management in an enterprise environment Excellent verbal and written communication, presentation, and interpersonal skills Able to define, document and support systems, policies, and procedures Excellent analytic, problem solving and troubleshooting skills Good knowledge and experience designing network, system and application security architectures Ability to efficiently handle multiple projects with shifting priorities Able to anticipate and mitigate risks as well as define architectural solutions Additional Information The recruitment process includes online assessments as a first step. We send them via e-mail, please check also your SPAM folder. We work from Pune office. Show more Show less

Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends, we set them and drive change. As a market leader in enterprise analytics and mobility software, we've pioneered the BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. But that's not all. Strategy is also leading a groundbreaking shift in how companies approach their treasury reserve strategy, boldly adopting Bitcoin as a key asset. This visionary move is reshaping the financial landscape and solidifying our position as a forward-thinking, innovative force in the market. Four years after adopting the Bitcoin Standard, Strategy's stock has outperformed every company in S&P 500. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee; you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment. Job Description Join Strategy’s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy’s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing. Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA) tools. Security Assessments & Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling & Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response & Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness & Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices. Application Security Engineer Pune, India Full-time in person from Strategy Office a minimum of 4 days per week Qualifications Bachelor’s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experience with SAST, DAST, IAST, and SCA tools (e.g., Checkmarx, Fortify, Veracode, SonarQube, Burp Suite, ZAP). Fluent in one or more programming languages, such as Python, Java, JavaScript Strong knowledge of secure coding principles and application security frameworks Familiarity with security tools (e.g., static and dynamic analysis tools, vulnerability scanners) Understanding of security standards and regulations (e.g., OWASP, NIST) Hands-on experience with Generative AI and/or ML in creating innovative applications that enhance productivity and efficiency, coupled with a strong eagerness to learn Experience with cloud security best practices in AWS, Azure, or GCP. Strong work ethic with a commitment to meeting business needs and effectively collaborating with global colleagues Effective interpersonal skills; ability to collaborate successfully with both technical and non-technical stakeholders Ability to articulate complex technical concepts with clarity, supported by effective written and verbal communication skills Additional Information Additional Information The recruitment process includes online assessments as a first step (English, logic, design, technical) - we send them via e-mail, please check also your SPAM folder Show more Show less

Position Overview Job Title: Information Security Analyst Corporate Title: Associate Location: Bangalore, India Role Description Information Security Analyst role within Universal Governance – IS Control Design & Frameworks team is responsible for supporting the CSO Capability Owners and Control Design Owners in maintaining their control set fit for purpose. This includes assessment of control wording and attributes against control design standard, providing guidance to control design owners regarding the execution of IS control lifecycle, identifying gaps and/or executing the tasks relevant with IS control framework implementation. Maintaining the control inventory in alignment with the control design owners acting as a delegate. Supporting the end-to-end alignment of control objectives, control processes and control definitions. What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Participate in the daily team activities that are managed by control objective, control process and control design streams Execute a gap assessment between control design proposals and control design standards Support the control design owner with regards to maintenance of their control set Support delivery of the team milestones and identify challenges to bring timely transparency for resolution/escalation Your Skills And Experience Very Good Communication skills, both written and verbal Information Security Governance, Risk and Control domains know-how Familiarity with industry best practices and standards such as ISO27001, NIST, CRI Profile Can-do attitude and flexibility against change How We’ll Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment. Show more Show less

Job description: Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1Customer centricityTimely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers.2Support sales team to create wins% of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Fortinet Firewall . Experience: 8-10 Years . Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers’ compensation insurance. TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you’re passionate about innovation and making an impact on the large SMB market, come join us as we power our clients’ business success with extraordinary HR. Don't meet every single requirement? Studies have shown that many potential applicants discourage themselves from applying to jobs unless they meet every single requirement. TriNet always strives to hire the most qualified candidate for a particular role, ensuring we deliver outstanding results for our small and medium-size customers. So if you're excited about this role but your past experience doesn't align perfectly with every single qualification in the job description, nobody’s perfect – and we encourage you to apply. You may just be the right candidate for this or other roles. Job Summary Under the direction of an Internal Audit Leader, the Senior, IT Internal Auditor will assist in the company's Sarbanes-Oxley (SOX) 404 process including documentation, testing and coordination with finance and IT. This role will also be responsible for performing individual internal audit projects, as part of the internal audit plan. Work performed will include coverage of functional and operating units with focus on IT operational processes. Assisting with internal audit management, periodic reporting to the audit committee, development of the annual internal audit plan, and championing internal control and corporate governance concepts throughout the business are additional functions. Essential Duties/Responsibilities Assist in the Company’s (SOX) 404 process by documenting and testing Information Technology General Controls Collaborate with department personnel to ensure SOX 404 objectives, deliverables and timelines are met Assist in the coordination and tracking of internal/external testing of controls and track the status of gaps and remediation actions Assist in the coordination process to obtain management assessments of internal controls, including the identification of weaknesses and opportunities for improvement Provide an objective, independent, risk-based evaluation of the adequacy and effectiveness of the company’s technology, operational and financial controls Perform all phases of the audit process including planning, fieldwork, closeout, report writing, wrap-up and follow-up with little supervision Develop and execute test procedures / audit programs to ensure that controls are operating as intended Participate in special projects such as risk assessments, providing assistance to external auditors (including performing testing, gathering requested documentation, etc.), system implementations and upgrades Maintain comprehensive working papers to support and substantiate audit observations Required For All Jobs Performs other duties as assigned Complies with all policies and standards Qualifications Education: Bachelor's Degree in Accounting, Finance, MIS, Computer Science or other relevant degree desired, or equivalent education and/or related work experience required. Experience Work Experience Typically 5+ years of prior relevant audit experience, preferably including SOX ITGCs and IT audits (ITGC, cybersecurity, data privacy, system implementation and security risk management, DB, etc.) required Typically 2+ years experience in public accounting required Experience as an in-charge auditor required Licenses and Certifications CIA, CISA, CRISC, CISSP, CFE or equivalent Upon Hire preferred Knowledge, Skills And Abilities Solid understanding of internal auditing standards, Internal Control Over Financial Reporting (ICFR), Committee of Sponsoring Organization (COSO), Control Objectives for Information and Related Technologies (COBIT) and risk assessment practices Broad understanding across various areas of IT, including databases, operating systems, and applications Strong proficiency and skills with database applications, including Access and SQL, Microsoft Office and other related technologies Experience with PeopleSoft, Salesforce, Oracle, Linux Proven experience with SOC1 & 2 audits Demonstrated experience with the following frameworks: COSO, COBIT, NIST, ISO Ability to work independently with limited required direction and guidance Strong verbal and written communication skills to effectively present to peers and management Excellent interpersonal and teamwork skills Ability to build solid working relationships across cross-functional teams Experience in performing multiple projects and working with varying team members Ability to convey a strong presence, work under pressure, and deal confidently with complex business problem Work Environment Work in a clean, pleasant, and comfortable office work setting. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable persons with disabilities to perform the essential functions. This position is 100% in office. Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity. TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact recruiting@trinet.com to request such an accommodation Show more Show less

🚨 We're Hiring! 🚨 Position: DevSecOps + Security Analyst Experience: 5–7 years Location: Work from Home (Remote) Shift: 10 PM – 7 AM IST Education: PG / B.Tech Preference: Candidates from Kerala 🇮🇳 We’re on the lookout for a DevSecOps + Security Analyst who can blend DevOps automation with strong cybersecurity practices to secure every stage of the SDLC and infrastructure. If you're passionate about integrating security into CI/CD pipelines and have a knack for monitoring and responding to security events, this is the role for you! 🔐 Key Responsibilities: ✅ Integrate security into CI/CD (GitLab CI, Jenkins, GitHub Actions) ✅ Automate SAST, DAST, SCA, IaC scanning ✅ Secure cloud/on-prem infrastructure with Ansible, Terraform, Docker ✅ Monitor and respond to threats via SIEM (Splunk, ELK, Sentinel) ✅ Perform vulnerability assessments, incident response 💡 Must-Have Skills: DevOps automation + Cybersecurity hands-on experience Strong in CI/CD tools and pipeline security Scripting (Python, Bash, PowerShell) Familiar with AWS/Azure/GCP security practices Understanding of frameworks like SOC2, NIST, HIPAA, PCI-DSS 💬 If you’re a Keralite with a passion for security and automation, and thrive in a night-shift WFH setup — we want to hear from you! #hiring #DevSecOps #CyberSecurity #DevOps #KeralaJobs #WFH #SecurityAnalyst #CI_CD #CloudSecurity #KeralaPreferred Show more Show less

We are looking for a Cyber Security SME with deep expertise in IT Cyber Security and a sound understanding of OT Cyber Security. Responsibilities :- Lead design, implementation, and maintenance of enterprise-wide cyber security strategies and frameworks. Deep hands-on knowledge and skills on security tools and platforms such as SIEM, SOAR, EDR, DLP, IAM, PAM, VAPT tools etc. Deep understanding of SIEM and SOAR use cases. Manage and conduct risk assessments, vulnerability assessments, and penetration testing. Develop and enforce policies, standards, and procedures related to Cyber Security. Operational governance of IT SOC and OT SOC, VAPT program. Optimizing IT SOC operations of an organization. Ensuring the SOC deliveries as per the agreed terms and conditions with the partner. Support relevant & mandatory regulatory and compliance requirements. Periodic review and enforcement of Policies and Procedures for both IT and OT Cyber Security areas. Drive security awareness and training initiatives across the organization.

Hello Visionary ! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. We are looking for DevOps professionals with 5 to 8 years of experience in Cloud Infrastructure maintenance and operations. Strong hands-on experience with Azure services (Compute, Networking, Storage, and Security). Expertise in Infrastructure as Code (IaC) using Bicep / ARM / Terraform (Bicep / ARM templates experience is a plus). Proficiency in managing and optimizing CI/CD pipelines in Azure DevOps. In-depth knowledge of networking concepts (VNETs, Subnets, DNS, Load Balancers, VPNs). Proficiency in scripting with PowerShell, Azure CLI, or Python for automation. Strong knowledge of Git and version control best practices. Infrastructure Design & Management: Architect and manage Azure cloud infrastructure for scalability, high availability, and cost efficiency. Deploy and maintain Azure services such as Virtual Machines, App Services, Kubernetes (AKS), Storage, and Databases. Implement networking solutions like Virtual Networks, VPN Gateways, NSGs, and Private Endpoints CI/CD Pipeline Management: Design, build, and maintain Azure DevOps pipelines for automated deployments. Implement GitOps and branching strategies to streamline development workflows. Ensure efficient release management and deployment automation using Azure DevOps, GitHub Actions, or Jenkins. Infrastructure as Code (IaC): Write, maintain, and optimize Bicep / ARM / Terraform templates for infrastructure provisioning. Automate resource deployment and configuration management using Azure CLI, PowerShell etc Security & Compliance: Implement Azure security best practices, including RBAC, Managed Identities, Key Vault, and Azure Policy. Monitor and enforce network security with NSGs, Azure Firewall, and DDoS protection. Ensure compliance with security frameworks such as CIS, NIST, ASB etc. Conduct security audits, vulnerability assessments, and enforce least privilege access controls. Monitoring & Optimization: Set up Azure Monitor, Log Analytics, and Application Insights for performance tracking and alerting. Optimize infrastructure for cost efficiency and performance using Azure Advisor and Cost Management. Troubleshoot and resolve infrastructure-related incidents in production and staging environments. Make your mark in our exciting world at Siemens . This role, based in Chennai , is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We are dedicated to equality and welcome applications that reflect the diversity of the communities we serve. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and imagination, and help us shape tomorrow We’ll support you with: Hybrid working opportunities. Diverse and inclusive culture. Variety of learning & development opportunities. Attractive compensation package. Find out more about Siemens careers at: www.siemens.com/careers Show more Show less

Join a team dedicated to supporting the crucial mission of improving health outcomes. At Merative, you can apply your skills – and grow new ones – with colleagues who have deep expertise in health and technology. Merative provides data, analytics and software for the health industry. Our clients include providers, health plans, employers, life sciences companies and governments around the world. With industry-leading products and focused innovation, we help customers improve decision-making and performance so that together, we drive real progress in health. Learn more at merative.com We are seeking a skilled and proactive IAM Specialist with 5-6 years of experience to join our dynamic team. In this role, you will be responsible for ensuring secure and efficient management of user identities, roles, and access privileges within our organization's systems and applications. You will collaborate with cross-functional teams to enforce security policies, improve IAM processes, and optimize identity lifecycle management. The ideal candidate will have hands-on experience with IAM technologies, and a deep understanding of security principles and industry best practices. Key Responsibilities: Identity and Access Management: Manage user lifecycle processes, including user provisioning, de-provisioning, and role-based access control (RBAC) across various systems and applications. Policy Enforcement: Define and enforce IAM policies to ensure access control mechanisms comply with internal security requirements and external regulatory standards. IAM Tools and Solutions: Administer and optimize IAM platforms (e.g., Entra Identity Governance, Active Directory, Okta, SailPoint, or other IAM solutions), ensuring the proper configuration of access controls, authentication, and authorization systems. Security Integration: Work with security teams to integrate IAM solutions with Single SignOn (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), Conditional Access policies and other security systems. Access Reviews and Auditing: Conduct periodic access reviews, audits, and assessments to ensure compliance and identify potential risks related to user access and privileges. Incident Response: Investigate and respond to IAM-related security incidents, collaborating with security operations and IT teams to resolve issues and mitigate risks. Continuous Improvement: Recommend and implement improvements to IAM processes, tools, and strategies to enhance security posture and operational efficiency. Collaboration and Documentation: Work closely with IT, security, compliance, and business teams to document IAM procedures and provide training on IAM policies and practices. Qualifications: Bachelor's degree in Information Technology, Computer Science, or a related field (or equivalent work experience). 5-6 years of hands-on experience in Identity and Access Management, with strong knowledge of IAM concepts and tools. Proficiency with IAM solutions like Entra Identity Governance. Active Directory, Okta, SailPoint, Entra AD, or similar platforms. Proficiency using PowerShell and Logic Apps, creating and deploying automated processes. Experience in implementing and managing Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM). Strong understanding of security frameworks, industry standards (e.g., NIST, ISO 27001), and regulatory compliance requirements (e.g., GDPR, HIPAA). Solid understanding of role-based access control (RBAC), least privilege, and separation of duties principles. Ability to perform audits, access reviews, and gap analyses to ensure compliance and security best practices. Strong analytical, problem-solving, and communication skills. Ability to work independently and as part of a team in a fast-paced environment. Why Join Us? Joining Merative means becoming part of a company that’s passionate about technology and its potential to transform businesses and communities. We empower our employees to innovate, grow, and make a difference every day. Innovative Environment: Be part of a forward-thinking organization dedicated to cutting edge security solutions and technology. Professional Growth: Opportunity to develop your skills and expertise in IAM through ongoing training and career advancement opportunities. Impactful Work: Your work will directly contribute to strengthening the organization's security posture and protecting sensitive data. Collaborative Culture: Work alongside a team of talented professionals who are passionate about security and continuous improvement. Competitive Benefits: We offer a comprehensive benefits package, including health insurance, retirement plans, and wellness programs. Join our team and play a critical role in safeguarding our organization's digital infrastructure! It is the policy of Merative to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, HIV status, or any other characteristic protected by federal, state or local law. In addition, Merative will provide reasonable accommodations for qualified individuals with disabilities. Show more Show less

About Position: We at Persistent are looking for a Systems Security Engineer – PKI with experience in Public Key Infrastructure PKI,Governance Risk & Compliance,Azure AD Role: Systems Security Engineer Location: Pune Experience: 7 to 13 years Job Type: Full Time Employment What You'll Do: Design, implement, and manage PKI solutions, including certificate lifecycle management for a complex IT environment. Administer enterprise-wide digital certificates and encryption technologies to ensure confidentiality, integrity, and availability. Monitor and enforce compliance with organizational and industry security policies related to PKI. Expertise You'll Bring: Develop and maintain documentation for security architecture, processes, and procedures. Collaborate with IT teams and stakeholders to identify vulnerabilities and ensure secure systems integration. Lead efforts to troubleshoot and resolve security issues related to PKI and certificates. Perform security audits, assessments, and provide recommendations for improvement. Stay updated on emerging threats and advancements in PKI technology, implementing innovative solutions where appropriate. Required Qualifications: Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience). Minimum of 10 years of experience in systems security engineering with a focus on PKI and certificate management. In-depth understanding of PKI technologies, digital certificates, and cryptographic protocols. Strong knowledge of IT security frameworks (e.g., NIST, ISO 27001) and compliance standards. Proven ability to design secure architectures and solve complex security challenges. Experience with tools and platforms related to certificate management and PKI infrastructure. Preferred Qualifications: Relevant certifications such as CISSP, CISM, or similar. Experience with Azure Active Directory (Azure AD) certificate-based authentication and management. Familiarity with cloud-based certificate management solutions and their integration into hybrid environments. Strong communication and collaboration skills. Benefits: Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry’s best Let’s unleash your full potential at Persistent “Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.” Show more Show less

About Darwinbox : We’re designing the future of work by building the world's best HR tech, driven by a fierce focus on employee experience, customer success, and continuous, iterative innovation. Founded in 2015, we now serve over 2.5 million employees in 750+ enterprises, and that includes massive conglomerates to unicorn start-ups, like MakeMyTrip, JSW, Vedanta, Mahindra, Kotak, plus leading global brands like Nivea, Starbucks, Sephora, AXA, Cigna, T-Systems, and Calvin Klein. We’re backed by marquee investors like TCV, Salesforce, Sequoia, Lightspeed Ventures, Microsoft, and many others which have put us on the pedestal of Unicorn valuation in the year 2022. But most importantly, we’re growing at a phenomenal pace, and that means exponential growth and learning opportunities for you, plus a band of passionate and fun people to work with within a place where your ideas take precedence over your designation. Why Join Us? The rate at which our product and market presence are growing is unprecedented. We’re a Rocketship. We’re not planning on slowing down anytime soon. And, that’s why we need you! You’ll experience a culture of: Disproportionate Rewards for top performance Accelerated Growth in a hyper-growth environment Wellbeing First culture focused on employee care Continuous Learning and professional development Meaningful Relationships and a Collaborative Environment Role Overview: We are seeking a highly skilled and experienced Security Architect with a strong background in offensive security. The ideal candidate will be responsible for building and leading a red team, ensuring the security of our SaaS platform, IT infrastructure, and cloud environments. This role requires a proactive approach to identifying and mitigating security risks, along with a deep understanding of the latest security threats and technologies. Responsibilities: Offensive Security: Conduct advanced penetration testing and vulnerability assessments on our systems. Develop and execute red team exercises to identify and address security weaknesses. Simulate real-world attacks to test and improve the resilience of our security measures. Red Team Development: Build, lead, and mentor a team of security professionals focused on offensive security. Develop and implement red team strategies, methodologies, and tools. Collaborate with other teams to integrate red team findings into the overall security posture. SaaS Security: Design and implement security measures to protect our SaaS platform. Ensure compliance with industry standards and regulations. Perform continuous monitoring and improvement of security controls. IT and Cloud Security: Oversee the security of IT infrastructure, including networks, servers, and endpoints. Implement and manage security measures for cloud environments (AWS, Azure, GCP). Ensure secure configuration and management of cloud services. Tool Development and Integration: Develop and maintain security tools to automate threat detection, response, and remediation. Integrate security tools and systems for comprehensive monitoring and protection. Prepare our systems for global scale and protect against evolving cyber threats and zero-day attacks. SOC Management: Support and manage a 24/7 Security Operations Center (SOC) monitoring team. Ensure continuous monitoring of security events and incidents. Develop and maintain incident response protocols and procedures. Collaboration and Communication: Work closely with development, operations, and IT teams to ensure security is integrated into all aspects of our technology stack. Communicate security risks and recommendations to stakeholders at all levels. Develop and deliver security training and awareness programs for employees. Requirements: Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. At least 5 years of experience in offensive security, penetration testing, or a similar role. Proven experience in building and leading red teams. Strong knowledge of SaaS security, IT infrastructure security, and cloud security. Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, OWASP). Hands-on experience with AI security and understanding of AI/ML security threats. Proficiency in coding and scripting languages (e.g., Python, Java, C++) for developing security tools and automation. Experience in managing a 24/7 SOC monitoring team. Excellent problem-solving skills and the ability to think like an attacker. Strong communication and leadership skills. Relevant certifications such as OSCP, OSCE, CEH, CISSP, or similar are preferred. Show more Show less

Data is at the core of modern business, yet many teams struggle with its overwhelming volume and complexity. At Atlan, we’re changing that. As the world’s first active metadata platform, we help organisations transform data chaos into clarity and seamless collaboration. From Fortune 500 leaders to hyper-growth startups, from automotive innovators redefining mobility to healthcare organisations saving lives, and from Wall Street powerhouses to Silicon Valley trailblazers — we empower ambitious teams across industries to unlock the full potential of their data. Recognised as leaders by Gartner and Forrester and backed by Insight Partners, Atlan is at the forefront of reimagining how humans and data work together. Joining us means becoming part of a movement to shape a future where data drives extraordinary outcomes. What will you do? 🤔 Conduct a comprehensive security assessment of Atlan’s infrastructure, applications, cloud, and AI environments, identifying strengths, vulnerabilities, and AI-specific threat vectors. Lead threat modeling and risk assessments for both traditional and AI-driven systems, prioritizing mitigation strategies that address emerging AI security challenges (e.g., model poisoning, prompt injection, adversarial attacks). Document and evolve Atlan’s security architecture, policies, and procedures to integrate AI/ML systems while maintaining enterprise-grade security standards. Develop and implement a future-ready security strategy, ensuring alignment with Atlan’s business goals, AI product roadmap, and evolving global security regulations. Define security KPIs and AI risk metrics to measure and continuously improve the effectiveness of security controls across AI and non-AI systems. Design, implement, and operationalize security controls that cover network, application, infrastructure, and AI/ML models, including data governance and model lifecycle protections. Champion DevSecOps principles in a world increasingly powered by AI—integrate security early into CI/CD pipelines, MLOps workflows, and infrastructure as code (Shift Left, Policy as Code). Create, test, and refine incident response plans that include AI-specific scenarios, ensuring rapid and effective response to both conventional and AI-driven threats. Serve as a security evangelist, embedding a security-first and AI-aware mindset across Atlan’s teams through training, mentorship, and best practice sharing. Mentor security engineers and cross-functional teams, fostering continuous learning in areas like AI security, red-teaming AI models, and proactive threat detection. Ensure compliance with evolving global regulations including AI governance frameworks (e.g., EU AI Act, NIST AI Risk Management) along with established standards like PCI DSS, GDPR. Prepare for, assist with, and lead security audits and certifications with a focus on emerging AI audit readiness. What makes you a match? 😍 10+ years of experience leading enterprise security initiatives, with at least 2+ years securing AI/ML systems or building security for AI-driven platforms. Proven expertise in DevSecOps and AI-ready security, including experience embedding security in MLOps workflows. Deep experience with application security, cloud security, and AI/ML model security best practices. Hands-on Kubernetes (K8s) security expertise is mandatory, with bonus points for securing AI workloads on Kubernetes (e.g., model serving on K8s). Experience integrating security into Secure Development Lifecycles (SDLC) and Machine Learning Development Lifecycles (MLDLC). Familiarity with SaaS security models, multi-tenant architectures, and AI/LLM-based features security challenges. Strong understanding of modern threat landscapes, including adversarial machine learning, model leakage risks, and AI bias and fairness vulnerabilities. Experience with security tools like CIS Benchmarks, SIEM solutions, and AI-specific monitoring tools. Excellent analytical, problem-solving, and AI-driven risk assessment skills. Strong written and verbal communication skills to collaborate across engineering, product, and customer-facing teams. Passion for security innovation and a commitment to continuous learning in AI/ML security. Preferred certifications: CISSP, CISA, CKS, and bonus points for certifications like Certified AI Security Professional (CAISP) or equivalent AI security credentials. Why Atlan for You? At Atlan, we believe the future belongs to the humans of data. From curing diseases to advancing space exploration, data teams are powering humanity's greatest achievements. Yet, working with data can be chaotic—our mission is to transform that experience. We're reimagining how data teams collaborate by building the home they deserve, enabling them to create winning data cultures and drive meaningful progress. Joining Atlan Means Ownership from Day One: Whether you're an intern or a full-time teammate, you’ll own impactful projects, chart your growth, and collaborate with some of the best minds in the industry. Limitless Opportunities: At Atlan, your growth has no boundaries. If you’re ready to take initiative, the sky’s the limit. A Global Data Community: We’re deeply embedded in the modern data stack, contributing to open-source projects, sponsoring meet-ups, and empowering team members to grow through conferences and learning opportunities. As a fast-growing, fully remote company trusted by global leaders like Cisco, Nasdaq, and HubSpot, we’re creating a category-defining platform for data and AI governance. Backed by top investors, we’ve achieved 7X revenue growth in two years and are building a talented team spanning 15+ countries. If you’re ready to do your life’s best work and help shape the future of data collaboration, join Atlan and become part of a mission to empower the humans of data to achieve more, together. We are an equal opportunity employer At Atlan, we’re committed to helping data teams do their lives’ best work. We believe that diversity and authenticity are the cornerstones of innovation, and by embracing varied perspectives and experiences, we can create a workplace where everyone thrives. Atlan is proud to be an equal opportunity employer and does not discriminate based on race, color, religion, national origin, age, disability, sex, gender identity or expression, sexual orientation, marital status, military or veteran status, or any other characteristic protected by law. Show more Show less

Hi, We are having an opening for Network Security Operations Manager at our Mumbai location. Job Summary : We are looking for a highly capable Network Security Operations Manager to lead, manage, and enhance the organizations network security infrastructure and operations. This role will be responsible for managing key security technologies such as firewalls, proxies, VPNs, NAC, DNS security, WAF , EDR & Data Security and ensuring operational governance and compliance. The ideal candidate should have hands-on experience managing large-scale network security operations and coordinating with cross-functional and incident response teams. Areas Of Responsibility : Security Operations Management Lead day-to-day operations of all network security tools and platforms , including: Firewalls (NGFW Palo Alto, Fortinet, Cisco)- Policy governance, segmentation, and high-availability Web Proxy & Cloud Proxy (e.g., Zscaler, Netskope)- URL filtering, threat prevention, and data leak protection VPN (IPSec, SSL VPN, Remote Access Solutions)- Strong encryption and access control for workforce and partner Network Access Control (NAC)- Role-based access, posture checks, and OT/IoT security DNS Security & Filtering- DNS-layer protection, malicious domain filtering, and response management Web Application Firewall (WAF) On-prem & Cloud-based- Protection of patient data, portals, financial apps, and APIs Ensure continuous monitoring, tuning, and updating of policies and signatures across platforms. Manage security device configurations, rule optimization, and lifecycle management. Compliance, Audit & Governance Ensure adherence to security compliance requirements such as ISO 27001, NIST, GDPR, and internal IT security policies . Ensure full compliance with sector-specific regulations ( Pharma: GxP, 21 CFR Part 11, HIPAA) Prepare and present periodic audit reports, incident reports, and configuration review summaries . Drive risk assessments and remediation plans for security operations. Maintain security documentation, SOPs, and audit trails Team & Vendor Management Lead and mentor a team of network security engineers and analysts. Oversee vendor engagements, support contracts, SLAs, and AMC renewals for security technologies. Engage with audit, QA, compliance, and legal teams for incident reporting and regulatory inspections Coordinate with for integrated security coverage (EDR/DS, if escalation/overlap arises). Incident Response & Troubleshooting Collaborate with SOC for effective investigation and response to network security incidents . Coordinate the response to security incidents, including detection, analysis, containment, eradication, and recovery. Lead root cause analysis and containment for network-based threats (e.g., suspicious VPN activity, firewall rule violations). Manage escalations and coordinate with external vendors or OEMs for critical issues. Projects & Improvements Drive security hardening and optimization projects related to network security tools. Lead or support security hardening, firewall rule optimization, and proxy architecture redesign projects Lead or contribute to technology upgrades, migration projects, mergers, acquisitions, data center shifts. Maintain security documentation, playbooks, and standard operating procedures. Prepare and validate BOM, BOQ, and risk registers for new deployments Educational Qualification : Bachelor's or Masters in Computer Science, Information Security, or related field Specific Certification : CISSP, CISM, CCNP Security, CP, Palo Alto PCNSE, Fortinet NSE, ISO 27001 LA Experience : 10-12 years of experience in network operations, with 3-5 years in leadership or managerial role Skill (Functional & Behavioural): Firewalls: Checkpoint, Fortinet, Palo Alto, Cisco Firepower Proxies: Netskope, Forcepoint, Zscaler VPN: Cloudflare, Cisco AnyConnect, FortiClient, GlobalProtect NAC: Forescout, Cisco ISE, Aruba ClearPass DNS Security: Cisco Umbrella, Infoblox, Cloudflare DNS WAF: AWS/Azure WAF, F5, Imperva, Akamai, Cloudflare EDR & DS: Crowdstrike, Falcon, Trellix, MS Defender, Sentinel, etc Show more Show less

Hi, We are having an opening for Network Operations Manager at our Mumbai location. Job Summary : We are looking for a highly skilled and strategic Network Operations Manager to lead and manage our enterprise-wide IT and OT network infrastructure. The role demands an experienced professional with 12-15 years experience in network operations, demonstrating expertise in managing complex network environments, leading technical teams, and ensuring optimal network performance and security, network operations, IT/OT convergence, vendor and SLA governance , and segmentation strategies to ensure security, availability, and scalability of network services. The ideal candidate will play a key role in managing daily operations, overseeing major transformation projects, and driving secure connectivity across both corporate and industrial environments. Areas Of Responsibility : Network Operations & Monitoring Manage enterprise-wide IT and OT network operations, including LAN, WAN, SD-WAN, VPN, Wireless, Internet, MPLS, and data centre connectivity. Ensure 24/7 network availability, reliability, and performance through proactive monitoring, diagnostics, and troubleshooting. Implement and manage macro and micro segmentation strategies to enhance network security posture across IT and OT domains. Project & Transformation Leadership Lead technical delivery and end-to-end execution of network transformation and expansion projects (e.g., campus upgrades, cloud migrations, plant network segmentation, OT segmentation, new initiative roll-out, etc.). Coordinate with cross-functional IT/OT teams to ensure alignment with business objectives and compliance requirements. Own project lifecycle from requirement gathering and solutioning to handover and documentation. Vendor & SLA Management Manage relationships with OEMs, service providers, and system integrators to ensure optimal service delivery. Negotiate and monitor SLAs , ensure issue escalation procedures are followed, and drive continuous improvement with vendors. Coordinate with external vendors and service providers to procure network equipment and services, negotiating contracts and managing relationships. Infrastructure Governance & Compliance Establish and enforce network policies , standards, and compliance frameworks (ISO 27001, GxP, NIST, etc.). Develop and enforce network security policies and procedures to safeguard organizational data and comply with industry regulations. Coordinate periodic audits, risk assessments, and remediation's to meet regulatory and cybersecurity mandates. Ensure full adherence to compliance requirements for data privacy, pharma/life sciences, or regulated industrial operations. Security & Segmentation Implement network security controls including firewalls, NAC, IDS/IPS, and segmentation (macro & micro) between IT/OT zones. Collaborate with the cybersecurity team to align on zero-trust architecture and secure data flows across environments. Team Leadership, Knowledge Management & Resource allocation Lead and mentor a team of network engineers and analysts (L1L3). Develop SOPs, knowledge base articles, and ensure robust documentation for operational continuity. Prepare and manage the network operations budget, ensuring cost-effective utilization of resources. Educational Qualification : Bachelors degree in Computer Science, Information Technology, or related field Specific Certification : CCNP / CCIE ITIL v4 Foundation or Intermediate PMP / PRINCE2 (optional for project oversight) Experience : 10-12 years of experience in network operations, with 3-5 years in leadership or managerial role Skill (Functional & Behavioural): Strong expertise in enterprise networking (Cisco, Juniper, Fortinet, Palo Alto, etc.) Hands-on knowledge of SD-WAN, NAC, micro/macro segmentation, and hybrid cloud networks (AWS/Azure) Familiarity with OT protocols and systems (e.g., SCADA, PLC, Modbus) and secure IT/OT integration Proven experience in vendor/SLA governance, audit readiness, and compliance frameworks Excellent understanding of ITIL , network governance , and enterprise change control processes Show more Show less

About Us Yubi stands for ubiquitous. But Yubi will also stand for transparency, collaboration, and the power of possibility. From being a disruptor in India’s debt market to marching towards global corporate markets from one product to one holistic product suite with seven products Yubi is the place to unleash potential. Freedom, not fear. Avenues, not roadblocks. Opportunity, not obstacles. Yubi, formerly known as CredAvenue, is re-defining global debt markets by freeing the flow of finance between borrowers, lenders, and investors. We are the world's possibility platform for the discovery, investment, fulfilment, and collection of any debt solution. At Yubi, opportunities are plenty and we equip you with tools to seize it. In March 2022, we became India's fastest fintech and most impactful startup to join the unicorn club with a Series B fundraising round of $137 million. In 2020, we began our journey with a vision of transforming and deepening the global institutional debt market through technology. Our two-sided debt marketplace helps institutional and HNI investors find the widest network of corporate borrowers and debt products on one side and helps corporates to discover investors and access debt capital efficiently on the other side. Switching between platforms is easy, which means investors can lend, invest and trade bonds - all in one place. All of our platforms shake up the traditional debt ecosystem and offer new ways of digital finance. Job Description Act as the liaison between business units and corporate security teams to align objectives with robust security strategies. Serve as the primary point of contact for clients for all security-related questions, concerns, and communications. Develop and implement security policies, standards, and procedures tailored to business needs. Lead risk assessments, identifying vulnerabilities that may impact business operations. Facilitate regular communication between IT, security, and business leaders to ensure alignment. Guide business units in understanding and mitigating cybersecurity risks. Oversee compliance with applicable data protection regulations and internal security requirements. Foster a culture of security awareness through training and effective communication. Drive incident response planning and coordinate swift actions during security breaches. Monitor emerging threats and continuously refine security practices to pre-empt risks. Report risk assessments, metrics, and progress updates to executive leadership for strategic decision-making. Collaborate with procurement and business teams to assess the security and privacy risks associated with third-party vendors used by the business units, ensuring compliance with TPRM policies. Facilitate external Infosec audits by coordinating with auditors, providing necessary documentation and access, and ensuring timely responses to audit findings. Maintain a strong understanding of the organization's security compliance obligations and work with business units to ensure adherence. Drive initiatives to address compliance gaps and implement necessary controls. Requirements Requirement Bachelor’s degree in Computer Science, Information Security, or a related field; a Master’s degree is often preferred. Experience in “ISO 27001” is a must for the role. 2+ years of experience in cybersecurity, risk management, or IT security roles with increasing responsibilities. Recognized certifications such as CISSP, CISM, or equivalent demonstrate proficiency in security best practices. Proven track record in leading cross-functional teams and managing security programs in a complex business environment. Deep understanding of compliance requirements, regulatory frameworks, and the ability to align security strategies with business objectives. Excellent communication, interpersonal, and stakeholder management skills, with the ability to influence without authority Strong analytical and problem-solving skills, with the ability to translate technical security concepts into business language. Ability to work independently and collaboratively within a fast-paced, dynamic environment. Strong understanding of information security principles, frameworks (e.g., ISO 27001, SOC2, NIST CSF), and relevant compliance regulations. Show more Show less

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30180373 Job Category Digital Technology Country: India Location: Ecospace Campus 3A, 4th Floor, Outer Ring Road, Bellandur, Bengaluru- 560103 Position Title: SOX Compliance Lead – Cyber Security Location: Bangalore About the Role:: We are seeking an experienced and proactive IT SOX Compliance Analyst to oversee and drive the execution of the SOX compliance program within the organization. This role focuses on planning and managing SOX-related activities, ensuring timely completion of key compliance deliverables, and collaborating with multiple teams to ensure robust ITGC controls and adherence to regulatory requirements. The ideal candidate will take ownership of driving the process, monitoring progress, facilitating collaboration with internal teams and external auditors, managing issues, and ensuring training and awareness across the organization. Key Responsibilities: Develop a detailed plan for SOX compliance activities across the calendar year, aligning with organizational goals, and ensuring that key milestones are met. Oversee the completion of SOX narratives and gap assessments by application owners, ensuring they are comprehensive, accurate, and on schedule. Provide guidance and follow-up to ensure these activities are completed within the defined timelines. Monitor and track the testing of ITGC controls. Work with application and system owners to ensure testing is completed as required, addressing any delays or roadblocks proactively. Collaborate with relevant teams to evaluate SOC reports. Ensure any findings are addressed and work closely with internal stakeholders to resolve issues related to SOC reports. Serve as the main point of contact for both internal and external auditors, coordinating requests, assisting with audits, and ensuring that audit cycles are supported efficiently. Work closely with the Internal Controls team to understand the scope of applications, systems, and their associated controls, ensuring alignment with SOX compliance goals. Facilitate SOX workshops and manage monthly SOX Sub-council meetings to foster awareness, ensure engagement, and provide guidance on best practices for SOX compliance. Identify and drive opportunities to automate SOX compliance processes. Advocate for continuous improvements in efficiency and program effectiveness across the organization. Take a proactive approach to problem-solving, addressing challenges related to SOX compliance and offering solutions for process improvements or overcoming obstacles in the compliance lifecycle. Develop and deliver training programs to internal teams and application owners to ensure understanding of SOX compliance requirements, internal controls, and best practices. Ensure ongoing education to keep all relevant stakeholders up to date on compliance and control procedures. Foster a culture of compliance by ensuring employees at all levels are equipped with the necessary knowledge and tools to maintain compliance with SOX requirements. Manage issues arising from auditors, internal testing, or assessments. Understand the root cause, document issues in the compliance tool, assign ownership to the relevant application teams, propose remediation actions, establish due dates, and follow up to ensure timely closure of issues. Qualifications & Skills: Minimum 8 years of experience in IT controllership, IT compliance, or SOX compliance, with a focus on ITGC controls testing, regulatory compliance, and issues management. Strong understanding of ITGC controls, SOX compliance, and regulatory requirements (SOX, COSO framework), with experience in information security frameworks such as ISO27001 and NIST CSF. Experience with ERP systems such as SAP, JDE, and Oracle, with a solid understanding of SAP GRC and IT infrastructure. Excellent analytical and problem-solving abilities, along with strong communication skills. Ability to handle pressure situations and manage multiple stakeholders to meet deadlines. Familiarity with compliance and GRC tools such as Auditboard SOX Hub and SNOW GRC, or similar platforms. Preferred Qualifications: Full-time college degree in Computer Science, Information Technology, or a related field. ISO Lead Auditor, CISA, and/or CSM certifications are highly desirable. Experience with information security frameworks such as ISO27001, NIST CSF, and other relevant frameworks. Proven ability to lead, coordinate, and collaborate across teams and functions, managing timelines, expectations, and deliverables. Benefits: We are committed to offering competitive benefits programs for all of our employees, and enhancing our programs when necessary. Have peace of mind and body with our health insurance Make yourself a priority with flexible schedules and leave Policy Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you: Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way . Join us and make a difference. Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

ABOUT THE TEAM The RealPage Information Security Operations team monitors and manages risks associated with threats and vulnerabilities faced by our infrastructure, platforms, and systems. We work closely with our teammates from IT, Product Development, and across the business to coordinate and execute our vulnerability management and incident response strategies and capabilities. We work with industry-leading tools and implement creative solutions to complex problems. WHAT YOU'LL DO As an Incident Response Engineer, you will work directly with our security teams and partners across IT and the Application teams to contain and remediate security incidents, as well as designing solutions to improve the overall security architecture for the enterprise. Success in this role will be determined by your deep analytical expertise, including deep packet analysis, malware analysis, de-obfuscation skills, insights into endpoint analytics, and detailed log analysis. You will be called upon to flex your offensive security skills to drive rapid containment and remediation of security incidents, as well as your interpersonal skills to coordinate response with your teammates. Broad experience with security analytics including host logs, endpoint investigations, and network analysis are critical skills for this role. PRIMARY RESPONSIBILITIES Collect and analyze key data and telemetry during a security incident. Coordinate containment and remediation activity with cross-functional teams Complete all required incident documentation and reporting within established time frames. Drive improvements from incident lessons learned. Develop playbook\SOP to improve Incident Response processes to align with industry guidelines and standards. Develop and implement security monitoring use cases driven by threat intelligence. Conduct periodic threat hunting exercises to actively discover suspicious activity across the enterprise. participate in periodic exercises to test the effectiveness of IR\SOC process and controls. QUALIFICATIONS Required Qualification: Bachelor's degree and 2 to 4 years of experience in Incident Response (CSIRT) and SOC. Additional relevant experience and professional certifications will be considered in lieu of a degree. Understanding of host-based and network security logging. Experience in usage of enterprise security solutions. Understanding related to security encompassing end point technologies, applications, application hosting, physical and virtual data center hosting. Experience with security practices such as security incident response and risk management. Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members. Must be a critical thinker with strong problem-solving skills. Knowledge of information security management frameworks, such as ISO 27001, ITIL, COBIT or NIST. High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies. Desired Qualification: Degree in applicable field Professional information security certification, such as CEH, CHFI etc. Knowledge of common security frameworks and regulations including FFIEC, NYDFS and NIST Cybersecurity Framework In-depth and hands-on experience with Security Analytics and Incident Response Knowledge in Scripting languages (e.g. BASH, Python, etc)

Director, Application Operations - SRE Hyderabad, India Information Technology 314557 Job Description About The Role: Grade Level (for internal use): 13 S&P Global Ratings The Role : Director, Application Operations, SRE (Site Reliability Engineering) The Team : This team is part of the global SRE group that provides Site Reliability Engineering Services for the critical applications used by the analysts for conducting the business. Application Operations team is responsible for the Stability (Uptime), Reliability (Quality & Performance) and Engineering of these applications to improve business outcomes, user experience and efficiencies. The Team operates at the intersection of IT operations and software development, ensuring that our services are not only robust but also agile enough to adapt to the ever-evolving business needs. Impact and Responsibilities : The Impact of this role extends far beyond the immediate team. You will be instrumental in shaping the reliability and performance standards of our critical applications, ensuring they meet the highest benchmarks. By driving advancements in automation and cloud technologies, you will contribute significantly to the organization's strategic goals and toil reduction, enhancing both the user experience and operational efficiency. You will nurture the team members to be the best-in-class by upskilling and cross-skilling. General & Team management: Ensure the team balances its focus between daily operational tasks and strategic long-term projects Drive the adoption of new technologies and processes through training and mentoring Lead/Mentor/Guide/Coach and transform a team of Application Operations to SRE’s Create/maintain documentation for systems and processes to ensure continuity and knowledge sharing within the team. Adoption of Gen AI to leverage knowledge repository Collaborate with cross-functional teams to ensure seamless integration and support for new technologies and initiatives Oversee daily operations and ensure the shifts are adequately managed Set the roadmap; derive goals for each team member; review, motivate and support to make them successful Stability: Build a SRE practice that improves system stability with Monitoring & AIOps. Avert P1/P2 incidents and minimize business impact Analyze system vulnerabilities, SPOFs and address them proactively to improve stability Refactor monolithic apps and databases to containerized services to improve delivery/scale Work with business users to understand needs, issues, develop root cause analysis and work with the cross functional teams to address them permanently Reliability: Monitor system performance and create strategies to improve it Reduce the number of incidents and the time taken to resolve them (MTTR) Develop and implement disaster recovery plans to ensure business continuity Lead DevOps transformation to improve the delivery of value to business, reduction of costs & manual errors, increased velocity of releases and improved config management Engineering: Involvement in Architecture and Development design reviews (Shift-left) for new implementation and integration projects to build SRE best practices into the SDLC Continuously look for opportunities to automate tasks, simplify processes, Self-service to reduce the toil Value Stream Alignment: While alignment as horizontal lead is expected to begin with, it’s expected that you also handle the role of a SRE value stream lead going forward. Ensure smooth inter-working with value streams (VS) to meet the objectives & realize value Foster a 2-way knowledge sharing with VS and reduce dependency on SRE Help shepherd VS to improve SRE maturity levels; implement & prioritize best practices like monitoring, post-mortem, toil reduction, retrospectives etc. Application to User Journey orientation and transformation What’s in it for you : In this role, you will have the opportunity to collaborate with a diverse and talented team, working on cutting-edge technology solutions to drive efficiency and innovation within the organization. You will be at the forefront of implementing best practices in site reliability engineering, with a strong emphasis on automation, cloud technologies, and performance optimization. You will interface with the value stream leads to improve the SRE practices and maturity levels within the value streams. What We’re Looking For: Basic Qualifications : Bachelor’s degree in computer science or equivalent is required, or in lieu, a demonstrated equivalence in work experience 15+ years of experience in Information Technology domain including cloud, systems & database administration, networking, performance, and application operations Proven experience in IT Operations and/or Site Reliability Engineering, successful handling of Application Operations in a complex IT setup Manage Multi-cloud (AWS/Azure) environments Engineering and implementing proactive monitoring of applications, infrastructure & databases. Engineering automation to self-heal and mature towards AIOps Manage, innovate, and create processes, software and tools that continuously improve the availability, reliability, scalability, latency and efficiency of platforms Engineer Self-service portals, Scalable platforms and repeatable processes that allow product teams to own the entire life cycle of their products, reducing the SRE dependency Excellent communication skills with experience in managing, coaching, and building highly effective teams. Manage and inspire a team of full stack Site Reliability Engineers across regions and time zones, emphasizing collaboration and efficiency. Establish relationships with business teams & other IT partners. Identifying and measuring KPIs like CSAT/NPS scores, establishing feedback channels which have a direct correlation to UX Cost management through forecasting consumption, budgeting, tagging assets & tracking cost, disposing unused allocations & right sizing, optimizing usage & correlating cost to business value Establish incident & defect review process to help guide and continually improve stability of applications Shapes and leverages advanced conceptual thinking to solve complex and/or completely new or novel situations that have never been dealt with before. Actively pursues innovative solutions that align with the company’s tolerance for risk (business and reputational) Looks at external companies, products and capabilities and how they may accelerate Ratings technology initiatives Preferred Qualifications: Experience in application & data architecture, system design, algorithms, data structures, complexity analysis, and software design Ability to architect high availability application and servers on cloud adhering best practices. Ability to perform technical deep-dives into code, networking, systems, databases and storage configuration Experience working in Agile software product development Experience working with stakeholders and collaborating across organizational boundaries. Configuration management, automation of patching, threat and vulnerability management, security monitoring, network security, endpoint security, cloud application and data security Awareness of security frameworks like NIST to address technology, information and resilience risk, information security and risk management Support & transform ITSM process – Incident, Change & Problem management to align with DevOps maturity About S&P Global Ratings At S&P Global Ratings, our analyst-driven credit ratings, research, and sustainable finance opinions provide critical insights that are essential to translating complexity into clarity so market participants can uncover opportunities and make decisions with conviction. By bringing transparency to the market through high-quality independent opinions on creditworthiness, we enable growth across a wide variety of organizations, including businesses, governments, and institutions. S&P Global Ratings is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. With every one of our offerings, we help many of the world’s leading organizations navigate the economic landscape so they can plan for tomorrow, today. For more information, visit www.spglobal.com/ratings What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. S&P Global has a Securities Disclosure and Trading Policy (“the Policy”) that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policy’s requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 10 - Officials or Managers (EEO-2 Job Categories-United States of America), IFTECH103.2 - Middle Management Tier II (EEO Job Group) Job ID: 314557 Posted On: 2025-06-04 Location: Hyderabad, Telangana, India

Positions Summary: This role as an Application Security Developer, will be part of the Product Security team driving the fix of vulnerability findings from Static application security (SAST) testing and Software Composition Analysis (SCA). Position Responsibilities: Identifying the vulnerabilities discovered through security assessments involving SAST and SCA findings Train & Empower Developers on Security principles & coding practices Position Requirements: Must Have: B.Tech/B.E in Computer Science with at least (2-5) years relevant professional experience Software development experience in one of the following core languages – Java, JavaScript and .NET Adequate knowledge of web related technologies (Web Apps, Web Services and Service Oriented Architecture) Excellent verbal and written communication skills Experience working in a cross-functional and geographically diversified teams Good to Have: Good understanding of OWASP security testing methodology Experience identifying and mitigating security vulnerabilities in web applications and APIs Knowledge on security standards like CWE, NIST and associated standards & best practices Experience with Harness would be an added advantage At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact. CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law. Applicants for employment in the US must be authorized to work in the US. CDK may offer employer visa sponsorship to applicants.

About the job We are a global biopharmaceutical company focused on human health. Our purpose is to find treatment to fight pain and ease suffering. We combine breakthrough science and advanced technology to develop life-changing medicines and vaccines. What you will be doing: At Sanofi, our Cyber Security team plays a crucial role in developing trust in our digital activities. We provide cutting-edge security services to mitigate cyber risks that could threaten our customers, employees, shareholders, products, and processes. As one of the key enablers of Sanofi's digital ambition, we're at the forefront of expediting value creation through innovative and optimized computerized capabilities. Our global Cyber Security organization operates consistently at Sanofi's scale, addressing any cyber challenge or threat against the company across all corporate and business entities. Our reach extends to our external stakeholders, ensuring comprehensive protection in an increasingly interconnected digital landscape. What you have to know about this opportunity Job title : Cyber Security Expert Compute Location: Hyderabad, INDIA Grade: L3 Hiring Manager: Jerome Lahalle 40% Remote working Job type: Permanent Full time Are you ready to contribute to our Cyber Security journey within a worldwide and innovative global healthcare company devoted to chase the miracles of science to improve people’s lives? The Cyber Security contribution to this noble mission is to ensure that this purpose will never be endangered by Cyber threats. Comprising around 85+ employees, we are a global, multidisciplinary and diverse team committed to supporting and enabling digital transformation with trust. A keen sense of excellence, creativity and a data-driven mindset are our guiding principles. Sanofi is also a company where you can flourish and grow your career, with countless opportunities to explore, make connections with people, and stretch the limits of what you thought was possible. Ready to get started? Main responsibilities: We are looking for a Cyber Security Expert with a robust real world technical and operational experience motivated to delve into and implement cutting-edge cyber security solutions and strategies to constantly improve and sustain our security posture. The Cyber Expert for Compute scope is pivotal in strengthening sanofi security posture through driving, supervising and implementing the security measures of all server instances, both on-premises and in the cloud. Keys responsibilities include: Managing Server Security Compliance Standards: Collaborate with Server and Cyber Security teams to define and establish security rules for all standard platforms. Regularly review and update OS hardening settings in accordance with NIST 800-53 / ISO 27001 standards for all operating systems. Maintain the list of mandatory security agents in coordination with other cyber teams (Antivirus, EDR, Compliance App, Whitelisting solutions, …). Oversee access management rules for servers (Privilege Access Management, segregation of duty, least privilege principle, …). Contribute to definition and improvements of patch management policy and process Own the System Security Standard policy. Providing KPI measurements: Identify and sponsor security KPIs and dashboards to assess and reach excellence on the compliance level of all servers. Adjust KPI measurement rules and compliance level targets. Review and approve/deny exception requests in KPIs (ex. Monthly committee meeting KPI review and exception sessions). Following-up on non-compliance remediations and improvement plans: Lead Cyber operational governance with external support partner leveraging geographical proximity to enforce regular face-to-face interactions. Review Cyber non-compliances, analyze failures, advise or perform remediation steps. Assist and facilitate coordinating security remediations and improvements (ex. OS hardening, WINRM enablement, vulnerability remediation and reporting). Unlock any operational impasse by taking the lead in executing the implementation of cybersecurity measures globally. Leading Server Security Expertise: Trusted advisor for all server security matters within the organization (Infrastructure projects, Security/Vulnerability Operations Center, Audits, …). Identify coverage gaps and facilitate proper service management coverage with Digital or remote organizations. The profile of the colleague we’d love to work with: If you enjoy diving into complex technical topics, troubleshooting with hands-on on various technical contexts, exploring new technologies, working with multiple stakeholders and cultures, defining pragmatic and realistic plans that can be measured by real data metrics, you will find your dream job here. Technical qualifications Broad operational experiences on multiple cyber security domains with a focus on server security as well as relevant foundations on cloud security. Servers’ administration and technical security skills for Windows and Unix/Linux OS. Experience with Ansible, Python and PowerShell. Non-Technical qualifications High level of autonomy while collaborative and well-organized with the ability to structure plans effectively. Ability to work with diverse stakeholders in an international environment. Good analytical skills with a risk-based approach. Pragmatic and action-oriented (be a doer as opposed to a theorist only). Curious and enjoys digging into technical topics. Able to take a step back to see the big picture. Strong ability to adjust and adopt strategy and priority changes. Excellent verbal and written communication skills in English. Why choose us? Opportunity to work on global, high-impact projects that directly contribute to Sanofi's digital transformation. Collaborative and innovative work environment that encourages continuous learning and professional growth. Chance to be at the forefront of cyber security in the pharmaceutical industry. Competitive compensation and benefits package. Global exposure and the potential to make a significant impact on healthcare through technology. Join us in our mission to protect and enable Sanofi's digital future. Your expertise will directly contribute to safeguarding breakthrough medicines and vaccines that improve people's lives around the world. Bring the miracles of science to life alongside a supportive, future-focused team. Discover endless opportunities to grow your talent and drive your career, whether it’s through a promotion or lateral move, at home or internationally. Enjoy a thoughtful, well-crafted rewards package that recognizes your contribution and amplifies your impact. Take good care of yourself and your family, with a wide range of health and wellbeing benefits including high-quality healthcare, prevention and wellness programs and at least 14 weeks’ gender-neutral parental leave. Opportunity to work in an international environment, collaborating with diverse business teams and vendors, working in a dynamic team, and fully empowered to propose and implement innovative ideas. Pursue Progress . Discover Extraordinary . Progress doesn’t happen without people – people from different backgrounds, in different locations, doing different roles, all united by one thing: a desire to make miracles happen. You can be one of those people. Chasing change, embracing new ideas and exploring all the opportunities we have to offer. Let’s pursue progress. And let’s discover extraordinary together. At Sanofi, we provide equal opportunities to all regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or gender identity. Watch our ALL IN video and check out our Diversity Equity and Inclusion actions at sanofi.com! null