3740 Nist Jobs - Page 30

About the Role: We are seeking a highly skilled and principled Responsible AI Evaluator to assess, audit, and ensure the ethical development and deployment of AI models across the enterprise. This role spans traditional ML models, Large Language Models (LLMs), and Generative AI systems, with a strong focus on fairness, transparency, privacy, security, and accountability across multi-cloud environments (AWS, Azure, GCP, etc.). The ideal candidate combines deep technical expertise with a firm grasp of ethical frameworks, regulatory requirements, and responsible AI principles. Key Responsibilities: Model Evaluation & Auditing Evaluate AI/ML, LLM, and GenAI models for bias, fairness, explainability, and robustness. Conduct red-teaming, safety testing, and adversarial analysis across AI pipelines. Perform pre-deployment, post-deployment, and continuous model audits. Responsible AI Frameworks Operationalize and implement RAI principles based on NIST AI RMF, OECD, ISO/IEC 42001, and industry standards. Collaborate with data scientists, legal, compliance, and product teams to enforce responsible AI lifecycle checkpoints. Multi-Cloud Deployment Compliance Ensure AI/ML systems deployed across AWS, Azure, GCP, and hybrid environments meet data residency, compliance, and ethical standards. Evaluate model behavior variability and risk exposure across different cloud providers. Tooling & Automation Build or integrate tools for model explainability (e.g., SHAP, LIME), fairness (AIF360, Fairlearn), and privacy (DP libraries). Leverage LLM-specific eval frameworks (e.g., TruthfulQA, HELM, RAGAS, model-card generators). Documentation & Reporting Produce model cards, system cards, and impact assessments (e.g., DSA, DPIA). Deliver detailed evaluation reports, risk scores, and mitigation recommendations for internal and external stakeholders. Required Qualifications: 5+ years of experience in AI/ML evaluation, testing, or assurance roles. Proven experience with LLMs (e.g., GPT, Claude, LLaMA) and generative AI (e.g., DALL·E, Midjourney, custom diffusion models). Strong knowledge of fairness, bias detection, differential privacy, red-teaming, model transparency techniques. Familiarity with AI regulation and governance (EU AI Act, FTC guidance, DSA, HIPAA, etc.). Experience with cloud platforms (AWS, Azure, GCP) and deploying/evaluating AI services in distributed architectures. Proficiency in Python and libraries such as scikit-learn, Transformers, LangChain, MLflow, PyTorch, etc. Strong communication and reporting skills, with the ability to translate technical findings into business risk language. Preferred Qualifications: Master’s or PhD in Computer Science, Data Science, Ethics, or related field. Prior work with model evaluation benchmarks and large-scale LLM testing frameworks. Knowledge of secure and privacy-preserving ML techniques (e.g., federated learning, homomorphic encryption). Experience contributing to open-source Responsible AI tools or policy frameworks. Why Join Us: Work at the cutting edge of AI ethics, safety, and trust. Collaborate with interdisciplinary teams across engineering, legal, and policy. Influence how AI is responsibly used across industries and sectors. Shape a safer and more accountable AI future.

Entity: Technology Job Family Group: IT&S Group Job Description: To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC). Are you passionate about protecting what matters most? We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security. We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy. Role Synopsis In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with the Supply Trading and Shipping (ST&S) business areas, you will support the protection of IT systems and business data that are important to bp's energy production capabilities. You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that ST&S teams can operate with confidence, knowing their systems and processes are secure. Ready to make a real impact in energy trading security? Join us in safeguarding the people, processes and systems that power our transition to net zero! Key Accountabilities In this role you will deliver security activities to support the ST&S business areas. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities: Security Assessments: We need someone that can conduct comprehensive assessments of systems, identify risks and issues while recommending appropriate remediation measures. Technical & Non-Technical Risk Advisory: You'll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly. Cyber Behaviour Promotion: We strive to build a strong cyber security culture. You'll assist with the development and promoting good cyber behaviours in day-to-day operations. Incident Management Support: When security incidents happen, we need you to provide specialist security expertise. You'll support incident response activities and improvement recommendations. Customer Support: We want you to act as the go-to point of contact for information security. You'll provide timely and accurate expertise on security matters affecting their systems or data. You will: Assess and Evaluate: You'll perform regular security assessments of ST&S systems. We use established methodologies to identify potential risks, weaknesses and security gaps. Respond and Advise: We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements. Analyse and Report: You'll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences. Support and Collaborate: We work closely with ST&S teams to implement security measures. You'll help maintain a robust security posture while aligning with operational needs. Promote and Educate: We nurture positive cyber security behaviours! You'll work within P&O teams through targeted awareness activities, training support, and expert guidance. Monitor and Review: We want someone who understands the security landscape affecting ST&S systems and stay ahead of emerging threats and industry standard methodologies. Education Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering. Working towards professional certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or CompTIA Security+. Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework. Desirable Experience And Capability Previous track record in information security roles, preferably with some exposure to trading technology (OT) or financial regulated environments. Ability to explain security concepts to a variety of audiences in the ST&S domain. Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments. Attention to detail and ability to work independently while balancing multiple activities. Ability to adapt security recommendations to different operating environments. Ability to use technology, data, and insights to enable decision making. Travel Requirement Up to 10% travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism Legal Disclaimer: We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us. If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

This role is for one of Weekday's clients Min Experience: 8 years Location: Delhi NCR JobType: full-time Requirements We are seeking an experienced and visionary Director - Cybersecurity to lead the strategic design, implementation, and governance of our cybersecurity programs. The ideal candidate will possess a robust technical foundation in cybersecurity along with proven expertise in policy advocacy , risk management , and program leadership . You will be instrumental in shaping our cybersecurity posture, driving stakeholder alignment, and representing the organization in policy-level conversations and compliance frameworks. This role is best suited for someone who thrives at the intersection of technology, governance, and strategy , and is passionate about driving impact at both organizational and ecosystem levels. Key Responsibilities: Strategic Leadership & Program Management: Lead the development and execution of enterprise-wide cybersecurity programs. Define strategic objectives, assess maturity, and oversee all risk mitigation initiatives. Collaborate cross-functionally to integrate security into business operations. Cybersecurity Framework & Architecture: Establish and maintain a comprehensive cybersecurity framework, including network security, endpoint protection, identity management, and data loss prevention. Evaluate and select security tools and platforms. Policy & Advocacy: Represent the organization in external cybersecurity forums, government policy discussions, and industry coalitions. Advocate for responsible cybersecurity policies and standards that align with business needs and regulatory expectations. Risk Management: Develop and maintain cybersecurity risk management processes and ensure alignment with global standards (e.g., NIST, ISO 27001). Proactively identify, analyze, and respond to emerging threats and vulnerabilities. Incident Response & Threat Intelligence: Build and oversee the incident response strategy and coordinate the team's response to breaches, threats, and outages. Work with law enforcement, legal teams, and regulators during critical incidents. Compliance & Audit: Ensure that cybersecurity practices comply with relevant legal and regulatory standards (e.g., GDPR, HIPAA, PCI-DSS). Support internal and external audit efforts and report on key risk indicators and control effectiveness. Stakeholder Engagement & Communication: Educate internal stakeholders including board members, executives, and functional teams on cybersecurity risk and readiness. Deliver concise, actionable reports and security briefings. Skills & Qualifications: Experience: Minimum of 8-10 years in cybersecurity roles, including leadership or program management capacity. Strong exposure to network security, endpoint protection, risk analysis, cryptography, and incident response. Policy & Ecosystem Engagement: Demonstrated experience working with government agencies, policy makers, and industry consortia on cybersecurity regulations and frameworks. Certifications (Preferred): CISSP, CISM, CISA, or similar credentials. Technical Expertise: Strong command over security architectures, cloud security (AWS, Azure), firewalls, SIEM tools, penetration testing, and identity & access management. Soft Skills: Strong leadership, communication, and negotiation skills. Ability to manage multidisciplinary teams and balance technical depth with executive reporting.

Job Description Key Responsibilities, Deliverables / Outcomes: Project Leadership: Lead and manage large, complex penetration testing and security testing engagements end-to-end. Act as the primary technical and engagement lead for key client accounts. Ensure timely delivery, quality assurance, and stakeholder communication throughout project lifecycles. Provide mentorship and guidance to junior and mid-level consultants. Technical Execution: Perform and review web, mobile, API, network, cloud, and configuration security assessments. Maintain technical excellence across multiple service lines, staying updated on the latest vulnerabilities, tools, and attack techniques. Conduct business logic reviews, threat modeling, and red teaming exercises as needed. Client Engagement: Act as a trusted advisor to clients, providing strategic security recommendations and actionable insights. Be ready for onsite visits, workshops, and executive-level presentations when required. Handle sensitive engagements with professionalism and discretion. Presales Support: Support RFP responses, proposal writing, and technical solutioning. Participate in client sales meetings and scoping discussions. Provide accurate effort estimations and help define delivery models. Practice Development: Contribute to the development and refinement of security testing services and methodologies. Drive internal initiatives to improve quality, efficiency, and innovation in service delivery. Create technical content, whitepapers, or knowledge base articles to support team growth. Key Skills 3–5 years of hands-on experience in penetration testing or offensive security. Proven track record of leading complex security assessments with large clients. Expertise in Web, Mobile, Network, API, Cloud, Configuration Reviews, and/or Red Teaming. Familiarity with security standards such as OWASP, PTES, NIST, and MITRE ATT&CK. Strong communication and client-facing skills. Experience supporting presales efforts, including proposals, SOWs, and client discussions. Certifications such as OSCP, OSWA, CRTO, CREST CRT/CCT, or similar are preferred. Key Competencies 1. Accountability 2. Communications - Oral & Written 3. Analysis Skills 4. Passion 5. Adaptability

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY GDS Business Consulting – Business Transformation (Smart City) – Senior As part of our Business Consulting team, we are currently seeking highly motivated professionals, to help EY clients across sectors on their Business Transformation agenda projects. Within Business Transformation, you'll work as part of a high-performing team of problem solvers with extensive consulting and industry experience related to Smart City consulting, helping client organisations to drive value. We work with our clients to drive the Smart City and urban innovation projects, ensuring delivery excellence, stakeholder alignment, and measurable impact. The opportunity We’re looking for a Senior Consultant with expertise in Smart City consulting to support EY clients in their urban transformation agenda driving activities including project scoping, solution design, and delivery of digital, sustainable, and citizen-centric interventions across multiple domains including mobility, utilities, health, public safety, and governance to drive value and capable in manging large smart city projects. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a Business Consulting domain service offerings. Your key responsibilities Within Business Transformation, you'll work as part of a high-performing team of problem solvers with extensive consulting and industry experience. Support end-to-end Smart City and urban innovation projects, ensuring delivery excellence, stakeholder alignment, and measurable impact. Support diagnostics, benchmarking, and strategy formulation for government clients and city authorities, based on global smart city frameworks and standards (ISO 37100/ ITU/ NIST) Collaborate with technical SMEs, city planners, policy experts, and technology partners to co-create practical and scalable digital solutions. Develop Smart City solutions, IoT/AI use cases in urban contexts Develop DPRs, feasibility studies, city blueprints, concept strategy, business models (PPP/ BOOT) Support in proposal development, business case articulation, pricing models, and go-to-market strategy for Smart City and urban digital programs. Contribute to EY thought leadership by authoring insights, white papers, and participating in strategic conferences and forums. Conduct in-depth research on trends, regulatory developments, and client behaviours, synthesizing findings to inform strategic recommendations and innovative client solutions. Develop data-driven insights and strategic recommendations, supporting presentations that communicate complex information effectively to stakeholders. Engage in knowledge-sharing and thought leadership activities, including industry discussions and forums, contributing to the firm’s expertise and positioning within the Smart city sector. Foster strong client relationships, support communications, and assist in preparing for industry events, positioning the firm as a trusted advisor across the MENA region. Contribute to business development efforts, supporting the firm's expansion. Significant opportunities to support in business development activities, creating proposals and participating in solution development thus contributing to organizational revenue and growth. Able to work under pressure to meet deadlines, must be able to effectively prioritize projects - align with team’s aspirations. Right attitude to understand and align with the organizational goals and priorities. Support the Business Transformation leadership in implementing strategic initiatives at team levels. Collaborate with other competencies in consulting and ensure organizational goals and priorities are achieved as a team. To qualify for the role, you must have: A passion for people — our people are our greatest asset. We need you to be able to part of project teams to bring out the best in our people and help them to develop and grow. Ability to build exceptional client relationships — our clients are at the centre of what we do. Through the delivery of Business Transformation engagements, you will be responsible for managing key client relationships to make sure that we deliver quality and value. Ability to think strategically and to solve complex problems . You will demonstrate strong critical thinking skills focused on developing business solutions, creating logical analysis, assimilating large amounts to complex information, identifying or anticipating issues or challenges. Ability to communicate, making complex systems and situations simple to understand. You’ll communication visually, verbally and in written reports. Ability to manage projects –we help our client solve their complex technology challenges. You will need good project delivery skills to manage and deliver the projects across our key clients. Ability to learn new ideas and capabilities rapidly through self–driven learning and research. You’ll need to be able to assimilate new ideas and information rapidly. Good Research Skills exposure to various research tools and ability to conduct deep level of research on specific topics related to the Business Consulting/ Transformation engagements. Ability to benchmark client requirements against leading practices and identify client pain points and opportunities. Good leadership skills to enhance the relationship with key stakeholders and develop new business opportunities. To qualify for the role, you must have. BE/B-Tech/MBA/ MPP 5+ years of industry experience in smart city consulting, urban planning, public policy making Experience in consulting, urban development, or technology-led transformation, with at least 3+ years in Smart Cities or Smart Infrastructure projects. Strong exposure to urban policy frameworks, city mobility, integrated command centers (ICCC), urban analytics, and master plan driven city planning. Deep understanding of Smart City platforms, IoT/AI use cases in urban contexts, and public-private operating models Exposure to Smart City Frameworks (ISO 37100, NIST, ITU, etc.) Expertise in developing business case, feasibility analysis, ROI modelling Track record of leading multi-disciplinary teams and managing client engagements across the government or urban sector. Excellent storytelling, stakeholder engagement, proposal writing, and presentation skills. Strong research and analytical capabilities Strong PowerPoint and presentation skills Report writing, Customer handling, Strong interpersonal communication skills. Willing to travel onsite on client assignments. Willing to work on Sunday to Thursday working week and support MENA timings (11AM – 8.30 PM), as preferred (supporting Middle East Clients) What we look for A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment. An opportunity to be a part of market-leading, multi-disciplinary team of business consultant professionals, in the integrated global business worldwide. Opportunities to work with EY Business Consulting practices regionally/globally with leading businesses across a range of industries. What working at EY offers At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Title: AI Security Architect Job Description Cyber Security is seeking a Security architect to join the Cyber AI team. This position will use machine learning, data engineering, automation, and Data Science principles to solve enterprise problems and advance our mission. This role is a key contributor to our practice and will be directly responsible for design, development, deployment, design reviews and processing of all of AI first projects. The successful candidate will work closely with key stakeholders to drive key project activities and involve Cybersecurity domains are included in AI development. We are seeking candidates with passion to lead the implementation of cutting-edge technology and methodologies while establishing strong partnerships with data owners and stakeholders across Cyber Security. Responsibilities Work in or lead an agile team to design and build architectures on AI solutions. Engage proactively with customers to better understand their needs and obtain feedback. Acquire and develop technology agnostic reference architectures across AI Security Architecture. Reviewing current state AI system security architectural foundations and recommend enhancements with target roadmaps Develop vendor agnostic security solution architecture with technology reference architecture aligned to various best practices such as NIST, ENISA, ETSI etc. Vital contributor to develop security design patterns, framework, approach, and methodology in the discipline of AI Security, developing project timelines for ongoing system upgrades Ensure to collaborate across domain and solution architects at different sub-competency of Cyber Security and act as CoE Champion to aggregated best practices of security reference architecture. Conduct Technology and Infrastructure Security Assessment in terms of threat, vulnerability, and risk aspects of an enterprise security architecture perspective. Develop Technology design and program planning to bring in value added solution delivery and ensure strategic alignment and long-term business benefits Engage in grooming security analysts and solution architects to bring in holistic perspective in every solution delivery Ability to create AI models utilizing deep learning, neural networks, and ML algorithms to derive business insights and fuel informed decision-making. Thorough understanding of linear algebra, probability, and statistics to comprehend and use AI models such as Naive Bayes, Gaussian mixture models, and linear discriminant analysis. Knowledge to build a variety of AI applications, including language translation, visual recognition or perception, and targeted advertising based on sentiment analysis. Develop scalable algorithms capable of learning, analyzing and predicting future events. Structure business problems and drive viable, data-driven hypotheses in collaboration with business partners. Devise, develop and disseminate actionable intelligence from disparate data sources using advanced data analytics tools and techniques. Ability to perform in depth data analysis including but not limited to: Machine Learning Classification Optimization Time Series analysis Pattern Recognition Candidate must have thorough understanding and experience on following in terms of AI and AI Security Threat models Security analysis Design and integration into AI and ML infra Some familiarity with offensive perspective on AI – attack model perspective, model extraction, data poison, etc. QUALIFICATIONS: Required Skills 5+ years of experience as Architect with skills on AI and AI Systems. 3+ years working with languages Python and SQL 3+ years applying statistics in data analyses (ex. regression modeling, econometrics, classification labeling, recommendation, parametric/non-parametric modeling, etc.) 5 or more years’ experience presenting and delivering results to business partners and leadership. 2 or more years’ experience in Cyber Security domain knowledge. Strong project management, negotiation and interpersonal skills Advanced written and verbal communication skills and presentation skills You may also have a Bachelor's and/or post graduate degree in computer science, information systems, engineering, or a related major. Preferred Certifications in data science, deep learning, and ML Exposure to Generative AI and NLP Experience on multi cloud. 2 or more years skilled at data visualization (PowerPoint, Tableau, D3, ggplot, matlib, seaborn, etc.) 2 or more years with modern data engineering with APIs 2 or more years’ experience in Cyber Security domain knowledge. M.S. or PhD in a Science, Technology, Engineering, Mathematics (STEM) or Economics related field of study. 2 or more years applying agile SDLC. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Company Description We are a consulting company with a bunch of technology-interested and happy people! We love technology, we love design and we love quality. Our diversity makes us unique and creates an inclusive and welcoming workplace where each individual is highly valued. With us, each individual is her/himself and respects others for who they are and we believe that when a fantastic mix of people gather and share their knowledge, experiences and ideas, we can help our customers on a completely different level. We are looking for you who is immediate joiner and want to grow with us! With us, you have great opportunities to take real steps in your career and the opportunity to take great responsibility. Job Summary: We are seeking a skilled and experienced Attack Surface Reduction Analyst with a strong foundation in penetration testing and vulnerability management to join our dynamic cybersecurity team. In this role, you will be instrumental in identifying and mitigating security risks across our systems, applications, and network infrastructure. You will also lead internal and third-party penetration testing initiatives and work closely with cross-functional teams to strengthen our overall security posture. Key Responsibilities Conduct comprehensive vulnerability assessments (VA) and penetration tests (PT) on systems, applications, and networks. Identify and assess security vulnerabilities using industry-standard tools and methodologies . Design and manage vulnerability management processes and drive effective remediation strategies. Coordinate and manage third-party penetration testing engagements and ensure alignment with security goals. Collaborate with IT and business teams to prioritize and remediate identified risks. Contribute to the development and maintenance of security policies, procedures, and standards . Continuously monitor systems for unauthorized access, suspicious activities, and emerging threats. Stay abreast of evolving cybersecurity trends , threat landscapes, and best practices in attack surface reduction . Required Qualifications Bachelors degree in Computer Science, Information Security, or related field. 3 to 5 years of hands-on experience in vulnerability scanning , penetration testing , and vulnerability management . In-depth knowledge of common vulnerabilities and exposures (CVEs) and attack vectors. Proficiency with tools such as Kali Linux, Qualys, Burp Suite , and other VA/PT platforms. Familiarity with security frameworks and standards (e.g., NIST, OWASP Top 10, CIS Controls). Strong analytical and problem-solving skills . Excellent written and verbal communication skills , including the ability to explain technical issues to non-technical stakeholders. Preferred Certifications (Certifications are a plus but not mandatory) OSCP , OSEP , SANS GIAC , CREST , CompTIA Security+ , or similar. Start : Immediate Location : Bangalore Form of employment: Full-time until further notice, we apply 6 months probationary employment. We interview candidates on an ongoing basis, do not wait to submit your application.

Key Responsibilities: Possess cross domain knowledge in various areas of Cyber Security such as but not limited to 1 Information Security Forum ISF Standards of Good Practice SoGP 2 Information Security Management System ISMS based on ISO 27001 and ISO 27002 standards and very strong skills in writing and disbursing of Cyber Security Policies Processes Procedures Standards and Guidelines 3 Information Security measurement and monitoring based on ISO 27004 wherein strong skills in Microsoft Office suit products are heavily utilized 4 Information Security Audits 5 NIST Cyber Security Framework CSF 6 Cyber Security Strategy 7 Cyber Security Maturity Models Technical Requirements: A good understanding or working knowledge of 1 Vulnerability assessments and penetration testing 2 Application security source code reviews 3 Incident management and investigations life cycle 4 Security Architecture design principles and its applications in real world scenarios 5 Working knowledge of various other Best Practices Standards Regulatory and Statutory frameworks such as but not limited to SSAE 16 18 PCI DSS HIPAA GLBA SoX SANS Critical Security Controls CSC Privacy in general but General Data Protection Regulation GDPR in particular 11 Stay abreast with the fast changing world of Information Technology and Cyber Security and liaison with leading Industry bodies forums and CxO community to share and learn ideas and adopt best practices where possible ISO 27001 Lead Auditor LA or Lead Implementer LI Certification Mandatory CISSP certification Mandatory Additional Responsibilities: 1 The Head of Cyber Security Governance reports to the CISO 2 Travel across different Infosys locations 3 As and when opportunities arise travel to attend conferences and industry body work groups Preferred Skills: Foundational->Information Security->Governance Risk and Compliance, Audits , Workflow

Senior Cyber Security Analyst We are seeking a Senior Cybersecurity Analyst – GRC (Governance, Risk, and Compliance) to support and improve our security compliance and risk management program. This individual will help manage third-party audits, perform risk assessments, ensure ongoing compliance with security frameworks, and support business teams with customer and vendor assurance. You’ll work closely with security, engineering, legal, and customer teams to ensure Eltropy’s security posture remains strong, transparent, and audit-ready. Key Responsibilities: Assist in the preparation and execution of third-party audits and assessments , including SOC 2, PCI-DSS, NIST CSF, and ISO 27001 . Support the development and maintenance of Eltropy’s GRC program , ensuring alignment with business and regulatory requirements through well-defined policies, controls, and risk processes . Respond to customer security questionnaires and due diligence requests . Conduct and manage vendor security assessments , maintain risk tracking, and ensure third-party compliance. Perform risk assessments across systems, tools, and business processes; manage mitigation plans and maintain an exceptions register . Contribute to access governance , including quarterly access reviews, enforcement of least privilege, and identity and access documentation. Draft, review, and update security policies, standards, and procedures to reflect current risk posture and best practices. Lead or support security awareness programs to promote a risk-conscious culture among staff and end users. Contribute to the development and testing of incident response and disaster recovery plans . Monitor and analyze cybersecurity threats, trends, and technologies , and recommend enhancements to Eltropy’s security posture. Help ensure the security of IT infrastructure by supporting the implementation and maintenance of measures against unauthorized access, cyber threats, and vulnerabilities. Track and report on compliance status, audit readiness , and risk trends to key stakeholders. Skills & Attributes: 3–5 years of experience in cybersecurity or IT risk/compliance, with a focus on GRC. Familiarity with major frameworks like SOC 2, PCI-DSS, ISO/IEC 27001, and NIST CSF. Experience supporting third-party audits or certifications. Knowledge of risk management processes and frameworks. Ability to respond to security due diligence questionnaires and document technical and organizational controls. Understanding of access governance and identity lifecycle best practices. Excellent communication, documentation, and stakeholder coordination skills. Comfort with tools like Vanta, Drata, or similar GRC platforms. Preferred Skills: Experience in a SaaS , FinTech , or regulated technology environment. Familiarity with cloud environments such as GCP , AWS , or Azure . Understanding of security operations , incident response , or DevSecOps concepts. Certifications (Preferred but not mandatory) CISA – Certified Information Systems Auditor ISO 27001 Lead Auditor / Implementer PCI ISA – Internal Security Assessor About Eltropy (www.eltropy.com) Eltropy is a rocket ship FinTech on a mission to disrupt the way people access financial services. Eltropy enables financial institutions to digitally engage in a secure and compliant way. Using our AI enabled digital conversations platform, community financial institutions can improve operations, engagement and productivity. CFIs (Community Banks and Credit Unions) use Eltropy to communicate with consumers via Text, Video, Secure Chat, co-browsing, screen sharing and chatbot technology — all integrated in a single platform bolstered by AI, skill-based routing and other contact center capabilities. Eltropy Values : Customers are our North Star No Fear - Tell the truth Team of Owners Eltropy is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY-Cyber Security-IAM–Active Directory Senior As part of our EY-cyber security team, you shall engage in Identity & Access Management projects in the capacity of execution of deliverables. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. The opportunity We’re looking for Senior Security Analyst / Senior Consultant in the Technology Consulting team to work on various Identity and Access Management projects for our customers across the globe. Also, the professional shall need to report any identified risks within engagements and share any issues and updates with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop. Your key responsibilities Engage and contribute to the Identity & Access Management projects Provide Level 3 and Level 4 support for the system within agreed service levels. Ability to work independently, adapt quickly, and maintain a positive attitude. At least 3-6 years of Active Directory / Azure Active Directory (Entra) experience Have experience in maintaining & administering Active Directory Knowledge of Bulk updates using scripts Managing backup/restore of AD database. Must have good experience in handling escalated issue and providing RCA. Experienced in AD server migration, deployment, and DC promotion. Knowledge on AD migrations from one domain to another domain will be an added advantage. Good verbal & written communication, technical document writing Awareness of security standards such as NIST and CIS Must have knowledge on AD Core Servers handling through command lines. Must have hands-on experience on managing Azure AD connect server synchronization. Experience on handling synchronization issues on Azure AD Connect and troubleshoot. Preparing Operational Manual, Procedure Documents & Design Documents Understands concepts of Authentication, Authorization, Provisioning, Identity and Access Management Good knowledge of basic security concepts and certificate management Understanding of Authentication, Authorization, MFA, SSO, Federation, and Directory Services concepts Supporting Single Sign-On (SSO) infrastructure, analysing issue related to SSO and Multi-Factor Authentication (MFA) Strong knowledge about OAuth, OpenID and SAML concepts, Proficient in Azure Active Directory B2C & B2B connections Technical knowledge of Active Directory and experience with user and computer account administration Understanding of Active Directory Forest, domain, trust, permissions, access control lists and related concepts Knowledge and experience of AD concepts like FSMO roles, DNS, DHCP and Group Policies, AD SIEM and log events, AD Sites, GPO, Build it groups, Policies, Directory Sync Hands on experience on end-to-end Identity and Access Management Tools such as Active Directory, Azure AD Operations. Should be flexible to work on new technology on IAM domain. Worked in capacity of techno-functional role of Identity and Access Management Implementation Worked in client facing role. Good understanding of Identity Access Management solutions Hands-on experience or good knowledge on Active directory domain migrations will be an added advantage. Need to be thorough in their respective tool with hands-on experience involving configuration, implementation & customization. Prior experience working in remote teams on global scale. Implement and manage the effectiveness of Incident, Service Request, Change and Problem management processes for the service area. Ability to perform Root Cause Analysis and suggest solutions to avoid errors. Resolve technical issues through debugging, research, and investigation. Strong communication skills, both verbal and written Perform systems analysis and tuning to ensure optimal infrastructure response. Skills and attributes for success Hands-on experience on end-to-end implementation of Identity and Access Management tool. Strong communication, presentation and team building skills and experience in producing high quality reports, papers, and presentations. Ability to communicate detailed technical information to a non-technical audience clearly. Hands on experience on tools like PKI, MFA, ADFS, Entra, QMM. Work Requirements: Willingness to travel as required Willingness to be on call support engineer and work occasional overtime as required Willingness to work in shifts as required To qualify for the role, you must have Bachelor or master’s degree in related field or equivalent work experience 3-6 years of experience implementing IAM projects (Active Directory and Azure AD) and migration. Strong command on verbal and written English language. Strong interpersonal and presentation skills. What working at EY offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Title: AI Security Architect Job Description Cyber Security is seeking a Security architect to join the Cyber AI team. This position will use machine learning, data engineering, automation, and Data Science principles to solve enterprise problems and advance our mission. This role is a key contributor to our practice and will be directly responsible for design, development, deployment, design reviews and processing of all of AI first projects. The successful candidate will work closely with key stakeholders to drive key project activities and involve Cybersecurity domains are included in AI development. We are seeking candidates with passion to lead the implementation of cutting-edge technology and methodologies while establishing strong partnerships with data owners and stakeholders across Cyber Security. Responsibilities Work in or lead an agile team to design and build architectures on AI solutions. Engage proactively with customers to better understand their needs and obtain feedback. Acquire and develop technology agnostic reference architectures across AI Security Architecture. Reviewing current state AI system security architectural foundations and recommend enhancements with target roadmaps Develop vendor agnostic security solution architecture with technology reference architecture aligned to various best practices such as NIST, ENISA, ETSI etc. Vital contributor to develop security design patterns, framework, approach, and methodology in the discipline of AI Security, developing project timelines for ongoing system upgrades Ensure to collaborate across domain and solution architects at different sub-competency of Cyber Security and act as CoE Champion to aggregated best practices of security reference architecture. Conduct Technology and Infrastructure Security Assessment in terms of threat, vulnerability, and risk aspects of an enterprise security architecture perspective. Develop Technology design and program planning to bring in value added solution delivery and ensure strategic alignment and long-term business benefits Engage in grooming security analysts and solution architects to bring in holistic perspective in every solution delivery Ability to create AI models utilizing deep learning, neural networks, and ML algorithms to derive business insights and fuel informed decision-making. Thorough understanding of linear algebra, probability, and statistics to comprehend and use AI models such as Naive Bayes, Gaussian mixture models, and linear discriminant analysis. Knowledge to build a variety of AI applications, including language translation, visual recognition or perception, and targeted advertising based on sentiment analysis. Develop scalable algorithms capable of learning, analyzing and predicting future events. Structure business problems and drive viable, data-driven hypotheses in collaboration with business partners. Devise, develop and disseminate actionable intelligence from disparate data sources using advanced data analytics tools and techniques. Ability to perform in depth data analysis including but not limited to: Machine Learning Classification Optimization Time Series analysis Pattern Recognition Candidate must have thorough understanding and experience on following in terms of AI and AI Security Threat models Security analysis Design and integration into AI and ML infra Some familiarity with offensive perspective on AI – attack model perspective, model extraction, data poison, etc. QUALIFICATIONS: Required Skills 5+ years of experience as Architect with skills on AI and AI Systems. 3+ years working with languages Python and SQL 3+ years applying statistics in data analyses (ex. regression modeling, econometrics, classification labeling, recommendation, parametric/non-parametric modeling, etc.) 5 or more years’ experience presenting and delivering results to business partners and leadership. 2 or more years’ experience in Cyber Security domain knowledge. Strong project management, negotiation and interpersonal skills Advanced written and verbal communication skills and presentation skills You may also have a Bachelor's and/or post graduate degree in computer science, information systems, engineering, or a related major. Preferred Certifications in data science, deep learning, and ML Exposure to Generative AI and NLP Experience on multi cloud. 2 or more years skilled at data visualization (PowerPoint, Tableau, D3, ggplot, matlib, seaborn, etc.) 2 or more years with modern data engineering with APIs 2 or more years’ experience in Cyber Security domain knowledge. M.S. or PhD in a Science, Technology, Engineering, Mathematics (STEM) or Economics related field of study. 2 or more years applying agile SDLC. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

We are seeking an accomplished and strategic Technical Manager to lead full-spectrum technology initiatives across modern enterprise environments. This role requires deep technical expertise, leadership excellence, and a solid understanding of full stack development, AI/ML, cloud computing, and digital platforms like **Salesforce**, **ServiceNow**, **Drupal**, and **WordPress**. The successful candidate will oversee architecture, execution, team growth, and delivery of scalable and secure solutions aligned with business goals. --- Key Responsibilities Technical Strategy & Solution Architecture * Define and drive the technical roadmap across frontend, backend, AI, cloud, and integration platforms. * Evaluate and integrate cutting-edge technologies (AI/ML, LLMs, automation, low-code platforms). * Architect scalable and secure enterprise solutions with modern design patterns and microservices. Engineering Management & Team Leadership * Lead high-performing engineering teams across multiple tech stacks and development methodologies. * Establish a collaborative, learning-focused engineering culture. * Mentor engineers, architects, and team leads to build technical capability and leadership pipelines. Project Delivery & Governance * Oversee full lifecycle of solution delivery including planning, estimation, design, development, testing, and deployment. * Ensure adherence to Agile/Scrum best practices, DevOps principles, and SDLC compliance. * Manage cross-team dependencies, technology standards, and code quality enforcement. Technology Stack Oversight * Provide technical direction across diverse platforms including: * Full Stack Web Development: React.js, Node.js, RESTful APIs, WebSocket * AI/ML & Python: Model training, data pipelines, NLP integration * Enterprise Platforms: .NET, Java Spring Boot, PHP (Laravel) * CMS & Web Frameworks: Drupal 9/10, WordPress (multisite & enterprise) * Low-code/No-code Platforms: PowerApps * CRM & ITSM Platforms: Salesforce (Admin & Dev), ServiceNow (workflow automation, ITSM) *DevOps & Cloud: AWS, Azure, Docker, Kubernetes, GitLab CI, Terraform Security, Compliance & Data Governance * Champion secure coding practices and data protection strategies (OWASP, NIST, ISO 27001). * Ensure accessibility compliance (WCAG, AODA, 508). * Oversee cloud governance, data retention, and policy enforcement aligned with regulatory requirements. Stakeholder & Budget Management * Serve as the key technical advisor to executive leadership, clients, and partners. * Translate business objectives into actionable technical plans. * Manage technical budgets, vendor partnerships, and cost optimization strategies. --- Required Skills & Qualifications * Bachelor’s or Master’s in Computer Science, Engineering, or a related field. * 10+ years of progressive experience in software engineering and solution architecture. * 5+ years in technical leadership or management roles. * Expertise in modern full stack development (React.js, Node.js, Python). * Proven experience with at least **two major platforms**: Salesforce, ServiceNow, Drupal, or WordPress. * Experience with AI/ML integration and cloud-native applications. * Strong command of DevOps, CI/CD automation, and scalable infrastructure. * Proficient in Agile/Scrum methodologies and engineering best practices. --- Preferred Skills * Salesforce certifications (Admin/Developer), ServiceNow administration/development experience. * Familiarity with chatbot/AI workflow integration. * Experience with monolithic-to-microservices transitions and legacy modernization. * Strong presentation and communication skills for stakeholder engagement. --- Why Join Us? * Shape the technical future of projects across industries like public sector, healthcare, education, and enterprise. * Work with cutting-edge tools and cross-functional agile teams. * Make high-impact decisions in a collaborative and empowering environment. Job Types: Full-time, Permanent Pay: ₹1,500,000.00 - ₹2,500,000.00 per year Benefits: Health insurance Paid sick time Paid time off Work Location: In person

About the position: A Security Operations Centre (SOC) Engineer is a professional responsible for monitoring, detecting, investigating, analysing, and responding to cybersecurity incidents within an organization. The primary goal of a SOC Engineer is to ensure the security and integrity of the organization's information systems and data. Here is a typical job description for a SOC Engineer. You will play a crucial role in safeguarding the organization's information systems from cyber threats. You will be responsible for monitoring security alerts, conducting incident response, and implementing security measures to protect the organization's assets. Responsibilities: Monitor security alerts and events generated by security systems, including intrusion detection/prevention systems, firewalls, antivirus, and other security tools. Analyze and investigate alerts to identify potential security incidents. Respond to and mitigate security incidents in a timely and effective manner. Coordinate with cross-functional teams to contain and remediate security threats. Document and report incidents, including root cause analysis and recommended actions for improvement. Conduct vulnerability assessments and work with system owners to remediate identified vulnerabilities. Stay informed about the latest security vulnerabilities, threats, and mitigation strategies. Collaborate with the IT and security teams to enhance security architecture and ensure the implementation of best practices. Participate in the design and implementation of security solutions. Stay current with the latest cybersecurity threats and trends. Incorporate threat intelligence into security monitoring and incident response processes. Assist in the development and maintenance of security policies, standards, and procedures. Ensure compliance with regulatory requirements and industry best practices. Contribute to the development of security awareness training programs for employees. Promote a culture of security within the organization. Qualification: Bachelor’s degree in computer science, Information Technology, or a related field. Relevant certifications such as CISSP, CompTIA Security+, GIAC, or others are preferred. Proven experience in a SOC environment or a similar cybersecurity role. Strong knowledge of cybersecurity concepts, tools, and techniques. Familiarity with security frameworks and standards (ISO 27001, NIST, etc.). Excellent analytical and problem-solving skills. Effective communication and collaboration skills.

Job Description We’re hiring a detail-oriented and experienced SOC Analyst – L2 to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you’ll investigate complex incidents, perform in-depth threat analysis, lead proactive threat-hunting efforts, and mentor junior analysts. If you’re looking to deepen your cybersecurity expertise, manage critical incidents, and contribute to a mature SOC environment, this opportunity is tailor-made for you. Key Skills 2–3 years of experience in SOC or a similar cybersecurity-focused role Strong understanding of networking protocols, subnetting, routing, and addressing Proficient in Linux and Windows OS, system hardening, and architecture Deep understanding of Active Directory attacks and defense mechanisms Expertise in ELK Stack (Elasticsearch, Logstash, Kibana) for threat detection Experience in incident response, threat hunting, and forensic investigation Familiarity with OWASP Top 10, digital forensics, and malware analysis Proficiency in tools like TheHive, Cortex, MISP, OpenCTI, and Jira Ability to write detection rules for OWASP vulnerabilities and custom use cases Skilled in KQL, ESQL, and other query languages for log analysis Excellent communication and documentation skills Certifications like CompTIA Security+, CEH, OSDA, or BTL1 (preferred) Knowledge of frameworks such as MITRE ATT&CK and NIST CSF (a plus) Roles and Responsibilities Monitor security events and logs to detect advanced threats Conduct detailed investigations and lead real-time incident response Perform in-depth threat analysis using digital forensics tools Develop and optimize detection use cases and custom rules for SOC monitoring Harden Linux and Windows environments to prevent potential exploits Analyze threat intelligence and simulate attack scenarios to test detection readiness Collaborate across departments to embed cybersecurity into operations Mentor and guide junior SOC team members Regularly communicate security incidents and progress updates to stakeholders

Job Description We’re looking for a highly motivated and detail-oriented Sr. Compliance Analyst to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you’ll drive governance, risk, and compliance (GRC) initiatives, support audits, enhance policy frameworks, and contribute to the organization’s overall information security posture. If you have a solid background in GRC frameworks, risk management, and regulatory compliance, and enjoy working cross-functionally to build a culture of trust and accountability, this role is a great fit for you. Key Skills 5+ years of experience in GRC, compliance, or related fields. Bachelor’s degree in a relevant field; certifications like CRISC, CISM, CISSP, PMP, or Scrum Master are a strong plus. Deep understanding of frameworks such as ISO27001, ISO27701, ISO31000, NIST, COSO, COBIT, and ITIL. Strong knowledge of global regulations, including GDPR, CCPA, HIPAA, and ITGC. Proven experience in risk assessment and mitigation strategies. Hands-on experience with audit planning, execution, and documentation. Proficiency in developing and implementing information security policies. Strong analytical, communication, and stakeholder management skills. Roles and Responsibilities Develop, implement, and refine GRC strategy in alignment with business objectives. Monitor organizational compliance with laws, regulations, and industry standards. Participate in risk assessments and recommend risk mitigation strategies. Support and contribute to security incident response and resolution. Assist in drafting and enforcing information security policies and procedures. Collaborate with external auditors for compliance and control assessments. Conduct internal audits to evaluate the effectiveness of controls and processes. Manage documentation, training, and awareness programs to promote a compliance culture. Provide regular updates to leadership and stakeholders on GRC metrics and initiatives. Continuously improve GRC practices based on audit feedback and regulatory changes.

Job Description We’re hiring an entry-level SOC Analyst – L1 to join our Information Security Group (ISG) at Grazitti Interactive. In this role, you’ll actively monitor security alerts, investigate incidents, and support threat prevention efforts within our Security Operations Center (SOC). If you’re passionate about cybersecurity, eager to build hands-on experience in incident handling, and want to work with modern security tools and frameworks, this opportunity is a perfect fit. Key Skills 1–2 years of experience in a SOC or similar cybersecurity role Strong knowledge of networking protocols, Linux/Windows OS, and system hardening Hands-on experience in incident response and digital forensics Familiarity with cybersecurity tools like ELK Stack, TheHive, Cortex, MISP, OpenCTI, and Jira Understanding of Active Directory architecture and attack vectors Working knowledge of OWASP Top 10 vulnerabilities and mitigation techniques Proficiency in query languages such as KQL and ESQL for log analysis Excellent written and verbal communication skills Relevant certifications such as CompTIA Security+, CEH, BTL1, OSDA (preferred) Familiarity with MITRE ATT&CK and NIST CSF (a plus) Roles and Responsibilities Continuously monitor security logs and alerts to detect potential threats Conduct triage, investigation, and documentation of incidents using forensic tools Harden Linux and Windows systems against known vulnerabilities Create and refine security use cases based on OWASP Top 10 and AD attack techniques Develop and maintain custom detection rules for enhanced SOC monitoring Optimize and manage security tools like ELK, Cortex, and MISP for effective response Collaborate with cross-functional teams to ensure compliance and integrate security best practices Simulate threat scenarios and participate in tabletop exercises Regularly communicate cybersecurity updates and incidents to internal stakeholders

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY GDS Business Consulting – Business Transformation (Smart City) – Senior As part of our Business Consulting team, we are currently seeking highly motivated professionals, to help EY clients across sectors on their Business Transformation agenda projects. Within Business Transformation, you'll work as part of a high-performing team of problem solvers with extensive consulting and industry experience related to Smart City consulting, helping client organisations to drive value. We work with our clients to drive the Smart City and urban innovation projects, ensuring delivery excellence, stakeholder alignment, and measurable impact. The opportunity We’re looking for a Senior Consultant with expertise in Smart City consulting to support EY clients in their urban transformation agenda driving activities including project scoping, solution design, and delivery of digital, sustainable, and citizen-centric interventions across multiple domains including mobility, utilities, health, public safety, and governance to drive value and capable in manging large smart city projects. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a Business Consulting domain service offerings. Your Key Responsibilities Within Business Transformation, you'll work as part of a high-performing team of problem solvers with extensive consulting and industry experience. Support end-to-end Smart City and urban innovation projects, ensuring delivery excellence, stakeholder alignment, and measurable impact. Support diagnostics, benchmarking, and strategy formulation for government clients and city authorities, based on global smart city frameworks and standards (ISO 37100/ ITU/ NIST) Collaborate with technical SMEs, city planners, policy experts, and technology partners to co-create practical and scalable digital solutions. Develop Smart City solutions, IoT/AI use cases in urban contexts Develop DPRs, feasibility studies, city blueprints, concept strategy, business models (PPP/ BOOT) Support in proposal development, business case articulation, pricing models, and go-to-market strategy for Smart City and urban digital programs. Contribute to EY thought leadership by authoring insights, white papers, and participating in strategic conferences and forums. Conduct in-depth research on trends, regulatory developments, and client behaviours, synthesizing findings to inform strategic recommendations and innovative client solutions. Develop data-driven insights and strategic recommendations, supporting presentations that communicate complex information effectively to stakeholders. Engage in knowledge-sharing and thought leadership activities, including industry discussions and forums, contributing to the firm’s expertise and positioning within the Smart city sector. Foster strong client relationships, support communications, and assist in preparing for industry events, positioning the firm as a trusted advisor across the MENA region. Contribute to business development efforts, supporting the firm's expansion. Significant opportunities to support in business development activities, creating proposals and participating in solution development thus contributing to organizational revenue and growth. Able to work under pressure to meet deadlines, must be able to effectively prioritize projects - align with team’s aspirations. Right attitude to understand and align with the organizational goals and priorities. Support the Business Transformation leadership in implementing strategic initiatives at team levels. Collaborate with other competencies in consulting and ensure organizational goals and priorities are achieved as a team. To qualify for the role, you must have: A passion for people — our people are our greatest asset. We need you to be able to part of project teams to bring out the best in our people and help them to develop and grow. Ability to build exceptional client relationships — our clients are at the centre of what we do. Through the delivery of Business Transformation engagements, you will be responsible for managing key client relationships to make sure that we deliver quality and value. Ability to think strategically and to solve complex problems. You will demonstrate strong critical thinking skills focused on developing business solutions, creating logical analysis, assimilating large amounts to complex information, identifying or anticipating issues or challenges. Ability to communicate, making complex systems and situations simple to understand. You’ll communication visually, verbally and in written reports. Ability to manage projects –we help our client solve their complex technology challenges. You will need good project delivery skills to manage and deliver the projects across our key clients. Ability to learn new ideas and capabilities rapidly through self–driven learning and research. You’ll need to be able to assimilate new ideas and information rapidly. Good Research Skills exposure to various research tools and ability to conduct deep level of research on specific topics related to the Business Consulting/ Transformation engagements. Ability to benchmark client requirements against leading practices and identify client pain points and opportunities. Good leadership skills to enhance the relationship with key stakeholders and develop new business opportunities. To qualify for the role, you must have. BE/B-Tech/MBA/ MPP 5+ years of industry experience in smart city consulting, urban planning, public policy making Experience in consulting, urban development, or technology-led transformation, with at least 3+ years in Smart Cities or Smart Infrastructure projects. Strong exposure to urban policy frameworks, city mobility, integrated command centers (ICCC), urban analytics, and master plan driven city planning. Deep understanding of Smart City platforms, IoT/AI use cases in urban contexts, and public-private operating models Exposure to Smart City Frameworks (ISO 37100, NIST, ITU, etc.) Expertise in developing business case, feasibility analysis, ROI modelling Track record of leading multi-disciplinary teams and managing client engagements across the government or urban sector. Excellent storytelling, stakeholder engagement, proposal writing, and presentation skills. Strong research and analytical capabilities Strong PowerPoint and presentation skills Report writing, Customer handling, Strong interpersonal communication skills. Willing to travel onsite on client assignments. Willing to work on Sunday to Thursday working week and support MENA timings (11AM – 8.30 PM), as preferred (supporting Middle East Clients) What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment. An opportunity to be a part of market-leading, multi-disciplinary team of business consultant professionals, in the integrated global business worldwide. Opportunities to work with EY Business Consulting practices regionally/globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY GDS Business Consulting – Business Transformation (Smart City) – Senior As part of our Business Consulting team, we are currently seeking highly motivated professionals, to help EY clients across sectors on their Business Transformation agenda projects. Within Business Transformation, you'll work as part of a high-performing team of problem solvers with extensive consulting and industry experience related to Smart City consulting, helping client organisations to drive value. We work with our clients to drive the Smart City and urban innovation projects, ensuring delivery excellence, stakeholder alignment, and measurable impact. The opportunity We’re looking for a Senior Consultant with expertise in Smart City consulting to support EY clients in their urban transformation agenda driving activities including project scoping, solution design, and delivery of digital, sustainable, and citizen-centric interventions across multiple domains including mobility, utilities, health, public safety, and governance to drive value and capable in manging large smart city projects. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a Business Consulting domain service offerings. Your Key Responsibilities Within Business Transformation, you'll work as part of a high-performing team of problem solvers with extensive consulting and industry experience. Support end-to-end Smart City and urban innovation projects, ensuring delivery excellence, stakeholder alignment, and measurable impact. Support diagnostics, benchmarking, and strategy formulation for government clients and city authorities, based on global smart city frameworks and standards (ISO 37100/ ITU/ NIST) Collaborate with technical SMEs, city planners, policy experts, and technology partners to co-create practical and scalable digital solutions. Develop Smart City solutions, IoT/AI use cases in urban contexts Develop DPRs, feasibility studies, city blueprints, concept strategy, business models (PPP/ BOOT) Support in proposal development, business case articulation, pricing models, and go-to-market strategy for Smart City and urban digital programs. Contribute to EY thought leadership by authoring insights, white papers, and participating in strategic conferences and forums. Conduct in-depth research on trends, regulatory developments, and client behaviours, synthesizing findings to inform strategic recommendations and innovative client solutions. Develop data-driven insights and strategic recommendations, supporting presentations that communicate complex information effectively to stakeholders. Engage in knowledge-sharing and thought leadership activities, including industry discussions and forums, contributing to the firm’s expertise and positioning within the Smart city sector. Foster strong client relationships, support communications, and assist in preparing for industry events, positioning the firm as a trusted advisor across the MENA region. Contribute to business development efforts, supporting the firm's expansion. Significant opportunities to support in business development activities, creating proposals and participating in solution development thus contributing to organizational revenue and growth. Able to work under pressure to meet deadlines, must be able to effectively prioritize projects - align with team’s aspirations. Right attitude to understand and align with the organizational goals and priorities. Support the Business Transformation leadership in implementing strategic initiatives at team levels. Collaborate with other competencies in consulting and ensure organizational goals and priorities are achieved as a team. To qualify for the role, you must have: A passion for people — our people are our greatest asset. We need you to be able to part of project teams to bring out the best in our people and help them to develop and grow. Ability to build exceptional client relationships — our clients are at the centre of what we do. Through the delivery of Business Transformation engagements, you will be responsible for managing key client relationships to make sure that we deliver quality and value. Ability to think strategically and to solve complex problems. You will demonstrate strong critical thinking skills focused on developing business solutions, creating logical analysis, assimilating large amounts to complex information, identifying or anticipating issues or challenges. Ability to communicate, making complex systems and situations simple to understand. You’ll communication visually, verbally and in written reports. Ability to manage projects –we help our client solve their complex technology challenges. You will need good project delivery skills to manage and deliver the projects across our key clients. Ability to learn new ideas and capabilities rapidly through self–driven learning and research. You’ll need to be able to assimilate new ideas and information rapidly. Good Research Skills exposure to various research tools and ability to conduct deep level of research on specific topics related to the Business Consulting/ Transformation engagements. Ability to benchmark client requirements against leading practices and identify client pain points and opportunities. Good leadership skills to enhance the relationship with key stakeholders and develop new business opportunities. To qualify for the role, you must have. BE/B-Tech/MBA/ MPP 5+ years of industry experience in smart city consulting, urban planning, public policy making Experience in consulting, urban development, or technology-led transformation, with at least 3+ years in Smart Cities or Smart Infrastructure projects. Strong exposure to urban policy frameworks, city mobility, integrated command centers (ICCC), urban analytics, and master plan driven city planning. Deep understanding of Smart City platforms, IoT/AI use cases in urban contexts, and public-private operating models Exposure to Smart City Frameworks (ISO 37100, NIST, ITU, etc.) Expertise in developing business case, feasibility analysis, ROI modelling Track record of leading multi-disciplinary teams and managing client engagements across the government or urban sector. Excellent storytelling, stakeholder engagement, proposal writing, and presentation skills. Strong research and analytical capabilities Strong PowerPoint and presentation skills Report writing, Customer handling, Strong interpersonal communication skills. Willing to travel onsite on client assignments. Willing to work on Sunday to Thursday working week and support MENA timings (11AM – 8.30 PM), as preferred (supporting Middle East Clients) What We Look For A Team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment. An opportunity to be a part of market-leading, multi-disciplinary team of business consultant professionals, in the integrated global business worldwide. Opportunities to work with EY Business Consulting practices regionally/globally with leading businesses across a range of industries. What Working At EY Offers At EY, we’re dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Job Title: Chief Information Security Officer (CISO) Location: Mumbai, India (Mulund) Type : Full Time(On site, 5.5 days working) Department: Information Security Position Summary The Chief Information Security Officer (CISO) will be responsible for developing, implementing, and managing the enterprise-wide information security strategy. The role includes overseeing all cybersecurity operations, ensuring compliance with RBI guidelines, managing security incidents, and safeguarding critical payment data. The CISO will play a key leadership role in protecting the integrity of our payment ecosystem while facilitating regulatory compliance, risk mitigation, and secure technology enablement. Key Responsibilities 1. Security Strategy & Governance Develop and lead a comprehensive cybersecurity strategy in line with RBI regulations and industry standards (e.g., PCI-DSS, ISO 27001, NIST). Establish and maintain security policies, procedures, and controls to protect customer and transactional data. Oversee the operation and continuous improvement of the Information Security Management System (ISMS). 2. Regulatory Compliance Ensure full compliance with RBI Guidelines on Payment Aggregators, including mandatory 24-hour reporting of security incidents to RBI’s Department of Payment and Settlement Systems and CERT-In. Ensure adherence to applicable regulations such as PCI-DSS, GDPR (if applicable), and ISO standards. Liaise with internal/external auditors and regulators to conduct regular security reviews and audits. 3. Incident Management Design and maintain an effective cybersecurity incident response framework. Lead investigations, containment, remediation, and post-incident reviews of security breaches or cyber threats. Ensure timely submission of root cause analyses and regulatory reporting of incidents. 4. Vendor and Third-Party Risk Management Lead security assessments and due diligence of third-party service providers, technology partners, and cloud vendors. Evaluate vendor compliance with security certifications (e.g., ISO 27001, PCI-DSS) and reporting capabilities. Define and enforce security requirements in vendor contracts and SLAs. 5. Cyber Risk Management Conduct enterprise-wide risk assessments and develop risk treatment plans for critical systems and processes. Deploy controls to address threats such as data breaches, fraud, malware, and DDoS attacks. Monitor emerging threats, vulnerabilities, and attack trends in the digital payments landscape. 6. Team Leadership & Awareness Build, mentor, and manage a high-performing cybersecurity team. Promote a strong security culture through employee awareness programs and regular training. Work cross-functionally with IT, Compliance, Legal, and Operations to embed security into business workflows. 7. Technology Leadership Evaluate, deploy, and manage cutting-edge cybersecurity technologies including SIEM, firewalls, EDR, IDS/IPS, encryption, and fraud prevention systems. Ensure secure design and integration of APIs, payment gateways, and technical infrastructure. Stay informed of innovations in cybersecurity, digital payments, and data protection. Qualifications & Experience Education: Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field. Professional certifications such as CISSP , CISM , CISA , or CRISC are highly preferred. Experience: Minimum 10+ years of progressive experience in cybersecurity, with at least 5 years in a senior leadership role . Extensive experience in managing security within payment processing, fintech, or financial services environments. Demonstrated experience in RBI-compliant security practices , incident reporting, and regulatory engagement. Proven track record of PCI-DSS and ISO 27001 compliance implementation and audit management. Skills & Competencies In-depth knowledge of information security standards and frameworks (e.g., ISO 27001, NIST, OWASP). Strong understanding of RBI Guidelines for Payment Aggregators and regulatory reporting procedures. Proficiency in cloud security , API security , encryption protocols , and fraud detection systems . Excellent leadership, communication, and stakeholder management skills. Ability to analyze complex risks and design effective, pragmatic solutions. Preferred Qualifications Experience working with regulatory authorities such as RBI, CERT-In, or NPCI. Background in vendor risk management and secure third-party integrations. Awareness of emerging technologies in payments, including blockchain , UPI , or tokenization . Why Join Us? Lead security for a growing and mission-driven fintech at the forefront of India’s digital payments revolution. Collaborate in a dynamic environment with innovation at its core. Competitive compensation, performance-based incentives, and comprehensive benefits. Opportunity to shape national payment security practices and influence regulatory policy adherence.

Experience 4 to 8 years Location Mumbai ( onsite) Roles and Responsibilities Maintain the firm’s security, standards and guidelines Enforce policy and regulatory compliance. Ability to develop Policies, Standards and Guidelines from scratch as well as modify the existing ones. Defining and reviewing architecture review for new server /VLAN setup in an organisation Providing IT Security Risk advisories for business teams of the organisation Understanding of Infrastructure, Application security assessment and secure SDLC framework. Conduct and document Application and System risk assessments using the firms’ global standards and develop risk mitigation strategies. Work closely with the business and operations teams to identify risk in different processes and provide assistance in closure of the same. Understanding of OWASP, SANS, and NIST standards Contribution to Information Security strategy and raising security awareness across the organisation. Extensive knowledge on Firewall rule review process, role has the scope to expand further based on success and integration of the above core function. Understanding of Vulnerability Management process and conducting operational tasks related to this process Conducting and maintaining follow-ups on periodic basis with Business /Application teams Years of Experience 3 to 5 years Must have key skills Network architecture (Firewall Rules) / Moderate knowledge for Microsoft and RedHat Operating System / Cyber Security / Network Security

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Job Title: AI Security Architect Job Description Cyber Security is seeking a Security architect to join the Cyber AI team. This position will use machine learning, data engineering, automation, and Data Science principles to solve enterprise problems and advance our mission. This role is a key contributor to our practice and will be directly responsible for design, development, deployment, design reviews and processing of all of AI first projects. The successful candidate will work closely with key stakeholders to drive key project activities and involve Cybersecurity domains are included in AI development. We are seeking candidates with passion to lead the implementation of cutting-edge technology and methodologies while establishing strong partnerships with data owners and stakeholders across Cyber Security. Responsibilities Work in or lead an agile team to design and build architectures on AI solutions. Engage proactively with customers to better understand their needs and obtain feedback. Acquire and develop technology agnostic reference architectures across AI Security Architecture. Reviewing current state AI system security architectural foundations and recommend enhancements with target roadmaps Develop vendor agnostic security solution architecture with technology reference architecture aligned to various best practices such as NIST, ENISA, ETSI etc. Vital contributor to develop security design patterns, framework, approach, and methodology in the discipline of AI Security, developing project timelines for ongoing system upgrades Ensure to collaborate across domain and solution architects at different sub-competency of Cyber Security and act as CoE Champion to aggregated best practices of security reference architecture. Conduct Technology and Infrastructure Security Assessment in terms of threat, vulnerability, and risk aspects of an enterprise security architecture perspective. Develop Technology design and program planning to bring in value added solution delivery and ensure strategic alignment and long-term business benefits Engage in grooming security analysts and solution architects to bring in holistic perspective in every solution delivery Ability to create AI models utilizing deep learning, neural networks, and ML algorithms to derive business insights and fuel informed decision-making. Thorough understanding of linear algebra, probability, and statistics to comprehend and use AI models such as Naive Bayes, Gaussian mixture models, and linear discriminant analysis. Knowledge to build a variety of AI applications, including language translation, visual recognition or perception, and targeted advertising based on sentiment analysis. Develop scalable algorithms capable of learning, analyzing and predicting future events. Structure business problems and drive viable, data-driven hypotheses in collaboration with business partners. Devise, develop and disseminate actionable intelligence from disparate data sources using advanced data analytics tools and techniques. Ability to perform in depth data analysis including but not limited to: Machine Learning Classification Optimization Time Series analysis Pattern Recognition Candidate must have thorough understanding and experience on following in terms of AI and AI Security Threat models Security analysis Design and integration into AI and ML infra Some familiarity with offensive perspective on AI – attack model perspective, model extraction, data poison, etc. QUALIFICATIONS: Required Skills 5+ years of experience as Architect with skills on AI and AI Systems. 3+ years working with languages Python and SQL 3+ years applying statistics in data analyses (ex. regression modeling, econometrics, classification labeling, recommendation, parametric/non-parametric modeling, etc.) 5 or more years’ experience presenting and delivering results to business partners and leadership. 2 or more years’ experience in Cyber Security domain knowledge. Strong project management, negotiation and interpersonal skills Advanced written and verbal communication skills and presentation skills You may also have a Bachelor's and/or post graduate degree in computer science, information systems, engineering, or a related major. Preferred Certifications in data science, deep learning, and ML Exposure to Generative AI and NLP Experience on multi cloud. 2 or more years skilled at data visualization (PowerPoint, Tableau, D3, ggplot, matlib, seaborn, etc.) 2 or more years with modern data engineering with APIs 2 or more years’ experience in Cyber Security domain knowledge. M.S. or PhD in a Science, Technology, Engineering, Mathematics (STEM) or Economics related field of study. 2 or more years applying agile SDLC. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Job Title: SOC L2 Analyst Location: Gurgaon, India Job Summary: We are seeking an experienced SOC L2 Analyst to manage and enhance Security Operations Center (SOC) capabilities. This role involves incident investigation, threat detection, SIEM tuning, and mentoring L1 analysts to strengthen detection and response efforts. Key Responsibilities: Investigate security incidents and perform root cause analysis. Tune and validate SIEM correlation rules and propose new detection use cases. Lead incident response efforts and support forensic analysis. Monitor security alerts and identify threats or anomalies. Support and mentor L1 analysts. Collaborate with cross-functional teams to resolve complex issues. Document incidents and improve incident response playbooks. Requirements: 4–6 years of experience in SOC operations or incident response. Strong understanding of MITRE ATT&CK, NIST IR, and Cyber Kill Chain. Hands-on experience with EDR, DLP, firewall tools, and cloud security. In-depth knowledge of network protocols, IDS/IPS, malware analysis. Excellent communication and documentation skills.

Role Description As a Software Engineer - Network Security at Incedo, you will be responsible for managing and maintaining client network security. Your duties will include implementing security protocols, monitoring security logs, conducting vulnerability assessments, collaborating with other teams to manage risk, and providing security recommendations. Roles & Responsibilities: Designing and implementing network security strategies. Identifying and mitigating network security threats and vulnerabilities. Configuring and managing security devices such as firewalls and intrusion detection systems. Conducting security audits and assessments. Collaborating with other IT teams to ensure security policies and procedures are implemented. Providing technical support for security-related issues. Maintaining documentation of security configurations and changes. Technical Skills Skills Requirements: Knowledge of network security practices such as access control, intrusion detection, and incident response. Experience in configuring and managing network security devices such as firewalls, VPNs, and IDS/IPS. Familiarity with network security monitoring tools such as Wireshark, Snort, or Bro. Understanding of security frameworks and regulations such as NIST or PCI-DSS. Must have excellent communication skills and be able to communicate complex technical information to non-technical stakeholders in a clear and concise manner. Must understand the company's long-term vision and align with it. Nice-to-have skills Qualifications 3-5 years of work experience in relevant field B.Tech/B.E/M.Tech or MCA degree from a reputed university. Computer science background is preferred

Are you a skilled cybersecurity professional with leadership experience in penetration testing? Join HackIT – a CERT-IN empaneled cybersecurity firm – as a Vulnerability Assessment and Penetration Testing (VAPT) Team Lead. What You'll Be Doing: Lead and manage a team of junior penetration testers Conduct Web, Mobile, API, and Network Security Testing (Manual + Automated) Perform SAST, DAST, and develop Proof-of-Concepts Guide clients with remediation plans and ensure project delivery within deadlines Communicate effectively with stakeholders and senior management Prepare high-quality technical reports What We’re Looking For: 3–5 years of experience in Application/Infrastructure/Network Pen Testing Prior experience as a Team Lead or Project Lead in a security testing role Strong knowledge of OWASP Top 10, NIST, MITRE ATT&CK Familiar with enterprise & open-source pen test tools Excellent problem-solving, leadership, and reporting skills Preferred Certifications: OSCP, CREST, GPEN, GXPN, Cloud Certifications, or equivalent Send your updated profiles to careers@hackit.co

Our technology services client is seeking multiple DevSecOps Security Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: DevSecOps Security Engineer Experience: 5- 7 Years Location: Mumbai, Pune, Hyderabad, Bangalore, Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: Devops Support, GitHub Actions, CI/CD Pipelines, Argocd , Snyk, multicloud (AWS/AZure/GCP) GIT, MS Tools, Docker, Kubernetes, Jfrog, SCA & SAST Job Description: A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming. Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. Strong passion and technical expertise to automate security functions via code. Strong technical expertise with Application, Cloud, Data, and Network Security best practices. Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. Strong technical expertise with SDLC, CI/CD tools, and Deployment Automation. Strong technical expertise with operating security for Windows Server and Linux Server systems. Strong technical expertise with configuration management, version control, and DevOps operational support. Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies such as Snowflake. Role Responsibilities Development & Enforcement Develop and enforce engineering security policies and standards. Develop and enforce data security policies and standards. Drive security awareness across the organization. Collaboration & Expertise Collaborate with Engineering and Business teams to develop secure engineering practices. Serve as the Subject Matter Expert for Application Security. Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Analysis & Configuration Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. Lead security testing, vulnerability analysis, and documentation. Operational Support Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). Develop incident response and recovery strategies. Qualifications Basic Qualifications 5+ years of experience in developing and deploying security technologies. A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. Experience with modern Software Development Lifecycles and CI/CD practices Experience for the remediation of vulnerabilities sourced from Static Analysis (SAST), Open Source Scanning (SCA), Mobile Scanning (MAST) and API Scanning Proficiency in Public Clo\ud (AWS/Azure/GCP) & Network Security. Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). Preferred Qualifications Strong technical expertise with Architecting Public Cloud solutions and processes. Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. Familiarity with OWASP Application Security Verification Standard Experience with direct, remote, and virtual teams. Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, CodeQL, Checkmarx, and Snyk. Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. Education A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. If you are interested, share the updated resume to madhuri.p@s3staff.com