KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities for Internal Candidates • Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery • Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. • Perform business process walkthrough and controls testing for IT Audits. • Performing planning and executing audits, including - SOX, Internal Audits, External Audits • Conducting controls assessment in manual/ automated environment • Prepare/Review of Policies, Procedures, SOPs • Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. • Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. • Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. • Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Qualifications for Internal Candidates • IT Audit + SAP experience with knowledge of IT governance practices • Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits • Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) • Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology • Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage • Exposure to ERP systems will be added advantage • Strong project management, communication (written and verbal) and presentation skills • Knowledge of security measures and auditing practices within various applications, operating systems, and databases. • Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism • Preferred Certifications – CISA/CISSP//CISM • Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage • Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

Gurgaon/Bangalore, India An associate security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. What You’ll Be DOING What will your essential responsibilities include? Assist the Application Operations (Security) team in all security related activities, forums and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Contribute to the production of reporting and metrics to both internal and external stakeholders. You will report to the Head of Application Operations. What You Will BRING We’re looking for someone who has these abilities and skills: Required Skills And Abilities Security First mindset. Understanding of vulnerability analysis, scanning and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e. CIS. Understanding of security best practices/standards i.e. OWASP, NIST. Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Excellent analytical, critical thinking and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting. Desired Skills And Abilities Excellent communication, interpersonal and relationship building skills (verbal and written). Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Total Rewards AXA XL’s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do. We’re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We’re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving. For more information, please see axaxl.com/sustainability. Show more Show less

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

OVERVIEW KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment Responsibility: Seeking a highly skilled Cyber Security Auditor with expertise in auditing cyber security Process, risks and controls. A strong understanding of industry frameworks such as NIST (e.g., NIST CSF, NIST 800-53) and hands-on experience in assessing cybersecurity risks, governance controls, and technical security measures. This role involves validating control effectiveness, performing closure verification/issue validation to strengthen cyber security posture. Key Responsibilities: • Conduct assessments of cyber security risk and controls across network security, application security, vulnerability management, and governance controls. • Perform closure verification and issue validation for security findings, ensuring remediation aligns with risk reduction objectives. • Evaluate vulnerability management programs, patch management processes, and threat intelligence integration. • Review and test governance controls related to cyber security policies. • Strong understanding of NIST frameworks (CSF, 800-53), ISO 27001, CIS Controls, and regulatory requirements. • Technical expertise in network security, firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM tools, and endpoint security. • Hands-on experience in application security, vulnerability management, patch management, and security monitoring. • Strong knowledge of network protocols (TCP/IP, HTTP, SSL/TLS, DNS, VPN, etc.) and secure configurations. • Familiarity with cloud security controls (AWS, Azure, GCP) and DevSecOps principles. • Professional certifications such as CISA, CISSP, CISM, CRISC, CEH, or GIAC certifications (GCIH, GCFA, GPEN) are highly desirable. • Stay up to date with emerging cyber threats, attack techniques, and regulatory requirements impacting security controls Qualifications: • Cyber Security Audit experience with knowledge of IT governance practices • Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits • Full time Graduation / PG required Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

Job Duties (Summary): Senior Security SOC Analyst works in 24/7 team and in shifts which include nights and rotational weekends. The role is a key part of our Security Monitoring Incident Response team, involving in investigating alerts/events that trigger from MS Sentinel / SIEM and EDR Tools and other end point tools. Senior Analyst will be the internal escalation point for the Security analysts within the shift/team and will assist Security Analysts in responding to Security Incidents. This role also needs exceptional communication skills (verbal and written), and an ability quickly understand complex information while recognizing familiar elements within complex situations. Required Skills & Experience: Responsible for 24/7 monitor, triage, analysing security events and alerts. Including Malware analysis. Should have good hands-on in Microsoft Sentinel and should have ability to query using KQL [Mandatory] Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc... Strong knowledge of email security threats and security controls, including experience analysing email headers. Analysing Phishing emails and associated Threats and to remediate them by blocking the Url’s analysing the malware(s),link(s),IOC’s. Good understanding of Threat Intel and Hunting. Good hands on experience in investigating EDR alerts (Tanium, CrowdStrike, etc..) Good hands on experience in using XSOAR Platforms (Demisto, Phantom, etc..) Strong technical understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS / TLS, and SMTP. Experience analysing network traffic using tools such as Wireshark, to investigate either security issues or complex operational issues. Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues. Knowledge in investigating security issues within Cloud infrastructure such as AWS, GCP, Azure (Preferred not mandatory) Good knowledge and hands-on experience with SIEM systems such as SentinelOne/RSA Netwitness/Splunk/AlienVault/QRadar, ArcSight or similar in understanding/creating new detection rules, correlation rules etc... Experience In defining use cases for playbooks and runbooks (Preferred) Experience in understanding log types and log parsing Strong passion in information security, including awareness of current threats and security best practices. Basic Qualifications (Preferred not mandatory ? if Candidate has equivalent knowledge) Bachelor’s Degree in Computer Sciences or equivalent (Preferred not mandatory) Minimum of 3 years of experience in a Security Operations Centre (SOC) or incident response team (CSIRT Team member). Overall 3+ experience in Information Security/IT Security/Network Security. CEH, CISSP, OSCP, CHFI, ECSA, GCIH, GCIA, GSEC, GCFA certification (minimum One certification - Preferred not mandatory) A relevant specialist degree (e.g., information security or digital forensics). Knowledge in NIST CSF, MiTRE & ATTACK Framework. Active involvement in the Information Security community. Certified in Azure Security [SC-200, AZ-500, AZ-900] ? Either one or more [Mandatory]

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: Our Engineer - Networks role encompasses the lead technical advisor responsibilities for working with our valued clients on large-scale, multi-site global projects to deploy network solutions. Engineer will work with important internal and external contacts on the deployment and rollout of network infrastructure and security related efforts. These projects will be specific to promoting a Connected Enterprise by connecting the Industrial Internet of things at our main global customer facilities. You will report to the Team Lead. Your Responsibilities: 'Hands-on' experience in assessing, designing and deploying network infrastructure in environments including process automation, discrete controls, and automated manufacturing processes / equipment. Experience in designing and deploying network infrastructure (switches, routers, firewalls etc.) within an Industrial Network. Understanding of multiple industry standards including ISA, ANSI, NEMA, NERC, IDC, NEC and NIST standards. Specific focus on NIST 800-82, NERC-CIP, IEC-62443 Standards would be an added benefit. Experience in PLC, Networking and SCADA design/programming including data extraction and data analysis. Solid technical skills with multiple Ethernet protocols including EtherNet/IP, specifically round assessment, design and implementation of complex systems. Ability to handle multiple projects / interactions, and ability to work with different global teams, clients and vendors including those in international regions. Familiarity with a variety of networking and security concepts, practices and procedures, to include manufacturing and enterprise network convergence, network protocols, communication optimization, application effects on system performance and human exploitation techniques on the manufacturing network. Experience in developing and deploying solutions in a virtual environment. Design, implement and support important global customers' converged business and manufacturing/industrial networks and user needs in parallel with their overall business strategies. Write detailed documentation that could include customer requirements, system specifications, observed issues with remediation recommendations or implementation plans to develop manufacturing infrastructure. Design, recommend, and implement network infrastructure and associated configuration changes. Design customer secure manufacturing architectures and provide vision, problem anticipation, and solution to customers. The Essentials - You Will Have: Bachelor's Degree in Electrical Engineering, Industrial Engineering, Computer Science or Information Technology or related technology-driven degree. If no degree, 5+ years of experience in Network Designing & Implementation Virtualization and Industrial Security Controls. 5+ years of hands-on experience configuring IT/OT network infrastructure equipment (Cisco Switches, Virtual Server Environments, Cisco ASA, Fortigate/Palo Alto Firewalls,Anti-Virus Software). In-depth understanding of Ethernet/IP and CIP protocol. Previous experience working as part of a large, diverse global team completing full project life-cycle implementations. Travel Requirements: - Flexibility for travel 50% - 60% is required and can include both domestic and international trips. Legal authorization to work in the country of residence is required. The Preferred - You Might Also Have: 5+ years in Industrial Networking related experience. Recognised Network Certification (CCNA Industrial, CCNA / CCNP / CCIE Routing and Switching/Wireless, VCA, VCP, Cisco INS, GICSP. Specific focus on NIST 800-82, NERC-CIP, IEC-62443 Standards would be an added benefit. Willing to contribute as an individual contributor. What We Offer: Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-RS1 Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Assistant Manager Information Security Gurgaon, India Business Management 313937 Job Description About The Role: OSTTRA India The Role: Assistant Manager Information Security The Team: The OSTTRA Technology team is composed of Capital Markets Technology professionals, who build, support and protect the applications that operate our network. The technology landscape includes high-performance, high-volume applications as well as compute intensive applications, leveraging contemporary microservices, cloud-based architectures. The Impact: Together, we build, support, protect and manage high-performance, resilient platforms that process more than 100 million messages a day. Our services are vital to automated trade processing around the globe, managing peak volumes and working with our customers and regulators to ensure the efficient settlement of trades and effective operation of global capital markets. What’s in it for you: We are seeking a highly motivated and experienced Information Security person to join our growing security team. In this role, you will be responsible for managing and optimizing our Data Loss Prevention (DLP) solutions, ensuring compliance with relevant security standards i.e. ISO 27001, NIST and implementing and maintaining robust Identity and Access Management (IAM) and Privileged Access Management (PAM). You will play a crucial role in protecting our sensitive data and ensuring the security posture of our organization. This is an excellent opportunity to be part of a team based out of Gurgaon and to work with colleagues across multiple regions globally. Responsibilities: Data Loss Prevention (DLP) Management: Implement, Manage, and optimize DLP tools policies to prevent data leaks and ensure data protection. Develop and maintain DLP policies and procedures. Regularly update and fine-tune DLP rules to adapt to evolving data protection needs. Monitor and analyse DLP alerts and incidents and perform incident response. Provide training and guidance to users on DLP best practices. Implement real-time monitoring and logging for data movement and access patterns. Generate detailed reports on data loss attempts, policy breaches, and user behavior anomalies. Evaluate and recommend improvements to existing DLP solutions. Develop playbooks for quick response to DLP-related threats and incidents. Perform regular data flow assessments to identify unprotected data paths Identity and Access Management (IAM) and Privileged Access Management (PAM): Manage requirements around IAM and PAM security, including user provisioning, access control, and privileged access management. Develop and enforce IAM and PAM policies and procedures. Conduct regular access reviews and audits. Generate compliance reports for internal and external audits (e.g., SOX, GDPR, PCI-DSS). Troubleshoot IAM and PAM issues together with the respective Infrastructure teams. Integrate IAM/PAM systems with other security and business applications. Regularly evaluate IAM/PAM solutions to keep pace with emerging threats and technologies. Information Security Compliance: Ensure compliance with relevant security standards and regulations, including ISO 27001, NIST Standard Conduct internal security audits and assessments. Develop and maintain security documentation and procedures. Assist with external security audits and assessments. Stay up to date on the latest security threats and vulnerabilities. Other Duties: Provide security consulting and support to other teams. Knowledge on Application Pen testing would be an added advantage Evaluate and recommend new security technologies and solutions. Participate in security awareness training and initiatives. Understanding on Technology & Security Risk Management and Vendor Risk Management Framework What We’re Looking For: Qualifications: 7 to 8 years’ experience working in IT Security & GRC in multiple capacities. Bachelors in IT, Computer Science, Cyber Security, or equivalent experience required. Proven experience with DLP tools and technologies (e.g., Symantec DLP, Forcepoint DLP, Microsoft Information Protection, Zscaler etc.) and certification on these tools would be added advantage Strong understanding of IAM and PAM concepts, tools and technologies and certification on these tools would be added advantage In-depth knowledge of ISO 27001 and other relevant security standards and regulations. Certification like ISO 27001, CISA, CRISC, CISM etc. would be an added advantage. Competencies: The ability to multitask, act under pressure and quickly identify and deal with priority matters under tight deadlines. Attention to detail is essential. The ability to handle multiple inquiries at any one time, often under considerable deadline pressure. The ability to work both independently and as part of a team. Desired Skills: Excellent written and spoken English. Detail oriented with excellent research, analytical and critical thinking skills. Strong documentation, oral and written communications, and interpersonal skills. The Location: Gurgaon, India About Company Statement: OSTTRA is a market leader in derivatives post-trade processing, bringing innovation, expertise, processes and networks together to solve the post-trade challenges of global financial markets. OSTTRA operates cross-asset post-trade processing networks, providing a proven suite of Credit Risk, Trade Workflow and Optimisation services. Together these solutions streamline post-trade workflows, enabling firms to connect to counterparties and utilities, manage credit risk, reduce operational risk and optimise processing to drive post-trade efficiencies. OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20+ years: MarkitServ, Traiana, TriOptima and Reset. These businesses have an exemplary track record of developing and supporting critical market infrastructure and bring together an established community of market participants comprising all trading relationships and paradigms, connected using powerful integration and transformation capabilities. About OSTTRA Candidates should note that OSTTRA is an independent firm, jointly owned by S&P Global and CME Group. As part of the joint venture, S&P Global provides recruitment services to OSTTRA - however, successful candidates will be interviewed and directly employed by OSTTRA, joining our global team of more than 1,200 post trade experts. OSTTRA was formed in 2021 through the combination of four businesses that have been at the heart of post trade evolution and innovation for the last 20+ years: MarkitServ, Traiana, TriOptima and Reset. OSTTRA is a joint venture, owned 50/50 by S&P Global and CME Group. With an outstanding track record of developing and supporting critical market infrastructure, our combined network connects thousands of market participants to streamline end to end workflows - from trade capture at the point of execution, through portfolio optimization, to clearing and settlement. Joining the OSTTRA team is a unique opportunity to help build a bold new business with an outstanding heritage in financial technology, playing a central role in supporting global financial markets. Learn more at www.osttra.com. What’s In It For You? Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 20 - Professional (EEO-2 Job Categories-United States of America), BSMGMT203 - Entry Professional (EEO Job Group) Job ID: 313937 Posted On: 2025-04-11 Location: Gurgaon, Haryana, India

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Reinvent your world.¿We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Privilege Password Management CyberArk. Experience: 8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Hello! You've landed on this page, which means you're interested in working with us. Let's take a sneak peek at what it's like to work at Innovaccer. Engineering at Innovaccer With every line of code, we accelerate our customers' success, turning complex challenges into innovative solutions. Collaboratively, we transform each data point we gather into valuable insights for our customers. Join us and be part of a team that's turning dreams of better healthcare into reality, one line of code at a time. Together, we’re shaping the future and making a meaningful impact on the world. About The Role We at Innovaccer are looking for a Security Engineer-I who will be a part of our eyes on the glass team i.e. individual would be responsible to perform real time monitoring and analysis of the security events. This role will encompass the use of a broad range of security domains (Event Monitoring, Endpoint Security, Incident Management). This role is not a typical monitoring environment, however, would be a great opportunity to learn and grow as you would be exposed to multiple security domains at single time. A Day in the Life This role requires being available on call during weekends and off hours. Perform monitoring and incident response of cyber security events as part of a highly available Security Operation Center (SecOps) Familiarization with multi-cloud setup i.e. AWS, Azure, GCP Ability to read and interpret security related logs from disparate sources Perform real-time monitoring, vulnerability management, security incident handling, investigation, analysis, reporting and escalations of security events generated through various security solutions deployed like SIEM, IDS/IPS, FIM etc. Administration and Contribution to the configuration and maintenance of security solutions such as XDR, Data Leak Prevention, Host Intrusion Detection Systems (HIDS), Network Intrusion Detection Systems (NIDS), and Security Information and Event Management (SIEM). Integration of devices like Linux and Windows machines, Antivirus, Firewalls, IDS/IPS, Web Servers etc. Triage, Investigate, document, and report on information security events. Develop and follow detailed operational processes, procedures and playbooks to appropriately analyze, escalate and assist in the remediation of information security related incidents Understanding of TCP/IP, IPSEC, Syslog and other network protocols Work closely with DevOps, SRE, Engineering, Product departments to remediate security related issues and incidents Good to have Scripting & Automation skills CEH, AWS Cloud Practitioner, AZ-900 or similar certification is desirable What You Need Bachelor’s degree in Information Technology, Computer Science Engineering preferred Minimum of 2 to 5 years of prior experience as a Security Analyst Prior experience with core security technologies (SIEM, Firewalls, IDS/IPS, AV, DLP etc.). Understanding of NIST & CIS Benchmarks, OWASP Top 10 & SANS Top 25 Strong understanding of TCP/IP Protocols, network analysis, security applications and devices, vulnerability management, and standard Internet protocols and applications. Experience in one or more security information and event monitoring tools (SIEM). Familiar with AWS Security Hub, Azure Security Center, AWS S3, AWS Inspector, Azure Security Center, EKS, ECS, AKS, etc. Familiar with Amazon AWS/Microsoft Azure services as an IaaS/PaaS containers (Dockers/Kubernetes) Able to work independently, being a team player, ability to work well under pressure Able to multi-task, prioritize, and manage time effectively Collaborates effectively and communicates efficiently Proficient in open source tools & technologies Work in a 24x7 environment and willing to work in all shifts. Ready to take up more responsibilities along-with existing role Capable to understand tools & their backend logic and be open to work with open source solutions We offer competitive benefits to set you up for success in and outside of work. Here’s What We Offer Generous Leave Benefits: Enjoy generous leave benefits of up to 40 days. Parental Leave: Experience one of the industry's best parental leave policies to spend time with your new addition. Sabbatical Leave Policy: Want to focus on skill development, pursue an academic career, or just take a break? We've got you covered. Health Insurance: We offer health benefits and insurance to you and your family for medically related expenses related to illness, disease, or injury. Pet-Friendly Office*: Spend more time with your treasured friends, even when you're away from home. Bring your furry friends with you to the office and let your colleagues become their friends, too. *Noida office only Creche Facility for children*: Say goodbye to worries and hello to a convenient and reliable creche facility that puts your child's well-being first. *India offices Where and how we work Our Noida office is situated in a posh techspace, equipped with various amenities to support our work environment. Here, we follow a five-day work schedule, allowing us to efficiently carry out our tasks and collaborate effectively within our team. Innovaccer is an equal-opportunity employer. We celebrate diversity, and we are committed to fostering an inclusive and diverse workplace where all employees, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, or veteran status, feel valued and empowered. Disclaimer: Innovaccer does not charge fees or require payment from individuals or agencies for securing employment with us. We do not guarantee job spots or engage in any financial transactions related to employment. If you encounter any posts or requests asking for payment or personal information, we strongly advise you to report them immediately to our HR department at px@innovaccer.com. Additionally, please exercise caution and verify the authenticity of any requests before disclosing personal and confidential information, including bank account details.

Location: Anywhere in India(Hybrid) Salary: Maximum 14LPA only Experience Level: 6 to 10 years Job Summary: We are seeking an experienced Service Management Specialist with strong expertise in device management to join our IT team. The ideal candidate will be responsible for managing the complete lifecycle of organizational devices, ensuring compliance, performance, and high end-user satisfaction. The role requires hands-on experience with Microsoft Intune , in-depth knowledge of service management frameworks (e.g., ITIL), and a passion for process improvement. Key Responsibilities: Design, implement, and optimize device management processes and policies. Manage the end-to-end lifecycle of devices – procurement, configuration, deployment, maintenance, and retirement. Ensure all devices comply with organizational security and usage policies. Monitor performance, patch levels, and software updates across all endpoints. Collaborate with IT teams to resolve incidents and problems related to device management. Apply ITIL best practices for efficient incident, change, and asset management. Conduct audits and compliance reviews regularly, driving continuous improvement. Train end-users on device management tools, policies, and best practices. Maintain detailed documentation of device management procedures. Stay current with the latest trends, tools, and best practices in endpoint management. Required Qualifications: Bachelor’s degree in Information Technology, Computer Science, or related field. 5+ years of experience in device management or endpoint administration. Expertise in Microsoft Intune – must-have . Familiarity with other UEM tools such as VMware Workspace ONE , JAMF, or SCCM – nice to have . ITIL Foundation Certification (v3 or v4) required; higher certifications are a plus. Strong problem-solving skills and the ability to work collaboratively with technical teams. Experience in device auditing, reporting, and policy compliance. Preferred Skills: Experience managing mobile devices, Windows, macOS, and BYOD environments. Understanding of automation in device provisioning and patch management. Knowledge of compliance frameworks like ISO 27001, NIST, or CIS benchmarks. Support experience in hybrid or remote work environments. Show more Show less

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities for Internal Candidates • Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery • Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. • Perform business process walkthrough and controls testing for IT Audits. • Performing planning and executing audits, including - SOX, Internal Audits, External Audits • Conducting controls assessment in manual/ automated environment • Prepare/Review of Policies, Procedures, SOPs • Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. • Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. • Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. • Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Qualifications for Internal Candidates • 7 years of exp in IT Audit + SAP experience with knowledge of IT governance practices • Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits • Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) • Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology • Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage • Exposure to ERP systems will be added advantage • Strong project management, communication (written and verbal) and presentation skills • Knowledge of security measures and auditing practices within various applications, operating systems, and databases. • Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism • Preferred Certifications – CISA/CISSP//CISM • Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage • Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities for Internal Candidates • Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery • Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. • Perform business process walkthrough and controls testing for IT Audits. • Performing planning and executing audits, including - SOX, Internal Audits, External Audits • Conducting controls assessment in manual/ automated environment • Prepare/Review of Policies, Procedures, SOPs • Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. • Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed. • Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. • Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Qualifications for Internal Candidates • IT Audit + SAP experience with knowledge of IT governance practices • Prior IT Audit knowledge in areas of ITGC, ITAC (application/automated controls) SOX 404, SOC-1 and SOC-2 Audits • Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g. NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) • Technical Knowledge of IT Audit Tools with excellent knowledge of IT Audit process and methodology • Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage • Exposure to ERP systems will be added advantage • Strong project management, communication (written and verbal) and presentation skills • Knowledge of security measures and auditing practices within various applications, operating systems, and databases. • Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism • Preferred Certifications – CISA/CISSP//CISM • Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage • Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information: KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

The Team: Digital Solutions (DS) is an enterprise-shared technology service enabling people, functions, and divisions. We drive S&P Global to Power the Markets of the Future by working as trusted partners delivering secure, scalable, resilient, and innovative services and solutions that enable seamless experiences for our people and customers. The Impact: This role rolls up to the Head of Technology Risk and Governance, in the Global Digital Technology Organization . The Head of Technology Risk and Governance drives the Digital Solutions technology risk and governance strategy, partnering with the second line of defense in Information Security, Digital Technology Services, and Corporate Platforms, as well as with Enterprise Risk and Compliance, and Audit. Responsibilities and Impact: This role belongs to First Line of Defense. Support in defining a comprehensive risk inventory, focusing on granular-level risks. Support in development of detailed controls inventory for various technology processes based on various industry frameworks (COBIT, ITIL, ISO, NIST) and DS Technology Standards. Perform self-QA over the controls inventory to ensure key risks and controls are covered. Support in implementation of the Governance, Risk, and Compliance (GRC) tool, focusing on the technology aspects. Support in development of Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) Establish and manage thresholds for risk indicators Coordinate with key stakeholders to ensure alignment and effective communication Develop and operationalize risk scorecards to track and report on risk metrics. Aggregate risk data to provide a holistic view of organizational risk Support in preparing and delivering comprehensive risk reports to measure performance against the organization's Risk Appetite. Prepare presentations for the Management reporting (requires very good PowerPoint presentation skills) Basic Required Qualifications: Bachelor's Degree in a relevant field such as Engineering, Business, or Information Technology. 5+ years of experience in technology risk management and internal controls implementation, including both building and operating a function. Proven ability to convey complex risk topics to varied audiences, including executive leadership and technical teams. Successful track record in a global environment, with strong relationship-building and communication skills. Exceptional analytical skills and problem-solving abilities, with experience in high-pressure environments. Additional Preferred Qualifications: 5+ years of experience in a large global organization in a technology risk function. Master of Business Administration or equivalent advanced degree preferred but not required.

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. Job Category Enterprise Technology & Infrastructure Job Details About Salesforce We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place. Job functions Salesforce security and compliance expert for customers and prospects Understand our business and the problems we are trying to solve, deeply, when it comes to our core security services Support the sales and pre-sales teams in responding to customer risk and security questionnaires and queries Build customer trust through managing and hosting in-person customer/prospect security meetings Be the Salesforce field expert for the Salesforce trust story covering security, architecture, reliability, performance, privacy and compliance. Interface with Product Management and Security teams to ensure all the latest security features and capabilities are properly represented in customer responses Collaborate with the Salesforce Legal, Privacy and other teams on customer-specific contract requirements Interface to Salesforce security engineering and product management teams Ensure teams are aware of gaps in our security/compliance capabilities that are impacting customers and prospects Ensure field sales, services and partner teams are consistently enabled with the latest and best positioning around Salesforce security and compliance Gather customer security/compliance requests, and liaison with Salesforce product managers to maintain a security product roadmap Provide input and assist in developing compliance-related documentation: white papers, standard questionnaires, security best practices, etc. Develop SME capabilities for selected Salesforce Services and work with the product teams and global SMEs within the team to stay updated on the latest developments. Support drafting white papers and security collateral Desired Qualifications Bachelor's degree with 6+ years of experience in information security, governance, and compliance Experience with cloud platforms like AWS, GCP, Azure. Understanding the architectural and security nuances. Excellent cross-functional collaboration and communication skills across product, security, Marketing, Field Sales, and more. Excellent communication and presentation skills Desired Skills And Experience Familiarity with one or more security and regulatory frameworks: NIST 800-53, NIST Cybersecurity Framework, PCI-DSS, ISO 27001, ISO 27017, ISO 27018, CSA, Monetary Authority of Singapore (MAS) Outsourcing Guidelines and TRM, Personal Data Protection laws in Singapore, Malaysia, Thailand, Indonesia, Vietnam etc, BNM Outsourcing guidelines and Risk Management in IT (RMiT) etc. Managed one or more compliance certifications/audits, either as an auditor or responder ( PCI-DSS, ISO27001, SOC-1/2, IRAP/ISMS, MTCS, etc.) Experience with completing customer security/compliance questionnaires Familiarity with Data Protection Laws in Australia Experience interpreting the intent of specific customer questions, and mapping them to industry standard controls Familiarity with public cloud architectures, security practices and compliance documentation Experience working in the Financial Services, Insurance, Banking, Superannuation, Telecommunication services industry Strong team player About Salesforce Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work for six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us! Accommodations If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form. Posting Statement Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education. Show more Show less

About the Role: Grade Level (for internal use): 10 The Team: The Customer Experience, a new shared capability within Market Intelligence, partners closely with the Sales organization to deliver a differentiated customer experience. This group enables our sales team and businesses by overseeing customer success, sales operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowers accelerated growth and delivery by putting the customer at the core of everything we do driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team is part of the broader commercial solutions. An enabling function to assist with due diligence questionnaires, risk assessments, audits, and other customer inquiries. Our goal is to enable new revenue generation via RFX & deliver superior customer satisfaction by providing high-quality proposals & relevant information during pre/post-sales. We serve a vast array of clients across geographies and are committed to the client-first mindset. Responsibilities and Impact: This position within the Proposal & Assessment Team is integral to supporting Market Intelligence commercial teams in responding to the growing volume of client audits and inquiries. The person will collaborate closely with product, risk, compliance, legal, and functional teams, to ensure client requirements are met effectively. Responding/Managing client audits and risk assessments from end to end, maintaining awareness of internal controls and audit trends to uphold the efficacy of the audit process. Serving as the primary point of contact for our top customers, assisting them in meeting their vendor management requirements. Cultivating partnerships and closely collaborating with corporate and divisional groups to seek information and influence approaches and outcomes. Developing familiarity with Market Intelligence's audit processes and the company's cyber security policies, standards, processes, and controls. Tracking assessment and audit outcomes, management responses to address findings, and follow-up activities, and producing reports for executives and management. Undertaking additional tasks and responsibilities as directed by the team manager, while continuously enhancing the overall process to align with evolving industry standards. What W ere L ooking F or : Bachelor's degree in a related field, or equivalent professional experience in Third-Party Risk Management (TPRM), Audit, and Risk. 6-7+ years of relevant experience in conducting audits or responding to audits, within a SaaS-related business environment. Demonstrated understanding of client-initiated audits and organizational controls. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record of building strong relationships resulting in successful outcomes. Ability to collaborate effectively with a global team spanning multiple time zones. Competencies : Exceptional communication and interpersonal skills, adept at engaging and influencing stakeholders across all levels. Demonstrated flexibility and negotiation prowess to achieve optimal outcomes. Proficient in efficiently managing multiple concurrent projects, with a keen ability to adapt as priorities evolve. Exhibits creativity and perseverance in devising solutions. Possesses strong analytical and problem-solving capabilities, proficient in assessing complex information and formulating actionable strategies. Fosters robust working relationships with internal colleagues, facilitating collaboration and synergy within teams.

Apply Before:20/05/2025 Position: CloudOps (Cloud + DevOps) Engineer Location: Viman Nagar, Pune Work Model: Fully Onsite (Work from Office) Experience: Freshers & Experienced Candidates Welcome CTC: Freshers – ₹3.2 LPA, Experienced – Hike on Last Drawn Salary Job Description Strong background in Linux/Unix Administration Experience with automation/configuration management using either Jenkin, Puppet, Chef or an equivalent Ability to use a wide variety of open-source technologies and cloud services (experience with AWS/VMware/Azure/GCP is required) Strong experience with SQL and MySQL (NoSQL experience is a plus, too, since we also use Redis) A working understanding of code and script (PHP, Python, Perl and/or Ruby) Knowledge of best practices and IT operations in an always-up, always-available service. Implement integrations requested by customers. Deploy updates and fixes Provide Level 2 technical support. Build tools to reduce occurrences of errors and improve customer experience. Perform root cause analysis for production errors Investigate and resolve technical issues Develop scripts to automate visualization Design procedures for system troubleshooting and maintenance. Experience in CI/CD tools like ansible, Jenkins, git, Terraform etc. Experience in cloud formation Good understanding about IaaS, SaaS and PaaS. Understands and preferable if working on NFV Technologies. Identify improvements, develop infrastructure services and automate manual work. Understanding of OWASP Experience on different Threat Modelling Methodology (STRIDE, PASTA, NIST, SAST) Tracking and detecting new vulnerabilities and their remediation. Understanding and turning feedback from security analysis tools into infrastructure improvements Hands on experience with Docker & Kubernetes. Creating secure container images Implementing Container Network security Automation of security testing Hands-on experience on Container Security tools including scanning the containers, scanning the registry, runtime monitoring of containers and container orchestration environments. Skills & Education Bachelor’s Degree or MS in Engineering or equivalent Experience in managing Linux based infrastructure Hands-on experience at least in one scripting language Hands-on experience with databases including PSQL, MySQL, Mongo & Elasticsearch. Knowledge of Java/JVM based languages Sense of ownership and pride in your performance and its impact on company’s success Critical thinker and problem-solving skills Team player Good time-management skills Interpersonal and communication skills Mandatory AWS Certification, VMware, Azure and GCP cloud Hands on experience knowledge.We are no longer accepting applications for this ad. Contact us for more details. Share: Admin@Radicals Previous post Job Opening for IT Support Executive (Job Code RT 1432). June 5, 2025 Next post Job Opening for Python Chatbot Development Intern (Job Code RT 1434). June 5, 2025 Show more Show less

Job Description Project Description: DevOps Engineer to support and maintain the TCS BanCS GSP product deployed on-premise. This role will primarily focus on supporting the TCS BanCS product suite that is hosted on JBOSS, Tomcat, PostgreSQL, and Apache HTTP Server. You need to have strong expertise in DevOps practices, systems administration, and application support, with a focus on ensuring high availability, performance, and security of the platform. Responsibilities: Deployment and Automation: Manage and deploy the TCS BanCS GSP product on Tomcat/JBOSS application server, PostgreSQL database, and Apache HTTP server. Work on the continuous integration/continuous deployment (CI/CD) pipeline for TCS BanCS GSP product. Automate deployment and monitoring tasks using industry-standard tools like Jenkins, Ansible, or similar. Ensure automated, smooth, and efficient updates and upgrades for the BanCS GSP infrastructure, On-premise / Cloud. Infrastructure Management: Oversee provisioning, configuration, and management of servers (on-prem or cloud) to support BanCS GSP product environments. Maintain configuration management tools, such as Puppet, Chef, or Terraform. Monitoring and Incident Management: Monitor the health and performance of the BanCS GSP system and associated services (JBOSS, PostgreSQL, Apache HTTP). Troubleshoot and resolve issues related to JBOSS, PostgreSQL, Apache HTTP Server, and other components of the infrastructure. Security and Compliance: Assist in implementing security best practices and ensure compliance with Banks Security standards for the BanCS GSP product. Apply patches, updates, and security fixes for JBOSS, PostgreSQL, and Apache HTTP Server to ensure the system is secure and up to date. Mandatory Skills Description: Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent work experience). Proven experience (5+ years) in a DevOps, Systems Administrator, or similar role, preferably supporting enterprise applications. Strong hands-on experience with JBOSS Application Server, PostgreSQL Database, and Apache HTTP Server. Proficient in Redhat Linux/Unix scripting. Experience with configuration management and automation tools (e.g., Ansible, Puppet, Chef). Familiarity with CI/CD pipelines, version control systems like Git, and Jenkins. Knowledge of Docker and container orchestration tools like Kubernetes (desirable). Strong troubleshooting and problem-solving skills. Excellent communication skills, both written and verbal, to interact with cross-functional teams and stakeholders. Preferred Skills: - Experience with TCS BanCS GSP (First Choice) or similar Custody/Security services products. - Knowledge of ITIL and Agile methodologies. - Familiarity with security frameworks like CIS, NIST, or ISO 27001. Show more Show less

We are looking for a highly skilled and experienced Senior VAPT Engineer to lead and conduct comprehensive vulnerability assessments and penetration tests across applications, networks, and systems. The ideal candidate will be responsible for identifying security risks, reporting vulnerabilities, and providing mitigation strategies to ensure enterprise-wide cybersecurity. 🛠️ Key Responsibilities: Conduct vulnerability assessments and penetration testing for networks, web/mobile applications, APIs, and cloud infrastructure Perform manual and automated testing using industry-standard tools (e.g., Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, etc.) Identify, exploit, and document security flaws, misconfigurations, and weaknesses Prepare detailed assessment reports with technical findings, risk ratings, and remediation recommendations Collaborate with development, network, and infrastructure teams to guide and verify remediation efforts Stay updated on the latest security threats, attack vectors, and tools Contribute to the development and improvement of internal VAPT methodologies and checklists Ensure compliance with industry standards and frameworks (OWASP, ISO 27001, NIST, etc.) ✅ Requirements: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field 4–7 years of experience in VAPT or ethical hacking Strong knowledge of OWASP Top 10, CVSS scoring, MITRE ATT&CK framework Experience with tools like Burp Suite Pro, Nessus, Acunetix, Wireshark, and scripting (Python, Bash, etc.) Familiarity with cloud environments (AWS, Azure, GCP) and container security (Docker/Kubernetes) is a plus CEH, OSCP, or other cybersecurity certifications preferred Excellent analytical and report writing skills Show more Show less

Line of Service Advisory Industry/Sector Not Applicable Specialism Operations Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. JOB DESCRIPTION Network Security, Cloud Security, ITGC Reviews , Compliance Reviews, ISO Risk Consulting Purpose of the Job /Role Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Responsibilities : Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Mandatory Skill- Strategy and Governance Preferred Skill - Cyber Strategy Years of Experience Required: 7- 10 years Education Qualification: Minimum Qualification: BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills - both written and oral Certifications: CISA/CISM/ISO will be added advantage Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Strategy Plan Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage {+ 13 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

We are seeking a Specialist, Control Tester to join our newly established Centralized 1LoD Control Testing function (1LoD Control Testing). This 1LOD Testing team aims to standardize and enhance our control testing practices across all Business Units and Corporate Functions. As a key member of this team, you will play a pivotal role in supporting risk management activities across the organization. This includes the opportunity to be immersed across multiple operational and compliance areas, with opportunities to specialize in specific areas of interest. This role will operate under general supervision; however, will primarily work independently to actively execute control test plans and support Testers within the team with their respective execution. Regular activities include a risk-based control review, effective test execution, and an in-depth analysis of control test results to identify key trends and solutions. Major Duties: Leads controls testing execution including walkthroughs, design, and operating effectiveness testing. Performs quality review over testing workpapers (produced by other testers) to ensure execution and documentation meet First Line of Defense Control Testing Methodology and testing quality expectations. Lead representative to ensure relevant stakeholders are appropriately engaged in all critical testing phases. Provides support to Tester(s) to ensure testing is being performed effectively and efficiently. Responsible for monitoring all testing phases including escalation of significant deficiencies and/or testing delays. Compile, manage, submit and socialize required monthly, quarterly or annual reporting including test results, dashboards and/or testing issue remediation status. Responsible for assisting in the identification and escalation of follow-ups and potential deficiencies. Work closely with the business partners to obtain issue remediation action plans, track and report status of remediation actions, including maintaining dialogue with the business to ensure timely remediation of issues. Assist with control projects, operational and/or corporate risk initiatives, where directed. Skills & Experience: 14+ years of risk and control experience Experience managing teams across multiple jurisdictions Bachelor’s degree in computer science, information technology, IT/Cyber security, and/or risk management Current working knowledge of risks related to information technology, cyber security, IT General Controls (ITGCs), application controls, IT platforms and related technologies. Strong understanding of IT risk frameworks (ITIL, COSO, COBIT, NIST, ISO, etc) and Technology testing methodologies Understanding of assurance-based activities including Technology controls monitoring and compliance testing Professional certifications a plus (e.g., CISA, CRISC, CISM, CISSP) Shift Coverage: EMEA - 3:30PM to 12:30AM IST Show more Show less

We are looking for a highly skilled and motivated Senior DevOps Engineer to join our growing team. This individual will play a critical role in building and maintaining our CI/CD pipelines, cloud infrastructure, and security automation. The ideal candidate brings hands-on expertise in both AWS and GCP environments, infrastructure-as-code with Terraform, and modern container orchestration technologies. Responsibilities: -Design, implement, and manage cloud infrastructure across AWS and GCP using Terraform -Deploy and maintain Kubernetes clusters and manage workloads using Helm/ArgoCD -Build and enhance secure, scalable CI/CD pipelines using GitHub Actions, Jenkins, GitLab CI, and ArgoCD -Implement best practices in containerization using Docker, including image hardening and container runtime security -Integrate quality gates in CI/CD including automated testing, code coverage, and SonarQube configuration -Ensure secure CI/CD processes and apply container security standards -Collaborate with development, QA, and security teams to streamline DevSecOps culture -Contribute to system architecture, monitoring, and observability practices -Participate in incident response and root cause analysis Must-Have Skills: -5+ years of experience in DevOps/SRE roles -Proficiency in AWS and Google Cloud Platform (GCP) -Strong hands-on experience with Terraform and Infrastructure as Code (IaC) -Solid experience with Kubernetes, Docker, Helm -CI/CD tools expertise: Jenkins, GitLab CI, GitHub Actions, ArgoCD -Experience with SonarQube and integrating static code analysis into pipelines -Familiarity with secure software development practices, including container and pipeline security -Strong knowledge of scripting in Python, Go, or Bash -Excellent communication and presentation skills, both written and verbal Good to Have: -Industry certifications (AWS/GCP Certified DevOps Engineer or similar) -Understanding of compliance frameworks such as ISO 27001, CIS Benchmarks, and NIST -Experience with monitoring tools (Prometheus, Grafana), and logging (ELK, Loki) Soft Skills: -Strong problem-solving abilities and troubleshooting mindset -Ability to mentor junior engineers and lead technical discussions -Comfortable presenting technical concepts to both technical and non-technical audiences Harmony Benefits: -Gym Membership Benefit in partnership with Pro Ultimate Fitness Gym. -Life Event Policy – INR 10,000 as Token for special occasion like Marriage and Child Birth. -Health Insurance for Self and Dependents (Spouse and Kids) with sum assured INR 5,00,000. -Employee of the quarter Rewards (3-5 employees per month) – INR 3000 Amazon Voucher -Certification & Training Policy – Support & Reimbursement for Certification and Trainings. -Monthly Sports Engagement – Cricket & Football -Team Parties – BI Monthly Team party with Lunch/Dinner -Yearly Department Heads Dinner with Family. -Emergency Medical Leaves in case of Medical emergencies in family. -Festivals Celebrations -Employees Birthday & Anniversary Celebrations Location: Mohali, Punjab Share your CV at careers@harmonydi.com or hr@harmonydi.com Show more Show less

About Asite Asite’s vision is to connect people and help the world build better. Asite’s platform enables organizations working on large capital projects to come together, plan, design, and build with seamless information sharing across the entire supply chain. Asite SCM is our supply chain management solution, which helps owners and Tier-1 contractors to integrate and manage their extended supply chain for delivering on capital projects. Asite PPM is our project portfolio management solution, which gives you and your extended supply chain shared visibility of your capital projects through one common data environment. Together they enable organizations to build digital engineering teams that can deliver digital twins and just plain build better. The company is headquartered in UK (London) and has regional offices in US (New York and Houston), UAE (Dubai), Australia (Sydney), China (Hong Kong) and India (Ahmedabad). Job Summary: We are seeking a Junior Penetration Tester to join our team of security professionals. As a junior penetration tester, you will be responsible for conducting comprehensive vulnerability scans – infrastructure and code – basic penetration testing on web applications, mobile and desktop apps, APIs, infrastructure, and other systems. You’ll also be learning on the job from the rest of the security team and support not only the Senior/Lead Penetration Tester but also the Information Security Officers of the regions and the CISO. You will learn about threat modeling, automation of the testing, and advanced techniques to identify vulnerabilities and learn how provide actionable recommendations to improve the overall security posture of Asite SDLC, systems, Partners nad Clients. You will manage a small number of Applications and processes that you also must mentor and guide in the best practices and help grow the Trainees of the Team. You must have a passion for knowledge sharing and continuous learning. You are willing to undergo background checks and Security Clearance. Key Responsibilities: Conduct risk assessments and vulnerability scanning of web applications, mobile and desktop apps, APIs, infrastructure, and other systems Identify and exploit vulnerabilities using various penetration testing tools, techniques, and methodologies – PTES, NIST 800-115, OWASP Develop and maintain comprehensive documentation and understanding of systems, including architecture, design patterns, and application logic Learn to design and implement effective threat models to identify potential entry points for attackers using STRIDE and OWASP ASVS Automate testing using tools and integrating them such as vulnerability scanners, SAST, DAST, SCA and other relevant technologies. Collaborate with external penetration testing companies and clients to digest and review the risk of reports back to clients within their security requirements, provide recommendations to implement fixes to address identified vulnerabilities to internal stakeholders Stay up to date with the latest threats, vulnerabilities, red teaming, and penetration testing techniques through ongoing training and professional development Support the mentoring of a team of interns. Requirements: Up to 2 years of experience in penetration testing, with a strong focus on web applications, mobile and desktop apps, APIs, and infrastructure testing. Willing to undergo background checks and security clearance. Good level of Indi and English both spoken or written to a bilingual or at least Professional level, other languages at a bilingual/Professional level such as Arabic, Mandarin, French or German highly preferred. Experience with cloud-based infrastructure and services - AWS, Azure, Google Cloud – containers, k8s and virtual machines or willingness to learn Gain expertise in threat modeling, automation of testing, and advanced techniques (e.g., exploit development, reverse engineering) Knowledge of web application security frameworks, such as OWASP a big plus. Familiarity with mobile app security testing tools and techniques Experience with desktop application security testing. Basic level of understanding of API security testing, including protocol analysis and exploitation Good networking fundamentals, including TCP/IP, DNS, DHCP, etc. Proficiency in scripting languages, such as Python, Ruby, PowerShell a big plus. Experience with agile development methodologies and collaboration tools like JIRA and their integrations is a great to have Excellent communication, problem-solving, and analytical skills Nice to Have: Familiarity with DevOps practices and security orchestration, automation, and monitoring (SOAM) tools Knowledge of containerization technologies (e.g., Docker) and container-based vulnerability testing Knowledge of machine learning models and associated security issues at the implementation and bypassing security restrictions. Show more Show less

Position: Infosec Analyst – Audit & Compliance ( Lead or AM ) Key Responsibility Areas (KRA): Regulatory Compliance & Governance: Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, HIPAA, and enforce security policies. Audit & Risk Management: Lead internal/external audits, manage compliance assessments, and drive risk mitigation. Incident Response & Compliance Monitoring: Work with Security Operations to monitor incidents, ensure compliance, and support investigations. Security Awareness & Training: Develop and implement training programs to strengthen cybersecurity culture. Vendor & Third-Party Security: Assess vendor security risks, ensure contract compliance, and enforce security standards. Business Continuity & Disaster Recovery (BCDR): Support security-related aspects of BCDR, ensuring compliance with recovery objectives. Critical Coordination & Availability: Be available during US business hours for audits, compliance discussions, and security escalations. Roles & Responsibilities: Lead security audits, compliance initiatives, and regulatory assessments. Maintain security policies, documentation, and reporting for compliance readiness. Serve as the primary contact for auditors, legal teams, and regulatory bodies. Oversee remediation efforts for vulnerabilities and drive timely risk mitigation. Monitor security controls, drive continuous improvement, and align compliance with business objectives. Support security incidents and investigations related to compliance risks. Ensure availability for critical discussions, escalations, and audits during US hours. Show more Show less

Vice President - Cyber Security Operations Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: Service Delivery Management: Oversee the end-to-end delivery of Managed XDR, Attack Surface Reduction, and Advisory services to clients, ensuring high-quality outcomes and client satisfaction. SOC Operations Leadership: Lead and manage Security Operations Center (SOC) operations, ensuring effective monitoring, incident management, and response processes are in place. Incident & Escalation Management: Take responsibility for escalations arising from security event monitoring, incident management, and response. Ensure timely resolution and process improvements. SLA & Process Compliance: Ensure that service level agreements (SLAs) are met, while also driving process adherence, continuous improvements, and operational excellence. Governance & Metrics: Establish and refine operational foundations, defining key metrics and KPIs to drive governance, quality, and efficiency. Influence operational change to improve performance. Threat Management & Detection: Lead efforts in threat management, modeling, and hunting. Identify threat vectors and develop use cases and detection rules to enhance security monitoring capabilities. Team Training & Development: Ensure that the team’s skill development and training needs are adequately addressed to maintain cutting-edge security expertise. Cybersecurity Maturity & Resilience: Assist clients in identifying potential threats, vulnerabilities, and deficiencies, advising on measures to enhance their cybersecurity maturity and resilience. Solution Design & Communication: Evaluate client needs, create tailored security solutions, and effectively communicate the value proposition of complex security concepts to both technical and non-technical stakeholders. Security Assessments: Plan and execute IT security assessments of on-premise/cloud IT assets. Understand organizational objectives, policies, and regulations to identify risk areas and prepare comprehensive review programs. Stakeholder Communication: Possess strong communication skills to engage with senior management, board members, technical teams, and key client stakeholders to convey complex security concepts effectively. Sales & Proposal Support: Contribute to sales pursuits, proposals, and the development of security practice eminence. Drive business growth through strategic client relationships. Project Delivery: Lead and deliver complex security projects in a fast-paced, team-driven environment. Knowledge Sharing & Collaboration: Foster a collaborative environment by promoting and participating in forums that enhance the firm’s collective knowledge and assist clients with complex challenges. Enterprise Security Leadership: Provide leadership and strategic direction to the organization’s information security initiatives. Cybersecurity Strategy & Technology Update: Regularly update and refine the cybersecurity strategy to incorporate new technologies and emerging threat information. Client Relationship Management: Establish and maintain strong client relationships to further expand the service portfolio and ensure long-term client success. Job specifications: 1. Qualification: A bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, or Information Technology) and a minimum of 15 years of relevant work experience. Certifications Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA). Cloud security certifications from major Cloud Service Providers (AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP) / Certificate of Cloud Security Knowledge (CCSK). 2. Desired Skills: Desired Skills & Experience : SOC Expertise: Strong understanding of SOC operations, design, and management. Experience with domain administration, network architecture, and change control procedures. Risk Management Knowledge: Familiarity with IT risk management standards and frameworks, including ISO 31000, NIST Cybersecurity Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, and HITRUST. Networking & Security Technologies: Knowledge of networking (TCP/IP, OSI model), operating systems (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS), and programming languages (C, Java, Perl, Shell). Threat Landscape Awareness: In-depth understanding of cyber-attacks, threat vectors, risk management, and incident response. Security Solutions Proficiency: Hands-on experience with MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other security technologies. Penetration Testing Tools: Familiarity with penetration testing and application security tools (Kali Linux, Metasploit, Burp Suite, Nessus, NMAP). Security Frameworks & Methodologies: Understanding of OWASP, the MITRE Attack Framework, Cyber Kill Chain, and the SDLC (Software Development Lifecycle). Cloud Security Expertise: Advanced knowledge of cloud security practices and implementations. Vendor/Partner & Client Management: Strong experience in vendor/partner management, client management, and the ability to lead client relationships effectively. Offerings Development: Ability to research and develop innovative security risk-based offerings that meet client needs. Shaping Client Expectations: Expertise in managing and shaping client expectations throughout engagement cycles. #CybersecurityLeadership #VPOfOperations #SecurityOperations #CyberOpsLeadership #OperationsLeadership #CybersecurityVP #SecurityOps #CybersecurityExec #TechOperations #InfoSecLeadership #VPJobs #LeadershipHiring #CybersecurityCareers #OperationsExcellence #SecurityLeadershipRoles #HyderabadJobs #HyderabadHiring #HyderabadCareers #HyderabadTech #HyderabadVP #HyderabadOperations Show more Show less