About Us We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead. Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today! Job Title Security Analyst Reports to Sr. Manager Job Purpose As a Security Analyst , you will be a key member of our Global Cybersecurity Team, helping to strengthen Copeland’s cybersecurity posture. This role involves monitoring tools and dashboards, identifying and mitigating security vulnerabilities, and collaborating with teams to address risks effectively. You will also contribute to continuously improving our vulnerability management processes and play an active role in ensuring our IT systems remain secure. Key Responsibilities Monitor security tools and dashboards to identify vulnerabilities, assess risks, and propose compensating controls to reduce threats. Communicate findings to appropriate teams and track vulnerabilities through resolution. Create detailed vulnerability reports for technical teams and summary reports for management. Collaborate with IT and development teams to prioritize and remediate vulnerabilities. Maintain an up-to-date database of vulnerabilities, including their status and remediation progress. Contribute to the development and improvement of vulnerability management processes and tools. Duties And Responsibilities Support product security programs, projects, and initiatives to align with organizational security objectives. Lead small to medium-scale security initiatives, ensuring timely and successful execution. Collaborate with business units and engineering teams to implement security policies, establish sustainable processes, and enhance compliance while reducing risk. Identify and address gaps within the cybersecurity program, applying your expertise to strengthen the organization’s security posture. Conduct security scans, validate vulnerabilities through penetration testing, and retest fixes to ensure effectiveness. Recommend and participate in initiatives to prevent repeated vulnerability findings. Provide support for cybersecurity projects, technical discussions, and collaborative meetings. Respond to and assist in resolving outputs from security tools and engagement activities. Qualifications Bachelor’s degree in Engineering, Computer Science, or related discipline 3+ years of experience in vulnerability assessment, penetration testing, or cybersecurity. Hands-on experience with vulnerability scanning tools and remediation processes. Knowledge of networking, operating systems (Windows, Linux), and application security. Some experience with programming or scripting and familiarity with DevSecOps practices. Experience with vulnerability frameworks (NIST, CVSS, etc.) Proficient in MS Office (Word, Excel, PowerPoint, etc.) Strong communication skills, with the ability to deliver clear oral, written, and visual presentations. Strong organizational skills, with the ability to plan, prioritize, and align tasks effectively. Customer-focused mindset with a strong eagerness to learn and grow. SANS GIAC, Network+, Security+ or other industry certifications preferred Key Competencies Customer Focus, Tech Savvy, Action Oriented, Collaborates, Communicates Effectively, Instills Trust, Being Resilient Our Commitment to Our People Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That’s why everything we do is geared toward a sustainable future—for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial. Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally. Flexible and competitive benefits plans offer the right options to meet your individual/family needs. We provide employees with flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave. Together, we have the opportunity – and the power – to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team! Our Commitment to Diversity, Equity & Inclusion At Copeland, we believe having a diverse, equitable and inclusive environment is critical to our success. We are committed to creating a culture where every employee feels welcomed, heard, respected, and valued for their experiences, ideas, perspectives and expertise. Ultimately, our diverse and inclusive culture is the key to driving industry-leading innovation, better serving our customers and making a positive impact in the communities where we live. Equal Opportunity Employer Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. Show more Show less

Good understanding of Windows operating systems and administration. Good understanding of Linux operating systems and administration. Experience with Windows patch management tools such as Windows Server Update Services (WSUS) and System Centre Configuration Manager (SCCM) Experience for testing and deploying patches in a production environment. Knowledge in scripting languages such as PowerShell or Python to patch management, and other routine tasks. Ability to analyse and correlate security logs and events to identify potential security incidents Ability to work effectively with cross-functional teams, including IT, development, and management. Familiarity with industry standards and frameworks such as CIS benchmarks, NIST, or ISO 27001 as well as ITIL processes Qualification & Experience University Graduate/Master degree Good MS Office knowledge specifically MS Excel & Power Point (mandatory) Prior experience in managing Incidents and Service Requests in an IT service provider environment Ability to interact with the IT Managers, Service Desks and Service Providers in the Region on own initiative as well as escalation of topics when necessary Relevant certifications such as Microsoft Certified: Windows Server Administration, or similar credentials beneficial Excellent written and spoken English (mandatory) Basic knowledge of German helpful but not essential ITIL Foundation certification (preferred) Good Analytical skills to evaluate and deep dive into issues and incidents Experience in Linux and Windows server administration About Allianz Technology Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry. We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. D&I statement Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life. Join us. Let´s care for tomorrow. Show more Show less

Job Location : Mumbai Technology / Role / Department Technology Assurance Department Key Roles and Responsibilities Facilitate information security governance for each individual BSG towers (Regular cadence to ensure observations are tracked to closure) Oversee information security audits and assessments for BDTS initiated by Bank’s information security function Serve as a focal point of contact for the Bank’s Information Security team and the BDTS Communicate information security goals and new programs effectively to BDTS based on updates received through Bank’s Information Security team Identifies and establishes risk management processes to enable accurate risk reporting and effective reduction of residual risk Conduct Information pre-emptive Security & cybersecurity risk assessments to support enhance and refine information security posture to better enable BDTS without compromising information security Coordinates across the risk program to set appropriate success metrics and consistently drives risk remediation execution Aligns with metric-based measurement of progress and provide input into executive dashboards regularly Challenge the CISO/IAD/ORM functions on the identified / reported Information Security related gaps Skills required Minimum 10 years of experience in Cyber / Information Security domain Previous hands-on experience in Firewalls, Networks, Vulnerability Management, Penetration Testing, Security operations, etc. Previous hands-on experience on application security testing like DAST / SAST. Knowledge of OWASP Top 10 and SANS 25 vulnerabilities Experience with cyber security frameworks (ISO 27001, NIST, etc.). Conducted Third Party Information Security Assessment or Vendor Risk Review (VRR) Relevant certification related to cyber/information security, data privacy, or other relevant certifications specific to this role (CISSP, CISA, CISM, CIPP/E/US/A, CIPM, ISO 27001 Lead Auditor/Lead Implementer, etc.) Good communication and presentation skills Well versed with Excel and Dashboards (Pivots, Slicers, Graphs etc.) Show more Show less

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Job Description We are seeking a highly experienced and skilled Senior Cybersecurity Professional to join our team. The candidate should have a deep understanding protecting an organization's data and systems from cyber threats by identifying vulnerabilities, responding to breaches, and implementing security measures. Primary Skills Leadership and Strategy: Develop and implement comprehensive cybersecurity strategies and policies. Lead and mentor a team of cybersecurity professionals. Stay updated with the latest cybersecurity trends and technologies. Identify and prioritize critical business functions in collaboration with organizational stakeholders Risk Management: Conduct risk assessments and vulnerability analyses. Develop and implement risk mitigation plans. Ensure compliance with industry standards and regulations. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Incident Response: Lead incident response efforts and manage security breaches. Develop and maintain incident response plans and procedures. Conduct post-incident analysis and reporting. Security Operations: Oversee the implementation and management of security tools and technologies. Coordinate with IT teams to ensure secure system configurations. Secondary Skills Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Proven experience in cybersecurity leadership roles. Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. Show more Show less

Principal Security Engineering Manager Hyderabad, Telangana, India Date posted May 12, 2025 Job number 1823324 Work site Microsoft on-site only Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. As a manager in the Continuous Security Validation & Assurance (CSVA) security engineering team, you will have an opportunity to contribute your deep technical leadership and problem-solving skills to lead a team of engineers working on the security of the underlying platform, code and infrastructure of many Microsoft products used by millions of customers. We build and manage services to manage continuous security posture of cloud scale services. The team is customer-focused with an emphasis on security, great user experience and reliability. You would drive solutions to challenging technical problems involving security for large scale systems and lead critical design initiatives, be accountable for delivery and take part in strategic and tactical decisions in the context of mission-critical services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Qualifications 8-10 years of overall industry experience in software development and building world class solutions with at least 3-5 years of that as SWE manager. A Bachelor’s degree in Computer Science or equivalent experience Experience in designing, coding, debugging and testing production grade cloud services with a high emphasis on security. Experience/understanding of addressing security issues in distributed cloud-based environments and across the dev ops ecosystem. Experience in technical leadership in driving engineering roadmaps, leading v-teams, mentoring and helping others grow technically. Knowledge of common security vulnerabilities/mitigations Excellent communication, cross-team collaboration/influence, presentation skills. Passion to grow and develop other engineers and leads. Preferred Proficient with a cloud computing environment like Azure (preferred), GCP or AWS. Experience with CICD pipelines/automation, agile/scrum processes Experience building and operating scalable microservices using Docker + Kubernetes. Ability to reason about security challenges and propose practical solutions Knowledge of Security Development Lifecycle, security standards and frameworks like NIST, OWASP, etc. Experience implementing security features/automated mitigations for common security issues. Ability to define, design and implement telemetry and proactive monitoring for the services to run the operations efficiently in production environments. Experience with security tools/techniques such as SAST, DAST, fuzzing, pen-testing, etc. Exposure to security protocols and infrastructure components such as OAuth, OIDC, PKI, IRM, A/AD, etc. Experience with reporting technologies/frameworks such as PowerBI. Experience with Kusto or other big data stores Responsibilities Lead the architecture, design and implementation of security engineering and security automation projects in the context of large scale services, working with a variety of stakeholders. Lead your team while also collaborating with stakeholders in peer teams and organizations to deliver production-grade solutions for security challenges that scale and work across multiple products while meeting standards of service quality, availability, scale and performance. Influence and align product vision by collaborating with customers, partners, product management and engineering teams. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

India - Hyderabad JOB ID: R-216701 LOCATION: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: Jun. 01, 2025 CATEGORY: Information Systems Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Let’s do this. Let’s change the world. In this vital role you will be an integral part in driving growth & innovation, improving efficiency and creating enterprise value – supporting our mission “To Serve Patients”. The Manager-Information Security will be responsible for the oversight and hands-on leadership of the Directory Services (AD and LDAP) team within the Digital Identity Access Services (DIAS) organization. This role involves developing, implementing, maintaining, and updating IAM strategies, policies and procedures to ensure the security and integrity of our systems and data. The ideal candidate will have extensive experience in Active Directory, Enterprise Unix LDAP and other Directory services. Candidate should have a deep understanding of security standard processes, and the ability to lead a team in a dynamic, global environment. Roles & Responsibilities: Manage Amgen's Internal and External PKI Technologies Manage External PKI vendors like Sectigo and Entrust Develop and maintain the Directory and LDAP standards and architecture, ensuring that it meets industry standards and best practices Assess and select IAM technologies and tools that align with Amgen’s IAM strategy Lead the information security team, providing guidance, support, and mentoring to ensure the effectiveness of security operations Develop and implement the IAM (Identity Access Management) strategy aligned with the organization's information security goals and regulatory requirements. Lead the design, implementation, and management of IAM solutions, including governance for Directory Services. Create, implement, and maintain IAM policies, standards, and procedures to manage user identities and access rights. Design and enforce access control mechanisms, including role-based access control (RBAC), to safeguard sensitive information. Manage IAM-related security incidents and vulnerabilities, coordinating with IT security teams to mitigate risks. Know the latest with industry trends, emerging threats, and standard methodologies in IAM. Collaborate with IT and security teams to integrate IAM solutions with other security and business systems. Develop and maintain key performance indicators (KPIs) to track service metrics and generate regular reports for management. Evaluate and implement IAM tools and technologies to enhance security and streamline processes. Participate in vendor proposals, contract negotiations, and support renewals. This role on occasion might have responsibilities outside of business hours. Travel: International and/or domestic travel up to 10% may be essential. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree with 4 to 6years of experience related field OR Bachelor’s degree with 6 to 8 years of experience in related field OR Diploma with 8 - 12 years of experience in related field. Preferred Qualifications: Must-Have Skills: Strong knowledge of Internal and External PKI (Public Key Infrastructure). Strong knowledge of Directory Services and LDAP Services. Solid understanding of Active Directory Domain structure and security, Windows Operating Systems and Domain Controllers, Azure AD and Microsoft Entra ID. Strong knowledge of LDAP directories and managing LDAP Structure. Knowledge of LDAP Schema and configuration changes. Create and modify Shell Scripts for bulk LDAP operations. Creation and implementation of LDAP Business Continuity plans. Familiarity with security standards and regulations (e.g., NIST, ISO). Experience with Authentication, Provisioning/De-provisioning, Role Management, Session Management and Directory Services. Experience in driving transformation initiatives using Scaled Agile methodology. Excellent verbal and written communication skills for technical and non-technical audiences of various levels in the organization. Good-to-Have Skills: Work experience in the biotechnology or pharmaceutical industry. Degree in Computer Science, Information Systems, or Engineering. Familiarity with GxP standards, Information Security standards and policies like ISO 27001/27002, NIST and others. Strong problem-solving and analytical skills. Demonstrated ability to work effectively in a fast-paced, dynamic environment. Understanding of ITIL processes and implementation. Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications CompTIA Security+ (preferred) Cloud Identity or Security Certification (preferred) Microsoft Azure Certification (preferred) Soft Skills: Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams . High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team oriented, with a focus on achieving team goals. Strong presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

Close date: Thursday, 31 July 2025 Working pattern: Full time Contract Type: Permanent Location: Gurgaon (SEZ1) Department: 13 - 13 Security Description & Requirements: Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. Position Overview The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges. The position is within the Information Security team. Main activities will include but are not limited to: Responsibility Internal Audit & Assurance: Oversee the implementation and operations of the ISMS within the region. Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Continuously assess and improve security controls and processes. Information Security Risk Management Identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Lead and support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Develop, support deliver security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Assess and manage security risks associated with third-party vendors and suppliers. Ensure that security requirements are included in vendor contracts and SLAs. Perform regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so. Qualifications and Experience Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. Experience in security risk management, audits, compliance, and client security assurance. Knowledge of security operations, incident response, and managed security services. Familiarity with supply chain security and third-party risk management. Excellent communication and stakeholder management skills, with experience working with clients on security matters. Security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme 2 paid volunteering days and a range of community-based initiatives to get involved in Parental (including secondary) leave policy Free meals and transport So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Conduct Web Application and API Security Testing using both Manual and Automated Penetration Testing Methodologies Conduct Vulnerability Assessments of Network Devices, DB and servers using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Conduct penetration test and launch exploits using Nessus, Metaspoilt, Core Impact, Backtrack penetration testing distribution tools sets Prepare a detailed VAPT findings manually Strong experience with performing VAPT as per OWASP Top 10, SANS Top 25, and NIST, and SANS Security Guidelines. Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp, Nessus, nexpose, wireshark, sqlmap, MobSF, burpsuite etc. Conduct android and IOS mobile application VAPT Ability to suggest remediation to vulnerabilities observed in Application and configuration. Minimum 2-3 years of work experience in the information security domain only Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹65,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you worked in the domains like API Testing, IOS, Android Testing, Web Application Testing, Network Penetration Testing, Mobile Application Testing? Experience: minimum: 1 year (Required) Language: English (Required) Location: Gurugram, Haryana (Required) Work Location: In person

Req ID: 124910 Remote Position: No Region: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary The Senior Specialist, IT Risk and Compliance requires extensive experience with Regulatory Compliance (IT SOX, NIST, ISO) in order to be capable of managing IT controls and monitoring activities while coordinating IT compliance projects. The incumbent will interact with internal and external stakeholders and provide support and guidance around IT policies, risk and compliance. Detailed Description Performs tasks such as, but not limited to, the following: Ensures IT controls are regularly tested/assessed and provides solutions for mitigation where required Implements effective monitoring and assessment processes and provides guidance where needed to address any potential gaps Develops and supports project management processes, guidelines and products. Provides project planning support for project gating. Organizes and supports project management training. Provides expertise to the business and IT teams on IT controls improvements and implementation, assisting with the IT controls updates and re-design Participates in the audit process - enforces compliance measures to ensure audit readiness and assists internal and external auditors with the audits Assists with policy and process changes to ensure the documents are up to date Knowledge/Skills/Competencies Technical knowledge of specific areas of computer operations/applications support Extensive knowledge of IT controls testing, monitoring, mitigation Knowledge of the latest IT SoX requirements and controls structure Proficient in IT Security Knowledge of risk mitigation and business controls Knowledge of data management and analytics Knowledge of delivering initiatives within the Operating Model Knowledge of project management Proficient in architecture and solution integration Knowledge in business partnering Knowledge of IT controls framework Knowledge of IT audit structure/techniques Excellent verbal and written communication skills. Creative problem solving skills. Knowledge of IT delivery/operations. Excellent Project Management skills Ability to work in a team environment. Cross-functional coordination skills. Change Management skills Strong customer management skills Ability to clearly articulate the role that IT can play in enhancing the customer’s activities Physical Demands Duties of this position are performed in a normal office environment. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required. Typical Experience Between 7 to 12 years of experience and obtaining the CISO certification. Typical Education Bachelor's degree in related field or consideration of an equivalent combination of education and experience. Educational Requirements may vary by Geography Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law). At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them. Company Overview Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers. Celestica would like to thank all applicants, however, only qualified applicants will be contacted. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services. Show more Show less

Req ID: 124916 Remote Position: Hybrid Region: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary The Senior Specialist, IT Risk and Compliance requires extensive experience with Regulatory Compliance (IT SOX, NIST, ISO) in order to be capable of managing IT controls and monitoring activities while coordinating IT compliance projects. The incumbent will interact with internal and external stakeholders and provide support and guidance around IT policies, risk and compliance. Detailed Description Performs tasks such as, but not limited to, the following: Ensures IT controls are regularly tested/assessed and provides solutions for mitigation where required Implements effective monitoring and assessment processes and provides guidance where needed to address any potential gaps Develops and supports project management processes, guidelines and products. Provides project planning support for project gating. Organizes and supports project management training. Provides expertise to the business and IT teams on IT controls improvements and implementation, assisting with the IT controls updates and re-design Participates in the audit process - enforces compliance measures to ensure audit readiness and assists internal and external auditors with the audits Assists with policy and process changes to ensure the documents are up to date Knowledge/Skills/Competencies Technical knowledge of specific areas of computer operations/applications support Extensive knowledge of IT controls testing, monitoring, mitigation Knowledge of the latest IT SoX requirements and controls structure Proficient in IT Security Knowledge of risk mitigation and business controls Knowledge of data management and analytics Knowledge of delivering initiatives within the Operating Model Knowledge of project management Proficient in architecture and solution integration Knowledge in business partnering Knowledge of IT controls framework Knowledge of IT audit structure/techniques Excellent verbal and written communication skills. Creative problem solving skills. Knowledge of IT delivery/operations. Excellent Project Management skills Ability to work in a team environment. Cross-functional coordination skills. Change Management skills Strong customer management skills Ability to clearly articulate the role that IT can play in enhancing the customer’s activities Physical Demands Duties of this position are performed in a normal office environment. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required. Typical Experience Between 7 to 12 years of experience and obtaining the CISO certification. Typical Education Bachelor's degree in related field or consideration of an equivalent combination of education and experience. Educational Requirements may vary by Geography Notes This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law). At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them. Company Overview Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers. Celestica would like to thank all applicants, however, only qualified applicants will be contacted. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services. Show more Show less

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation. At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future. We are looking forward to hire NIST Professionals in the following areas : Position Name: Lead Consultant - OT/ IOT Description YASH is a Digital services enabler organization delivering vast portfolio of digital services to customers across the globe. Our topline services include Cybersecurity services. This role will be part of vibrant YASH’s Cybersecurity – Security Operations Team. We are looking for candidates who will embrace our Security strategy in the design, implementation and operations of Azure Sentinel with a focus on Azure. As an Azure Sentinel Administrator, you should have experience in all aspects of SIEM tools including estimating, designing, fine tuning, log source integration, threat hunting and automation. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving. In addition, this position is responsible for analyzing security vulnerabilities and determining if there is an attack surface and impact. The ideal candidate understands the complete implementation of a SIEM tool. Position – Lead Consultant - OT/ IOT Security Number – 1 Location – Bangalore/ Pune / Indore Total Experience – 8 -10 Years How Do You Grow And Be Successful At YASH, we will offer all support to grow in your career. At the very beginning you will receive a deep knowledge on the current SOPs once you are fully onboarded into our Security Operations team. You will be measured on the positive contribution in delivering the SIEM services to our customers. Fluency will be measured on the goals such as improvement of cyber posture of customers through our Manage detect and respond services. Our employees will have global exposure from day-1. We offer to learn multiple security domains through our mentored on-the-job training program. Aspiring candidates will reach to highest positions and make a global career. Preferred Skills Minimum 8+ years of experience in developing use cases customized to the environment. Work on Cloud SIEM project implementations for various customers in different locations, starting with estimating the SIEM configuration to successful deployment and fine tuning of the solution Configure data digestion types and connectors. Create incident categorization and threat management plan. End to end operational knowledge of Azure Incident Management Process/SLAs. Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks. Support on-going development and troubleshooting of Azure Sentinel. Advise and develop Azure Sentinel adoption migration roadmap for clients. Analytic design and configuration of the events and logs being digested. Preferred with experience on SOAR tools like IBM SOAR(Resilient), Splunk SOAR(Phantom) , Microsoft Sentinel SOAR, knowledge in Jupyter and logicApps or any other SOAR Tool. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc Use Case Fine tuning and New Use case creation. Hands-on experience with Azure Sentinel/Kusto Query language preferred). Azure Security Services for Vulnerability Assessment and Compliance practices analysis, Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events. Tuning threat detection to minimize noise and amplify a signal. Experience in SIEM/ SOAR & Playbook creation technologies understanding the log source integration. Responsible for integration review of standard and non-standard logs in SIEM Provide support to the Security Operations Center (SOC) during incident response, event monitoring, and threat hunting activities. Proficient in one or more of the following computer languages PowerShell, Bash ,Python & KQL to support cyber threat detection or reporting. Security API implementations can be considered as well. Deep understanding of either MITRE Attack framework (MITRE preferred) or the Cyber Kill Chain Experience in threat management. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix. Knowledge of applications, databases, middleware to address security threats against the same. Proficient in preparation of reports, dashboards and documentation. Working knowledge Passion for Cyber Security, being the basic ingredient of success. Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives Necessary soft-skills set to successfully understand, challenge and translate the business needs and communicate to the relevant parties with a structured and methodical approach to problem solving You are a team player with good communication skills, proactive and highly motivated individual with a serious hands-on work ethic Qualifications: A bachelor's or master's degree in computer science, information technology Preferred Certifications: Azure Security Certifications, SIEM certifications At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale. Our Hyperlearning workplace is grounded upon four principles Flexible work arrangements, Free spirit, and emotional positivity Agile self-determination, trust, transparency, and open collaboration All Support needed for the realization of business goals, Stable employment with a great atmosphere and ethical corporate culture Show more Show less

About WorkSpan The next era of growth is being driven by business interoperability. Cloud, genAI, solutions combining services and software- more and more, companies outpace their competition not just through building superior products, but by creating stronger partnerships, paths to market, and better business models for winning together. Cloud providers, service providers, tech partners and resellers are teaming up to win more deals together through co-selling. WorkSpan is building the world’s largest, trusted co-selling network. WorkSpan already has seven of the world’s ten largest partner ecosystems on our platform and $50B of customer pipeline under active management. AWS, Google, Microsoft, MongoDB, PagerDuty, Databricks and dozens of others trust WorkSpan to accelerate and amplify their ecosystem strategies. With a $30M series C and backing from world class investors Insight Partners, Mayfield, and M12, WorkSpan is poised to drive the future of B2B. Come be a part of it. We are seeking an experienced Information Security Manager to serve as our information security leader, advancing WorkSpan's mature security program and building upon our 5+ year track record of successful SOC 2 compliance. Reporting directly to the CISO, you will have comprehensive ownership of our security operations while serving as the subject matter expert for GDPR, ISO 27001, and SOC 2 compliance frameworks. This role requires close collaboration with IT, Site Reliability Engineering, Product, and business stakeholders to translate regulatory requirements into actionable security practices and organizational standards. You will operate as a hands-on security practitioner while providing strategic guidance across the entire security landscape. Key Responsibilities Compliance & Risk Management Optimize and enhance existing SOC 2 Type II and ISO 27001 controls across the organization Conduct comprehensive security risk assessments, identify control gaps, and drive remediation to completion Evolve and maintain Information Security Management System (ISMS) policies and procedures Execute and refine established internal audit processes for various security domains Oversee annual SOC 2 Type II audits, leveraging our many years compliance history, and coordinate third-party penetration testing engagements Stakeholder Engagement Respond to customer security assessment questionnaires and RFPs with technical accuracy Conduct vendor security assessments and manage third-party risk evaluation processes Lead cross-functional security projects requiring coordination among multiple stakeholders Facilitate security awareness training programs for new hires and annual compliance education Operations & Documentation Participate in periodic security testing activities including penetration tests and disaster recovery exercises Lead security incident response activities and remediation efforts as the primary security point of contact Maintain comprehensive documentation of organizational security procedures and controls Ensure audit documentation remains current and compliant with regulatory requirements Monitor security tools and systems, analyzing alerts and implementing improvements Stay current with emerging threats and security technologies to continuously enhance our security posture Education & Experience Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, Systems Engineering, or related discipline 6+ years of hands-on experience implementing and managing regulatory compliance frameworks (GDPR, ISO 27001, SOC 2, NIST, COBIT) Proven track record conducting internal audits and managing external security audit processes Demonstrated ability to work independently and manage multiple priorities in a fast-paced environment Strong hands-on experience with security tools, technologies, and platforms Technical Expertise Deep understanding of information security terminology, concepts, and IT controls across: Risk assessment methodologies and frameworks Identity and access management (IAM) systems Cloud/SaaS security architectures Application security and secure development practices Data loss prevention and classification Network security and systems operations Incident response and management processes Experience leveraging AI tools for information security operations, vendor assessments, and questionnaire automation Leadership & Communication Demonstrated ability to establish trust and credibility with technical teams, executives, and external stakeholders Excellent written and verbal communication skills with ability to translate complex technical concepts for diverse audiences Strong project management capabilities with experience leading complex, multi-stakeholder security initiatives Independent decision-making skills with ability to operate autonomously while maintaining organizational alignment Self-motivated with strong organizational and time management capabilities Ability to be the "go-to" security expert across all domains while building scalable processes for future growth What We Offer The opportunity to be the security leader at a growing SaaS and AI company, building upon our established SOC 2 compliance track record while working with cutting-edge technologies. You'll have significant autonomy and direct influence in evolving WorkSpan's entire security posture and compliance strategy as we scale to the next level. This role offers exceptional visibility and growth potential as you help build the foundation for expanding the securi

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory, our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI, our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation, our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn, X, YouTube, and Facebook. We are inviting applications for the role of Manager – IT SOX In this role, you will be responsible for delivering solution offerings primarily related to IT-SOX. Demonstrate IT operational risk knowledge/experience including design of effective control processes, development of test requirements, and/or testing controls for effectiveness Responsibilities Ensure client service delivery as per the quality guidelines & methodologies. Build and maintain client relationships by understanding and being responsive to client needs and ensuring high quality of deliverables. Contribute to people and knowledge development initiatives by developing training material and conducting training Demonstrate strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to interested parties Demonstrate superior relationship building and relationship management skills Qualifications we seek in you! Minimum qualifications B.E., B. TECH, M. TECH, MCA (Preferred) / MBA Preferred qualifications Relevant experience in performing ITGC reviews, application controls assessment with a good understanding of business processes such as AP, RTR, AR, etc. Understanding of emerging technologies such as the system of engagements, digital tools, cloud infrastructure, etc. Identify the gaps in the control and articulate the risk in the issues Discussion with client and stakeholders to explain the gaps and remediation recommendations Onshore and offshore discussion with client point of contacts to review the quality of deliverables, work papers, audit/ assessment reports Good understanding of industry frameworks such as NIST, ISO27001, COBIT Ability to independently execute assignments involving the building of IT and application controls framework, liaise with internal/external auditors Good understanding of various implementation methodology such as agile, SDLC In-depth knowledge/experience of technology processes, systems, and infrastructure including project management, change management, access management, and data processing operations such as job scheduling and monitoring, problem management, and backup Experience in solution building and practice development Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Manager Primary Location India-Bangalore Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 2, 2025, 1:10:40 AM Unposting Date Jul 2, 2025, 1:29:00 PM Master Skills List Consulting Job Category Full Time

ASSOCIATE CONSULTANT Bangalore 2.5-5 Years INDIA Job Description (Posting). Role #2 - Operating System Vulnerability Management Specialist Job Summary: We are seeking a highly skilled and motivated Operating System Vulnerability Management Specialist to join our team. The successful candidate will be responsible for identifying, evaluating, and mitigating security vulnerabilities within our operating systems. This role involves working closely with various departments to ensure the security and integrity of our IT environment. This the candidate will work closely with the Desktop Engineering, Server Engineering, Security Engineering and Operations teams to identify, implement and maintain all related security controls, policies, procedures (including security patching for the operating system and/or the applications ) on physical, virtual and cloud platforms. Key Responsibilities: Vulnerability Assessment: Conduct regular vulnerability assessments to identify security weaknesses. Risk Evaluation: Evaluate the severity of vulnerabilities and prioritize remediation efforts based on risk assessment. Remediation Coordination: Collaborate with application owners, developers, and IT operations to develop and implement remediation plans for identified vulnerabilities. Monitoring and Reporting: Continuously monitor the application environment for new vulnerabilities and provide regular reports on the status of vulnerability management efforts. Training and Awareness: Provide training and awareness programs to educate staff on application security best practices and vulnerability management processes. Compliance: Ensure compliance with relevant security standards and regulations, such as NIST, CISA, and internal security policies. Desired Skills: Proactively identify and resolve issues while making recommendations to management/colleagues on continued improvement of processes Organized - able to take notes, provide clear & concise status and ability to formulate a recommended action plan based on issues encountered Experience collaborating between Server and Information Security teams. Complete tasks with minimum oversight aligned to the corporate objectives Experience balancing risk to the business functions with security risks Excellent Communication skills (Written and Verbal): o Clear and concise executive summaries Highly technical and detail oriented with peers Self-motivated, desire to drive change to new technologies that will benefit the firm Knowledge of Splunk search language is preferred Creating documentation and presentations to represent new technologies Hardening OS and ensuring environment is consistent using MS Intune configuration management Qualifications: Education: Bachelor's degree in Computer Science, Information Security, or a related field. Experience: Minimum of 3-5 years of experience in application security, vulnerability management, or a related field. Technical Skills: Proficiency with vulnerability scanning tools (e.g., Tenable, Rapid7), and familiarity with security frameworks and standards (e.g., NIST, CISA). Certifications: Relevant certifications such as CISSP, CEH, or OSCP are preferred. Communication: Excellent verbal and written communication skills, with the ability to effectively communicate complex security issues to technical and non-technical stakeholders. Problem-Solving: Strong analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure. Team Player: Ability to work collaboratively in a team environment and build strong relationships with colleagues across different departments. (1.) To clearly understand the client's cybersecurity environment and respective product. (2.) To monitor, configure, and troubleshoot cybersecurity issues and related monitoring Qualification BE/B.Tech (Hons) No. of Positions 1 Skill (Primary) Information Security-End point Security operation-PKI Auto req ID 1569752BR Skill Level 3 (Secondary Skill 1) Tools and Standards (ERS)-Endpoint Management-Patch Mgmt (WSUS/GPO)

Job Title: Assistant Manager – Microsoft Sentinel Administration 📍 Location: [Remote] 🧭 Department: Information Security Group (ISG) 👤 Reports To: VP – Head of Cyber Defense Center Duration: 6 months 🔎 Job Purpose: The Assistant Manager – Sentinel Administration will be responsible for the end-to-end management of Microsoft Sentinel , a cloud-native SIEM and SOAR platform. This includes configuring data connectors, developing analytics rules, building dashboards and reports, managing playbooks for automated incident response, and collaborating with cross-functional teams to ensure effective threat monitoring, detection, and response across the organization’s IT landscape. 🎯 Key Responsibilities: Security Event Monitoring & Analytics: Ensure continuous monitoring of integrated systems using Sentinel Develop and tune analytics rules to enhance threat detection and reduce false positives Connect and manage diverse data sources (Azure, Microsoft 365, on-prem systems) Dashboards & Reporting: Design workbooks and dashboards for real-time visibility Generate periodic reports and provide insights to stakeholders on security posture Automation & Response: Develop playbooks using Azure Logic Apps Automate incident response workflows to reduce MTTD and MTTR System Maintenance & Optimization: Monitor system performance and apply patches/updates as needed Optimize data ingestion, retention policies, and ensure platform scalability Compliance & Documentation: Maintain up-to-date documentation of configurations and procedures Support audits and align operations with industry standards and organizational policies Collaboration & Support: Work closely with SOC, IT, and other business units Train Sentinel users and participate in incident investigations and post-mortems 🌐 Key Working Relationships: Internal: Local CISOs, ISG team, SOC, Business Units (LOD1-3), Risk, Compliance, Fraud, Internal Audit External: Regulators, Industry Supervisors ⚙️ Key Skills and Competencies: Technical Expertise: 7+ years in Information Security, with at least 4–5 years in Microsoft Sentinel and SIEM tools like ArcSight Strong understanding of SIEM/SOAR operations, threat detection, and incident response Experience in PowerShell, Azure Logic Apps, and automation tooling Hands-on experience in building dashboards, custom visualizations, and configuring data connectors Industry Knowledge: Familiarity with security frameworks and standards: NIST 800-61, ISO 27035, CERT/CC, PCI-DSS Exposure to BFSI sector and experience supporting SOC functions Soft Skills: Strong analytical, communication, and stakeholder management skills Ability to solve complex security challenges with creative and technical solutions Effective cross-team collaboration during incidents and investigations 🎓 Qualifications & Certifications: Bachelor’s degree in Computer Science, Information Technology, or a related field Preferred Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified: Azure Security Engineer Associate (AZ-500) 🧠 Key Attributes: Proactive and detail-oriented approach to threat detection Committed to upholding confidentiality, integrity, and availability of data Adaptable to evolving technologies and security threat landscapes Passionate about automation and continuous improvement in security operations 📈 Decision Making & Authority: Acts as a Subject Matter Expert (SME) for Microsoft Sentinel within the Cyber Defense Center Responsible for ensuring compliance with security incident response policies and regulatory requirements Supports the Head of Cyber Defense Center in achieving the organization’s InfoSec goals Show more Show less

Location: Bengaluru, KA, IN Company: ExxonMobil About us At ExxonMobil, our vision is to lead in energy innovations that advance modern living and a net-zero future. As one of the world’s largest publicly traded energy and chemical companies, we are powered by a unique and diverse workforce fueled by the pride in what we do and what we stand for. The success of our Upstream, Product Solutions and Low Carbon Solutions businesses is the result of the talent, curiosity and drive of our people. They bring solutions every day to optimize our strategy in energy, chemicals, lubricants and lower-emissions technologies. We invite you to bring your ideas to ExxonMobil to help create sustainable solutions that improve quality of life and meet society’s evolving needs. Learn more about our What and our Why and how we can work together . ExxonMobil’s affiliates in India ExxonMobil’s affiliates have offices in India in Bengaluru, Mumbai and the National Capital Region. ExxonMobil’s affiliates in India supporting the Product Solutions business engage in the marketing, sales and distribution of performance as well as specialty products across chemicals and lubricants businesses. The India planning teams are also embedded with global business units for business planning and analytics. ExxonMobil’s LNG affiliate in India supporting the upstream business provides consultant services for other ExxonMobil upstream affiliates and conducts LNG market-development activities. The Global Business Center - Technology Center provides a range of technical and business support services for ExxonMobil’s operations around the globe. ExxonMobil strives to make a positive contribution to the communities where we operate and its affiliates support a range of education, health and community-building programs in India. Read more about our Corporate Responsibility Framework. To know more about ExxonMobil in India, visit ExxonMobil India and the Energy Factor India. What role you will play in our team Develop, implement, revise, and support controls activities to uphold the integrity and security of industrial control systems; meeting corporate requirements through compliance with the ICSR standard, preventing and/or mitigating impacts to process operations via cost-effective risk reduction controls. Job location is based out of Bengaluru, Karnataka What you will do Perform Industrial Controls System cybersecurity security risk assessments, support cold eyes reviews and Unit internal audits on control system environment Technical review and development of ICS system architecture, requirements gathering, project design specifications, and factory acceptance testing Development of technical documentation, procedures and training modules Research, development, and review of emerging cybersecurity technologies Collaboration with Houston-based and global site personnel About You Skills and Qualifications Minimum 4 years of OT Cybersecurity experience Bachelor of Engineering degree in the Instrumentation, Electrical/ Electronics discipline and score 60% and above Visionary who can reconcile competing requirements and clarify obscure objectives to form a unifying and viable strategy Strong influencer; able to drive alignment and results across functions Able to work in an unstructured environment to identify key objectives and the actions required to achieve success Engage diverse perspectives and fuel discussion to optimize decision making Experience in OT Cybersecurity field or Industrial Control Systems, in support of field operations and maintenance Strong problem solving and analytical capabilities; high results-orientation Minimum 7 years of experience in the Industrial Control System field, with specific exposure to OT Cybersecurity Effectively lead and supervise global team; able to manage workloads of others Strong written and verbal communication skills; strong public speaker Minimum 5 years of experience working in the Oil and Gas Upstream, Midstream, or Downstream sites directly supporting field operations / maintenance / engineering. Ability to adapt to tight deadlines, heavy workloads, and frequent changes in priorities Required Technical Competencies: Relevant security and controls concepts and processes Strong knowledge of discipline design standards, specifications, codes, and appropriate safety criteria Familiarity with industry standards: IEC 62443 Standards, NIST Cybersecurity Framework Working knowledge of control and safety systems implementation and architecture is preferred Understanding of cybersecurity technical controls / solutions Familiarity with Enterprise IT and networking technologies is preferred Working knowledge of Microsoft Office (Outlook, Excel, Word, PowerPoint, OneNote), Microsoft SharePoint, Microsoft Windows, and Microsoft Internet Explorer Preferred Qualifications/ Experience Proficiency in data collection and analysis with common database and software data analysis tools such as SAP, Analytics for Excel and Tableau Your benefits An ExxonMobil career is one designed to last. Our commitment to you runs deep: our employees grow personally and professionally, with benefits built on our core categories of health, security, finance and life. We offer you: Competitive compensation Medical plans, maternity leave and benefits, life, accidental death and dismemberment benefits Retirement benefits Global networking & cross-functional opportunities Annual vacations & holidays Day care assistance program Training and development program Tuition assistance program Workplace flexibility policy Relocation program Transportation facility Please note benefits may change from time to time without notice, subject to applicable laws. The benefits programs are based on the Company’s eligibility guidelines. Stay connected with us Learn more about ExxonMobil in India, visit ExxonMobil India and Energy Factor India . Follow us on LinkedIn and Instagram Like us on Facebook Subscribe our channel at YouTube EEO Statement ExxonMobil is an Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin or disability status. Business solicitation and recruiting scams ExxonMobil does not use recruiting or placement agencies that charge candidates an advance fee of any kind (e.g., placement fees, immigration processing fees, etc.). Follow the LINK to understand more about recruitment scams in the name of ExxonMobil. Nothing herein is intended to override the corporate separateness of local entities. Working relationships discussed herein do not necessarily represent a reporting connection, but may reflect a functional guidance, stewardship, or service relationship. Exxon Mobil Corporation has numerous affiliates, many with names that include ExxonMobil, Exxon, Esso and Mobil. For convenience and simplicity, those terms and terms like corporation, company, our, we and its are sometimes used as abbreviated references to specific affiliates or affiliate groups. Abbreviated references describing global or regional operational organizations and global or regional business lines are also sometimes used for convenience and simplicity. Similarly, ExxonMobil has business relationships with thousands of customers, suppliers, governments, and others. For convenience and simplicity, words like venture, joint venture, partnership, co-venturer, and partner are used to indicate business relationships involving common activities and interests, and those words may not indicate precise legal relationships. Nothing herein is intended to override the corporate separateness of local entities. Working relationships discussed herein do not necessarily represent a reporting connection, but may reflect a functional guidance, stewardship, or service relationship. Exxon Mobil Corporation has numerous affiliates, many with names that include ExxonMobil, Exxon, Esso and Mobil. For convenience and simplicity, those terms and terms like corporation, company, our, we and its are sometimes used as abbreviated references to specific affiliates or affiliate groups. Abbreviated references describing global or regional operational organizations and global or regional business lines are also sometimes used for convenience and simplicity. Similarly, ExxonMobil has business relationships with thousands of customers, suppliers, governments, and others. For convenience and simplicity, words like venture, joint venture, partnership, co-venturer, and partner are used to indicate business relationships involving common activities and interests, and those words may not indicate precise legal relationships. Job Segment: Sustainability, Embedded, Testing, CSR, Instrumentation, Energy, Technology, Management, Engineering

Company Description OUR STORY Let’s be honest: there are lots of people out there doing what we do. We’re just not convinced they’re doing it right. Businesses are hungry for innovation and opportunity, but not at the cost of their independence. At Ollion, we’ve connected companies and capabilities around the world to help ambitious organizations make the most of their transformation and leave the status quo in the dust. WORKING AT OLLION Innovation is risky. It demands bold steps and big questions, but that’s the price of making change. We’ve got our head in the cloud and two feet on the ground, channeling tech’s endless potential towards a single goal: making a world of difference. And we’re building a global team to do just that— a team capable of making game-changing breakthroughs without ever losing sight of the people it will impact. This is more than consulting. This is the change you can be. THE OLLION DIFFERENCE At Ollion, we’re all in on your independence. Our teams are seasoned. Our solutions are straightforward—sometimes even groundbreaking. And our engagements? Exactly as long as you want them to be. We deliver fresh thinking and hard-earned insight in a way that works for you and your customers, arming your organization with everything you need to make your transformation truly mean something. WORKING WITH OLLION (our clients’ experiences) Progress matters more than process. Our global team of cloud-native pros is all about creating new and better ways to work—not just by solving your tech challenges, but by using technology to solve your business challenges. We keep the formulas, frameworks, and ten-point plans to a minimum, tackling your most pressing problems with a proprietary mix of good-old-fashioned ingenuity and refreshing humanity. Job Description The Risk and Compliance Manager at Ollion plays a critical role in safeguarding our organization’s integrity and operational excellence. This role is responsible for identifying, assessing, and mitigating organizational risks while ensuring strict adherence to legal, regulatory, and internal policies across Ollion’s global operations. While the role will bring deep expertise in APAC regulatory environments, it will also help shape, lead, and evolve global compliance strategies, audits, and risk policies in partnership with stakeholders globally. Qualifications Expertise you bring 5+ years in risk management, compliance, or a related role, with demonstrated knowledge of APAC regulatory environments and experience applying compliance strategies globally. Strong understanding of diverse and evolving APAC regulations (including data privacy laws like PIPL, PDPA, DPDP; financial services compliance; anti-bribery and corruption laws) alongside global standards (e.g., GDPR, SOC, ISO, HIPAA, PCI DSS) Expertise in risk assessment methodologies (e.g., ISO 31000, NIST) with practical application in identifying and mitigating risks across global markets, with particular knowledge of APAC-specific considerations (e.g., cybersecurity threats, third-party risks, geopolitical factors). Excellent communication, analytical, and project management skills, adept at navigating cross-cultural communication nuances across APAC. Certified Information Systems Security Professional (CISSP), PMP, ITIL, or relevant APAC-focused compliance certifications (e.g., ISO 37001, CIPP/A) are a plus Ability to work collaboratively across global and diverse APAC teams, influencing stakeholders effectively to foster a strong compliance culture and drive necessary changes to enhance risk mitigation strategies. Experience utilizing Governance, Risk, and Compliance (GRC) technology solutions to manage compliance processes and data would be nice to have. Job Requirements Develop, implement, and maintain risk management and compliance policies and procedures aligned with international standards and diverse regional regulations, with particular attention to the APAC region. Conduct risk assessments identify, evaluate, and prioritize risks specific to APAC markets (including regulatory, financial crime, cybersecurity, and geopolitical risks), and implement appropriate mitigation strategies Monitor the evolving regulatory landscape across multiple APAC jurisdictions, analyzing the impact of new laws and updates on business operations. Manage internal and external audits, from planning through execution, including formulating responses and tracking and corrective actions Oversee and manage cross-border compliance challenges and data flow requirements within the APAC region. Monitor organizational activities for compliance with internal policies and external regulations, and prepare reports for internal management, boards, and external stakeholders, such regulatory bodies, as necessary) Design and deliver effective training and awareness programs on compliance, risk, and ethics, tailoring content to resonate with diverse cultures across APAC and promote a culture of integrity and accountability Investigate and respond to compliance incidents, breaches, and allegations of misconduct, ensuring appropriate follow-up, remedial action, and thorough documentation Provide timely, expert advice to business units on the interpreting and applying of compliance requirements and risk management strategies in their daily operations. Engage with relevant regulatory authorities and government bodies in our key APAC markets to monitor legal and regulatory expectations, relay them to internal stakeholders, and ensure the company responds effectively. Oversee third-party risk management for the APAC region, including monitoring and due diligence of vendors and partners. Establish and maintain key risk indicators (KRIs) and performance metrics for effectively monitoring shifts in the compliance landscape and assessing the success of mitigation efforts, regularly reporting insights to leadership. Continuously enhance the risk and compliance program by incorporating insights from risk assessments, audits, industry best practices, and regulatory developments. Additional Information BENEFITS & PERKS FOR WORKING AT OLLION Our employees multiply their potential because they have opportunities to: Create a lasting Impact, Learn and Grow professionally & personally, Experience great Culture, and Be your Whole Self! Beyond an amazing, collaborative work environment, great people, and inspiring, innovative work, we have some great benefits and perks: Benchmarked, competitive, in-market total rewards package including (but not limited to): base salary & short-term incentive for all employees Fully remote-first, small but Global organization; ‘learn wherever, whenever’ frees our people from a rigid view of learning and growth Retirement planning (i.e. CPF, EPF, company-matched 401(k)) Globally, we build benefit plans that offer choices for whatever stage in life our employees are in and allow for flexibility as life happens. Employees have access to a fully comprehensive benefits package to choose the medical, dental, and vision insurance plan that best fits their lives. In addition to great healthcare coverage, we also offer all employees mental health resources and additional wellness programs. Generous time off and leave allowances And more! DIVERSITY AT OLLION One of our cultural keystones, ‘Find the angle’ recognizes that every individual has different aspirations, needs and brings a unique perspective. We value diversity, inclusion, and equity (DE&I) as core to our success. We believe that a diverse workforce brings together unique perspectives, experiences, and ideas, leading to innovation, creativity, and better outcomes for our clients and our organization. We are on a journey and are committed to building a workplace that celebrates and respects individuals from all backgrounds, including but not limited to race, ethnicity, gender, sexual orientation, age, disability, and cultural heritage. As our commitment to diversity and inclusion is reflected in our: Awareness and sensitisation programs: to create awareness and sensitisation. We encourage open dialogue, active listening, and mutual respect, creating a safe and supportive environment for everyone to contribute their unique perspectives and ideas. Dedicated efforts to building diverse teams: that leverage the strength of our differences to tackle complex challenges and drive innovation. By embracing diversity, we broaden our collective knowledge, enhance problem-solving capabilities, and unlock limitless potential for our employees. All your information will be kept confidential according to EEO guidelines. Ollion is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all employees. Ollion does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, military service, or other non-merit factor. Ollion is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all employees. Ollion does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, parental status, military service, or other non-merit factor.

Senior Security Architect (Banking & Financial Services)Key Responsibilities: * Develop and maintain a comprehensive security architecture roadmap aligned with business objectives and regulatory requirements.* Conduct thorough security risk assessments for business applications (on-premises, cloud hosted) to identify potential threats and weaknesses and recommend mitigation measures.* Conduct thorough security risk assessments for APIs to identify potential threats and weaknesses.*Conduct threat modelling for applications at inception and at time of major changes to ensure compliance with extant regulations.* Review architecture design and suggest security controls and countermeasures to protect systems, applications, and data.* Define and enforce security policies, standards, and guidelines to ensure compliance with industry best practices and regulations. * Collaborate with development teams to integrate security-by-design principles into the software development lifecycle.* Create dashboards and reports for tracking progress of ongoing security reviews.*Drive automation and process improvement initiatives for streamlining security reviews.* Stay abreast of emerging security threats and trends, recommending and implementing appropriate countermeasures. * Mentor and guide junior security team members, fostering a culture of continuous learning and development.Required Qualifications: * Bachelor's degree in Computer Science, Information Security, or a related field. * 6-8 years of hands-on experience in security architecture, design, review and implementation.* Strong knowledge of security frameworks and methodologies (e.g., RBI guidelines, NIST Cybersecurity Framework, OWASP ASVS).* Excellent understanding of cloud security principles and practices esp. AWS .* Minimum 2 years’ experience in the banking and financial services sector, with a deep understanding of industry-specific security regulations, would be preferred. * Strong analytical and problem-solving skills.* Ability to work independently and manage multiple projects simultaneously.Preferred Qualifications: * Advanced security certifications (e.g., CISSP, CISM). * Knowledge of DevOps and CI/CD practices. * Experience with security automation and orchestration tools.

Job Description: About Us At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!\ Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services Process Overview* Cyber Threat Evaluation Analyst The Global Information Security organization (GIS) at Bank of America protects bank information systems, confidential and proprietary data, and customer information. The Cyber Threat Evaluation and Prevention Team (CTEP) assesses threats and emerging risks, evaluates cyber security controls, and defines observations to remediate risks. Job Description* The Evaluation Analyst plays an essential role in the Cyber Threat Defense Framework. The CTEP Evaluation Analyst conducts threat and incident evaluations and identifies opportunities for process and control enhancement. They support the CTEP Evaluation Manager in improving defense capabilities based on threats, incidents, and issues throughout the bank. The analyst assists ongoing evaluations by comprehensively documenting threats and ensuring all threats/incidents are comprehensive, complete, and accurate. Analyses include reviews of: Threats identified from internal and external intelligence sources. Cyber incidents managed at the Bank (e.g., third-party incidents). Assessments conducted by GIS teams (e.g., Adaptive Threat Simulations). Responsibilities* Within CTEP, the Evaluation team: Analyzes threats and incidents sourced from GIS partner teams to identify and triage process and control weaknesses in context of risks arising from the threat. Documents defensive posture, process and control weaknesses, and overall risk of each threat. Reviews threats/incidents holistically to identify broad themes and strategic issues, enabling GIS to protect against cyber threats effectively and proactively. Requirements* Education* - BE/B.Tech/MCA Experience Range* - 6+ Years Foundational skills* Strong technical writing capabilities; writing technical content in a broadly consumable format. Functional knowledge of information security, IT infrastructure, and risk management. Ability to prioritize and manage time effectively and work independently with minimal direction. Knowledge of Cyber Industry Frameworks like MITRE/NIST. Strategic thinking AND attention to detail – ability to think “like a threat actor.” Proficient computer/analytics skills – esp. Jira, Excel, Word, Power Point, Alteryx, etc. Desired skills* Experience with cyber threat intelligence collection, analysis, and reporting. Experience responding to and managing security incidents and events. Experience creating, executing, and documenting assessments and exercises. General understanding of bank policies, specific to data and privacy, third parties, incident management, vulnerability management, etc. Work Timings* - 6:30 AM - 10:30 PM Job Location* - Hyderabad, Mumbai Show more Show less

Job Description: About Us At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!\ Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services Process Overview* The Cyber Threat Defense team has a global footprint and operates 24x7 leveraging follow-the-sun model. This is global role and candidate is expected to closely collaborate with other Cyber Defense teams based in different parts of the world on day-to-day basis. Job Description* The role is in the Cyber Threat Defense (CTD) team of the bank. Key responsibilities of this role include contributing to analyses of threat environment, respond to network cyber-attacks as per operating procedures to ensure security, continuity, and confidentiality of the information, and perform post incident analysis to continually improve the technical and process controls. Responsibilities* Detect and respond to network cyber-attacks by leveraging bank’s best of the breed tools, processes and procedures, and your technical experience & skills. Perform analysis to determine timeline, tactics used by Threat Actors and impact of events and incidents and report to Cyber Incident Management team as per the process guidelines. Briefs management and control SMEs on analysis and tactical responses identified in the review of threats, events, and incidents and collaborate to drive proactive control enhancements. Collaborate with vendors and internal teams to fix any bugs, control issues or control upgrades. Apply a proactive understanding of cyber security threats to prevent incidents, enhance controls, and drive enterprise change. Requirements* Education* - BE/B.Tech/MCA Experience Range* - 6+ Years Foundational skills* Hands-on experience of 6+ years of detecting and responding to network cyber-security threats such as DDoS and other network attacks Proficient in using technologies/technical controls of the leading security vendors. Analysis of network traffic using various techniques including packet analysis, trending and patterns analysis to detect suspicious activities. Good verbal and written communication skills for effective collaboration and incident reporting in a global environment Broader understanding Cyber threat environment, common TTPs used by Threat Actors and Defensive controls to defend against such threats. ‘Continuous Improvement’ mindset to drive change for enhancement to the defensive posture of the bank Desired skill* Understanding of cyber-security frameworks such as NIST, ISO Standards etc is desirable Work Timings* - 6:30 AM - 10:30 PM Job Location* - Hyderabad, Mumbai Show more Show less

Job Description: AML RightSource is a leading provider of anti-money laundering (AML) and financial crimes compliance solutions. Our team of experts provides our clients with the highest quality of service, while ensuring compliance with regulatory requirements. We are currently seeking a Senior SOC Analyst to join our team. Responsibilities: Monitor and analyze security events from multiple sources, including security information and event management (SIEM) systems, network and host-based intrusion detection/prevention systems, and other security technologies. Conduct investigations into security incidents, analyze evidence, and report findings to management. Provide technical guidance and support to junior SOC analysts. Develop and maintain standard operating procedures for the SOC. Participate in security assessments and penetration testing activities. Conduct threat hunting activities to identify and respond to advanced persistent threats (APTs). Participate in incident response activities and coordinate with other teams to contain and remediate security incidents. Maintain awareness of new and emerging security threats, vulnerabilities, and mitigation techniques. Collaborate with other teams, including the IT team, to ensure the security of the organization's infrastructure and systems. Provide regular reports to management on the SOC's performance and effectiveness. Requirements: Bachelor's degree in Computer Science, Information Systems, or related field. Minimum of 2.5 years of experience in a SOC or security operations role. Strong knowledge of security technologies, including SIEM systems, intrusion detection/prevention systems, and other security tools. Familiarity with security standards and frameworks, such as NIST, ISO, and SOC 2. Experience with security incident response, including investigation, containment, and remediation. Excellent analytical and problem-solving skills. Ability to work well in a team environment. Strong verbal and written communication skills. Relevant security certifications, such as CISSP, CISM, or GSEC, are highly desirable. AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Department: Information Security Location: Mumbai Reports to: IS GRC Head Employment Type: Full-time Job Purpose: This role is responsible for driving the organization’s Information Security Governance, Risk, and Compliance (GRC) function, Industry standards (ISO 27001, NIST CSF), and regulatory requirements. The candidate will lead internal audits, vendor risk governance, SOC 2 readiness, automation initiatives, client assessments, and security awareness across the enterprise—while managing a team of security professionals. Key Responsibilities: Governance, Risk & Compliance Implement and maintain a scalable Information Security GRC framework based on ISO 27001, NIST Cybersecurity Framework, and applicable regulatory requirements (RBI, SEBI, IRDAI, DPDPA). Manage the information security policy lifecycle, risk registers, and control objectives across business units. Lead the exception management process, including impact assessments, approval workflows, and periodic reviews. Internal Audit & Control Testing Plan and execute periodic internal audits, control design evaluations, and operational effectiveness testing for IT and cybersecurity controls. Coordinate external assessments, including SOC 2 readiness, ISO 27001 surveillance audits, and customer/compliance audits. Track and close audit findings with clear ownership, root cause analysis, and sustainable remediation plans. Vendor Risk Management (End-to-End) Oversee the Third-Party Risk Management (TPRM) lifecycle: onboarding, risk assessment, security clauses, ongoing monitoring, and exit governance. Drive continuous oversight of critical vendors based on data exposure and service criticality, using automated tools where feasible. Automation & Tooling Identify manual GRC activities suitable for automation; perform POCs, evaluate tools, and drive implementation. Lead automation initiatives for risk assessments, control testing, evidence gathering, and exception workflows. SOC 2 & Compliance Readiness Lead organizational readiness for SOC 2 Type 1 and Type 2 audits, working with Business SPOC's, application owners and control owners. Align existing practices to SOC trust service criteria (Security, Availability, Confidentiality). Security Training & Awareness Develop and deliver cybersecurity training and awareness programs tailored to various stakeholder groups (employees, management, vendors). Promote a risk-aware culture and drive ongoing compliance awareness campaigns. Incident Response Oversight Support and enhance the incident response governance process by aligning it with NIST CSF framework. Ensure roles, responsibilities, and reporting mechanisms are clearly defined and followed during incidents. Oversee the documentation of lessons learned, RCA, and incorporation of incidents into risk registers. Reporting & Stakeholder Engagement Prepare and present dashboards, heatmaps, and reports for executive management, audit committees, and the board. Maintain governance KRIs and provide insights into risk trends, audit closures, and compliance status. Serve as a key liaison during client assessments, RFP security responses, and due diligence efforts. Team Leadership Manage, mentor, and upskill a team of GRC analysts and specialists. Allocate responsibilities, track performance, and foster collaboration across IT, Legal, Procurement, and Business teams. Key Requirements: Qualifications: Bachelor’s/Master’s in Information Security, Computer Science, or related field. Professional certifications preferred: CISA, CRISC, ISO 27001 LA, CISSP, CCSK, or equivalent. Experience: 8+ years of experience in Information Security GRC, IT Risk, and Regulatory Compliance. Strong expertise in internal audits, control testing, and vendor security governance. Hands-on experience in managing SOC 2, ISO 27001, or similar frameworks. Demonstrated leadership in team management and multi-stakeholder coordination. Exposure to automating GRC functions using platforms like ServiceNow GRC, Archer, OneTrust, or similar. Skills & Competencies: Strong analytical, documentation, and reporting skills. Effective communication across technical and business audiences. High level of integrity, ownership, and stakeholder management. Show more Show less

The Associate ITAO supports the technical infrastructure required to supply IT services to the bank. They are involved in the strategy, design, development, and deployment of IT solutions. They are able to troubleshoot complex issues, being aware of overlapping and different technology areas. Based on their business knowledge, they are able to identify where IT designs can be strengthened and provide value to the businesses. They are responsible for providing detailed technical feedback into the Engineering function to deliver more robust IT solutions. They understand in detail, how IT needs to be supported and can create appropriate processes and controls which ensure IT failings are captured and remediated to ensure stability. They provide technical direction on all related IT platforms and are considered technical experts for level 3 support in outage coordination. The Lead Technologist is counted upon to provide technical guidance and recommendations for complicated business IT problems. They embrace a Continuous Service Improvement approach to drive efficiencies and remove repetition to streamline support activities, reduce risk, and improve system availability. The successful candidate is expected to have at least 5+ years experience in IT, preferably with Asset Management Business Applications and Processes. The IT Application Owner (ITAO) has sound IT risk management skills. They follow one of several possible service delivery approaches, acknowledge interference with the IT applications life cycle and assist with incorporating the adopted approach into best practice. The focus is on applications moving onto cloud. Here you support tracking of the application control status and help application dev-teams with practical advice. Make sure that all steps in Identity & Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools. The ITAO is aware of the gap in the current infrastructure solutions and where industry innovations are along the maturity lifecycle. They work with application stakeholders to improve the infrastructure, ensuring compliance with the technical roadmap. The ITAO has a sound knowledge of development methodologies and the IT policies necessary to perform effectively in the organisation, aligned to the banks appetite for risk. The ITAO acts to improve safety and security of the application, compliance with regulations, policies and standards, enhance operational readiness, and ease maintenance of the environment for delivering change into production. The ITAO supports the banks audit function in the remediation of audit points and self-identified issues in order to reduce risk. The ITAO is responsible for producing and maintaining accurate documentation on compliance with methodologies, IT policies and IT security requirements. The ITAO interacts with and influences colleagues on the governance of IT platform reliability and resilience ITAOs will also be responsible for Application Decommissioning ITAOs will be driving activity that helps incidents reduction against an application Support compliance on all steps of SDLC process and make sure that all SDLC controls are green. You support the teams role as key contact for all security controls in the software delivery process and ensure that the security controls are evidenced by driving automated evidence. You are consulting with the ITAO community, information security specialists in our CSO organization, and other infrastructure teams like the ORR/SDLC teams. Your key responsibilities Enterprise IT Governance: Responsible for review of current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy Information security : Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing : Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Business risk management : Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management : Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management : Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools : Provide support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools Overall Responsibilities Summary: Make sure that all critical activities in application are monitored and logs are reviewed. Ensure appropriate controls onboarded and implemented where appropriate. Make sure that all steps in Identity & Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools. Manage Internal and external application audits and Audit issue remediation activities. Completion of regular/recurring assessments Timely response to audit & regulatory requirements with evidence, were compliant. Make sure that infrastructure is compliant and has up-to-date patches. Plan for Application Hardware Software License upgrades or migration activities to align to the compliant platforms. Keep up-to-date DR Test Plan and manage regular DR Tests Manage application capacity forecasting and monitoring. Manage any IT Security incidents that may occur in the application. Support compliance on all steps of SDLC process and make sure that all SDLC controls are green. Application Decommissioning Drive incidents reduction against an application Planning/Organizing: Able to manage work but also to make the estimate, scheme in detail, work on deployment plans and manage deadlines. Manage the technical roadmap of the application (technology roadmap compliance), estimate/budget capacity needed. Expertise in Planning and execution of Releases, Changes, Patches. Exposure of handling L3 role, incident analysis, patch preparation and implementation. Skilled individual to interact with L2 teams for incident and problem management cases. Your skills and experience Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security Experience in Software Development Lifecycle (SDLC) - from idea to production to understand our customer journey, these mostly application owners, business ISOs and development teams GCP-Cloud foundation knowledge General understanding of current security industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, OWASP Problem-solving and analyticalskills with the ability to oversee complex processes Ability to educate a technical and non-technical audience about varioussecuritymeasure Excellent communications skills and very service oriented and customer friendly behaviour even in stressful situations Self-driven behaviour Fluent in English (written/verbal) Preferable Knowledgeofinformation securitytools e.g., security scan and testing tools Understanding of cloud engineering and native security features to support the migration path for applications onto the cloud environment Firm understanding of DevSecOps and the banks shift left agenda to integrate security in the software development lifecycle as earliest as possible. ISO or ITAO certification (for internals only)

Job Description Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions. We are currently seeking an experienced professional to join our team in the role of Lead consultant specialist In this role you will: Hunting for malicious or anomalous activity across the enterprise, using existing tools. Acting in co-ordination with GCO staff to lead the development and implementation of an advanced analysis and search capability focused on identifying potentially sophisticated APT and insider threat activities within the organization. Researching new and existing threat actors and associated tactics, techniques and procedures (TTPs); developing a detailed understanding of their potential impact to the organization, providing recommended solutions for improving our defensive and detective capability. Collaboration with the wider Cybersecurity functions, e.g., Red Team, to develop hypotheses for new attack techniques and evasion methods. Coordinating threat hunting activities, leveraging intelligence from multiple internal and external sources. Reviewing incident and penetration testing reports and corresponding logs, to identify gaps in our detection capability and provide recommendations to improve them. Providing expert analytic investigative support on large scale and complex security incidents. Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes Training, developing, mentoring, and inspiring colleagues across the function in area(s) of specialism, strengthening Cybersecurity Operations capabilities. Represent HSBC Global Cybersecurity Operations at internal awareness and external cybersecurity forums. Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose. Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources. Requirements To be successful in this role, you should meet the following requirements: Excellent investigative skills, insatiable curiosity, and an innate drive to win. Instinctive and creative, with an ability to think like the enemy. Strong problem-solving and trouble-shooting skills Deep knowledge of hacker culture Developed external peer network for sharing intelligence. Self-motivated and possessing of a high sense of urgency and personal integrity. Excellent understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws. Excellent understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards. Proven experience in identifying and responding to advanced attacker methodologies both within the corporate environment as well as external attack infrastructures, ideally with offensive experience and / or deception environment development (tripwire systems, honeypots, honey-token/accounts, etc.) using open source, vendor purchased and bespoke/in-house developed solutions. Experience in computer forensics, vulnerability analysis, cyber security analysis, penetration testing and/or network engineering. Highest level of technical expertise in information security, including deep familiarity with relevant penetration and intrusion techniques and attack vectors Expert level knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. Expert Knowledge and technical experience of 3rd Party Cloud Computing platforms such as AWS, Azure and Google You’ll achieve more when you join HSBC. www.hsbc.com/careers HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by – HSBC Software Development India Show more Show less

Company Description MindSuite Informatics Private Limited is an IT solutions provider that offers cutting edge solutions in Software Development, NetSuite ERP, e-commerce, Mobile Applications, Cloud Services, Training & Placement. The company aims to empower clients to respond more quickly and intuitively to their customers by harnessing the right technology. MindSuite Informatics is committed to creating and delivering business and technology solutions that drive success and sustainable growth. Role Description This is a full-time on-site role for a Solution Architect Technology Working Group Lead located in Hyderabad. To establish, activate, and operate the Solution Architect Working Group, ensuring group-wide adoption of standardized architecture practices, Standardizing the tools, lead the design, direct the development, and coach the technical teams towards building scalable, high-performance software solutions. The candidate will play a critical role in shaping company’s technical vision, ensuring enterprise-grade architecture, and collaborating with senior leadership, stakeholders, and development teams. This position requires deep expertise in .NET technologies, cloud-native architectures, DevOps practices, 3rd party software components, integration tools, and microservices, along with strong leadership and problem-solving skills. Responsibilites: Architecture & Solution Design: Lead the design and implementation of robust, scalable, and maintainable software architectures. Translate business requirements into technical solutions, ensuring alignment with company objectives. Develop high-level architectural blueprints, documentation, and best practices. Select and govern technology stacks, with a focus on .NET Core, microservices, and cloud-native applications. Evaluate third-party solutions, open-source tools, and integration options. Ensure modular, reusable, and loosely coupled architectures using design patterns like SOLID, MVC, and CQRS. Cloud & DevOps Strategy: Architect cloud-native applications using Azure, AWS, or GCP, leveraging serverless computing, containerization, and auto-scaling. Lead CI/CD implementations and automate infrastructure provisioning using Terraform, Kubernetes, and Docker. Ensure high availability, fault tolerance, and disaster recovery strategies for mission-critical applications. Optimize system performance, reliability, and security across distributed environments Security, Compliance & Performance Optimization: Implement secure coding practices, identity & access management (IAM), and compliance frameworks (GDPR, SOC2, ISO27001). Work with authentication and authorization frameworks (OAuth2, OIDC, Keycloak, Auth0). Ensure performance tuning, caching strategies, and real-time data streaming solutions using Kafka, NATS, or RabbitMQ. Advocate for observability & monitoring tools (i.e. Prometheus, ELK Stack, Datadog). Leadership & Technical Guidance: Act as a technical mentor, guiding engineering teams on best practices, modern architectures, and software design principles. Conduct code reviews, enforce coding standards, and implement technical governance. Collaborate with engineering leads, product managers, and business stakeholders to drive technical excellence. Participate in agile development cycles, ensuring efficient sprint execution and successful project delivery. Qualifications Microsoft Stack Expertise: Deep knowledge of Microsoft technologies and services including .NET Core, Azure Active Directory, Microsoft SQL Server, and Power Platform. Cloud Platforms: Extensive experience with Azure, AWS, OCI and GCP, with hands-on expertise in architecting hybrid and multi-cloud solutions. CI/CD & DevOps: Strong background in setting up and managing CI/CD pipelines using tools like Azure DevOps, GitHub Actions, Jenkins, and GitLab CI. Containerization & Orchestration: Proficient with Docker, Kubernetes, and Helm for scalable and portable deployments in production environments. Database Expertise: Advanced skills in relational databases such as PostgreSQL, MySQL, and SQL Server, as well as NoSQL databases including MongoDB, Cassandra, and Redis. Event-Driven & Distributed Systems: Hands-on experience with Kafka, NATS, RabbitMQ, and event-driven architecture design patterns. Frontend Technologies (Optional but Valued): Familiarity with modern frontend frameworks including Angular, React, and Next.js. Identity & Access Management (IAM): Knowledge of OAuth2, OIDC, Keycloak, Auth0, Casbin, and enterprise SSO integration strategies. Infrastructure as Code (IaC): Experience with Terraform, Bicep, and CloudFormation for managing infrastructure reproducibly. Monitoring & Observability: Proficiency with Prometheus, Grafana, ELK Stack, Azure Monitor, and CloudWatch. Security & Governance: Familiar with cloud governance, policies, security baselines, cost optimization, and compliance (e.g., CIS Benchmarks, NIST, GDPR, ISO 27001). Architecture & Design: Strong knowledge of architectural patterns, domain-driven design (DDD), microservices, and service mesh technologies (e.g., Istio). Collaboration & Communication: Experienced in working across distributed teams in global, enterprise environments with strong documentation and stakeholder management skills. Agile & Frameworks: Comfortable in Agile/Scrum, SAFe, or hybrid environments, with experience driving architecture governance and technical standards. Experience & Qualifications Experience: 10+ years in enterprise software development; 5+ years in an Architect role 4+ years designing microservices architectures, API gateways, and inter-service communication Educational Background: BSC or MSC in Computer Science, Software Engineering, Information Technology, or a related field Certifications (Preferred): Microsoft stack AWS/Azure/GCP/OCI DevOps Engineer Certification. Certified Kubernetes Administrator (CKA). Disaster Recovery Certified Specialist (DRCS) or related certifications Location: Hyderabad, India Work Week: Sunday to Thursday. International Travel as needed. Interested candidates can submit their updated resumes to: Email: ta@mindsuite.in Mail Subject: Solution Architect TWG Lead Please include your Current CTC and Notice Period. Show more Show less