3864 Nist Jobs - Page 40

Job Title: Third-Party Risk Management (TPRM) Manager Location: Bangalore / Gurgaon (Work from Office) Experience Required: 6+ Years Notice Period: Immediate Joiners Preferred Job Summary: We are seeking a skilled and experienced TPRM Manager to lead and enhance our third-party risk management program. The ideal candidate will have a strong background in risk assessments, regulatory compliance, and information security frameworks, with the ability to work cross-functionally and communicate effectively with stakeholders. Key Responsibilities: Lead and manage the end-to-end Third-Party Risk Management lifecycle, including onboarding, due diligence, ongoing monitoring, and offboarding. Perform comprehensive risk assessments of third parties, including IT, information security, privacy, financial, reputational, and operational risks. Evaluate vendor controls and ensure alignment with frameworks like ISO 27001, NIST, SOC 2, etc. Develop and maintain TPRM policies, procedures, and risk rating methodologies. Collaborate with procurement, legal, IT, business units, and compliance teams to ensure appropriate third-party risk controls are in place. Track remediation plans and follow up on identified gaps and audit findings. Stay updated with regulatory requirements and industry best practices impacting third-party risk. Lead or support internal and external audits related to vendor risk management. Required Skills and Qualifications: Minimum of 6 years of relevant experience in Third-Party Risk Management, IT Risk, or Information Security. Strong knowledge of TPRM frameworks, regulatory requirements (e.g., GDPR, RBI, HIPAA), and industry standards (e.g., ISO 27001, NIST). Excellent communication, stakeholder management, and analytical skills. Experience with risk assessment tools, TPRM platforms, or GRC solutions is a plus. Strong understanding of contract risk clauses, SLAs, and compliance requirements.

About the Company I’m working with a newly established, fast-growing Third-Party and Supply Chain Risk Management firm led by industry veterans to recruit a Director – Information Security & Privacy . The firm helps multinational organizations manage risks across their third-party and supply chain ecosystems, including areas such as anti-bribery & corruption, ESG, sanctions, and human rights. As the company scales globally, it offers a rare opportunity to join early, shape operational excellence, and work alongside seasoned professionals passionate about building a next-generation risk management solutions & services. Director – Information Security & Privacy Location: Hyderabad, India (Hybrid) Start Date: Q4 2025 Employment Type: Full-Time Industry: Third-Party & Supply Chain Risk Management Role Overview We are seeking a Director – Information Security & Privacy to lead and enhance our internal security, privacy, and compliance posture, while also supporting client-facing advisory initiatives. This is a strategic and hands-on leadership role that spans internal governance (e.g., ISO 27001 certification, GDPR/data protection, policies, training) and external client services (advisory, audits, risk assessments, etc.). The ideal candidate will be based in Hyderabad or seriously willing to relocate , and should have demonstrated expertise in information security , data protection (especially GDPR) , and global client engagements . Key Responsibilities Internal Security, Privacy & Compliance Lead the design, implementation, and management of the Information Security Management System (ISMS) in alignment with ISO 27001. Drive the organization’s ISO 27001 certification and maintain ongoing compliance and audit readiness. Develop and enforce internal security and data privacy policies, procedures, and governance frameworks. Oversee compliance with data protection laws such as GDPR , and ensure secure data processing practices across all business units. Lead incident response planning, risk assessments, internal audits, and employee security awareness programs. Act as the organization’s Data Protection Officer (DPO) or equivalent function, ensuring privacy compliance and advising on privacy-by-design. Client-Facing Advisory & Risk Services Provide advisory support to clients on information security and privacy matters, including third-party risk assessments and audit readiness. Conduct client-facing security and data protection audits, assessments, and consulting engagements. Advise clients on GDPR compliance strategies, data protection impact assessments (DPIAs), and related privacy frameworks. Support pre-sales and delivery teams with subject matter expertise for client proposals and RFPs. Ensure alignment of internal controls and capabilities with client expectations and service commitments. Leadership & Collaboration Collaborate with senior leadership and global teams to align security and privacy strategy with business and compliance objectives. Monitor evolving cybersecurity threats, technologies, and regulations; adapt policies and controls accordingly. Foster a culture of security awareness and compliance across the organization. Qualifications & Experience 10–15 years of experience in Information Security , Data Protection , or related domains with combined internal and client-facing responsibilities. Demonstrated experience leading ISO 27001 implementation and GDPR compliance programs . Deep knowledge of security frameworks (e.g., NIST, SOC 2), data privacy laws, and risk management practices. Proven ability to work strategically while also executing hands-on tasks as needed. Experience with global teams and international clients is essential. Strong communication, presentation, and stakeholder engagement skills. Professional certifications such as CISSP, CISM, ISO 27001 LA/LI, CIPP/E, or CIPM are highly desirable. Bachelor’s degree in Information Security, Computer Science, or related field; a Master’s degree is a plus. Note: This role is open to candidates currently based in Hyderabad or those seriously willing to relocate . Remote-only candidates will not be considered.

Job Title: Associate Director, Cyber Security Location: Hyderabad, India Job Summary: The Associate Director of Cyber Security will serve as a key member of the Cyber Security leadership team, responsible for developing and executing the enterprise-wide cyber security strategy. This role leads multiple functional areas across security operations, engineering, governance, risk management, and compliance. Reporting directly to the Head of I/O & Cyber Security, the Associate Director will provide strategic direction, operational oversight, and technical leadership to protect the organization’s information assets, systems, and infrastructure from internal and external threats Key Responsibilities: Leadership and Management: Lead and manage a team of technical resources located offshore, ensuring high performance, motivation, and professional development. Oversee Security Operations Center (SOC), incident response, vulnerability management, threat intelligence, and endpoint protection. Direct the development and implementation of security architecture, tools, and frameworks across cloud, on-premises, and hybrid environments. Partner with IT, legal, compliance, risk, privacy, and business stakeholders to manage security risk and ensure adherence to industry frameworks (e.g., NIST CSF, ISO 27001, CIS). Drive the maturity of identity and access management (IAM), data loss prevention (DLP), zero trust architecture, and secure DevOps initiatives. Develop and maintain security policies, standards, metrics, and reporting to executive leadership and audit bodies. Build, lead, and mentor a high-performing, diverse cybersecurity team across technical and GRC domains. Manage relationships with external vendors, partners, auditors, and regulatory entities. Support cyber incident response planning, tabletop exercises, and executive-level simulations. Stay informed of emerging threats, trends, and technologies to proactively guide strategy and investments. Project Deliverables: Oversee the planning, execution, and delivery of technical projects, ensuring they are completed on time, within scope, and within budget. Collaboration: Work closely with onshore teams, to align offshore activities with overall business objectives and project goals. Resource Allocation: Efficiently allocate and manage technical resources to meet project / operation demands and optimize productivity. Quality Assurance: Implement and maintain quality assurance processes to ensure the highest standards of technical delivery. Communication: Facilitate effective communication between offshore and onshore teams, ensuring transparency and alignment on project status, risks, and issues. Problem Solving: Proactively identify and resolve technical and operational challenges to ensure smooth project execution. Stakeholder Management: Build and maintain strong relationships with key stakeholders, providing regular updates and addressing any concerns or requirements. Qualifications: Education: Bachelor’s degree in computer science, Information Technology, or a related field. A master’s degree is preferred. Experience: 5–10+ years of progressive experience in cyber security, including at least 5 years in senior leadership roles. Technical Skills: Deep understanding of cyber security frameworks (NIST CSF, NIST 800-53, MITRE ATT&CK) Leadership Skills: Demonstrated experience building and managing enterprise security programs in complex, regulated environments. Proven ability to influence at all levels, including executives and board members. Excellent leadership, communication, and stakeholder engagement skills. Problem-Solving: Strong technical foundation in network security, cloud security (GCP, AWS, Azure, OCI), security engineering, and incident response. Cultural Awareness: Ability to work effectively in a multicultural environment and manage teams across different time zones. Preferred Qualifications: Experience working in a global organization with distributed teams. Certification in (CISSP, CISM, CISA, CCSP, etc.) strongly preferred. Experience and Certifications in ITIL, Agile and DevOps practices. Experience working in Retail & Manufacturing. Knowledge of managing regulatory environments such as HIPAA, SOX, PCI-DSS, GDPR. Experience integrating security in agile, DevOps, and CI/CD pipelines. About Us: We are a leading organization committed to leveraging technology to drive business success. Our team is dedicated to innovation, collaboration, and delivering exceptional results. Join us and be a part of a dynamic and forward-thinking company. How to Apply: Interested candidates are invited to submit their resume and cover letter detailing their relevant experience and qualifications.

Job Title: Associate Director – IT Infrastructure & Operations Location: Hyderabad, India Job Summary: GTO is seeking a highly motivated and experienced Associate Director of Infrastructure Operations to lead our dynamic and growing infrastructure team. This critical role is responsible for the reliable, secure, and efficient operation of our entire IT infrastructure, including network, servers, storage, cloud environments, and critical systems. The Associate Director will drive operational excellence, implement best practices, manage vendor relationships, and ensure the infrastructure supports the company's strategic objectives. This position requires strong technical acumen, exceptional leadership skills, and a proactive approach to problem-solving in a fast-paced environment. The Associate Director of Operations reports to Director of Operations. The primary responsibility to make sure the 99.99% availability is maintained across environment across 84 sites that are in different regions across the globe. The candidate must be willing to work on site 4 days a week in Hyderabad, during US EST time zone. Key Responsibilities: Leadership and Team Management: • Lead, mentor, and develop a team of infrastructure operations engineers and specialists. • Foster a collaborative, high-performing, and results-oriented team culture. • Set clear performance expectations, provide regular feedback, and conduct performance reviews. • Manage team schedules, on-call rotations, and ensure adequate staffing levels. • Identify training and development needs within the team. Infrastructure Operations and Maintenance: • Oversee the day-to-day operations, maintenance, and monitoring of all IT infrastructure components (servers, storage, network, firewalls, load balancers, etc.). • Ensure high availability, performance, and stability of critical systems and services. • Implement and enforce ITIL best practices for incident, problem, change, and configuration management. • Develop and maintain comprehensive documentation for infrastructure configurations, processes, and procedures. • Manage and optimize backup, recovery, and disaster recovery processes. • Collaborate with Design, Engineering, Capacity, Strategy, Security and Application teams Cloud Infrastructure Management: • Manage and optimize our cloud infrastructure (e.g., AWS, Azure, GCP) for performance, cost-efficiency, and security. • Implement and maintain cloud monitoring and alerting systems. • Ensure compliance with cloud security policies and best practices. Security and Compliance: • Collaborate with the security team to implement and maintain security policies and procedures for the infrastructure. • Ensure compliance with relevant industry regulations and standards (e.g., SOC 2, SOCr, NIST, RAP and PCI). • Participate in security audits and implement remediation plans. Collaboration and Communication: • Collaborate effectively with other IT teams (e.g., development, security, support) and business stakeholders. • Communicate clearly and concisely with technical and non-technical audiences regarding infrastructure status, incidents, and projects. • Participate in strategic planning and contribute to the development of IT roadmaps. Problem Solving and Incident Management: • Lead the resolution of complex infrastructure issues and outages. • Conduct root cause analysis and implement preventative measures. • Develop and maintain incident response plans. Continuous Improvement: • Identify opportunities for process improvement and automation within infrastructure operations. • Implement solutions to enhance efficiency, reliability, and scalability. • Stay current with emerging technologies and industry trends. Reporting & Strategic Insights • Deliver actionable dashboards and reports on device health, user experience, automation outcomes, and support KPIs. • Present EUX insights and strategy recommendations to IT leadership. Technical Expertise: • Strong technical expertise across a broad range of infrastructure technologies, including: • Server operating systems (Windows Server, Linux) • Networking (TCP/IP, DNS, DHCP, routing, switching, firewalls, VPN) • Storage solutions (EMC, iSilon, SAN, NAS) • Virtualization technologies (VMware, NSX) • Cloud platforms (AWS, Azure, GCP) – deep understanding of at least one is required. • Monitoring and alerting tools (e.g., SolarWinds, Nagios, SCOM, CloudWatch, Azure Monitor) • Automation tools (e.g., Ansible, Chef, Puppet, scripting languages like Python, PowerShell) • Collaboration tools (O365, Zoom, Teams) • Database management (Oracle, OCI, MsSQL, MySQL) • Oversee the deployment, maintenance, and innovation of core EUX platforms: JAMF, SCCM, Intune, Nexthink, Moveworks, and AI-based support tools. • Responsible for managing day to day operations and managing the floor operations of Technical Services, End User Client, End User Experience, Cross Functional Services • Manage lifecycle and standards for end-user hardware, peripherals, and operating systems across the enterprise. • Proven ability to lead and motivate technical teams. • Excellent problem-solving and analytical skills. Knowledge: • Working knowledge on managing Cloud operational support services (AWS and/ or GCP and/ or Azure and/ or SaaS) • Working knowledge of service monitoring tools such as: SolarWinds Orion, Microsoft System Center Operations Manager, and Nagios • Working knowledge of RedHat Linux, Windows, VMWare, EMC & NetApp Storage, Backups, and Cisco Networking devices • Working knowledge of ServiceNow and Alert Integrations • Working knowledge of Data Center Co-Location Services with heavy emphasis on monitoring • Working knowledge of Change and Production Control Frameworks as set forth in the ITILv.3 library Skills: • Ability to build, influence, lead and motivate effective teams towards end results • Ability to work effectively with all levels of staff, clients and other IT personnel • Ability to negotiate with customers to reach agreement on common goals and service levels • Ability to conduct thorough root cause analysis to resolve issues • Ability to create and present I&O information to executive management Experience: • Minimum 5 years of experience in a global 24/7 operations role • Experience in managing co-location relationships with heavy emphasis on Outsourcing relationships • Experience in Cloud technologies AWS and/ or GCP and/ or Azure • Experience in managing RedHat Linux, Windows, VMWare, EMC & NetApp Storage, Backups, and Cisco Networking devices • Experience in analysis of complex infrastructure problems • Strong interpersonal skills and the ability to effectively communicate with a wide range of stakeholders • Ability to gather data, compile information, and prepare reports for Executive Management • Ability to supervise and train employees, to include organizing, prioritizing, and scheduling work assignments. • Ability to provide technical guidance and leadership to professional personnel in area of expertise. • Ability to provide and drive data collection needs for various annual Corporate Audits: SOX, PCI, etc. • Strong understanding of ITIL principles and best practices. • Excellent communication (written and verbal) and interpersonal skills. • Experience in managing vendor relationships and budgets. • Knowledge of security best practices and compliance requirements. • Work with technology leadership team and assist with scheduled changes, maintenances and unplanned incidents • Coordinates and supports disaster recovery procedures and assists in the development of disaster recovery plans • Reviews historical data for trend analysis • Departmental Requirements • Available for all critical outages by driving the team to service restoration Qualifications: • Education: Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree is preferred. • Experience: Minimum of 10 years of experience in (Insert function here) or a similar role, with at least 5 years of experience managing offshore technical teams. • Technical Skills: Strong understanding of software development, IT infrastructure, and project delivery methodologies. • Leadership Skills: Proven ability to lead and inspire technical teams, with excellent interpersonal and communication skills. • Problem-Solving: Strong analytical and problem-solving abilities, with a proactive approach to addressing challenges. • Cultural Awareness: Ability to work effectively in a multicultural environment and manage teams across different time zones. Preferred Qualifications: • Experience working in a global organization with distributed teams. • Certification in (Insert function here) • Knowledge and Certifications in ITIL, Agile and DevOps practices. About Us: We are a leading organization committed to leveraging technology to drive business success. Our team is dedicated to innovation, collaboration, and delivering exceptional results. Join us and be a part of a dynamic and forward-thinking company. How to Apply: Interested candidates are invited to submit their resume and cover letter detailing their relevant experience and qualifications.

In this role, you will: Lead complex initiatives designed to mitigate business-specific current and emerging risks with broad impact Engage in proactive Business Risk identification and assessment of existing and emerging Risk , recommend improvements by providing expertise in the control design to effectively mitigate risks, including means of measurement. Ensure the effective development, maintenance, implementation, and ongoing enhancement of the business control environment through execution of the Risk and Control Self-Assessment (RCSA) program. Engage in the development and implementation of new Business controls , root cause analysis of gaps and assist with the development of corrective action plans to address any control weaknesses or gaps and identifies opportunities for enhancements Gather and analyzes data to understand and diagnose issues ; Assesses and designs appropriate metrics to inform and monitor the health of the operational risk environment. Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area Support the Business with implementation of Control programs by providing consultative guidance. Ensure that business control issues are proactively identified and addressed appropriately, escalating where necessary. Supports a strong risk management culture through the implementation of key risk management programs into the standard operating framework of the business. Responsibilities : TCOPM Program Governance : Facilitate and coordinate the Internal Control (ICP) and Risk and Control Self Assessment (RCSA) policy and controls data quality hygiene monitoring, governance for technology teams, ensuring the timely identification and remediation of gaps. Subject Matter Expertise : Serve as a subject matter expert on ICP policy, RCSA methodologies, frameworks, and best practices.Provide guidance and support to technology teams in understanding and remediating policy or data hygiene quality gaps. Process Engineering & Tooling: Quickly develop efficient and structured workflow and communication protocols for immature processes and significant opportunities for efficiencies. Risk Identification and Assessment : Collaborate with technology teams to identify and assist with alignment of controls to the risk portfolio with agreement from Risk Assessible Unit (RAU) Owners and other key stakeholders. Stakeholder Engagement : Collaborate with various stakeholders, including technology teams, risk management functions, internal audit, and compliance, to facilitate effective communication and alignment throughout the TCOPM governance process. Training and Awareness : Develop and deliver training programs and workshops to enhance technology teams understanding of the process, risk management concepts and control frameworks, ICP, RCSA policy requirements or controls data hygiene quality standards. Reporting and Documentation : Prepare comprehensive reports and documentation summarizing TCOPM process, key decisions, findings, gap remediation, etc. Present findings and recommendations to senior management and relevant committees via expert verbal and/or written communications. Essential Qualifications: Minimum of 15 years of experience in technology risk and control management, leading and collaborating with a complex group of stakeholders Strong knowledge and experience in risk control self-assessment methodologies, risk frameworks, and technology risk management practices. Excellent facilitation and coordination skills, with the ability to engage and guide cross-functional teams effectively. In-depth understanding of technology infrastructure, systems, and emerging technology trends. Strong analytical and problem-solving abilities, with keen attention to detail. Effective communication and stakeholder management skills, with the ability to build relationships and influence at all levels of the organization. Demonstrated knowledge of Technology and Security risk framework COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards Professional certifications such as CISA, CISSP, CRISC, or equivalent are highly desirable. Bachelor's degree in Computer Science, Information Systems, or a related field. Advanced degree preferred.

Leadership and Management: Lead and manage a team of technical resources located offshore, ensuring high performance, motivation, and professional development. Oversee Security Operations Center (SOC), incident response, vulnerability management, threat intelligence, and endpoint protection. Direct the development and implementation of security architecture, tools, and frameworks across cloud, on-premises, and hybrid environments. Education: Bachelor’s degree in computer science, Information Technology, or a related field. A master’s degree is preferred. Experience: 12+ years of progressive experience in cyber security, including at least 5 years in senior leadership roles. Technical Skills: Deep understanding of cyber security frameworks (NIST CSF, NIST 800-53, MITRE ATT&CK) Leadership Skills: Demonstrated experience building and managing enterprise security programs in complex, regulated environments. Proven ability to influence at all levels, including executives and board members. Excellent leadership, communication, and stakeholder engagement skills. Problem-Solving: Strong technical foundation in network security, cloud security (GCP, AWS, Azure, OCI), security engineering, and incident response. Cultural Awareness: Ability to work effectively in a multicultural environment and manage teams across different time zones. Preferred Qualifications: Experience working in a global organization with distributed teams. Certification in (CISSP, CISM, CISA, CCSP, etc.) strongly preferred. Experience and Certifications in ITIL, Agile and DevOps practices. Experience working in Retail & Manufacturing. Knowledge of managing regulatory environments such as HIPAA, SOX, PCI-DSS, GDPR.

What You'll Do Avalara is looking for a Security controls specialist to join our team, reporting to the Sr. Manager, Governance Risk and Compliance. You will collaborate with multiple teams to design an internal control environment for Sarbanes-Oxley compliance. What Your Responsibilities Will Be Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems. Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors. Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls. Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection. Coordinate the documentation and migration of control information into Avalaras GRC platform. Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives. Assist with the performance of ad hoc risk and compliance assessments as needed. What You'll Need to be Successful Bachelors degree in Information Technology, Computer Science, or equivalent experience. 5+ years of experience in IT Audit, IT Security, or IT Risk Management. Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture. Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc. Strong understanding of application security principles, including the ability to assess risk through code and design review processes. Deep knowledge of technical controls, including their design, implementation, and effectiveness. Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance. Skilled in identifying business risks and evaluating trade-offs between technical and business objectives. Experience with risk management platforms (e.g., ServiceNow GRC) is a plus. Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision. Strong organizational, planning, verbal, and written communication skills.

Job Title: Senior Manager – IT Infrastructure & Operations Location: Hyderabad, India Job Summary: GTO is seeking a highly motivated and experienced Senior Manager of Infrastructure Operations to lead our dynamic and growing infrastructure team. This critical role is responsible for the reliable, secure, and efficient operation of our entire IT infrastructure, including network, servers, storage, cloud environments, and critical systems. The Senior Manager will drive operational excellence, implement best practices, manage vendor relationships, and ensure the infrastructure supports the company's strategic objectives. This position requires strong technical acumen, exceptional leadership skills, and a proactive approach to problem-solving in a fast-paced environment. The Senior Manager of Operations reports to Director of Operations. The primary responsibility to make sure the 99.99% availability is maintained across environment across 84 sites that are located in different regions across the globe. The candidate must be willing to work on site 4 days a week in Hyderabad, during US EST time zone. Key Responsibilities: Leadership and Team Management: Lead, mentor, and develop a team of infrastructure operations engineers and specialists. Foster a collaborative, high-performing, and results-oriented team culture. Set clear performance expectations, provide regular feedback, and conduct performance reviews. Manage team schedules, on-call rotations, and ensure adequate staffing levels. Identify training and development needs within the team. Infrastructure Operations and Maintenance: Oversee the day-to-day operations, maintenance, and monitoring of all IT infrastructure components (servers, storage, network, firewalls, load balancers, etc.). Ensure high availability, performance, and stability of critical systems and services. Implement and enforce ITIL best practices for incident, problem, change, and configuration management. Develop and maintain comprehensive documentation for infrastructure configurations, processes, and procedures. Manage and optimize backup, recovery, and disaster recovery processes. Collaborate with Design, Engineering, Capacity, Strategy, Security and Application teams Cloud Infrastructure Management: Manage and optimize our cloud infrastructure (e.g., AWS, Azure, GCP) for performance, cost-efficiency, and security. Implement and maintain cloud monitoring and alerting systems. Ensure compliance with cloud security policies and best practices. Security and Compliance: Collaborate with the security team to implement and maintain security policies and procedures for the infrastructure. Ensure compliance with relevant industry regulations and standards (e.g., SOC 2, SOCr, NIST, RAP and PCI). Participate in security audits and implement remediation plans. Collaboration and Communication: Collaborate effectively with other IT teams (e.g., development, security, support) and business stakeholders. Communicate clearly and concisely with technical and non-technical audiences regarding infrastructure status, incidents, and projects. Participate in strategic planning and contribute to the development of IT roadmaps. Problem Solving and Incident Management: Lead the resolution of complex infrastructure issues and outages. Conduct root cause analysis and implement preventative measures. Develop and maintain incident response plans. Continuous Improvement: Identify opportunities for process improvement and automation within infrastructure operations. Implement solutions to enhance efficiency, reliability, and scalability. Stay current with emerging technologies and industry trends. Technical Expertise: Strong technical expertise across a broad range of infrastructure technologies, including: Server operating systems (Windows Server, Linux) Networking (TCP/IP, DNS, DHCP, routing, switching, firewalls, VPN) Storage solutions (EMC, iSilon, SAN, NAS) Virtualization technologies (VMware, NSX) Cloud platforms (AWS, Azure, GCP) – deep understanding of at least one is required. Monitoring and alerting tools (e.g., SolarWinds, Nagios, SCOM, CloudWatch, Azure Monitor) Automation tools (e.g., Ansible, Chef, Puppet, scripting languages like Python, PowerShell) Collaboration tools (O365, Zoom, Teams) Database management (Oracle, OCI, MsSQL, MySQL) Proven ability to lead and motivate technical teams. Excellent problem-solving and analytical skills. Knowledge: Working knowledge on managing Cloud operational support services (AWS and/ or GCP and/ or Azure and/ or SaaS) Working knowledge of service monitoring tools such as: SolarWinds Orion, Microsoft System Center Operations Manager, and Nagios Working knowledge of RedHat Linux, Windows, VMWare, EMC & NetApp Storage, Backups, and Cisco Networking devices Working knowledge of ServiceNow and Alert Integrations Working knowledge of Data Center Co-Location Services with heavy emphasis on monitoring Working knowledge of Change and Production Control Frameworks as set forth in the ITILv.3 library Skills: Ability to build, influence, lead and motivate effective teams towards end results Ability to work effectively with all levels of staff, clients and other IT personnel Ability to negotiate with customers to reach agreement on common goals and service levels Ability to conduct thorough root cause analysis to resolve issues Ability to create and present I&O information to executive management Experience: Minimum 5 years of experience in a global 24/7 operations role Experience in managing co-location relationships with heavy emphasis on Outsourcing relationships Experience in Cloud technologies AWS and/ or GCP and/ or Azure Experience in managing RedHat Linux, Windows, VMWare, EMC & NetApp Storage, Backups, and Cisco Networking devices Experience in analysis of complex infrastructure problems Strong interpersonal skills and the ability to effectively communicate with a wide range of stakeholders Ability to gather data, compile information, and prepare reports for Executive Management Ability to supervise and train employees, to include organizing, prioritizing, and scheduling work assignments. Ability to provide technical guidance and leadership to professional personnel in area of expertise. Ability to provide and drive data collection needs for various annual Corporate Audits: SOX, PCI, etc. Strong understanding of ITIL principles and best practices. Excellent communication (written and verbal) and interpersonal skills. Experience in managing vendor relationships and budgets. Knowledge of security best practices and compliance requirements. Work with technology leadership team and assist with scheduled changes, maintenances and unplanned incidents Coordinates and supports disaster recovery procedures and assists in the development of disaster recovery plans Reviews historical data for trend analysis Departmental Requirements Available for all critical outages by driving the team to service restoration Qualifications: Education: Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree is preferred. Experience: Minimum of 10 years of experience in (Insert function here) or a similar role, with at least 5 years of experience managing offshore technical teams. Technical Skills: Strong understanding of software development, IT infrastructure, and project delivery methodologies. Leadership Skills: Proven ability to lead and inspire technical teams, with excellent interpersonal and communication skills. Problem-Solving: Strong analytical and problem-solving abilities, with a proactive approach to addressing challenges. Cultural Awareness: Ability to work effectively in a multicultural environment and manage teams across different time zones. Preferred Qualifications: Experience working in a global organization with distributed teams. Certification in (Insert function here) Knowledge and Certifications in ITIL, Agile and DevOps practices. About Us: We are a leading organization committed to leveraging technology to drive business success. Our team is dedicated to innovation, collaboration, and delivering exceptional results. Join us and be a part of a dynamic and forward-thinking company. How to Apply: Interested candidates are invited to submit their resume and cover letter detailing their relevant experience and qualifications.

Job Title: Infrastructure Security Architect Experience: 4+ Years Location: Gurgaon Job Type: Full-time Job Summary: We are seeking an experienced Infrastructure Security Architect to design and maintain secure infrastructure systems and ensure the highest standards of cybersecurity across the organization. The candidate will play a critical role in defending systems and data against evolving threats while ensuring regulatory compliance and operational resilience. Key Responsibilities: Protect digital assets from unauthorized access, disruption, or misuse, ensuring confidentiality, integrity, and availability. Develop and manage Data Loss Prevention (DLP) strategies to safeguard sensitive data in motion and at rest. Detect, analyze, and mitigate threats using XDR, Dark Web Hunting, and other threat intelligence tools. Lead security incident response processes—investigation, containment, remediation, and post-mortem analysis. Conduct regular risk assessments and security audits to ensure compliance with standards such as NIST, ISO 27001, or GDPR. Evaluate existing and planned infrastructure to detect vulnerabilities and recommend architectural improvements. Collaborate across teams to integrate security by design principles into systems architecture. Required Qualifications: M.Tech / B.Tech in Computer Science, Information Security, Information Technology, or related field. 4+ years of professional experience in infrastructure or cybersecurity roles. In-depth knowledge of network security, cloud security (AWS/Azure), firewalls, VPNs, IDS/IPS, and encryption protocols. Hands-on experience with SIEM, XDR, DLP, vulnerability scanners, and incident response tools. Strong grasp of compliance, governance, and regulatory frameworks (e.g., ISO, NIST, PCI DSS). Preferred Certifications: CISSP, CISM, CEH, or related certifications. Cloud Security Certifications (e.g., AWS Security Specialty, Azure Security Engineer Associate). #teceze

Role: DevSecOps engineer Location: Hyderabad/Chennai- Hybrid Experience: 6+ About us: Conglomerate IT is a certified and a pioneer in providing premium end-to-end Global Workforce Solutions and IT Services to diverse clients across various domains. Visit us at https://www.conglomerateit.com/ Conglomerate IT mission is to establish global cross culture human connections that further the careers of our employees and strengthen the businesses of our clients. We are driven to use the power of global network to connect business with the right people without bias. We provide Global Workforce Solutions with affability. Job Summary: We are seeking a highly skilled and experienced DevSecOps Engineer to join our dynamic team. In this role, you will be responsible for integrating security into our DevOps pipelines, ensuring robust infrastructure, scalable deployment systems, and secure operations across our cloud environments. Key Responsibilities: Design, implement, and manage scalable and secure Infrastructure as Code (IaC) using tools like Terraform. Build, maintain, and support Kubernetes clusters across various environments. Develop and enhance CI/CD pipelines using tools such as Azure DevOps or equivalent. Collaborate with development, security, and operations teams to implement secure, efficient, and reliable DevSecOps practices. Automate routine processes and workflows to increase efficiency and reduce manual errors. Monitor and optimize system performance and ensure high availability, scalability, and security. Respond to security incidents and operational issues in a timely and effective manner. Implement and enforce security best practices across the software development lifecycle. Participate in a rotational on-call schedule, providing L3/L4 support during off-hours, weekends, and holidays. Develop and maintain system and process documentation. Stay current with emerging technologies, tools, and best practices in DevSecOps and cybersecurity. Required Qualifications: Bachelor’s degree in Computer Science, Engineering, Information Security, or a related field. 6+ years of experience in a DevSecOps or similar role. Strong hands-on experience with cloud platforms such as Azure and Google Cloud Platform (GCP), including security configurations. Deep understanding of the Software Development Lifecycle (SDLC) and DevSecOps practices. Expertise in CI/CD tools, especially Azure DevOps, GitHub Actions, or similar. Proficient in containerization tools including Docker and orchestration platforms like Kubernetes. Strong experience with Infrastructure as Code (IaC) and configuration management using tools like Terraform and Ansible. Familiarity with monitoring and observability tools and practices (e.g., SLO/SLA/SLI, Distributed Tracing). Solid experience with Git and other version control systems. Strong problem-solving, communication, and collaboration skills. Preferred Skills (Nice to Have): Knowledge of security standards (e.g., NIST, OWASP, CIS). Experience with policy-as-code tools like OPA/Gatekeeper. Familiarity with Secrets Management tools (e.g., HashiCorp Vault, Azure Key Vault). Experience in scripting languages such as Python, Bash, or PowerShell.

The VOC VI & ASM Analyst is responsible for:  Vulnerability Intelligence (VI): o Monitor new vulnerabilities and assess their criticality and risk severity based on threat, exploit availability, ease of exploit, impact, … o Communicate and publish an assessment on vulnerabilities related to software o Maintain timely, high-quality vulnerability bulletins, prioritizing issues against the Group’s asset exposure o Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service o Keep the vulnerability database up to date; enrich each CVE and security bulletin with QDS, EPSS, CVSS metrics, …  Attack Surface Management (ASM): o Operate continuous monitoring of external assets via ASM Security tools o Update on a regular basis the coverage of ASM tools, by adding known domains and IP ranges o Assess the severity of the findings and confirm their presence review, challenge, FP assessment o Track and report exposure trends; escalate high-risk findings to Blue-Team remediation owners o Build and use the external footprint to proactively identify new threats and new vulnerabilities o Leverage ASM tools to proactively identify external assets subject to newly published vulnerabilities  BlackBox Pentesting: o Drive proactive follow-up on detected vulnerabilities, engaging system owners and tracking remediation to closure o Active follow up with Application managers to onboard new application in the BlackBox Pentesting service  Vulnerability Management: o Vulnerability review, recategorization, and false positive identification Skills  Bachelors degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plus  Experience on Penetration testing actions (web application, infrastructure, …)  Experience with VI and ASM tools  Experience in investigating newly published vulnerabilities and assessing their risks and severity  Experience with scripting languages (e.g., Python, Bash, Powershell, C#, …) for automation and customization of security processes is a plus  Experience with Pentester tools (Burp, SQLmap, Metasploit, Kali environment, …)  Strong technical skills with an interest in open-source intelligence investigations  Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins Additional Information  The position is based in Mumbai (India)

Hyderabad, Telangana, India Job ID 3001910 TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers’ compensation insurance. TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you’re passionate about innovation and making an impact on the large SMB market, come join us as we power our clients’ business success with extraordinary HR. Don't meet every single requirement? Studies have shown that many potential applicants discourage themselves from applying to jobs unless they meet every single requirement. TriNet always strives to hire the most qualified candidate for a particular role, ensuring we deliver outstanding results for our small and medium-size customers. So if you're excited about this role but your past experience doesn't align perfectly with every single qualification in the job description, nobody’s perfect – and we encourage you to apply. You may just be the right candidate for this or other roles. The Manager, Security-Compliance will be responsible for assuring information security and managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes. On a day-to-day, there will be responsibility to manage activities of a team, including research, analysis and documentation, evidence gathering and documenting compliance requirements. Essential Duties/Responsibilities Establishes, implements, and maintains information assurance programs, requirements, and standards based on the analysis of user, policy, regulatory, and resource demands Conducts compliance assessments of planned and implemented information systems Aligns NIST CSF framework requirements with business company processes to assist company stakeholders with determining appropriate controls, test steps, evidence collection, and documentation of risks associated with gaps to defined controls Authors and/or updates standards or documentation to align with company and regulatory guidelines Assists in facilitating audit requests by interfacing between control owners and auditors Assists with responding to customer security questionnaires Advises security administrators on normal and exception-based processing of security authorization requests Maintains an awareness of existing and proposed security-standard-setting groups, state and federal legislation and regulations pertaining to information security Identifies regulatory changes that will affect information security policy, standards and procedures, and recommends appropriate changes Works within the information security governance process to define control recommendations that are both efficient and effective Identifies, reports, and resolves security violations Job Requirements and Qualifications Education: Bachelor’s degree in Business, Computer Science, Finance, or other related business discipline preferred or equivalent work experience Training Requirements (licenses, programs, or certificates) : Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or equivalent are highly desirable Experience: 10+ years of experience in technology / IT audit or regulatory compliance role 3+ years of management experience Other Knowledge, Skills and Abilities Knowledge of information security management frameworks (e.g., NIST CSF, NIST 800-53, HIPAA, COBIT, etc.) Ability to understand and articulate security risks, as well as propose solutions and/or mitigate controls Familiar with Microsoft suite of security tools such as Purview, Sentinel, Defender and Entra Excellent written and verbal communication skills, interpersonal and collaborative skills An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one An ability to effectively influence others to modify their opinions, plans, or behaviors, with an emphasis on collaborating across multiple teams and ensuring program needs are satisfied through interpersonal and trusted communication Minimal travel required. Work Environment Work in a clean, pleasant, and comfortable office work setting. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable persons with disabilities to perform the essential functions. This position is 100% in office. Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity. TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact India.Careers@trinet.com to request such an accommodation.

Job Information Date Opened 07/18/2025 Job Type Full time City Saidapet State/Province Tamil Nadu Country India Zip/Postal Code 600096 Industry Technology Job Description Job Title: Cybersecurity Consultant Job Summary: The Cybersecurity Consultant is responsible for evaluating and strengthening the organization's cybersecurity posture across systems, networks, and user environments. This role involves conducting detailed audits, delivering threat intelligence and analysis, and developing incident response improvement plans. The consultant ensures that all cybersecurity practices align with national regulations and industry standards, helping the organization mitigate risks and maintain robust digital resilience. Key Responsibilities: Cybersecurity Audits & Assessments: Perform in-depth audits of IT systems, network infrastructure, and user access controls. Identify vulnerabilities, misconfigurations, and compliance gaps. Provide actionable recommendations to enhance security posture. Threat Analysis & Intelligence: Monitor and analyze emerging cyber threats and attack vectors. Conduct forensic investigations and root cause analysis of security incidents. Develop threat models and risk assessments to inform security strategies. Incident Response & Recovery Planning: Design and implement incident response frameworks and playbooks. Collaborate with internal teams to improve detection, containment, and recovery capabilities. Conduct post-incident reviews and update response protocols accordingly. Compliance & Regulatory Alignment: Ensure cybersecurity practices comply with national regulations and standards (e.g., NIST, ISO 27001, GDPR). Prepare documentation and reports for audits and regulatory reviews. Support certification and accreditation processes. Security Architecture & Best Practices: Advise on secure system and network architecture design. Promote adoption of best practices in identity management, encryption, and endpoint protection. Support implementation of Zero Trust and other modern security models. Training & Awareness: Conduct cybersecurity awareness sessions for employees and stakeholders. Develop training materials and simulate phishing or breach scenarios. Foster a culture of security across the organization. Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Information Security, Computer Science, or related field. Professional certifications such as CISSP, CISM, CEH, or equivalent. Proven experience in cybersecurity consulting, threat analysis, and incident response. Strong understanding of security frameworks, regulatory requirements, and risk management Excellent analytical, communication, and problem-solving skills. 8-12 years of relevant experience in IT Requirements We request the provision of the following resources on a priority basis for an upcoming engagement. These consultants are expected to operate independently as Subject Matter Experts (SMEs) within their respective domains, demonstrating proficiency across multiple technologies. The assignment will be on-site and is expected to extend for more than 12 months. The client will provide all the necessary logistical support required for the on-site deployment. We are looking forward to your confirmation and your support in mobilising these resources. City within KSA - Job will be based in Jeddah, but the resources need to go Makkah and Madina as and when needed

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology. Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments. Our Identity and Access Management Managed Services team helps organisations by designing and implementing end to end IAM programs, as well as providing ongoing operations support with continuous operational improvements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. Associate Qualifications Cybersecurity Risk & Controls Assessor Job Description 1–3 years of experience in IT audit, IT risk assessment, or cybersecurity compliance. Experience supporting internal or external audits. Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA. Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security). Strong organizational and analytical skills; ability to work independently and within teams. Strong written and verbal communication skills, particularly around documentation of controls and findings. High attention to detail and ability to manage multiple concurrent assessments. Exposure to IAM systems, cloud security, or endpoint protection technologies. Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer). Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting. Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer). Senior Associate Qualifications 4-6 years of experience in IT audit, IT risk assessment, or cybersecurity compliance Experience supporting internal or external audits. Familiarity with common control frameworks such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, COBIT, or HIPAA. Ability to understand and evaluate technical environments (e.g., IAM, cloud platforms, network security). Strong organizational and analytical skills; ability to work independently and within teams. Strong written and verbal communication skills, particularly around documentation of controls and findings. High attention to detail and ability to manage multiple concurrent assessments. Exposure to IAM systems, cloud security, or endpoint protection technologies. Familiarity with GRC tools (e.g., ServiceNow GRC, RSA Archer). Working knowledge of IT general controls (ITGCs), risk assessment methods, and compliance reporting. Professional certifications preferred (e.g., CISA, CRISC, Security+, or ISO 27001 Lead Implementer). Key Responsibilities Assist in the execution of IT and cybersecurity control assessments based on regulatory, industry, and internal frameworks (e.g., NIST 800-53, ISO 27001, SOC 2). Collect and review evidence from system owners and control operators to support control testing and validation. Perform control testing and document results in line with internal assessment methodology. Collaborate with SMEs and business teams to understand technical implementations and control applicability. Identify control gaps, exceptions, or risk themes, and support remediation tracking. Support reporting of findings, risks, and recommendations to management and risk stakeholders. Maintain documentation for audit trails and ensure compliance with assessment timelines and procedures. Assist in the continuous improvement of assessment procedures and templates. Leverage tools such as ServiceNow, Archer, or custom GRC platforms for evidence tracking, issue logging, and reporting.

Line of Service Advisory Industry/Sector Not Applicable Specialism Operations Management Level Senior Associate Job Description & Summary At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. Those in internal audit at PwC help build, optimise and deliver end-to-end internal audit services to clients in all industries. This includes IA function setup and transformation, co-sourcing, outsourcing and managed services, using AI and other risk technology and delivery models. IA capabilities are combined with other industry and technical expertise, in areas like cyber, forensics and compliance, to address the full spectrum of risks. This helps organisations to harness the power of IA to help the organisation protect value and navigate disruption, and obtain confidence to take risks to power growth. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Responsibilities - Experience in managing implementation of ISO 22301 certification programmes · Extensive experience of the BCP framework components such as Business Resiliency Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/ Testing, BIAs etc. · Strong understanding of the planning, development, program execution, maintenance and testing of Enterprise Business Continuity, Disaster Recovery, and Crisis/Incident Management programs · Hands on experience in implementing and assessing business resiliency program for organization of various sizes and complexity. · Should be able to support BC/ DR audit and examination activities including development and maintenance of policies, procedures and standards that are aligned with best practices (standards, frameworks) such as ISO 22301, NIST · Should be able to understand the Enterprise Risk Management methodologies and map it to the Business Resiliency Program · Support the identification of Business Continuity related risks (internal / external), the assessment of their likelihood, as well as potential impacts and risk mitigation plans. · Conduct Business Impact Assessment for various business functions · Support internal reporting and tracking of business continuity related issues and remediation activities. · Design, coordinate and execute BCP/DR annual test exercises for critical business processes and produce test reports including lessons learned. · Develop recovery priorities, timelines, and strategy for proper sequence of recovery components · Assist Crisis Management / Incident Management teams during service disruption events and contribute to process improvement initiatives. · Should understand complete assessment lifecycle from assessment scoping to project deliverables · Collaboration with the different stakeholders on the complex assessment issues to develop possible recommendations · Monitor progress, manage risk, and verify key stakeholders are kept informed about progress and expected outcomes · Presents findings and proposes recommendations that deal with root cause of issues and impact to the organization · Manages the approved budget and resources for the assigned audit; assigns and reviews the work done by all team members Coaches team members and colleagues in the best use of company & teams methodologies and tools · Educate team members in the correct implementation of BC & DR processes, standards and impart training to ensure recoverability of business processes and supporting services across business functions. · Demonstrates excellent people management capabilities and is able to think out of the box · Great communication skills and the ability to break down and explain complex data security problems · Excellent presentation skills and ability to effectively communicate proposals and point of view at senior management levels Mandatory Skills - BCM Preferred skills - BCP Education Qualification: BE/ BTech · Postgraduates in any stream would be preferred (not mandatory) · Prior Big 4 experience would be an added advantage · Relevant experience in Business Continuity and Disaster Recovery for varied industry segments preferred · Excellent communication skills - both written and oral Years of experience Required - 4 years Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Business Continuity Management (BCM), SAP BCM Optional Skills Accepting Feedback, Accepting Feedback, Accounting and Financial Reporting Standards, Active Listening, Analytical Thinking, Artificial Intelligence (AI) Platform, Auditing, Auditing Methodologies, Business Process Improvement, Communication, Compliance Auditing, Corporate Governance, Creativity, Data Analysis and Interpretation, Data Ingestion, Data Modeling, Data Quality, Data Security, Data Transformation, Data Visualization, Embracing Change, Emotional Regulation, Empathy, Financial Accounting, Financial Audit {+ 24 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Job Description We are looking for a detail-oriented and proactive Compliance Analyst – II to join our Information Security Group at Grazitti Interactive. In this role, you will contribute to the ongoing success of our compliance programs by executing audits, conducting risk assessments, and ensuring adherence to global regulatory standards. You will collaborate with cross-functional teams to align operations with frameworks such as ISO 27001, ISO 27701, and NIST. If you have a strong understanding of governance, risk, and compliance, and enjoy making an impact through policy, process, and stakeholder engagement, this role is for you. Key Skills 2–3 years of experience in compliance, risk management, or a related function. Working knowledge of ISO 27001, ISO 27701, and NIST frameworks. Strong analytical thinking and problem-solving capabilities. Excellent written and verbal communication skills. Proficiency in documentation and record-keeping. Ability to work independently and collaboratively across departments. Familiarity with GDPR, CCPA, HIPAA, and ITGC regulations. Advanced certifications such as CCEP, CISA, or ISO 27001 Lead Auditor. Experience drafting or maintaining compliance documentation and audit reports. Hands-on exposure to risk management tools or GRC platforms. Proficiency in MS Office (Excel, Word, PowerPoint). Ability to support junior team members and lead smaller compliance initiatives. Roles And Responsibilities Execute internal audits, compliance reviews, and risk assessments with minimal supervision. Support the creation, implementation, and continuous improvement of compliance policies and procedures. Monitor and analyze regulatory updates and ensure policy alignment. Maintain accurate documentation for all audits and compliance activities. Collaborate with cross-functional teams to embed compliance best practices across departments. Assist in developing compliance awareness programs and training materials. Provide regular updates to stakeholders on GRC initiatives, audit progress, and compliance posture.

Job Description We are looking for a detail-oriented and motivated Compliance Trainee to join the Information Security Group (ISG) at Grazitti Interactive. In this entry-level role, you will support our Governance, Risk, and Compliance (GRC) initiatives by assisting with documentation, regulatory research, and audit coordination. This position offers an excellent learning opportunity for candidates aspiring to build a career in compliance, with exposure to frameworks like ISO 27001, ISO 27701, and NIST. Key Skills Strong attention to detail, organization, and analytical thinking. Excellent verbal and written communication skills. Basic understanding of compliance, risk management, or regulatory requirements. Familiarity with data privacy regulations such as GDPR, CCPA, HIPAA, and ITGC. Ability to collaborate across teams and communicate effectively with internal stakeholders. Exposure to ISO 27001, ISO 27701, or NIST frameworks (via coursework, internship, or certification). Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint). Prior internship or academic project experience in compliance or audit functions. Roles and Responsibilities Assist in maintaining and updating compliance documentation, policies, and records. Support internal audits and compliance reviews with proper coordination and follow-ups. Collect and organize data for compliance reporting and help with preliminary risk assessments. Participate in training sessions and team meetings to develop subject-matter knowledge. Collaborate with internal teams to ensure adherence to policies and external standards. Communicate GRC updates and progress to relevant stakeholders in a clear, timely manner.

Job Description We are seeking a motivated and detail-oriented Compliance Analyst – I to join our Governance, Risk, and Compliance (GRC) team at Grazitti Interactive. In this role, you’ll be responsible for supporting compliance initiatives, assisting in audits, maintaining documentation, and promoting regulatory awareness across departments. This is a great opportunity for someone looking to build a career in information security compliance and gain exposure to global standards like ISO 27001, ISO 27701, and NIST. If you are process-driven, curious about compliance, and eager to learn in an ever-growing environment, this role is for you. Key Skills 1–2 years of experience in compliance, risk management, or a related role. Understanding of ISO 27001, ISO 27701, and NIST frameworks. Strong documentation, record-keeping, and organizational skills. Excellent verbal and written communication. Ability to work collaboratively with different teams. Basic knowledge of compliance principles and regulatory frameworks. Prior experience assisting in internal audits or compliance reviews. Familiarity with regulatory standards like GDPR, HIPAA, or CCPA. Exposure to drafting compliance documentation or audit reports. Proficiency in MS Office tools (Word, Excel, PowerPoint). Roles And Responsibilities Assist in creating, updating, and maintaining compliance policies and procedures. Collect and analyze data to support internal audits and risk assessments. Help identify compliance risks and assist in developing mitigation plans. Maintain detailed documentation and audit records for GRC processes. Contribute to compliance training, awareness sessions, and documentation rollouts. Work closely with various departments to ensure alignment with compliance goals. Communicate progress, updates, and findings with relevant stakeholders regularly.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Facilitate training sessions to enhance team knowledge and skills. - Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ. - Good To Have Skills: Experience with SailPoint IdentityNow. - Strong understanding of cloud security principles and best practices. - Experience in designing and implementing security frameworks. - Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information: - The candidate should have minimum 5 years of experience in SailPoint IdentityIQ. - This position is based at our Jaipur office. - A 15 years full time education is required.

Biotale is a global provider of artificial intelligence products & solutions for commercial and government organizations. The company provides a comprehensive approach to realization of artificial intelligence in the enterprise through AI engineering, AI operations and AI governance,. We deliver high impact digital and augmented intelligence solutions that allows organizations to innovate, be more efficient and agile.. Biotale is recognized as a trusted partner that helps implement change in order to achieve business results. For more information visit: www.biotale.io Overview As an AI Governance Analyst, you will be responsible for coordinating AI governance activities, developing standards, and supporting AI Risk Assessments to ensure responsible AI practices across the enterprise. You will also act as a resource to applicable internal/external stakeholders to ensure compliance with regulatory, ethical, technical and organizational AI standards. Key Responsibilities Performing assessments of internally and externally developed AI use cases to ensure compliance with internal policies, and regulatory guidelines. Preparing presentations, reports, and updates for leadership, technology, legal & compliance stakeholders on the effectiveness of governance controls as needed. Documenting governance decisions, workflows, risk mitigation strategies, and outcomes of assessments for internal tracking and external reporting, including evidence of systemic and technical controls in AI Governance platform. Maintaining AI inventory: data quality control, tooling supporting and implementing process improvements. Partnering with cross-functional teams to identify and evaluate potential risks and document risk mitigation strategies. Conducting search on industry best practices, emerging regulations (e.g., NIST AI RMF), and advancements in AI risk management. Qualifications 4 Year/Bachelor's degree Demonstrable experience and knowledge in areas such as AI governance, AI risk management , AI compliance 3 - 5+ Years of experience in risk management, data privacy or related field that directly aligns with the specific responsibilities for this position Provide clear and concise verbal and written communications Analytical skills to accomplish assignments with minimal supervision and must be timely and accurate. A demonstrated track record of consistently meeting and/or exceeding performance expectations Ability to work with others in a team environment Ability to work in a fast-paced, time-sensitive environment Excellent verbal and written communication skills; and the ability to interact professionally with a diverse group: executives, managers, and subject matter experts. Preferred Qualifications 2 yrs+ experience in Pharmaceutical industry. Certified as Artificial Intelligence Governance Professional or equivalent.

Career Details We are seeking a highly skilled and experienced Security Consultant to join our team. The ideal candidate should have experience in ISO consulting and implementation, with a strong understanding of information security standards and best practices. The successful candidate will be responsible for working with clients to identify security risks and develop strategies to mitigate those risks, as well as providing guidance and support for ISO compliance. Key Responsibilities: ISO27001 Consulting: Conduct gap analysis and readiness assessments for ISO27001. Develop and implement Information Security Management Systems (ISMS) based on ISO27001 standards. Perform internal audits and support clients during external audits. Provide ongoing support and guidance to ensure continuous compliance with ISO27001. GDPR/Data Privacy: Assist in conducting data privacy impact assessments (DPIAs). Develop data protection policies and procedures. Support the implementation of data privacy frameworks. Risk Management:Client Engagement: Identify, assess, and mitigate risks related to information security and data privacy. Develop risk management strategies and frameworks. Conduct risk assessments and provide recommendations for risk treatment. Work closely with clients from India & Middle East to understand their specific needs and requirements. Prepare detailed reports and presentations for clients. Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field At least 7-8 years of experience in information security Experience in ISO consulting and implementation Familiarity with security frameworks such as NIST, CIS, and ISO 27001 Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team Relevant certifications such as CISA or ISO Lead Implementer/Auditor are preferred Experience: 8-10 years Location: Govt Cyberpark, Kozhikode, Kerala If you are a motivated and experienced Security Consultant with ISO consulting and implementation experience, we encourage you to apply for this exciting opportunity. We offer competitive compensation, comprehensive benefits, and a dynamic work environment. Job Types: Full-time, Permanent Benefits: Health insurance Paid sick time Work Location: In person

Job Area: Finance & Accounting Group, Finance & Accounting Group > Internal Audit General Summary: Auditor, IT Internal Audit- Hyderabad Qualcomm is a company of inventors that unlocked 5G - ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in. This is a unique opportunity to join Qualcomms finance and accounting organization based in Hyderabad in the Corporate Internal Audit & Advisory Services (IA & AS) team. The department focuses on assisting the Audit Committee and management teams in the improvement of processes that manage risks related to achieving Qualcomms business objectives. Using Qualcomms risk-based audit methodology, the IT auditor will assist in the execution of internal audits. Specifically, the responsibilities include: Providing U.S. based time zone coverage as needed (up to 50% of time) Supporting the creation of initial planning memos and process flowcharts Identifying and assessing initial risks and control activities Designing audit procedures to evaluate control effectiveness Performing audit testing, identifying deviations from expected control activities, and effectively communicating observations to the audit team Leveraging data analytics throughout the audit process where feasible Staying abreast of changes in the business and industry to assess impacts to the companys risk profile Contributing to the development of new concepts, techniques, and making continuous process improvements for the overall IA team All Qualcomm employees are expected to actively support diversity on their teams, and in the Company. One to three years of relevant experience in internal auditing, external auditing, or SOX compliance within a global public company (preferably in the high-tech industry), Big 4/mid-tier accounting firm or other fast-paced corporate setting Strong understanding of IT general controls, cybersecurity frameworks (e.g. NIST, COBIT), and ERP systems Fluent English; multi-lingual capability is a plus Successful candidate will possess the following characteristics: As feasible, ability to travel (infrequently) to Qualcomms domestic and international locations (e.g., U.S., Europe) Semiconductor business experience or familiarity Strong communication (oral and written) and presentation skills Fast learner with strong interpersonal, organization, analytical, critical thinking, and problem-solving skills Ability to work in a flexible and non-hierarchical team environment Willingness to get things done and take responsibility Ability to recognize and apply a sense of urgency, when necessary Comfortable with ambiguity Positive attitude, professional maturity, good work ethic Ability to work independently, handle multiple projects simultaneously and multi-task to meet deadlines with high-quality deliverables Controls, risk assessment, risks, internal audit, IT Bachelor's degree in Accounting, Finance, Computer Science, cyber security, or related field. CPA, CA, CIA, CISA, CFE, or other credentials, a plus. Minimum Qualifications: Bachelor's degree. 1+ year of Finance, Accounting, or related work experience. *Completed advanced degree in a relevant field may be substituted for up to one year (Masters = one year) of work experience. Applicants Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments of cloud security measures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with incident response and threat detection methodologies.- Knowledge of regulatory requirements related to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Threat Hunting Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. A typical day involves collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security threats and solutions. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend new security technologies and tools to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Threat Hunting.- Strong understanding of cloud security principles and frameworks.- Experience with incident response and threat intelligence.- Familiarity with security compliance standards such as ISO 27001 and NIST.- Ability to analyze security incidents and develop mitigation strategies. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Threat Hunting.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk Privileged Access Management.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 3 years of experience in CyberArk Privileged Access Management.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education