3864 Nist Jobs - Page 42

Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of the client's experienced, objective, and industry-grounded viewpoints. Requirements Role & RESPONSIBILTY: Cyber Security Strategy and Governance Roles and Responsibilities: You will be responsible to perform multiple risk and gap assessments on various applications, services and Infrastructure components. You will be required to have impeccable interpersonal skill and will require to connect with various stakeholders across the globe. >> Skills: Knowledge of various Information Security Compliance and frameworks such as ISO 27001, NIST, etc Ability to understand and have experience in ISO 27001 : 2013 implementation for large organizations Ability to write information security policies and procedures as per best practices Possess understanding of key cyber security tools and solutions Ability to assess maturity of cyber security using various standards and guidelines Ability to "talk the security language" with client's management Possess excellent communication skills and should be willing to walk the extra mile on client delivery and excellence Must be an excellent team member and willing to participate in organization's initiatives on cyber security >> For Senior Managers: Should demonstrate capabilities of driving sales and engagement management for clients Should be a Technically capable of showcasing SME abilities on cyber security domains Candidates from other consulting firms will be preferred >> Certifications: Candidates must possess ISO 27001 : 2013 LI/LA and should be able to demonstrate their knowledge on the certified standard CISA, CISSP, CISM would be preferred Cloud certifications like CCSP, CompTIA would be an added advantage >> Educational Qualifications: Bachelor of Science / Bachelor in Engineering or Technology Masters program in Technology / IT or Information Security >> Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only Benefits People BENEFITS Continuous learning program Driving a culture of recognition through ‘ENCORE' our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health check-up (Manager & above, and for staff above the age of 30) Les Concierge desks Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives

Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of the client's experienced, objective, and industry-grounded viewpoints. Requirements Role & RESPONSIBILTY: Cyber Security Strategy and Governance Roles and Responsibilities: You will be responsible to perform multiple risk and gap assessments on various applications, services and Infrastructure components. You will be required to have impeccable interpersonal skill and will require to connect with various stakeholders across the globe. >> Skills: Knowledge of various Information Security Compliance and frameworks such as ISO 27001, NIST, etc Ability to understand and have experience in ISO 27001 : 2013 implementation for large organizations Ability to write information security policies and procedures as per best practices Possess understanding of key cyber security tools and solutions Ability to assess maturity of cyber security using various standards and guidelines Ability to "talk the security language" with client's management Possess excellent communication skills and should be willing to walk the extra mile on client delivery and excellence Must be an excellent team member and willing to participate in organization's initiatives on cyber security >> For Senior Managers: Should demonstrate capabilities of driving sales and engagement management for clients Should be a Technically capable of showcasing SME abilities on cyber security domains Candidates from other consulting firms will be preferred >> Certifications: Candidates must possess ISO 27001 : 2013 LI/LA and should be able to demonstrate their knowledge on the certified standard CISA, CISSP, CISM would be preferred Cloud certifications like CCSP, CompTIA would be an added advantage >> Educational Qualifications: Bachelor of Science / Bachelor in Engineering or Technology Masters program in Technology / IT or Information Security >> Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only Benefits People BENEFITS Continuous learning program Driving a culture of recognition through ‘ENCORE' our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health check-up (Manager & above, and for staff above the age of 30) Les Concierge desks Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. About The Job As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we don't just focus on who you are now, but who you can become. We believe that it’s your career and ‘It’s yours to build’ which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. About EY-Parthenon EY-Parthenon is a leading global strategy consulting organization, providing deep sector expertise and strategic insights to help clients navigate complex business challenges. We offer a dynamic work environment that fosters innovation and growth, with a strong emphasis on client impact and personal development. Within SaT – EY Parthenon, the Transaction Strategy and Execution team services clients with a full range of hands-on, operationally focused support and advice across the transaction life cycle, across buyers and sellers. We cover a wide range of operational aspects, including divestiture advisory services, carve-out readiness and support, operational due diligence, synergy assessment and delivery, day-one readiness assessment, 100- day planning, integration process support, carve-out/stand-alone costs assessment and risks, and cost reduction. Our professionals work on transactions and business development across the globe. GDS SaT – Transaction Strategy and Execution – Deal Tech - IT Infrastructure - Manager, India The Opportunity EY-Parthenon’s GDS Transaction Strategy and Execution (TSE) Technology team helps clients with IT-related aspects of M&A transactions: IT diligence: EY-Parthenon professionals evaluate a target's IT infrastructure & Cyber security to help clients assess its attractiveness. Deal tech: The TSE Technology team assesses the technology ecosystem and its role in M&A transactions. Infrastructure: Managing IT due diligence, sign-to-close, and post-integration activities from an IT Infrastructure perspective EY-Parthenon’s GDS TSE Technology professionals help clients navigate transaction risk and increase value from the beginning of a deal to its execution. This role requires prior expertise in managing complex IT integrations, separations, and transitions during mergers, acquisitions with extensive knowledge of IT systems, Datacentre, Cloud, Networking, Microsoft 365 and IT Security. Key Responsibilities Manage large to mid-sized engagements or workstreams of large engagements that help our clients solve some of their most pressing issues during transaction lifecycle. Support key decision makers in developing and executing their transaction strategy to secure deal value. Lead projects that span one or more IT Infrastructure (Hosting, Network, Digital Workplace, Messaging & Collaboration, Active Directory, Service Excellence) and cyber security (identifying vulnerabilities, risks, and gaps) functions in both deal and non-deal environments. Manage engagements, problem-solve, facilitate, ensure engagement success, and quality in delivery, Establish regular connectivity and reporting to the regional TSE partners. Build relationships with EY offices across the globe. Responsible for high degree of GDS user satisfaction with engagement processes and work products Assist in business development activities, including preparing internal materials, GTM content and presentations for client and internal pursuit meetings, engage on larger SaT projects and pitch for potential technology interventions. Ability to analyse the evolving market environment and build solutions / services to cater to the same. Develop Point of View documents and support business development initiatives Provide insights and observations based on technology, industry and functional knowledge and best practices. Leverage expertise in transactions, synergy assessments, and deal implementation on transactions related projects Conduct IT due diligence to assess the IT infrastructure of target companies, including hardware, software, networks, datacentres, and cybersecurity. Develop IT integration plans and roadmaps that align with the overall deal strategy and business objectives. Collaborate with cross-functional teams to ensure seamless IT integration during the sign-to-close phase. Manage the execution of IT integration projects, ensuring they are completed on time, within budget, and to the required quality standards. Identify risks and issues related to IT infrastructure during the deal process and develop mitigation strategies. Provide expertise in IT infrastructure optimization and consolidation post-deal closure. Lead IT infrastructure transitions during M&A, including cloud and datacentre migration, network integration, and identity management, ensuring minimal disruption and security compliance. Oversee Microsoft 365 migration, service desk consolidation, and IT monitoring to enable seamless post-transaction operations. Establish and maintain communication with key stakeholders to provide updates on project status and resolve any concerns. Ensure compliance with regulatory requirements and company policies throughout the deal process. Document lessons learned and best practices to improve future IT deal processes Skills And Attributes For Success Business and Commercially Driven - work in a fast-paced, exciting environment with strong business acumen to drive value to our clients Capability Development - contribute to our practice development initiatives, supporting the continued focus on our team as a great place to work Learning - learn and develop technical and personal skills to support achievement of career goals, through a blend of structured learning, coaching and experiences Building Relationships - cultivate strong working relationships with clients and support to key decision makers To qualify for the role, you must have A post Graduate degree in business management from a premier institute with 5-8 years of applicable consulting experience At least 4 years of experience in Transaction Strategy, Technology Strategy or Technology Transformation in a top tier consulting firm Lead large IT project execution experience with in-depth knowledge of IT project life cycles. Broad knowledge and deep understanding of one or more technical areas such as Infrastructure and Network, Cyber Security Framework (e.g., NIST, ISO 27001, GDPR, HIPAA), Solution Architecture / Pre-Sales, IT Contracts Management, Enterprise Architecture, Cloud / On-premise Technology etc. Experience in Technology aspects of Transaction lifecycle during Mergers, Acquisitions, Divestitures, and Carveouts. Due Diligence: Working experience in Due Diligence, particularly IT Due Diligence, Cyber Diligence, and Technology Diligence. Post-Deal transaction lifecycle: Working experience in post-deal lifecycle for Sell and Separate and Buy and Integrate transactions: Separation / Integration planning, Standalone models and Costing, Infrastructure Separation, Cutover Management, TSA Costing and Exit, Day-1 planning, and Logical Separation Technology Strategy: Experience in Technology Cost optimization, Technology Business Management, IT Budget forecasting, IT Chargeback, Cloud Economics, Cloud Financial Management, IT Value realization, IT Org sizing Experienced in Business Development activities such as RFPs, opportunity pursuits, winning large to mid-sized deals Strong leadership and team management abilities, with experience in building and motivating high-performing teams Exceptional communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels Good to have relevant certifications (e.g., AWS/Azure/GCP Solution Architect, PMP, ITIL, MCSE, CCNA) What You Can Look For A Team of people with commercial acumen, technology experience and enthusiasm to learn new things in this fast-moving environment An opportunity to be a part of market-leading, multi-disciplinary team of 3,500+ professionals Opportunities to work with EY SaT practices globally with leading businesses across a range of industries What We Offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Broad Role Description As a Customer Success Manager – Azure & Security , you will be the key point of contact for customers adopting Microsoft Azure and Cybersecurity solutions. Your mission is to drive customer success by ensuring secure and effective adoption of TTBS offered services, managing customer relationships, and supporting long-term strategic cloud and security goals. It's an Individual Contributor role. Key Role Deliverables 1. Act as a trusted advisor for customers implementing Azure infrastructure, services, and security frameworks. 2. Lead onboarding, training, and enablement for customers transitioning to Azure and Microsoft Security solutions (e.g., Defender, Sentinel, Entra). 3. Monitor customer health, usage, and satisfaction to proactively address risks and promote solution value. 4. Drive adoption of Azure-native security tools and best practices to strengthen cloud environments. 5. Collaborate with technical delivery, cloud architecture, and support teams to ensure customer success and alignment. 6. Conduct regular Executive Business Reviews (EBRs) and strategic planning sessions with key stakeholders. 7. Maintain a deep understanding of Microsoft’s Azure & Security roadmap to guide clients on optimization and innovation. 8. Identify expansion and upsell opportunities in areas like Azure cost optimization, compliance, Zero Trust architecture, etc. Right Person (Qualification & Experience) 1. B. Tech (Computer Science, Electronics etc.) 2. 5- 8+ years in Customer Success, Technical Account Management, or Cloud Consulting with a focus on Azure and/or cybersecurity. 3. Strong knowledge of Microsoft Azure, including core services (IaaS, PaaS), networking, identity, and security features. 4. Familiarity with Security solutions: Defender for Cloud, SIEM, SOAR, VAPT, SOC, Purview, etc. 5. Experience with compliance frameworks (e.g., NIST, ISO 27001, GDPR) and security best practices in the cloud. 6. Ability to manage technical conversations with C-level stakeholders and IT teams. 7. Strong project management, communication, and interpersonal skills. 8. Certifications preferred: Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified: Security, Compliance, and Identity Fundamentals Microsoft Certified: Azure Security Engineer Associate

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture Design Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Conduct regular assessments of security frameworks to ensure alignment with evolving business needs. - Facilitate training sessions for team members to enhance their understanding of security protocols. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management. - Good To Have Skills: Experience with Security Architecture Design. - Strong knowledge of cloud security principles and practices. - Experience in risk assessment methodologies and frameworks. - Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information: - The candidate should have minimum 7.5 years of experience in Integrated Security Risk Management. - This position is based at our Chennai office. - A 15 years full time education is required.

Skills:- vulnerability management, information security, or a related discipline, Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls), Experience with ITSM tools and ticketing systems for remediation tracking. Experience:- 3-5 Years Location:- Hyderabad Shift Timing:- 11.00 am - 8.00 pm Analyst, Vulnerability Management Omnicom Global Solutions, Hyderabad IN About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyze technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking.

We are seeking a highly skilled and experienced Security Consultant to join our team. The ideal candidate should have experience in ISO consulting and implementation, with a strong understanding of information security standards and best practices. . Experience: 5+ years. Location: Kozhikode, Kerala. Working Mode : Hybrid Key Responsibilities: ISO27001 Consulting: Conduct gap analysis and readiness assessments for ISO27001 . Develop and implement Information Security Management Systems (ISMS) based on ISO27001 standards. Perform internal audits and support clients during external audits. Provide ongoing support and guidance to ensure continuous compliance with ISO27001. GDPR / Data Privacy: Assist in conducting data privacy impact assessments ( DPIAs ). Develop data protection policies and procedures. Support the implementation of data privacy frameworks. Risk Management: Identify, assess, and mitigate risks related to information security and data privacy. Develop risk management strategies and frameworks. Conduct risk assessments and provide recommendations for risk treatment. Client Engagement: Work closely with clients from India & Middle East to understand their specific needs and requirements. Prepare detailed reports and presentations for clients. Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. At least 5-6 years of experience in information security. Experience in ISO consulting and implementation. Familiarity with security frameworks such as NIST, CIS , and ISO 27001. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Relevant certifications such as CISA or ISO Lead Implementer/Auditor are preferred. Job Types: Full-time, Permanent Pay: ₹1,000,000.00 - ₹2,000,000.00 per year Benefits: Flexible schedule Health insurance Paid sick time Provident Fund Work from home Application Question(s): Do you have the certificate of ISO27001 ? Experience: Cybersecurity: 5 years (Required) data privacy impact assessments : 5 years (Required) ISMS based on ISO27001 standards: 5 years (Required) NIST, CIS: 5 years (Required) data protection policies and procedures. : 5 years (Required) Location: Kozhikode, Kerala (Required) Work Location: In person

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NA Minimum 12 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring compliance with security policies and regulations. You will also engage in proactive monitoring of security systems and respond to incidents, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Expected to provide solutions to problems that apply across multiple teams. - Facilitate training sessions to enhance team knowledge on security best practices. - Conduct regular security audits and assessments to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance. - Strong understanding of risk management frameworks and methodologies. - Experience with security incident response and management. - Familiarity with security compliance standards such as ISO 27001 and NIST. - Knowledge of network security protocols and technologies. Additional Information: - The candidate should have minimum 12 years of experience in Security Delivery Governance. - This position is based at our Gurugram office. - A 15 years full time education is required.

Job Title: Senior Manager – Microsoft Defender Security Location: Mumbai / Bangalore / Gurgaon Experience: 8+ Years Mode of Work: Hybrid Position Type: Full-Time Department: Cybersecurity & Risk Services About the Role: We are seeking a dynamic Senior Manager – Microsoft Defender Security with proven expertise in architecting, implementing, and managing Microsoft security technologies across enterprise environments. The ideal candidate will have a strong understanding of the Microsoft 365 E5 security suite, cloud security (Azure), and incident response mechanisms, with a vision to define robust security strategies and ensure regulatory compliance across diverse industry verticals. Key Responsibilities: Lead end-to-end security solution design and implementation using Microsoft Defender XDR , Microsoft Sentinel , and Azure-native security tools . Drive Zero Trust architecture initiatives and deploy Microsoft 365 Security tools including Defender for Endpoint, Identity, Office 365, Cloud Apps, and Microsoft Information Protection. Manage security projects including threat protection, endpoint management, and external attack surface reduction using Microsoft EASM and DigitalShadows. Act as a technical advisor and escalation point for security incidents and vulnerabilities , ensuring timely resolution and continuous improvement. Build and manage cross-functional teams for security assessment, remediation, and solution delivery in alignment with PCI-DSS, NIST, CIS, ISO 27001, and CMMI standards. Engage with stakeholders including CISOs, CTOs, and business heads to translate business goals into actionable security strategies. Conduct assessments and audits, prepare reports, and drive remediation activities for endpoint security, compliance, and governance. Provide guidance on migration and modernization projects including Azure Landing Zone security, Defender for Cloud integration, and AIP deployments. Mentor and guide junior security consultants and architects within the cybersecurity practice. Liaise with Microsoft and other OEMs for certifications, partner recognitions, and incentive programs. Required Skills & Experience: 8+ years of experience in cybersecurity with strong hands-on in Microsoft Defender Suite , Microsoft Sentinel , Azure Security , and Zero Trust implementations . Deep understanding of Microsoft 365 security tools and frameworks such as: Microsoft Defender for Endpoint, Identity, Office365, and Cloud Apps Microsoft Information Protection (AIP, Purview) Microsoft Sentinel (SIEM) Microsoft Defender for Cloud (CSPM, CWPP) Experience in incident handling and response , malware analysis, data loss prevention, and advanced threat protection. Strong scripting knowledge with PowerShell for automation and orchestration of security operations. Familiarity with external threat monitoring and digital risk protection using tools like DigitalShadows . Experience with email security platforms (e.g., Proofpoint, Ironscales) and Microsoft Exchange Online Protection . Certifications (Preferred): CISSP – Certified Information Systems Security Professional ECIH – EC-Council Certified Incident Handler Microsoft Certifications (any of the below): SC-100 : Cybersecurity Architect Expert SC-200 : Security Operations Analyst Associate SC-300 : Identity and Access Administrator Associate SC-400 : Information Protection Administrator Associate SC-900 , MS-500 , or any relevant Defender/Sentinel-related certifications Good to Have: Experience working with global clients in BFSI, energy, manufacturing, or retail sectors. Exposure to Microsoft Partner ecosystem , incentive programs, and technical pre-sales. Why Join Us? Work on cutting-edge Microsoft security technologies in transformative projects across India and the Middle East. Lead security modernization journeys of Fortune 500 clients. Opportunity to define security architecture standards for enterprise customers. Dynamic work environment with continuous learning and certification support.

Job Summary: We are seeking skilled SOC Analysts (L2 and L3) to strengthen our Security Operations Center team. The candidates will be responsible for monitoring, analyzing, and responding to security incidents using advanced security tools and processes. The L2 role will focus on deeper analysis and initial remediation, while the L3 role will handle complex threats, lead incident response efforts, and support threat hunting and tuning. Key Responsibilities: SOC Analyst – L2 Monitor security events and alerts from SIEM tools (e.g., Microsoft Sentinel, Splunk, QRadar). Investigate and triage alerts to identify false positives and real incidents. Perform initial incident response actions (isolate systems, reset credentials). Escalate high-severity or complex incidents to L3 analysts. Document findings, actions, and recommendations in ticketing systems. Work with threat intelligence feeds to understand attack trends and indicators. Support vulnerability management efforts and patch validations. Assist in playbook execution and incident lifecycle management. SOC Analyst – L3 Lead end-to-end incident response, including containment, eradication, and recovery. Perform in-depth forensic investigations, malware analysis, and root cause analysis. Develop and tune SIEM detection rules and use cases. Mentor L1/L2 analysts and review their investigations. Threat hunting using behavioral analytics and threat intelligence sources. Collaborate with threat intelligence teams for proactive defenses. Work closely with other teams (IT, Cloud, Endpoint) for coordinated responses. Create and maintain runbooks, incident reports, and compliance documentation. Required Skills and Qualifications: Solid understanding of cybersecurity principles, MITRE ATT&CK, and NIST framework. Familiarity with tools: SIEM (Sentinel/Splunk/QRadar), EDR (Defender, CrowdStrike), SOAR platforms. Hands-on experience in log analysis, network traffic analysis, and endpoint investigations. Understanding of firewalls, proxies, IDS/IPS, and cloud security. L3 Specific: 5+ years in a SOC environment or cybersecurity field. Advanced knowledge of threat analysis, malware reverse engineering, and threat hunting. Experience in tuning and optimizing SIEM/SOAR rules. Industry certifications preferred (e.g., GCIA, GCIH, CEH, CISSP, Microsoft SC-200, SC-300). L2 Specific: 2–4 years of SOC or cybersecurity operations experience. Good understanding of the incident handling process. Basic scripting or automation knowledge (PowerShell, Python) is a plus.

WPP is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities. Working at WPP means being part of a global network of more than 100,000 talented people dedicated to doing extraordinary work for our clients. We operate in over 100 countries, with corporate headquarters in New York, London and Singapore. WPP is a world leader in marketing services, with deep AI, data and technology capabilities, global presence and unrivalled creative talent. Our clients include many of the biggest companies and advertisers in the world, including approximately 300 of the Fortune Global 500. Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. Why we're hiring: WPP ET provides IT services for WPP, group owned operating companies and agencies. The WPP group is the world’s largest communications services group, and as a creative transformation company, WPP is helping its clients transform the future through extraordinary work. WPP IT is an integral part of that journey, and we are proud to provide technology for some of the world’s most creative brands. As part of the organisational design initiative at WPP the Group CIO has created a new Target Operating Model (T.O.M), which consist of 4 distinct business clusters in the group. These are: Integrated Creative, Media, Production, PR & Specialist and the Corporate Business Cluster. You will bring deep expertise in managing SOX ITGC audits, risk, and compliance standards, frameworks, and methodologies for publicly listed organisations to strengthen the risk and compliance posture. As part of the Corporate Cluster, you will implement WPP CCRCO mandated processes and practices across WPP HQ functions. Actively managing and driving SOX audit remediation, you will oversee technology risk resolution, communication, and collaborate with the Corporate Director of Cyber Risk & Compliance to prioritise remediation efforts, minimizing impact on the Corporate Cluster and the wider WPP group. Who you'll be working with: WPP Enterprise Technology are proud technology solutions partner for WPP Corporate Functions. Our collaboration is instrumental in coordinating and assuring end-to-end change delivery, managing the IT technology lifecycle, and maintaining a robust innovation pipeline. The CRC discipline within WPP ET plays a crucial role in this partnership. We are responsible for providing advisory and support to the corporate business cluster on critical areas such as Technology Audits, Technology Risks, Control Assurance, and Technology Compliance. Our objective is to ensure that all central functions at WPP HQ operate in a safe, secure, and compliant manner. The CRC function in the Corporate Business Cluster drives compliant IT operations for WPP HQ teams, managing Legal, regulatory, and contractual obligations. As a Risk & Compliance Manager, you will play a critical role in developing and implementing a world-class technology risk and compliance program to support WPP HQ Finance Functions. You will collaborate with the WPP Chief Cyber, Risk and Compliance Officer (CCRCO), WPP CISO, Director of Cyber, Risk and Compliance, and WPP HQ Finance department heads to set the CRC function's vision and strategy, and manage escalations for technology operational risks, compliance, audit, BCP, and DR assessments. As an SME, you will lead and develop a highly effective risk and compliance function, strengthening defences and promoting a proactive, collaborative approach. You will operate in a highly complex environment with multiple risk categories, including IT operations, information security, legal, regulatory, financial and commercial with broad impacts spanning both the Corporate Cluster and the WPP Group. What you'll be doing: Work closely with and assist CRC department head in developing a risk and compliance strategy for the corporate cluster that is aligned to WPP ET and CRC strategies. Establish technology risk & compliance community across the range of WPP HQ functions to drive the implementation and standardisation of agreed security governance, risk & compliance approach. Drive the Cluster’s CRC strategy and approach, by closely working with Corporate CRC Director CRC Discipline Lead and other ET stakeholders. Drive BC/DR planning to the appropriate level across the Cluster and ensure BC/DR plans are updated and reviewed annually. Conduct and support Technology Risk Assessments – e.g., quarterly risk landscaping - owning and driving Cluster-specific risk mitigation actions. Respond to tracking and reporting from Internal, External or Client Audit findings within the Corporate Cluster. Conduct CRC Cluster self-certification and self-monitoring of IT controls, and maintain an active liaising channel with the IT Ops function at WPP group level. Support CRC Cluster-wide input into the WPP IT Asset Register and CMDB owned by IT Ops teams. Be CRC point of contact for relevant business stakeholder escalations relating to Technology risk and compliance. Lead and oversee resolution of the most complex, critical, and impactful risk & compliance issues. Work across the CRC Cluster teams like Operational Security, Technology Operations, and Strategy and Architecture to design controls, deliver management information (KRIs) and risk mitigation plans. Drive engagement, comms and adoption for all risk, compliance and security tasks to ensure the rationale for task is understood, the mandate is embedded, and colleagues and partners are trained and can perform effectively and efficiently. Design and deliver a range of educational activities and material to embed a strong SOX Compliant culture, mindset and behaviours across the Cluster. Build strong relationships with the external stakeholders (customer, suppliers, other major bodies) as well as build a network of peers to bring innovation and insights on industry best practice, standards, frameworks, and processes to deliver a future-fit capability. Ensure that the Corporate Function remains compliant with national legislative, regulatory, contractual and WPP technology governance obligations. Support Cluster teams and functions during client pitch for winning new work by providing a compelling narrative to our prospective clients around the strength of our risk, compliance and security proposition. What you'll need: A minimum of 5 to 7 years of strong and deep background in managing SOX ITGC audits in complex global organisations. Key certifications (e.g. CISA, CRISC, CISSP, CISM, Azure & Dynamic 365) desirable but not essential Degree or equivalent (i.e. BSc, BEng, MSc) desirable but not essential Comprehensive knowledge of information security risk standards, frameworks and best practices (i.e., COBIT, SOX ITGC, ISO27K1, NIST, CIS, SOC, Cyber Essentials, GDPR) Ability to provide leadership on complex and unfamiliar situations, often involving risk and emotion Expert communicator with a track record of operating, partnering with and influencing up to and including exec-level stakeholders Able to lead highly complex programmes across multiple units and geographies with high-pressure deliverable Risk and Compliance subject-matter-expert with in-depth knowledge of technology governance in the cloud and on-prem IT technologies Good understanding of managing internal and external audits (i.e., SOC:1-2, SOX) and assurance activities, including testing the design and operational effectiveness of security controls Ability to operate and lead in a fast-paced organizational transformation and able to navigate and champion change across organisational / geographical complexity A genuine desire to lead, develop, coach and mentor junior team members Who you are: You're open : We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working. You're optimistic : We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected. You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day. What we'll give you: Passionate, inspired people – We aim to create a culture in which people can do extraordinary work. Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry. Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge? We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process. WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers. Please read our Privacy Notice (https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment) for more information on how we process the information you provide.

Job Description Expect more. Connect more. Be more at Diebold Nixdorf. Our teams automate, digitize, and transform the way more than 75 million people around the globe bank and shop in this hyper-connected, consumer-centric world. Join us in connecting people to commerce in this vital, rewarding role. Supports the full cycle of vulnerability management: from discovery / asset identification through risk assessment, remediation, verification and reporting. Works with Information Security, engineering, other technical and product / operational stakeholders to ensure understanding of and commitment to relevant vulnerability standards and practices. Proactively monitors system, network and other changes to ensure their inclusion in vulnerability assessment / remediation activity. Responsibilities Identifies application and infrastructure owners of vulnerable assets for assignment of remediation. Assists in remediation efforts within IT and security environments by: Conducting vulnerability scans, Prioritizing remediation activities through risk ratings of vulnerabilities and assets, Catalyzing technology and business teams' remediation efforts, Validating the impact of remediation efforts. Transforms vulnerability scan data for analysis and posts for future reference. May contribute to web-based vulnerability remediation on public-facing applications and interfaces, cloud-based remediation, and other facilitating duties as assigned. Learns and follows established escalation and communication standards. Learns and applies industry standards (that is, protocol developed by the National Institute of Standards and Technology). Qualifications Required Qualifications Diploma or equivalent work experience. Minimum of 0-2 years of relevant experience or equivalent combination of education and experience in Vulnerability Management. Good business English skills (Written and spoken), good negotiation and persuasion skills. Preferred Qualifications Knowledge of Threat Intelligence collection, dissemination, analysis and delivery. Knowledge of Windows/Linux OS or general application patching, configuration, or upgrade. Knowledge of multiple security and privacy concepts such as: OSINT, HUMINT, SOCMINT, NIST, PCI, GDPR. GCIA, GHIH, CEH, or CISSP Certification. Knowledge of ISO Quality management, ITSM, and/or Risk Management. Knowledge of Security Regulations (SOX, PCI, GLBA) is an advantage. About Us Why should you join Diebold Nixdorf? Brightest minds + technology and innovation + business transformation The people of Diebold Nixdorf are 23,000+ teammates of diverse talents and expertise in more than 130 countries, harnessing future technologies to deliver personalized, secure consumer experiences that connect people to commerce. Our culture is fueled by our values of collaboration, decisiveness, urgency, willingness to change, and accountability. –Diebold Nixdorf is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity, age, marital status, veteran status, or disability status. To all recruitment agencies: Diebold Nixdorf does not accept agency resumes. Please do not forward resumes to our jobs alias, Diebold Nixdorf employees or any other organization location. Diebold Nixdorf is not responsible for any fees related to unsolicited resumes** We are a global Company operating in multiple Locations and Entities. As we are keen to find the best solution for our candidates several legal entities might be applicable for a Job offer. A List of our operating entities can be found here - https://www.dieboldnixdorf.com/en-us/about-us/global-locations

Yotta Data Services is a new-age Digital Transformation service provider, offering data center, cloud and a wide range of managed IT, application modernization, connectivity, and cybersecurity services . Job Title: Cybersecurity Lead Location: Delhi Department: Cybersecurity Experience Required: 8–12 years Responsibilities : Lead and manage cybersecurity operations including SOC, SIEM, endpoint security, and incident response. Design and implement security architecture for cloud (IaaS, PaaS, SaaS), on-prem, and hybrid setups. Evaluate and deploy tools across the cybersecurity stack—WAF, DDoS, EDR/XDR, PAM, IAM, ZTNA, SOAR, etc. Lead VAPT, compliance audits, and risk assessments; ensure alignment with ISO 27001, NIST, and regulatory requirements. Develop secure coding practices and embed DevSecOps across CI/CD pipelines. Create and maintain cybersecurity policies, standards, and response procedures. Collaborate with IT, DevOps, compliance, and business stakeholders to ensure security by design. Mentor a team of analysts and security engineers; build a high-performance security culture. Engage with OEMs and partners for solution evaluations, joint initiatives, and technology updates. Qualifications : Bachelor’s or master’s in computer science, IT, or any graduation. Industry certifications: CISSP, CISM, CEH, OSCP, or equivalent. Deep understanding of threat landscape, cloud security, network security, and regulatory frameworks. Strong experience in managing SIEM/SOAR, firewalls, identity solutions, and secure software development. Excellent communication and stakeholder management skills. Required Skills : Deep understanding of threat landscape, cloud security, network security, and regulatory frameworks. Strong experience in managing SIEM/SOAR, firewalls, identity solutions, and secure software development. Excellent communication and stakeholder management skills. Preferred Skills : Industry certifications: CISSP, CISM, CEH, OSCP, or equivalent.

inFeedo is a fast-growing, AI-led enterprise focused on transforming the employee experience through human-centric technology. As data and intelligent systems become core to our mission, we’re seeking a seasoned Risk Manager to build and oversee our frameworks around data privacy risk, AI governance and risk management, third-party risk, and information security. This role will be an integral part of our Data Privacy, Risk, and Compliance Team. No. of positions: 1 What will you be doing? 🌐 Enterprise Risk Management Design and implement enterprise risk frameworks tailored to a high-growth SaaS environment, and in line with global standards. Partner with business units and product teams to embed risk-aware decision-making. 🔐 Data Privacy & Information Security Oversee compliance and security standards (e.g., ISO 27001, SOC 2, NIST CSF, GDPR, DPDP, etc.). Conduct privacy impact assessments and data classification audits. Guide data lifecycle policies and secure data handling practices. 🤖 AI/MLRisk Establish controls and review mechanisms for fairness, explainability, model drift, and systemic AI risk. Support internal AI ethics boards or review councils. Ensure compliance with emerging AI regulations (e.g., EU AI Act, NIST AIRMF). 🧩 Third-Party & Vendo r RiskPerform risk assessments for third-party tools and data processors. Implement contractual clauses and SLAs that uphold compliance and security. ⚙️ Operational Risk & Incident Response Lead tabletop exercises, red teaming simulations, and post-incident reviews with relevant stakeholders. Collaborate with the Security Engineer and Legal for incident handling and reporting. Who will you work with? Varun, Seema, and of course the rest of the jovial inFee do team. Ideal Profile : 6–7 years of experience in data governance, AI/ML risk, cybersecurity, or risk management roles. Strong grounding in global frameworks: NIST CSF, NIST AI RMF, ISO 27001/27701, SOC2, GDPR, DPDP. Prior experience working with security architects, ML engineers, and compliance teams. Certifications such as CIPT, CISA, CRISC, ISO 27001 LA, or AI Governance programs are a plus. Comfortable working with cross-functional stakeholders, with the ability to influence without authority. Strong inclination to learn and adapt to new technologies. Bonus if you've led risk functions in SaaS or high-scale digital-first organizations. Our expectations before you click Apply Now” Read about inFeedo& Amber We are an equal-opportunity employer and value diversity at inFeedo. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or education. [Attitude>Skills >Education]

Summary Position Summary Red Team —Consultant 2 - Solution Delivery Advisor Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Works on projects with clearly defined guidelines as team member with responsibility for project delivery Works on the projects with clearly defined guidelines such as standard operating procedures Adhers to Service Level Agreements Works under general supervision with few direct instructions Performs development and customization work on larger security and data protection technology implementation projects Understands basic business and information technology management processes. Demonstrates knowledge of firm apposes methodologies, frameworks and tools (required) Participate in practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Strong communication skills (written & verbal) Understanding of basic business and information technology management processes Knowledge and understanding of Dev-Sec-Ops Vulnerability Management, Threat Management, Penetration testing, Mobile Testing, Red Teaming, Phishing. Experience with tools related to the domains mentioned above Experienced in one or more of the above areas (as the career progresses) Deep knowledge of commonly used protocols such as TCP/IP, DNS Understanfing of ITIL and ITSM Understaing of SANS TOP 25 Additional Skills Familiarity with industry standards and frameworks such as OWASP, CIS, NIST ISO/IEC 17799, etc. Assist clients with discovering vulnerabilities and rogue assets (such as shadow IT) in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and procedures used by cyber criminals. Configure and execute vulnerability scans enumerating vulnerabilities within the internal and external network. Analyze, enrich and prioritize specific activities designed to remediate discovered vulnerabilities such as patch deployment or configuration hardening. Assist in producing a comprehensive operating picture and cyber security situational awareness. Work with various vulnerability threat feeds (such as vendor bulletins), assessment tools, asset inventory tools as well as reporting tools and frameworks to match assets to identified vulnerabilities and produce reports. Respond to requests for ad-hoc reporting and research topics from management and analysts as required. Identify gaps in available asset information and engage with leadership on strategies to meet service-level requirements through affirmative handoff with remediation partners. Quickly understand and deliver on company and customer requirements Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams Adhere to internal operational security and other Understanding of common network infrastructure devices such as routers and switches Understanding of basic networking protocols such as TCP/IP, DNS, HTTP Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Basic knowledge in system security architecture and security solutions Mandatory Certification - CEH, Security+ Preffered Certification: OSCP, OSWP, CRTO, CREST Certified Certified Web Application Tester, OSCE, CREST Certified Simulated Attack Specialist, CREST Certified Certified Simulated Attack Specialist), AWS Security Speciaist, CKE, Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc. Preferred: B. E / B.Tech (Tier 2 or 3)/ M.S in any engineering discipline; 3-5 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300420

Our technology services client is seeking multiple DevSecOps Security Engineer to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: DevSecOps Security Engineer Experience: 5- 7 Years Location: Mumbai, Pune, Hyderabad, Bangalore, Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: Devops Support, GitHub Actions, CI/CD Pipelines, Argocd , Snyk, multicloud (AWS/AZure/GCP) GIT, MS Tools, Docker, Kubernetes, Jfrog, SCA & SAST Job Description: A security expert who can write code as needed and knows the difference between Object vs Class vs Function programming. Strong passion and thorough understanding of what it takes to build and operate secure, reliable systems at scale. Strong passion and technical expertise to automate security functions via code. Strong technical expertise with Application, Cloud, Data, and Network Security best practices. Strong technical expertise with multi-cloud environments, including container/serverless and other microservice architectures. Strong technical expertise with older technology stacks, including mainframes and monolithic architectures. Strong technical expertise with SDLC, CI/CD tools, and Deployment Automation. Strong technical expertise with operating security for Windows Server and Linux Server systems. Strong technical expertise with configuration management, version control, and DevOps operational support. Strong experience with implementing security measures for both applications and data, with an understanding of the unique security requirements of data warehouse technologies such as Snowflake. Role Responsibilities Development & Enforcement Develop and enforce engineering security policies and standards. Develop and enforce data security policies and standards. Drive security awareness across the organization. Collaboration & Expertise Collaborate with Engineering and Business teams to develop secure engineering practices. Serve as the Subject Matter Expert for Application Security. Work with cross-functional teams to ensure security is considered throughout the software development lifecycle Analysis & Configuration Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data. Lead security testing, vulnerability analysis, and documentation. Operational Support Participate in operational on-call duties to support infrastructure across multiple regions and environments (cloud, on-premises, colocation). Develop incident response and recovery strategies. Qualifications Basic Qualifications 5+ years of experience in developing and deploying security technologies. A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. Experience with modern Software Development Lifecycles and CI/CD practices Experience for the remediation of vulnerabilities sourced from Static Analysis (SAST), Open Source Scanning (SCA), Mobile Scanning (MAST) and API Scanning Proficiency in Public Clo\ud (AWS/Azure/GCP) & Network Security. Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code. Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell. Strong experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA). Preferred Qualifications Strong technical expertise with Architecting Public Cloud solutions and processes. Strong technical expertise with Networking and Software-Defined Networking (SDN) principles. Strong technical expertise with developing and interpreting Network, Sequence, and Dataflow diagrams. Familiarity with OWASP Application Security Verification Standard Experience with direct, remote, and virtual teams. Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA). Strong technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, CodeQL, Checkmarx, and Snyk. Strong technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability. Education A minimum of a Bachelor’s degree in Computer Science, Software Development, Software Engineering, or a related field, or equivalent alternative education, skills, and/or practical experience is required. If you are interested, share the updated resume to hema.g@s3staff.com

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Hi....! We are hiring for below Positions Job Title: CyberArk Developer + Beyond Trust Key Skills: CyberArk , Beyond Trust , PAM , LDAP ,Privileged Identity Management Job Locations: Hyderabad Experience: 6-10Yrs Budget: 15LPA Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: 2 Rounds of Technical Interview Job Description: CyberArk Developer Solid understanding of CyberArk with BeyondTrust , PAM and its components including EPV, PSM, CPM, PSMP, AIM) Experience in Installing and Setting up CyberArk and customizing/configuring it for given Policies and procedures. Integrating various platforms with Cyber Ark, such as different LDAP providers, Windows servers, UNIX servers, Databases and networking devices Experience in using PACLI, and scripting languages like PowerShell for automation and customization Strong problem-solving, communication, and leadership abilities, Prior experience with Agile practices such as Kanban or Scrum Roles and Responsibilities: Deployment & implementation of Privileged Identity Management using CyberArk solution for large scale customers Privileged User account administration of various Windows and UNIX accounts using CyberArk components. Ensure BeyondTrust deployments align with security best practices, compliance requirements (e.g., SOC 2, NIST, Zero Trust), and organizational policies. Deeply understand and manage integrations between BeyondTrust products and other critical enterprise systems. Troubleshoot complex integration issues with Identity Providers (IdPs) like Active Directory, Azure AD (Entra ID), Okta, Ping Identity, and other LDAP sources. Integrating various platforms with Cyber-Ark, such as Windows servers, UNIX servers, Databases and networking Devices. Creating and Managing Safes, platforms and Owners. CPM policies management or redistribution. Implementing the Password Upload Utility Knowledge on CPM and PSM connector customization Perform health check monitoring on all CyberArk severs to ensure consistent availability of system to end user. Monitor logs and events for Windows, UNIX and User identity management platforms to provide views of misuse or malicious activities. Interested Candidates please share your CV to sushma.n@people-prime.com

Job Description NielsenIQ is seeking a skilled and driven Customer Identity and Access Management (CIAM) Sr. Principal Engineer to support modernization of our global customer identity platform and advance maturity of CIAM program. The ideal candidate will define and champion the enterprise-wide Customer Identity Governance & Access Management vision by setting technical direction, architecting future-proof solutions, and driving transformational initiatives at scale. Acts as a strategic advisor across engineering, security, and business leadership, ensuring IAM solutions are aligned with enterprise goals, regulatory requirements and industry trends. This role requires a strong blend of business acumen, clear and effective communication, and the ability to collaborate across functions to champion secure yet seamless customer identity experiences. A focus on driving business outcomes is critical, along with exceptional interpersonal skills and fluency in written and spoken English. Responsibilities Shapes a culture of innovation, resilience, and engineering excellence across the CIAM function across B2B and B2C clients Design, architect, and guide the implementation of end-to-end CIAM solutions leveraging Okta Identity Cloud or equivalent platforms, with a strategic focus on enterprise-grade capabilities such as Single Sign-On (SSO), Adaptive Multi-Factor Authentication (MFA), Universal Directory, and Identity Lifecycle Management Serve as a subject matter expert in customer authentication and authorization standards, including OAuth 2.0, OIDC, SAML, FIDO2, SCIM, and JWT Drives transformational initiatives at scale, fosters engineering excellence, security by design and represents CIAM thought leadership within and beyond the organization Guides team to generate significant insights through a variety of tools and resources to uncover areas of opportunities and customer experience improvements; follows through to ensure applicable improvements are implemented Leads research and evaluation of industry best practices and emerging trends to enhance the effectiveness, scalability, and security of CIAM services and solutions Evaluate current processes against the defined industry leading practices including standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls Actively handles ambiguity, influences others to bring in “big picture” thinking and drives clarity, solutions, and execution plan among team and collaborators Partner with cross-functional stakeholders (customer success and support, application development) to deliver seamless and compliant customer identity journeys Qualifications Bachelor’s degree in Computer Science, Information Technology, or a related field Minimum of 12 years in IAM, with a minimum of 8 years focused specifically on Customer IAM (CIAM) Proven experience in architecting, engineering, and implementing CIAM platforms and solutions at enterprise scale Demonstrates strategic leadership, sets IAM technical vision, roadmaps, and standards Consistent track record to effectively develop, influence, present and communicate highly complex business, digital, or technology concepts to cross-functional teams, non-technical users and senior leadership Proficient in identity standards and protocols: OAuth 2.0, OIDC, SAML, SCIM, JWT, FIDO2, and WebAuthn Strong experience with leading CIAM platforms (e.g., ForgeRock, Okta CIAM, Ping Identity, Auth0, Microsoft Entra External ID, Azure B2C, B2B, and AWS Cognito) Experience with developing patterns on API security and creating CIAM capabilities as service-based architecture Excellent communication skills, with the ability to articulate complex technical concepts to business stakeholders along with strong spoken and written English Flexibility to accommodate working across different time-zones Additional Information Our Benefits Flexible working environment Volunteer time off LinkedIn Learning Employee-Assistance-Program (EAP) About NIQ NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View™. NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population. For more information, visit NIQ.com Want to keep up with our latest updates? Follow us on: LinkedIn | Instagram | Twitter | Facebook Our commitment to Diversity, Equity, and Inclusion NIQ is committed to reflecting the diversity of the clients, communities, and markets we measure within our own workforce. We exist to count everyone and are on a mission to systematically embed inclusion and diversity into all aspects of our workforce, measurement, and products. We enthusiastically invite candidates who share that mission to join us. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, protected veteran status or any other protected class. Our global non-discrimination policy covers these protected classes in every market in which we do business worldwide. Learn more about how we are driving diversity and inclusion in everything we do by visiting the NIQ News Center: https://nielseniq.com/global/en/news-center/diversity-inclusion

Dear Candidates, We are seeking an experienced Head - Risk & Compliance to lead and elevate our governance, risk management, and compliance strategies. This senior leadership role will oversee the development and execution of robust frameworks, ensuring alignment with industry standards and regulations. I've included for you the Company Description and Job Description below. Company Description Infogain is a Silicon Valley-based company with expertise in software platform engineering and deep domain skills in travel, retail, insurance, and high technology. We accelerate the delivery of digital customer engagement systems for our clients using digital technologies such as cloud, microservices, robotic process automation, and artificial intelligence. Our 6000+ global employees are across the US, UK, Singapore, Middle East, and India. Job Location : Noida- Sector 60 Gautam Buddha Nagar UP Key Responsibilities: Develop and refine IT governance frameworks aligned with ISO, regulatory standards, and best practices. Lead the implementation and maintenance of compliance programs (ISO 27001, SOC 2, PCI DSS, GDPR, HIPAA, etc.). Manage enterprise-wide risk assessments, identifying and mitigating risks across people, processes, and technology. Oversee internal audits, third-party assessments, and the lifecycle of risk management activities. Define and monitor organizational risk tolerance, ensuring integration into strategic decisions. Lead the Business Continuity and Disaster Recovery (BC/DR) governance, aligned with ISO 22301. Foster a culture of accountability, compliance, and risk awareness across the organization. Serve as the primary point of contact for regulators, auditors, clients, and internal teams. Qualifications: 10-15 years of leadership experience in risk, compliance, and audit. 5+ years in senior GRC roles, with experience managing cross-functional programs. Certifications: CISA, CRISC, CISM, ISO 27001 Lead Auditor/Implementer, DPO, etc. Expertise in ISO, NIST, data protection laws (GDPR, HIPAA, DPDPA), and cloud security compliance. Strong understanding of GRC tools Proven leadership, collaboration, and stakeholder management skills. Key Performance Indicators (KPIs): Zero major findings in audits (internal and external). Timely closure of identified risks and non-conformities. Improvement in organizational risk maturity and compliance scores. High employee training completion and awareness scores. Positive client feedback on compliance transparency and readiness. If you have the expertise and vision to lead our risk and compliance strategy at an executive level, we invite you to apply! #RiskManagement #Compliance #Governance #Leadership #ISO #CyberSecurity Please share your resume on : Priya1.sharma@Infogain.com

Description Job Description We are looking for a detail-oriented and motivated Compliance Trainee to join the Information Security Group (ISG) at Grazitti Interactive. In this entry-level role, you will support our Governance, Risk, and Compliance (GRC) initiatives by assisting with documentation, regulatory research, and audit coordination. This position offers an excellent learning opportunity for candidates aspiring to build a career in compliance, with exposure to frameworks like ISO 27001, ISO 27701, and NIST. Skills Key Skills Strong attention to detail, organization, and analytical thinking. Excellent verbal and written communication skills. Basic understanding of compliance, risk management, or regulatory requirements. Familiarity with data privacy regulations such as GDPR, CCPA, HIPAA, and ITGC. Ability to collaborate across teams and communicate effectively with internal stakeholders. Exposure to ISO 27001, ISO 27701, or NIST frameworks (via coursework, internship, or certification). Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint). Prior internship or academic project experience in compliance or audit functions. Responsibilities Roles and Responsibilities Assist in maintaining and updating compliance documentation, policies, and records. Support internal audits and compliance reviews with proper coordination and follow-ups. Collect and organize data for compliance reporting and help with preliminary risk assessments. Participate in training sessions and team meetings to develop subject-matter knowledge. Collaborate with internal teams to ensure adherence to policies and external standards. Communicate GRC updates and progress to relevant stakeholders in a clear, timely manner. Contacts Email: careers@grazitti.com Address: HSIIDC Technology Park, Plot No – 19, Sector 22, 134109, Panchkula, Haryana, India

Description Job Description We are seeking a motivated and detail-oriented Compliance Analyst – I to join our Governance, Risk, and Compliance (GRC) team at Grazitti Interactive. In this role, you’ll be responsible for supporting compliance initiatives, assisting in audits, maintaining documentation, and promoting regulatory awareness across departments. This is a great opportunity for someone looking to build a career in information security compliance and gain exposure to global standards like ISO 27001, ISO 27701, and NIST. If you are process-driven, curious about compliance, and eager to learn in an ever-growing environment, this role is for you. Skills Key Skills 1–2 years of experience in compliance, risk management, or a related role. Understanding of ISO 27001, ISO 27701, and NIST frameworks. Strong documentation, record-keeping, and organizational skills. Excellent verbal and written communication. Ability to work collaboratively with different teams. Basic knowledge of compliance principles and regulatory frameworks. Prior experience assisting in internal audits or compliance reviews. Familiarity with regulatory standards like GDPR, HIPAA, or CCPA. Exposure to drafting compliance documentation or audit reports. Proficiency in MS Office tools (Word, Excel, PowerPoint). Responsibilities Roles and Responsibilities Assist in creating, updating, and maintaining compliance policies and procedures. Collect and analyze data to support internal audits and risk assessments. Help identify compliance risks and assist in developing mitigation plans. Maintain detailed documentation and audit records for GRC processes. Contribute to compliance training, awareness sessions, and documentation rollouts. Work closely with various departments to ensure alignment with compliance goals. Communicate progress, updates, and findings with relevant stakeholders regularly. Contacts Email: careers@grazitti.com Address: HSIIDC Technology Park, Plot No – 19, Sector 22, 134109, Panchkula, Haryana, India

Description Job Description We are looking for a detail-oriented and proactive Compliance Analyst – II to join our Information Security Group at Grazitti Interactive. In this role, you will contribute to the ongoing success of our compliance programs by executing audits, conducting risk assessments, and ensuring adherence to global regulatory standards. You will collaborate with cross-functional teams to align operations with frameworks such as ISO 27001, ISO 27701, and NIST. If you have a strong understanding of governance, risk, and compliance, and enjoy making an impact through policy, process, and stakeholder engagement, this role is for you. Skills Key Skills 2–3 years of experience in compliance, risk management, or a related function. Working knowledge of ISO 27001, ISO 27701, and NIST frameworks. Strong analytical thinking and problem-solving capabilities. Excellent written and verbal communication skills. Proficiency in documentation and record-keeping. Ability to work independently and collaboratively across departments. Familiarity with GDPR, CCPA, HIPAA, and ITGC regulations. Advanced certifications such as CCEP, CISA, or ISO 27001 Lead Auditor. Experience drafting or maintaining compliance documentation and audit reports. Hands-on exposure to risk management tools or GRC platforms. Proficiency in MS Office (Excel, Word, PowerPoint). Ability to support junior team members and lead smaller compliance initiatives. Responsibilities Roles and Responsibilities Execute internal audits, compliance reviews, and risk assessments with minimal supervision. Support the creation, implementation, and continuous improvement of compliance policies and procedures. Monitor and analyze regulatory updates and ensure policy alignment. Maintain accurate documentation for all audits and compliance activities. Collaborate with cross-functional teams to embed compliance best practices across departments. Assist in developing compliance awareness programs and training materials. Provide regular updates to stakeholders on GRC initiatives, audit progress, and compliance posture. Contacts Email: careers@grazitti.com Address: HSIIDC Technology Park, Plot No – 19, Sector 22, 134109, Panchkula, Haryana, India

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Job Description ▪ We are looking for a self-motivated individual who will relish the opportunity to join a growing part of the PwC business, using their skills in developing key internal relationships. ▪ Participate in a wide range of projects and collaborate across multiple work streams or teams; consistently demonstrating creative thinking, individual initiative and timely completion of assigned work ▪ Consistently demonstrate teamwork dynamics by working as a team member: understand personal and team roles; contribute to a positive working environment by building solid relationships with team members; and proactively seek guidance, clarification and feedback. ▪ Serve as participant on communications with numerous engagement teams ▪ The individual should have the ability to work effectively under pressure without compromising professional standards or quality of the work being performed. ▪ Knowledge and understanding of cyber security frameworks, standards, and best practices such as NIST, ISO 27001,etc ▪ Familiarity with Identity and Access Management (IAM) systems and processed would be a plus ▪ Has a basic understanding of SOC1/SOC2/SOX reporting ▪ Has a basic understanding of Internal controls and compliance. ▪ Staying up-to-date on the latest information technology (IT) and cybersecurity developments Responsibilities ▪ Perform Audit procedures and provide related deliverables in accordance with PwC’s documentation and quality standards. ▪ Perform IT security assessments for clients (e.g. security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc. ▪ Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments ▪ Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls ▪ Perform assessment (pre and post implementation) of security solutions and advise client on Industry best practices. ▪ Conduct in-depth research on emerging cybersecurity threats, trends, and technologies, and incorporate findings into actionable recommendations. ▪ Collaborate with cross-functional teams to ensure the effective implementation of security policies, standards, and best practices ▪ Maintain working knowledge of IAC User Guides and Audit Standards ▪ Monitor time and manage deadlines ▪ Adhere to PwC IAC policies and procedures ▪ Participate in training, coaching and other developmental opportunities. Requirements Minimum Degree(s): ▪ Bachelors or Masters degree in engineering with specialization in Management Information Systems, Computer Science, Information Systems, Information Technology or equivalent ▪ Understanding of audit concepts and latest regulations ▪ 1 -3 years’ experience in the domains mentioned in the Job Description above & Candidates with “Big 4” or equivalent experience would be preferred Certification(s) Preferred ▪ CISSP / ISO 27001 LA / CRISC / CISM / certifications are preferred. ▪ Understanding of Cyber security concepts and audit regulations Knowledge And Skill Set Required ▪ Working knowledge of appropriately applying internal control principles and business/technical knowledge including Application Controls, IT General Controls and Financial Reporting Concepts. ▪ Working knowledge of security controls, programming, networks and operating systems would be an added advantage ▪ Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.), including an understanding of the v-lookup, text, reference and logical and information functionality in excel. ▪ Team player, committed to providing high quality and maintaining timeliness ▪ Effective written and verbal communication skills including English ▪ Demonstrated self-motivation and a desire to take responsibility for personal growth and development ▪ Commitment to continuous training and to proactively learn new processes. ▪ Should have strong work ethics and commitment to delivering/ownership of work deliverables as per agreed timelines.

At PwC, our people in audit and assurance focus on providing independent and objective assessments of financial statements, internal controls, and other assurable information enhancing the credibility and reliability of this information with a variety of stakeholders. They evaluate compliance with regulations including assessing governance and risk management processes and related controls. In digital assurance at PwC, you will focus on providing assurance services over clients' digital environment, including processes and controls, cyber security measures, data and AI systems, and their associated governance, to help organisations and their stakeholders build trust in their technology while complying with relevant regulations. Driven by curiosity, you are a reliable, contributing member of a team. In our fast-paced environment, you are expected to adapt to working with a variety of clients and team members, each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm, you build a brand for yourself, opening doors to more opportunities. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Apply a learning mindset and take ownership for your own development. Appreciate diverse perspectives, needs, and feelings of others. Adopt habits to sustain high performance and develop your potential. Actively listen, ask questions to check understanding, and clearly express ideas. Seek, reflect, act on, and give feedback. Gather information from a range of sources to analyse facts and discern patterns. Commit to understanding how the business works and building commercial awareness. Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance), uphold the Firm's code of conduct and independence requirements. Job Description ▪ We are looking for a self-motivated individual who will relish the opportunity to join a growing part of the PwC business, using their skills in developing key internal relationships. ▪ Participate in a wide range of projects and collaborate across multiple work streams or teams; consistently demonstrating creative thinking, individual initiative and timely completion of assigned work ▪ Consistently demonstrate teamwork dynamics by working as a team member: understand personal and team roles; contribute to a positive working environment by building solid relationships with team members; and proactively seek guidance, clarification and feedback. ▪ Serve as participant on communications with numerous engagement teams ▪ The individual should have the ability to work effectively under pressure without compromising professional standards or quality of the work being performed. ▪ Knowledge and understanding of cyber security frameworks, standards, and best practices such as NIST, ISO 27001,etc ▪ Familiarity with Identity and Access Management (IAM) systems and processed would be a plus ▪ Has a basic understanding of SOC1/SOC2/SOX reporting ▪ Has a basic understanding of Internal controls and compliance. ▪ Staying up-to-date on the latest information technology (IT) and cybersecurity developments Responsibilities ▪ Perform Audit procedures and provide related deliverables in accordance with PwC’s documentation and quality standards. ▪ Perform IT security assessments for clients (e.g. security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc. ▪ Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments ▪ Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the processes and controls ▪ Perform assessment (pre and post implementation) of security solutions and advise client on Industry best practices. ▪ Conduct in-depth research on emerging cybersecurity threats, trends, and technologies, and incorporate findings into actionable recommendations. ▪ Collaborate with cross-functional teams to ensure the effective implementation of security policies, standards, and best practices ▪ Maintain working knowledge of IAC User Guides and Audit Standards ▪ Monitor time and manage deadlines ▪ Adhere to PwC IAC policies and procedures ▪ Participate in training, coaching and other developmental opportunities. Requirements Minimum Degree(s): ▪ Bachelors or Masters degree in engineering with specialization in Management Information Systems, Computer Science, Information Systems, Information Technology or equivalent ▪ Understanding of audit concepts and latest regulations ▪ 1 -3 years’ experience in the domains mentioned in the Job Description above & Candidates with “Big 4” or equivalent experience would be preferred Certification(s) Preferred ▪ CISSP / ISO 27001 LA / CRISC / CISM / certifications are preferred. ▪ Understanding of Cyber security concepts and audit regulations Knowledge And Skill Set Required ▪ Working knowledge of appropriately applying internal control principles and business/technical knowledge including Application Controls, IT General Controls and Financial Reporting Concepts. ▪ Working knowledge of security controls, programming, networks and operating systems would be an added advantage ▪ Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.), including an understanding of the v-lookup, text, reference and logical and information functionality in excel. ▪ Team player, committed to providing high quality and maintaining timeliness ▪ Effective written and verbal communication skills including English ▪ Demonstrated self-motivation and a desire to take responsibility for personal growth and development ▪ Commitment to continuous training and to proactively learn new processes. ▪ Should have strong work ethics and commitment to delivering/ownership of work deliverables as per agreed timelines.

A career in our Managed Services team will provide you an opportunity to collaborate with a wide array of teams to help our clients implement and operate new capabilities, achieve operational efficiencies, and harness the power of technology. Our Cyber Managed Services team will provide you with the opportunity to help our clients implement effective cybersecurity programs that protect against threats, propel transformation, and drive growth. As companies continue their transformations to digital business models, exponentially more data is generated and shared among organizations, partners and customers. You’ll play an integral role in helping our clients protect their businesses by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and mitigate risks while increasing the value they derive from their cybersecurity investments. Our Identity and Access Management Managed Services team helps organisations by designing and implementing end to end IAM programs, as well as providing ongoing operations support with continuous operational improvements. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities, coaching them to deliver results. Demonstrate critical thinking and the ability to bring order to unstructured problems. Use a broad range of tools and techniques to extract insights from current industry or sector trends. Review your work and that of others for quality, accuracy and relevance. Know how and when to use tools available for a given situation and can explain the reasons for this choice. Seek and embrace opportunities which give exposure to different situations, environments and perspectives. Use straightforward communication, in a structured way, when influencing and connecting with others. Able to read situations and modify behavior to build quality relationships. Uphold the firm's code of ethics and business conduct. Associate Qualifications Cyber Risk & ESG Integration Specialist Job Description 2–5 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Senior Associate Qualifications 5-7 years of experience in cybersecurity, governance, risk management, or digital strategy. Familiarity with ESG (Environmental, Social, and Governance) frameworks and how cybersecurity fits within corporate ESG strategies. Strong understanding of security frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK). Experience with cyber tools (e.g., SIEM, threat intelligence platforms, GRC solutions). Analytical mindset with proficiency in data analysis and risk modeling. Strong communication and stakeholder engagement skills. Relevant certifications (e.g., CISSP, CISM, CEH, GSEC) are a plus. Experience with DevSecOps or secure software development practices. Knowledge of AI/ML applications in cybersecurity. Key Responsibilities Support the design, implementation, and optimization of cyber development initiatives aligned with eSG strategic priorities. Conduct gap analyses and risk assessments to identify improvement opportunities in cyber governance, controls, and threat mitigation. Assist in the development and refinement of cybersecurity frameworks, policies, and digital trust strategies. Monitor emerging cyber threats, technologies, and regulatory requirements to ensure proactive compliance and defense. Collaborate with cross-functional teams (e.g., IT, legal, compliance, risk) to align cybersecurity goals with business objectives. Develop dashboards, KPIs, and metrics to track cybersecurity program effectiveness and reporting. Contribute to incident response planning and post-event reviews to improve cyber incident readiness. Support training and awareness programs for stakeholders on cybersecurity and digital governance topics.