Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Technical Architect is a seasoned subject matter expert, responsible for designing robust security architectures for our systems, applications, and infrastructure. collaborate with cross-functional teams to ensure that technF2:F6ology solutions are secure, compliant, and aligned with industry best practices. Expertise in protecting sensitive data, mitigating risks, and maintaining the confidentiality, integrity, and availability of organizational systems is crucial in this role. What You'll Be Doing Key Responsibilities: Designs and develops comprehensive security architectures for our systems, applications, and infrastructure, considering both current and future needs. Viewed as a trusted technical advisor to the client. Collaborates with stakeholders, including developers, engineers, and project managers, to integrate security requirements into the system design and development lifecycle. Provides pre-sales technical support and expertise in analyzing client requirements, in conjunction with the client’s current collaboration capabilities. Provides guidance and expertise in secure coding practices, network security, identity and access management, data protection, and other security domains. Evaluates and selects security technologies, tools, and frameworks to support our security architecture Ensures technical solutions will accomplish the client's objectives. Defines and enforces security policies, standards, and procedures to ensure compliance with industry regulations and best practices. Leads incident response activities, including identification, containment, eradication, and recovery, in coordination with the incident response team. Develops or produces the technical design document to match the solution design specifications. Working with the relevant internal stakeholders, participate or lead in scope of work determination, product pricing and RFP/RFI responses. Assists with the determination of outsourcing, product pricing and collaborates with others to develop an implementation solution. Responsible for influencing and guiding members of the Sales team and to ensure that they are equipped to close deals and maintain visibility of forecasting and sales pipeline in order to influence potential deals. Manages client proof of concept (POC) initiatives, which will require the involvement of the appropriate resources, and setup and delivery of the POC. On all assigned engagements, owns the proposed solution and transitions the build / implementation to the delivery team. Specifically relating to opportunity pursuit this role will evaluate each opportunity for alignment with organizational capabilities and business policy, prepare the executive summary that outlines all of the information gathered from the client in regard to their needs, as understood, document the proposed technology solution, document the statement of work along with all labor requirements, work with the relevant internal stakeholders to prepare the pricing format that will be supplied to the customer, perform the actual solution design and prepare a parts list outlining equipment to be provided, develop and manage a proof-of-concept as such may be required, engage all technical resources required for an accurate solution design, prepare a network diagram outlining the proposed solution, document all deliverables and what constitutes a successful completion, review the final parts list as supplied and submit all information to the applicable bid team for final assembly, verify the proposal’s accuracy and sign off on the final documents to be presented to the client, assist during the final presentation to the client as appropriate. Knowledge and Attributes: Solid client engagement skills coupled solid technical consulting aptitude. Understanding of the vendor’s products business and technology positioning. Excellent analytical and problem-solving skills, with the ability to assess risks, analyze complex security issues, and propose effective solutions. Ability to collaborate and communicate effectively with team members, contributing to their success. Broad product knowledge integrated with technology understanding. Strong knowledge of security domains, including network security, application security, cloud security, data protection, identity and access management, cryptography, and secure coding practices. Proficiency in enterprise architecture principles, frameworks (such as TOGAF), and architectural patterns for designing secure and scalable systems. In-depth understanding of security regulations, standards, and frameworks (such as ISO 27001, NIST, PCI DSS) and their practical application Basic understanding of key vendor subscription models such as Cisco EA 3.0. Academic Qualifications and Certifications: Bachelor's degree in information technology, computer science or information systems or a related field. Certification and working knowledge of Enterprise Architecture methodologies (for example, TOGAF, Zachman, SOA, ITIL, COBIT, etc.). Vendor product, sales and technology certifications. Software and programming languages, for example, C++. SAFe Scaled Agile certification advantageous. Additional certifications, such as CISSP, CISM, or GIAC are highly desirable. Required Experience: Seasoned professional technical experience within a large scale (preferably multi-national) technology services environment Seasoned experience as a Security Technical Architect or a similar role, designing and implementing security architectures for complex systems and applications. Seasoned experience in a professional technical role. Seasoned hands-on experience with security technologies and tools, such as firewalls, intrusion detection/prevention systems, SIEM, vulnerability scanners, and secure coding analysis tools. Experience in project management methodologies. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Job Description Job Description NielsenIQ is seeking a skilled and driven Customer Identity and Access Management (CIAM) Sr. Engineer to support modernization of our global customer identity platform and advance maturity of CIAM program. The ideal candidate will be instrumental in engineering, implementing, and optimizing customer identity solutions that ensure secure, seamless, and scalable digital experiences. This role demands a blend of clear business-level communication, acumen, cross-functional collaboration, champion secure yet frictionless customer identity experiences across the organization with business outcomes mindset. Exceptional interpersonal skills and polished written and spoken English are essential. Key Responsibilities: Support development, architecture, and implementation of end-to-end CIAM solutions using Okta Identity Cloud or comparable technologies focusing on features like Single Sign-On (SSO), Adaptive Multi-Factor Authentication (MFA), Universal Directory, and Lifecycle Management. Identification of and recommendations for leading digital experiences to serve as benchmarks for clients CIAM future state. Develop and manage secure API access strategies, leveraging OAuth 2.0 and OpenID Connect protocols to protect customer data and services. Utilize Okta’s APIs and SDKs to build custom integrations with third-party applications, ensuring seamless user experiences across platforms. Collaborate with UX/UI teams to design and implement user-friendly authentication flows, including social login options and passwordless authentication methods. Collaborate with cross-functional teams, mentor junior engineers, and work closely with business stakeholders to align CIAM solutions with business objectives. Evaluate current processes against the defined industry and leading practices including industry standards such as the National Institute for Standards and Technology (NIST) Special Publication (SP) 800-63; Digital Authentication, NIST Cybersecurity Framework (CSF) and NIST SP 800-53; Security and Privacy Controls Research emerging IAM technologies, including new products, services, protocols, and standards to inform procurement and development strategies. On Call Rotation as required Qualifications Bachelor’s degree in Computer Science, Information Technology, or a related field. Minimum of 5 years in IAM, with at least 3 years of CIAM product configuration/ development preferred. Subject matter expert in SAML, Oauth, OIDC, JWT or other industry standard authentication and/or authorization solutions and experience with scripting languages such as JavaScript and PowerShell. Experience with developing patterns on API security and creating CIAM capabilities as service-based architecture. CIAM domain expertise building strategic business partnerships, aligning solutions with current objectives and emerging industry trends, influencing priorities, and actively sharing knowledge with colleagues. Strong communicator who translates complex technical concepts into clear, business-friendly language. Proven experience integrating enterprise identity services within leading cloud platforms, including AWS and Microsoft Azure. Demonstrate ability to collaborate across functional boundaries, distill core issues, and proactively engage stakeholders to provide targeted support. Desirable Certifications: Okta Certified Professional, Okta Certified Administrator, or Okta Certified Developer. Excellent interpersonal communication skills with strong spoken and written English. Flexibility to accommodate working across different time-zones. Additional Information Enjoy a flexible and rewarding work environment with peer-to-peer recognition platforms. Recharge and revitalize with help of wellness plans made for you and your family. Plan your future with financial wellness tools. Stay relevant and upskill yourself with career development opportunities Our Benefits Flexible working environment Volunteer time off LinkedIn Learning Employee-Assistance-Program (EAP) About NIQ NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View™. NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population. For more information, visit NIQ.com Want to keep up with our latest updates? Follow us on: LinkedIn | Instagram | Twitter | Facebook Our commitment to Diversity, Equity, and Inclusion NIQ is committed to reflecting the diversity of the clients, communities, and markets we measure within our own workforce. We exist to count everyone and are on a mission to systematically embed inclusion and diversity into all aspects of our workforce, measurement, and products. We enthusiastically invite candidates who share that mission to join us. We are proud to be an Equal Opportunity/Affirmative Action-Employer, making decisions without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, protected veteran status or any other protected class. Our global non-discrimination policy covers these protected classes in every market in which we do business worldwide. Learn more about how we are driving diversity and inclusion in everything we do by visiting the NIQ News Center: https://nielseniq.com/global/en/news-center/diversity-inclusion Show more Show less

Job Title: VAPT From Consult to Associate Director Location: Gurgaon, Mohali Experience: 1 to 10+ years Work Mode: Onsite Role Overview: We are seeking a highly skilled Vulnerability Assessment and Penetration Testing (VAPT) Manager / Senior Manager to lead and manage end-to-end security assessment projects across applications, infrastructure, networks, and cloud environments. This role involves both hands-on technical execution and oversight of team deliverables, with a focus on client delivery, quality assurance, and stakeholder communication. Key Responsibilities: Lead and execute VAPT engagements across web apps, mobile apps, infrastructure, networks, cloud platforms , and source code reviews . Conduct detailed manual and automated vulnerability assessments and penetration testing. Review and validate test reports, ensuring clear and actionable remediation guidance. Mentor and guide junior team members, supporting their technical and professional development. Coordinate with clients, internal teams, and management to deliver secure, compliant, and high-quality solutions. Stay updated with emerging threats, tools, and techniques in the cybersecurity domain. Ensure adherence to industry standards such as OWASP, NIST, ISO 27001, PCI-DSS, and RBI guidelines . Desired Skills & Experience: 1 to 10+ years of experience in VAPT with strong expertise in manual testing beyond automated scanners. Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Nmap, Wireshark, Fortify, AppScan , etc. Proficiency in secure coding practices and at least one programming language (e.g., Python, Java, JavaScript). Strong report writing, presentation, and communication skills. Familiarity with cloud security (AWS, Azure, GCP) is a plus. OSCP certification is an added advantage, but not mandatory . Experience managing security projects and small teams preferred. Why Join Us? Work on high-impact cybersecurity projects. Opportunity to lead and grow a team of security professionals. Collaborative work environment with cutting-edge tools and training. Competitive salary and benefits. Priority consideration for immediate joiners . Show more Show less

Job Title : Deputy Manager / Manager / Senior Manager – IT Audit Location : Bangalore / Mumbai Experience : 4+ Years Department : Risk Advisory / Information Security / IT Audit Key Responsibilities : ITGC & IT Audit Perform end-to-end audits of IT General Controls (ITGC), IT Application Controls, and automated business controls across various systems (SAP, Oracle, etc.). Evaluate IT policies, procedures, and processes against regulatory and compliance requirements (SOX, SSAE18/SOC1, SOC2). Execute risk-based IT audits and assess IT risk and controls in the areas of access controls, change management, backup & recovery, and incident management. Prepare detailed audit reports, highlighting key issues and action plans for remediation. Network Security Assess network and infrastructure controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), routers, and VPNs. Conduct vulnerability assessments and review patch management processes. Collaborate with cybersecurity teams to identify threats and ensure compliance with security best practices and standards (ISO 27001, NIST, CIS, etc.). Third Party Risk Management (TPRM) Conduct third-party/vendor risk assessments focused on cybersecurity, data privacy, regulatory compliance, and business continuity. Assess security posture and compliance of vendors through document review, questionnaires, and due diligence tools. Maintain vendor risk profiles and ensure ongoing monitoring and reassessment based on criticality. Coordinate with business units, procurement, and legal teams to review contracts and SLAs for security and compliance obligations. Key Requirements : Education : Bachelor’s/Master’s degree in Information Technology, Computer Science, or a related field. Certifications (preferred) : CISA, CISSP, ISO 27001 LA, CRISC, CEH, or similar. Strong understanding of IT controls, audit processes, and network security protocols. Familiarity with control frameworks such as COBIT, NIST, ISO 27001, and SOC. Excellent communication skills to interact with internal and external stakeholders. Ability to manage multiple audits/projects and lead teams depending on the role level. Experience Level : Deputy Manager : 4–6 years, with hands-on audit/testing experience. Manager : 6–9 years, with project leadership, team handling, and reporting responsibilities. Senior Manager : 9+ years, with strategic oversight, client engagement, and practice development experience. Show more Show less

PURPOSE OF THE POSITION: We are looking for a highly skilled Information Security Manager to lead and implement ISO 27001 compliance, cybersecurity strategies, and risk management within our organization. The ideal candidate will establish and maintain security policies, manage information security risks, and ensure compliance with regulatory standards like SOC2, GDPR, and NIST frameworks. ROLES & RESPONSIBILITIES: ISO 27001 Implementation & Compliance: - Develop, implement, and maintain an Information Security Management System (ISMS) aligned with ISO 27001 standards. - Conduct ISO 27001 gap analysis, risk assessments, and audits to ensure compliance. - Define and enforce information security policies, procedures, and controls to safeguard data integrity, confidentiality, and availability. - Drive ISO 27001 certification efforts, ensuring successful audits and continuous improvements. - Lead security awareness training programs for employees to enhance the organization's security posture. Cybersecurity Strategy & Risk Management: - Develop and implement a cybersecurity strategy to protect against threats, vulnerabilities, and attacks. - Conduct regular penetration testing, vulnerability assessments, and security audits to identify and mitigate risks. - Implement Zero Trust architecture, access control mechanisms, and security best practices across IT infrastructure. - Monitor threat intelligence, security incidents, and cyber threats, responding with effective mitigation strategies. - Ensure security of cloud infrastructure (AWS, Azure, GCP) by enforcing IAM policies, encryption, and secure configurations. - Establish and manage a Security Incident Response Plan (SIRP) for rapid threat detection and mitigation. Regulatory Compliance & Governance: - Ensure compliance with ISO 27001, SOC2, GDPR, NIST, PCI-DSS, and other industry security frameworks. - Collaborate with internal teams to align security policies with business operations and regulatory requirements. - Work with external auditors and security consultants to maintain compliance certifications and regulatory audits. - Develop and maintain security metrics, dashboards, and reports for leadership and regulatory bodies. Security Operations & Monitoring: - Oversee SIEM (Security Information and Event Management) solutions for real-time threat detection. - Implement and manage Intrusion Detection & Prevention Systems (IDS/IPS), firewalls, and endpoint security solutions. - Develop and enforce incident response, disaster recovery, and business continuity plans. - Ensure data protection, encryption, and secure backup strategies are in place for all critical systems. EDUCATIONAL QUALIFICATION: Any Technical Degree BTech., B.E. BCA, MCA will be preferred. REQUIRED SKILLS & QUALIFICATIONS: - 5+ years of experience in information security, cybersecurity, or compliance roles. - Strong expertise in ISO 27001 implementation, auditing, and certification. - Hands-on experience with security risk assessments, vulnerability management, and threat modeling. - Deep understanding of cybersecurity frameworks (SOC2, NIST, CIS, GDPR, PCI-DSS). - Experience with SIEM solutions (Splunk, ELK, QRadar, or similar) for security monitoring. - Knowledge of firewalls, IDS/IPS, endpoint protection, and cloud security best practices. - Strong understanding of IAM, network security, encryption, and access control policies. - Certifications like CISM, CISSP, CISA, CEH, ISO 27001 Lead Auditor/Implementer are highly preferred. - Strong problem-solving, communication, and stakeholder management skills. PROFESSIONAL ATTRIBUTES: - Strong interpersonal and communication skills, being an effective team player, being able to work with individuals at all levels within the organization and building remote relationships. - Excellent English skills and experience working within a multi-location team. - Excellent prioritization skills, the ability to work well under pressure, and the ability to multi- task. - Ability to work independently with minimal supervision and to resolve problems on non-routine matters. WHY JOIN US? - Opportunity to be part of a rapidly growing, innovative product-based company. - Collaborate with a talented, driven team focused on building high-quality software solutions. - Competitive compensation and benefits package. Show more Show less

Key Responsibilities Leadership and Team Management: Lead and manage the Internal Red Team and SOC Operations teams, ensuring effective collaboration and alignment with organizational security objectives. Provide mentorship and guidance to team members, fostering a culture of continuous learning and professional development. Conduct regular performance reviews and provide ongoing feedback and coaching. Red Team Operations: Plan, execute, and oversee red team exercises to identify and exploit vulnerabilities in systems, networks, and applications. Develop and maintain red team methodologies, tools, and documentation. Work closely with other security teams to remediate identified vulnerabilities and improve security defenses. SOC Operations Management: Oversee the daily operations of the SOC, ensuring efficient and effective monitoring, detection, and response to security incidents. Develop and maintain SOC processes, procedures, and documentation to ensure consistent and high-quality operations. Ensure the SOC is staffed 24/7, including managing schedules, shifts, and on-call rotations. Incident Response and Management: Coordinate and lead the response to major security incidents, including investigation, containment, eradication, and recovery. Develop and maintain an incident response plan and ensure the team is well-trained and prepared to handle incidents. Conduct post-incident reviews and develop lessons learned to improve future response efforts. Threat Intelligence and Analysis: Oversee the collection, analysis, and dissemination of threat intelligence to inform security operations and red team activities. Ensure the SOC team utilizes advanced threat detection tools and techniques to identify and mitigate threats. Collaborate with other teams to enhance threat intelligence capabilities and integrate with existing processes. Security Monitoring and Reporting: Ensure continuous monitoring of network traffic, system logs, and security alerts using SIEM (Security Information and Event Management) solutions. Develop and maintain metrics and dashboards to report on SOC and red team performance and security posture. Present regular reports and briefings to senior management on the state of security operations and key incidents. Policy and Compliance: Develop and enforce security policies, procedures, and standards in alignment with industry best practices and regulatory requirements. Ensure compliance with relevant regulations, such as GDPR, and PCI-DSS. Participate in security audits and assessments, and coordinate with external auditors as needed. Qualifications Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered. Minimum of 7 years of experience in cybersecurity, with at least 3 years in a management or leadership role overseeing red team and/or SOC operations. Strong understanding of offensive security practices, including penetration testing and red teaming methodologies. Experience with SOC operations, including incident response, threat detection, and SIEM tools such as Splunk, ArcSight, or QRadar. Knowledge of common attack vectors and techniques, such as phishing, malware, and ransomware. Familiarity with regulatory requirements and frameworks, such as NIST, ISO 27001, and GDPR. Relevant certifications, such as CISSP, CISM, OSCP, CEH, or GIAC, are highly desirable. Excellent leadership, communication, and interpersonal skills. Ability to work effectively under pressure and manage multiple priorities. Show more Show less

Job Title: Endpoint Security Engineer Locations: Mohali & Gurgaon Experience: 2+ Years Role Overview: We are looking for a passionate and skilled Endpoint Security Engineer with hands-on experience in Microsoft Defender , CrowdStrike , and SentinelOne . The ideal candidate will be responsible for implementing, monitoring, and optimizing endpoint protection platforms to safeguard our IT infrastructure from modern threats. Key Responsibilities: Deploy, configure, and manage endpoint security tools such as Microsoft Defender for Endpoint , CrowdStrike Falcon , and SentinelOne . Monitor and respond to endpoint-related security alerts and incidents. Investigate suspicious activity and coordinate with SOC/IT teams to perform root cause analysis. Assist in tuning policies, rules, and detection logic to reduce false positives and enhance threat visibility. Support day-to-day operations including patching, EDR tool maintenance, and threat hunting. Maintain documentation for configurations, SOPs, incident reports, and remediation actions. Stay current with the latest threats, vulnerabilities, and EDR technology updates. Preferred Qualifications: Experience with Microsoft Defender for Endpoint , CrowdStrike , and/or SentinelOne . Familiarity with SIEM platforms like Microsoft Sentinel or similar tools. Understanding of endpoint threat vectors, malware behavior, and basic forensic techniques. Exposure to compliance frameworks (e.g., ISO 27001, NIST) is a plus. Soft Skills: Strong problem-solving and analytical skills. Good communication and coordination capabilities. Detail-oriented with the ability to work independently and as part of a team. Ability to document findings and present security insights clearly. Show more Show less

We are seeking an Identity & Access Management Analyst to join our IAM Governance Team. As an IAM Governance Analyst, you will be responsible for maintaining Prioritys secondary controls regarding access security. Duties include executing daily, weekly, and monthly reviews of user access across multiple applications, deploying and managing large scale review packages associated with semi annual SOX audits, and compiling and providing evidence to third-party auditors. You will also be expected to pull reports and provide data to stakeholders on a scheduled or ad-hoc basis. You will work with critical and sensitive information on a daily basis, and shall be relied upon to maintain user security safeguards. This position level works on technology and security administration issues of limited scope and complexity. The position requires a basic level systems administration proficiency and analytical capability to exercise judgment within defined procedures and practices to determine appropriate action. In order to be successful, you must have the ability to provide a broad level of support to relevant parties, both internal and external, to identify potential areas of risk in our current controls, and recommend improvements for efficiency and enhanced security in the IAM space. As a member of Prioritys Security and Compliance group, you will drive, develop, and maintain solutions for clients and colleagues. This is an exciting time of technology advancement and innovation across the organization, particularly within our technology teams. Responsibilities: Partnering with internal business units to address security and access control operational issues and requirements, including periodic reviews of access control lists for verification of users. Providing audit-related evidence on time. Coordinate with Internal Audit and Security teams to compile evidence packages for third party auditors. Build and maintain proficiency with applicable security and IT systems through a combination of on-the-job training, self-paced coursework, and formal training courses provided by the bank for ongoing professional development. Participate in other security support projects and duties as needed or requested. Requirements Minimum Requirements: Minimum of 2 years experience in IT system administration, application software support and basic operations. Demonstrated experience providing end-user support for large corporate applications in a networked environment. Strong knowledge of Windows server operating systems and environments, Working proficiency of Microsoft IIS and Microsoft Active Directory Excellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with internal clients. Strong commitment to working as a team and providing excellent customer service. Preferred Requirements: Exposure to the financial industry or equivalent highly controlled IT systems environment. Understanding of common security frameworks (NIST, CIS, ISO). Familiarity with the Sarbanes-Oxley (SOX) auditing standard Previous experience writing simple automation scripts using any language (VBScript, PowerShell, etc.). A Bachelor's degree in business or computer science is highly desired. Security certifications (CISSP, CISA, etc.) are highly desired. System administration certifications (CCNA, MCSA, etc.) highly desired.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Consultant is a seasoned level role, responsible for translating clients’ cybersecurity requirements and customizing and implementing security solutions into specific systems, applications and product designs. This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools. This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities and provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients. This role guides and supports clients in the development and implementation of product security controls. What You'll Be Doing Key Responsibilities: Works on strategic projects that ensure the efficient and effective reaction to security breaches to mitigate immediate and potential threats. Uses mitigation, preparedness, response and recovery approaches to minimize business disruptions and commercial consequences. Offers detailed technical support investigation and analysis response activities and evaluate the effectiveness of and improvements to existing practices. Conducts regular threat and vulnerability assessments and determine deviations from acceptable configurations or policies. Participates in the assessment of the level of risk and support the development of appropriate mitigation countermeasures in operational and non-operational situations. Analyzes evidence to support network vulnerability mitigation. Supports peers in the management and implementation of the information security management system. Participates in the implementation of policies, processes and guidelines to ensure the standardization of security management throughout the organization. Applies tactics, techniques, and procedures to a full range of tools and processes related to administrative, criminal, and counterintelligence gathering (e.g., in-depth case analyses, continuous monitoring, malware analysis, clear documentation). Proactively searches through our critical infrastructure, systems and networks to detect and isolate advanced threats that may cause harm to our organization. Use both manual approaches and automated tools to identify, analyze, and report events and support the development of countermeasures to proactively protect against these threats in the future. Knowledge and Attributes: Strong understanding of information technology and information security Solid understanding of security risks and preventative controls Excellent understanding of security operational processes and controls Service consulting aptitude, focusing on the business, service and sales aspects Excellent verbal and written communication skills Demonstrate impeccable attention to detail are able to translate internal customer requirements into solutions Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies High level of drive and ability to work under pressure Ability to build and maintain cross-functional relationships with a variety of stakeholders Understanding of relevant laws, regulations, and compliance frameworks affecting the technology sector. Good ability to assess and manage cybersecurity risks at both organizational and project levels. Good knowledge of security frameworks and standards like NIST, ISO/IEC 27001, CIS, etc. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field. Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential. Required Experience: Seasoned demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment. Seasoned experience with security architecture design principles. Seasoned experience with industry compliance and standards such as ISO 27000, PCI DSS, NIST, HIPAA or others. Seasoned experience with security tools and techniques to cover SANS Top 25, OWASP or others. Seasoned experience working in a multi-team environment across multiple geographies. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Security Consultant is a seasoned level role, responsible for translating clients’ cybersecurity requirements and customizing and implementing security solutions into specific systems, applications and product designs. This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools. This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities and provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients. This role guides and supports clients in the development and implementation of product security controls. What You'll Be Doing Key Responsibilities: Works on strategic projects that ensure the efficient and effective reaction to security breaches to mitigate immediate and potential threats. Uses mitigation, preparedness, response and recovery approaches to minimize business disruptions and commercial consequences. Offers detailed technical support investigation and analysis response activities and evaluate the effectiveness of and improvements to existing practices. Conducts regular threat and vulnerability assessments and determine deviations from acceptable configurations or policies. Participates in the assessment of the level of risk and support the development of appropriate mitigation countermeasures in operational and non-operational situations. Analyzes evidence to support network vulnerability mitigation. Supports peers in the management and implementation of the information security management system. Participates in the implementation of policies, processes and guidelines to ensure the standardization of security management throughout the organization. Applies tactics, techniques, and procedures to a full range of tools and processes related to administrative, criminal, and counterintelligence gathering (e.g., in-depth case analyses, continuous monitoring, malware analysis, clear documentation). Proactively searches through our critical infrastructure, systems and networks to detect and isolate advanced threats that may cause harm to our organization. Use both manual approaches and automated tools to identify, analyze, and report events and support the development of countermeasures to proactively protect against these threats in the future. Knowledge and Attributes: Strong understanding of information technology and information security Solid understanding of security risks and preventative controls Excellent understanding of security operational processes and controls Service consulting aptitude, focusing on the business, service and sales aspects Excellent verbal and written communication skills Demonstrate impeccable attention to detail are able to translate internal customer requirements into solutions Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies High level of drive and ability to work under pressure Ability to build and maintain cross-functional relationships with a variety of stakeholders Understanding of relevant laws, regulations, and compliance frameworks affecting the technology sector. Good ability to assess and manage cybersecurity risks at both organizational and project levels. Good knowledge of security frameworks and standards like NIST, ISO/IEC 27001, CIS, etc. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field. Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential. Required Experience: Seasoned demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment. Seasoned experience with security architecture design principles. Seasoned experience with industry compliance and standards such as ISO 27000, PCI DSS, NIST, HIPAA or others. Seasoned experience with security tools and techniques to cover SANS Top 25, OWASP or others. Seasoned experience working in a multi-team environment across multiple geographies. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Security Consultant is responsible for developing expertise in their area of specialization. This role is responsible for translating clients’ cybersecurity requirements and customizing and implementing security solutions into specific systems, applications and product designs. This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools. This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities. In addition, this role provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients, as well as guides and supports clients in the development and implementation of product security controls. What You'll Be Doing Key Responsibilities: Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems. Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies. Prepares and maintains documentation, including security assessment reports, findings, and recommendations. Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies. Learns and uses various security tools and technologies for assessments and monitoring. Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices. Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements. Communicates effectively with clients to understand their security needs and concerns. Participates in training programs and certifications to develop expertise in cybersecurity. Knowledge and Attributes: Strong interest in cybersecurity and a desire to learn and grow in the field. Knowledge of basic cybersecurity concepts, principles, and best practices. Familiarity with common security tools and technologies is a plus. Excellent analytical and problem-solving skills. Effective communication skills, both written and verbal. Ability to work collaboratively in a team environment. Eagerness to stay up to date with the evolving cybersecurity landscape. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field. Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential. Required Experience: Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment. Moderate level of experience with security architecture design principles. Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others. Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Security Consultant is responsible for developing expertise in their area of specialization. This role is responsible for translating clients’ cybersecurity requirements and customizing and implementing security solutions into specific systems, applications and product designs. This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools. This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities. In addition, this role provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients, as well as guides and supports clients in the development and implementation of product security controls. What You'll Be Doing Key Responsibilities: Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems. Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies. Prepares and maintains documentation, including security assessment reports, findings, and recommendations. Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies. Learns and uses various security tools and technologies for assessments and monitoring. Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices. Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements. Communicates effectively with clients to understand their security needs and concerns. Participates in training programs and certifications to develop expertise in cybersecurity. Knowledge and Attributes: Strong interest in cybersecurity and a desire to learn and grow in the field. Knowledge of basic cybersecurity concepts, principles, and best practices. Familiarity with common security tools and technologies is a plus. Excellent analytical and problem-solving skills. Effective communication skills, both written and verbal. Ability to work collaboratively in a team environment. Eagerness to stay up to date with the evolving cybersecurity landscape. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field. Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential. Required Experience: Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment. Moderate level of experience with security architecture design principles. Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others. Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Security Consultant is responsible for developing expertise in their area of specialization. This role is responsible for translating clients’ cybersecurity requirements and customizing and implementing security solutions into specific systems, applications and product designs. This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools. This role consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities. In addition, this role provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients, as well as guides and supports clients in the development and implementation of product security controls. What You'll Be Doing Key Responsibilities: Assists in conducting security assessments, vulnerability scans, and penetration tests to identify weaknesses in client systems. Analyzes security data, logs, and reports to detect and investigate security incidents or anomalies. Prepares and maintains documentation, including security assessment reports, findings, and recommendations. Collaborates with senior consultants to provide advice and support to clients on security best practices and risk mitigation strategies. Learns and uses various security tools and technologies for assessments and monitoring. Stays updated on the latest cybersecurity threats, vulnerabilities, and industry best practices. Assists in evaluating client systems for compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements. Communicates effectively with clients to understand their security needs and concerns. Participates in training programs and certifications to develop expertise in cybersecurity. Knowledge and Attributes: Strong interest in cybersecurity and a desire to learn and grow in the field. Knowledge of basic cybersecurity concepts, principles, and best practices. Familiarity with common security tools and technologies is a plus. Excellent analytical and problem-solving skills. Effective communication skills, both written and verbal. Ability to work collaboratively in a team environment. Eagerness to stay up to date with the evolving cybersecurity landscape. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field. Industry relevant certifications such as CISSP, CISM, CEH, GSEC or CompTIA Security+ essential. Required Experience: Moderate level of demonstrable experience in the Information Technology Security Industry or relevant experience in similar role within a related environment. Moderate level of experience with security architecture design principles. Moderate level of experience with industry compliance and standards such as ISO 27000, PCI:DSS, NIST, HIPAA or others. Moderate level of experience with security tools and techniques to cover SANS Top 25, OWASP or others. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Job Description: TPRM GRC Specialist Location: Mohali Experience: 2+ years Role Overview: We are seeking a dedicated and detail-oriented Third-Party Risk Management (TPRM) Governance, Risk, and Compliance (GRC) Specialist to join our team. The ideal candidate will have hands-on experience in TPRM, GRC processes, and a strong understanding of risk management frameworks. This role is essential in ensuring that our organization’s third-party relationships are compliant with internal policies and external regulations, mitigating potential risks. Key Responsibilities: Assist in managing the third-party risk management lifecycle, including identifying, assessing, and mitigating risks associated with third-party relationships. Support the development and implementation of TPRM policies and procedures. Conduct risk assessments of third-party vendors, evaluating their security, compliance, and operational capabilities. Maintain and update the third-party risk register and ensure it is aligned with the organization’s risk management framework. Assist in developing and delivering risk reporting to key stakeholders, including senior leadership. Work closely with cross-functional teams, including legal, compliance, procurement, and IT security, to ensure comprehensive risk management across third-party relationships. Monitor and review third-party contracts and service level agreements (SLAs) to ensure compliance with organizational policies. Participate in internal and external audits related to third-party risk management. Support the GRC toolset, ensuring effective implementation and use of technology to streamline processes. Provide training and awareness programs to staff on third-party risk management best practices and policies. Skills & Qualifications: 2+ years of experience in TPRM, GRC, risk management, or a related field. Strong understanding of risk management principles, frameworks, and standards (e.g., ISO 27001, NIST, etc.). Experience with GRC tools and platforms (e.g., RSA Archer, MetricStream). Excellent communication skills, with the ability to interact effectively with stakeholders at all levels. Ability to conduct risk assessments and evaluate vendor security/compliance postures. Strong problem-solving skills and attention to detail. Ability to work independently and manage multiple priorities in a fast-paced environment. Knowledge of legal and regulatory requirements related to third-party risk management is a plus. If you have the required experience and are eager to make a significant impact in managing third-party risks, apply today! Show more Show less

The OT Security Manager at Tribastion will lead the strategy, implementation, and management of cybersecurity solutions tailored to industrial control systems (ICS), SCADA, and other OT environments . This role bridges the gap between IT and OT security, ensuring robust protection of critical infrastructure. The position involves: Conducting OT security assessments Developing policies and incident response plans Managing compliance with standards like IEC 62443 and NIST SP 800-82 Overseeing risk mitigation strategies Leading client engagements and supporting pre-sales for OT security services The ideal candidate has 8–10+ years of OT security experience , deep technical knowledge of industrial protocols and systems, and a proven record in managing complex security projects across sectors like energy, manufacturing, or critical infrastructure. This is a senior role for someone passionate about safeguarding operational technologies while collaborating across engineering, IT, and executive teams. Connect in Linkdin and mail in careers@tribastion.com Show more Show less

Job Title: Consultant / Senior Consultant – Third-Party Risk Management (TPRM) Location: Remote – India Experience: 3+ years Shift Timing: Evening Shift (Start time: 5–6 PM IST, aligned with US hours) Industry: Cybersecurity, Risk Management Employment Type: Full-Time Job Summary: We are hiring a Consultant / Senior Consultant with 3+ years of experience in Third-Party Risk Management (TPRM) to work remotely with our global clients , primarily in the US region . This role requires solid knowledge of cybersecurity standards such as PCI DSS, ISO 27001, SOC 2, and NIST , as well as hands-on experience in conducting vendor risk assessments and ensuring compliance. Key Responsibilities: Perform third-party/vendor security risk assessments , evaluating information security practices of external vendors. Assess vendor compliance with PCI DSS, ISO 27001, SOC 2, NIST, and other regulatory frameworks . Review vendor documentation, including policies, audit reports, penetration test results, and risk assessments. Identify cybersecurity risks and assist in drafting risk reports and remediation plans . Liaise with internal stakeholders and vendor contacts to ensure timely risk issue resolution and follow-up . Support ongoing monitoring of vendors through risk ratings, reassessments, and tracking regulatory obligations. Maintain accurate records and dashboards related to TPRM activities. Participate in process improvement initiatives to enhance the effectiveness of the TPRM program. Collaborate with global teams, particularly in the US time zone . Qualifications and Skills: Minimum 3+ years of experience in TPRM, cyber risk assessments, compliance audits, or related cybersecurity domains. Strong understanding of regulatory and industry frameworks like PCI DSS, ISO 27001, NIST, SOC 2 , etc. Familiarity with tools used for TPRM, compliance tracking, and risk assessments. Bachelor’s degree in Information Security, Computer Science, Risk Management , or related field. Relevant certifications such as CISA, ISO 27001 LA, or CISSP (preferred but not mandatory). Excellent communication skills, with the ability to present risk findings and collaborate with international stakeholders. Must be comfortable working in evening shifts starting around 5–6 PM IST . Why Join Us? Opportunity to work with global clients and gain exposure to world-class cybersecurity standards. 100% remote role with flexibility in working from anywhere in India. Attractive compensation and career growth potential . Inclusive and collaborative team culture with a focus on learning and development . Show more Show less

You’ll be Responsible for? Design, implement, and maintain network architectures, including LAN, WAN, MPLS, VPN, SD-WAN, and cloud networks. Configure and optimize network services, including BGP, OSPF, EIGRP, VRRP, HSRP, and QoS. Deploy and manage security solutions such as NGFWs (Next-Generation Firewalls), IDS/IPS, SSL/TLS inspection, and NAC (Network Access Control). Configure and troubleshoot enterprise-grade network devices such as Cisco Nexus, Cisco ASA, Palo Alto, Fortinet, and F5 load balancers. Implement advanced network security measures, including Zero Trust architecture, Micro segmentation, and SIEM integration. Collaborate with DevOps and Cloud teams to design and deploy cloud-based networking solutions in Azure. Conduct network capacity planning and traffic analysis using tools like Wireshark, SolarWinds, PRTG, and NetFlow analyzers. Develop and maintain network automation scripts using Python, Ansible, or Terraform. Provide technical leadership in incident response, root cause analysis, and disaster recovery planning. Ensure compliance with industry standards such as ISO 27001, NIST, and PCI-DSS. Maintain detailed network documentation, including topology diagrams, configuration standards, and operational procedures. Lead and mentor junior network engineers and provide training on emerging network technologies. You’d have? Bachelor’s degree in computer science, Information Technology, or a related field. 8 to 10 years of hands-on experience in network architecture, administration, and security. Strong knowledge of enterprise networking protocols such as TCP/IP, BGP, OSPF, MPLS, VXLAN, and LISP. Expertise in network security tools such as Cisco ISE, Palo Alto Panorama, Forti Manager, and SIEM solutions. Experience with cloud-native networking technologies including VPC Peering, Transit Gateway, AWS Direct Connect, and Azure ExpressRoute. Proficiency in network automation and scripting using Python, Bash, Ansible, and Terraform. Familiarity with SDN technologies, including Cisco ACI, VMware NSX, and OpenFlow. Hands-on experience with wireless networking solutions, including Cisco Meraki, Aruba, and RADIUS authentication. Strong troubleshooting and analytical skills for diagnosing complex network issues. Excellent communication, documentation, and presentation skills. Industry certifications such as CCNP, CCIE, JNCIP, JNCIE, PCNSE, or equivalent are highly desirable. Why join us? Impactful Work : Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry. Tremendous Growth Opportunities : Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development. Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated. Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees. www.tanla.com Show more Show less

Job Title : Cybersecurity Analyst (Entry-Level) Location: Hyderabad, TS, India – Work From Office Must. Department : Information Technology / Cybersecurity Employment Type : Full-Time Reports To : Cybersecurity Manager Job Purpose The Cybersecurity Analyst (Fresher) will support the organization’s security operations by monitoring, analysing, and responding to cyber threats. This entry-level role is designed for recent graduates passionate about cybersecurity, eager to apply foundational knowledge, and grow into skilled professionals safeguarding critical systems and data. Key Responsibilities Threat Monitoring and Analysis : Monitor security alerts using tools like Splunk, CrowdStrike, or SIEM platforms to identify potential threats. Analyse logs and network traffic for suspicious activities under senior team guidance. Incident Response Support : Assist in investigating security incidents, documenting findings, and escalating issues as needed. Participate in containment and remediation efforts for low-level threats. Vulnerability Assessments : Support vulnerability scans using tools like Nessus or Qualys to identify system weaknesses. Help prioritize remediation based on risk severity with team input. Security Awareness : Contribute to employee training programs on phishing, password hygiene, and cyber best practices. Create basic awareness content under supervision. Documentation and Reporting : Maintain records of security events, incidents, and mitigation steps. Assist in preparing compliance reports for standards like ISO 27001 or GDPR. Learning and Development : Stay updated on emerging threats, attack vectors, and cybersecurity trends. Participate in training programs to gain certifications like CompTIA Security+ or CEH. Qualifications and Skills Education : Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field (2024/2025 graduates preferred). Relevant certifications (e.g., CompTIA Security+, CySA+, or equivalent) are a plus but not mandatory. Technical Skills : Basic understanding of networking concepts (TCP/IP, DNS, firewalls). Familiarity with operating systems (Windows, Linux) and command-line tools. Exposure to cybersecurity tools like Wireshark, Splunk, or endpoint detection platforms. Knowledge of common attack vectors (e.g., phishing, malware, DDoS). Soft Skills : Analytical mindset with strong problem-solving abilities. Clear communication to document findings and collaborate with teams. Eagerness to learn and adapt in a fast-paced environment. Attention to detail for identifying anomalies in data. Preferred but Not Required : Internship or project experience in cybersecurity, IT, or network administration. Basic scripting knowledge (e.g., Python, Bash) for automating tasks. Awareness of compliance frameworks (e.g., NIST, GDPR). Key Competencies Curiosity : Proactively seeks to understand cyber threats and solutions. Teamwork : Collaborates with senior analysts and cross-functional teams. Time Management : Prioritizes tasks effectively under tight deadlines. Ethics : Maintains integrity and confidentiality in handling sensitive data. Why Join Us? Growth Opportunities : Access to mentorship, certifications, and hands-on projects to build a cybersecurity career. Innovative Environment : Work with cutting-edge tools like AI-driven threat detection and cloud security platforms. Impactful Work : Protect critical systems and data, contributing to organizational and societal security. Inclusive Culture : Join a diverse team committed to collaboration and innovation. Show more Show less

Description As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will be engaged in identifying and mitigating security vulnerabilities across IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your work will involve rigorous security assessments of critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. You will simulate advanced adversary tactics to expose vulnerabilities and provide strategic remediation guidance. The role is suited for professionals with a deep understanding of both enterprise IT security and industrial/embedded system ecosystems. Responsibilities 1-Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): Perform black-box, grey-box, and white-box VAPT on: Enterprise IT assets (servers, databases, web/mobile apps, Active Directory, cloud) OT/ICS assets (PLCs, RTUs, HMIs, engineering workstations, protocol gateways) IIoT platforms (MQTT/CoAP-based telemetry, edge gateways, cloud dashboards) Emulate APT-level attacks across air-gapped, segmented, or hybrid IT-OT architectures. Execute Red Team scenarios to simulate insider threats or supply chain compromise. 2- ICS Protocol & Field Device Security Testing: Analyze and exploit vulnerabilities in ICS protocols: Modbus TCP, DNP3, IEC 104, OPC-UA, S7comm, Profinet, BACnet, CIP (EtherNet/IP), MQTT, CoAP Perform live traffic analysis, packet manipulation, and protocol fuzzing to test resilience. Evaluate control logic vulnerabilities in ladder logic, structured text, and function blocks. 3- Firmware & Hardware Exploitation (IIoT/ICS Devices): Extract and analyze firmware from industrial devices using JTAG, UART, SPI interfaces. Perform static and dynamic analysis using Ghidra, Binwalk, Radare2, or IDA Pro. Reverse engineer file systems (e.g., squashfs, cramfs) and analyze web interfaces or CLI backdoors. Exploit misconfigured bootloaders, insecure firmware upgrade mechanisms, or exposed debug ports. 4- Network Architecture & Segmentation Testing: Review and test IT-OT segmentation via firewall ACLs, VLANs, DMZ configurations. Assess trust relationships, weak credential policies, and insecure remote access (e.g., exposed VNC, Telnet, RDP). Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5- Cloud & IIoT Platform Security: Evaluate MQTT brokers, edge-to-cloud telemetry, and analytics pipelines. Test REST APIs, insecure mobile app integrations, and cloud misconfigurations (S3, IAM, IoT Core). Identify insecure certificate handling, default API tokens, and lack of encryption at rest/in transit. Reporting & Mitigation Develop technical and executive-level reports with CVSS scoring, attack paths, and exploitation evidence. Recommend hardening measures for both IT (patches, SIEM, EDR) and OT (control policy tuning, physical zoning, least privilege for operators). Coordinate with ICS engineers, IT admins, and SOC teams for patch validation and monitoring upgrades. Compliance & Framework Alignment Ensure assessments comply with industry and regulatory frameworks: NIST SP 800-82, ISA/IEC 62443, ISO 27001, NERC CIP, SANS ICS Top 20 Map findings to MITRE ATT&CK for ICS and monitor emerging CVEs relevant to industrial products. Eligibility Educational Background: Bachelor’s or Master’s in Cybersecurity, Computer Science, Industrial Automation, Electronics, or a related field. Technical Skills: Deep knowledge of ICS/SCADA systems, embedded architectures, and real-time OS (VxWorks, QNX, FreeRTOS). Hands-on experience with tools: VAPT Tools: Nessus, Burp Suite, Metasploit, Nmap, Nikto, SQLMap ICS Tools: Wireshark, Scapy, PLCScan, ICSFuzz, S7comm Tools, Conpot, ModScan Firmware Tools: Binwalk, Ghidra, Radare2, OpenOCD, Logic Analyzers IIoT Security: Shodan, Censys, MQTTX, Postman, OWASP ZAP Certifications (Preferred): OSCP, GRID, GICSP, CRT, CRTP, CEH, CISSP, or equivalent. Participation in ICS/IoT-focused CTFs or open-source contributions is a plus. Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less

Client Audit lead Gurgaon, India; Hyderabad, India Sales 309385 Job Description About The Role: Grade Level (for internal use): 10 The Team: The Customer Experience, a new shared capability within Market Intelligence, partners closely with the Sales organization to deliver a differentiated customer experience. This group enables our sales team and businesses by overseeing customer success, sales operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowers accelerated growth and delivery by putting the customer at the core of everything we do – driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team is part of the broader commercial solutions. An enabling function to assist with due diligence questionnaires, risk assessments, audits, and other customer inquiries. Our goal is to enable new revenue generation via RFX & deliver superior customer satisfaction by providing high-quality proposals & relevant information during pre/post-sales. We serve a vast array of clients across geographies and are committed to the client-first mindset. Responsibilities and Impact: This position within the Proposal & Assessment Team is integral to supporting Market Intelligence commercial teams in responding to the growing volume of client audits and inquiries. The person will collaborate closely with product, risk, compliance, legal, and functional teams, to ensure client requirements are met effectively. Responding/Managing client audits and risk assessments from end to end, maintaining awareness of internal controls and audit trends to uphold the efficacy of the audit process. Serving as the primary point of contact for our top customers, assisting them in meeting their vendor management requirements. Cultivating partnerships and closely collaborating with corporate and divisional groups to seek information and influence approaches and outcomes. Developing familiarity with Market Intelligence's audit processes and the company's cyber security policies, standards, processes, and controls. Tracking assessment and audit outcomes, management responses to address findings, and follow-up activities, and producing reports for executives and management. Undertaking additional tasks and responsibilities as directed by the team manager, while continuously enhancing the overall process to align with evolving industry standards. What We’re Looking For: Bachelor's degree in a related field, or equivalent professional experience in Third-Party Risk Management (TPRM), Audit, and Risk. 6-7+ years of relevant experience in conducting audits or responding to audits, within a SaaS-related business environment. Demonstrated understanding of client-initiated audits and organizational controls. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record of building strong relationships resulting in successful outcomes. Ability to collaborate effectively with a global team spanning multiple time zones. Competencies : Exceptional communication and interpersonal skills, adept at engaging and influencing stakeholders across all levels. Demonstrated flexibility and negotiation prowess to achieve optimal outcomes. Proficient in efficiently managing multiple concurrent projects, with a keen ability to adapt as priorities evolve. Exhibits creativity and perseverance in devising solutions. Possesses strong analytical and problem-solving capabilities, proficient in assessing complex information and formulating actionable strategies. Fosters robust working relationships with internal colleagues, facilitating collaboration and synergy within teams. About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. For more information, visit www.spglobal.com/marketintelligence. What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 20 - Professional (EEO-2 Job Categories-United States of America), SLSGRP202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 309385 Posted On: 2025-05-30 Location: Gurgaon, Haryana, India

Cybersecurity, third-party risk management -client audit role. Gurgaon, India Sales 309387 Job Description About The Role: Grade Level (for internal use): 10 Department overview: The Customer Experience Team, a new shared capability within Market Intelligence, partners closely with Sales, account management, and product to deliver a differentiated customer experience. This group enables our revenue team by overseeing customer success, revenue operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowerment of accelerated growth and delivery by putting the customer at the core of everything we do – driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team, within Revenue Operations & Transformation, plays a crucial role in driving new revenue generation and ensuring superior customer satisfaction. The team supports key workflows such as RFPs, due diligence, risk assessments, client audits, and other customer inquiries, by providing high-quality proposals and relevant information throughout the pre- and post-sales cycles. Serving a diverse range of clients across various geographies, the team is committed to a client-first mindset, forging strong partnerships and delivering exceptional results. Position Summary: Track and maintain a central repository of all the issues, findings, and gaps identified by customers during due diligence and audits. Collaborate with product, technology, and functional teams to identify the best possible way to remediate client-identified gaps and answer client inquiries. Coordinate preparation, execution, and delivery of formal responses. Track and report weekly, biweekly, and monthly statistics on the open, remediated, and in-progress issues to the leadership and senior stakeholders. Foster positive relationships with customers, maintain open and transparent communication with the customer throughout the process, acknowledge receipt of audit findings and provide regular updates on progress. Develop a deep understanding of product solutions and platforms for effective communication. Maintain awareness of internal controls and audit/due diligence trends to ensure the process remains effective. Maintain thorough documentation of the entire audit findings process, including correspondence with the customer, supporting documentation provided, and actions taken to address issues or concerns. Lead Cross-Functional Programs & Projects: Oversee key milestones and activities; communicate program details, project risks, and mitigations to leadership, ensuring timely project completion. Develop and Manage Project Plans & Reporting: Create project plans, tools, reports, and narratives for identified programs. Re-prioritize based on impact and effort and provide tactical support for implementation. Education and experience: Bachelor’s degree in a related field, with 8+ years of project management and execution experience. Familiarity with CISA, ISO Standards, NIST, and SOC standards. Proven track record in project delivery with excellent communication, time management, organizational, presentation, and stakeholder management skills. Demonstrated success in planning, directing, and implementing multiple, complex projects concurrently. Ability to set priorities independently and meet deadlines in a fast-paced environment. Experience working in a collaborative environment, building strong relationships at all organizational levels, and effectively working with diverse styles, skills, and cultures. Personal competencies: Exceptional communication and interpersonal skills, able to engage and influence stakeholders at all levels with flexibility and negotiation expertise to drive optimal outcomes. Strong analytical and problem-solving abilities, skilled in assessing complex data and developing actionable strategies. Self-motivated with a keen eye for detail, ensuring high-quality execution in all tasks. Highly proficient in managing multiple projects simultaneously, demonstrating adaptability as priorities shift, and showing creativity and perseverance in problem-solving. Demonstrates consistent creativity and initiative across all tasks and projects. Fosters strong collaborative relationships with internal teams, enhancing synergy and teamwork. About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. For more information, visit www.spglobal.com/marketintelligence. What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 20 - Professional (EEO-2 Job Categories-United States of America), SLSGRP202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 309387 Posted On: 2025-05-30 Location: Gurgaon, Haryana, India

Job Description KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara. KPMG in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk advisory including but not limited to IT audit supports in nature. Responsibilities Skills Required: Risk Based IT Internal Audit for Financial Services Entities IT SOX 404 Controls Testing, Quality Assurance Internal Financial Controls related to IT General Controls as part of Financial Statements Audits IT Risk & Control Self-Assessment Business Systems Controls / IT Application Controls Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc. Working knowledge of programming languages(C/C++/Java/SQL) Role Collaborate with other members of the engagement team to plan the engagement and develop relevant workpapers/deliverables. Perform fieldwork and share the daily progress of fieldwork, informing supervisors of engagement status. Perform testing of IT Application Controls, IPE, and Interface Controls through code reviews, IT General Controls review covering areas such as Change Management, Access Management, Backup Management, Incident and Problem Management, SDLC, Data Migration, Batch Job scheduling/monitoring and Business Continuity and Disaster Recovery Perform Risk Assessment, identification, and Evaluation of Controls, prepare process flow diagrams and document the same in Risk & Control Matrix. Perform business process walkthrough and controls testing for IT Audits. Performing planning and executing audits, including: — Information Security reviews — Information Technology Infrastructure reviews — Application reviews Use knowledge of the current IT environment and industry IT trends to identify the engagement and client service issues and communicate this information to the project manager. Maintain relationships with client management and the project Manager to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the work to be performed Risk Based IT Internal Audit for Financial Services Entities IT SOX 404 Controls Testing, Quality Assurance Internal Financial Controls related to IT General Controls as part of Financial Statements Audits IT Risk & Control Self-Assessment Business Systems Controls / IT Application Controls Auditing Emerging Technologies such as Cloud Security, Intelligent Automation, RPA, IoT etc. Working knowledge of programming languages(C/C++/Java/SQL) Coordinate effectively and efficiently with the Engagement manager and the client management keeping both constantly updated regarding project’s progress. Monitoring and Tracking for Budget and Time Estimates on engagements. Conducting IT audits, IT Internal Audit, Robotics Process Automation (RPA) Audits Conducting SOX audits, Third Party Security audits Conducting controls assessment in manual/ automated environment Information Security Assessments Conducting OS/DB/Network reviews Prepare/Review of Policies, Procedures, SOPs Qualifications A Bachelor's degree in engineering and approximately 2 -6 years of related work experience; or a master’s or MBA degree in business, computer science, information systems, engineering Expertise in coding skills (e.g., Java, C++, C, SQL, Oracle) Experience in performing IT audits of banking/financial sector applications Good to have knowledge of other IT regulations, standards and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ITIL, OWASP, SOX, COBIT, SSAE18/ISAE 3402 etc.) Technical Knowledge of IT Audit Tools Experience in carrying out OS/DB/Network reviews Exposure to Risk Management and Governance Frameworks/ Systems will be an added advantage Exposure to ERP systems will be added advantage Experience in performing technical code reviews (understanding code logic based on business requirement) Strong project management, communication (written and verbal) and presentation skills A team player Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism Preferred Certifications – CISA/CISSP//CISM Exposure to automation Data Analytics tools such as QlikView/Qlik sense, ACL, Power BI will be an advantage Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their colour, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability, or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavour for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Show more Show less

At Barclays, we don’t just adapt to the future – we create it. Embark on a transformative journey as a VP – CCO Tech & Cloud risk, where you’ll play a pivotal role in shaping the future of Technology and Security Chief Control Office (CCO) Controls Management team which focuses on governance and execution support for technology, cloud, and AI risk. You will proactively identify, assess, and remediate risks, ensuring compliance and responding to audit and regulatory requests. You will evaluate security risks of new cloud and AI deployments, provide advisory services, and engage with stakeholders across various functions. Your key responsibilities include advising on cloud control risks, collaborating with cross-functional teams, staying updated on security threats, and promoting best practices and policies. The role also involves developing metrics and scorecards to aid decision-making and ensuring robust security policies are in place. Additionally, you will need to will assess technology and information security risks of new application deployments to public cloud and AI use cases deployment at the bank and provide advisory and review/sign-off for new deployments and ad hoc requests. Your role will also entail regulatory and compliance review and responding to audit and regulatory related internal/external requests. To be successful as a VP – CCO Tech & Cloud risk, you should have experience with: Extensive experience in cloud risk and working experience with AI risk. Practical experience with commercial cloud offerings like AWS and Azure in Cloud risk management, solution architecture, and security management. Strong understanding of AWS services related to compute, network, storage, content delivery, administration and security, deployment and management, and automation technologies. Good understanding of CI/CD pipelines, infrastructure deployment through code, and build and test automation technologies like Chef, Puppet, Docker, Jenkins. Strong understanding of industry standards and best practices related to Cloud, including CIS Critical Security Controls, CSA Cloud Controls Matrix (CCM), NIST Cybersecurity Framework, and Cloud computing standards roadmap. Bachelor’s/master’s degree with relevant experience. Some Of Highly Valued Skills May Include Industry certifications like CCSP, CCSK. Awareness of AI risk industry frameworks/regulations and assessment methodologies. Knowledge of cyber threats and vulnerabilities for AI use cases. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. The location of the role is Pune/Noida , IN. Purpose of the role To design, develop and consult on the bank’s internal controls framework and supporting policies and standards across the organisation, ensuring it is robust, effective, and aligned to the bank’s overall strategy and risk appetite. Accountabilities Identification and analysis of emerging and evolving risks across functions to understand their potential impact, and likelihood. Communication of the purpose, structure, and importance of the control framework to all relevant stakeholders, including senior management and audit. Support to the development and implementation of the bank's internal controls framework and principles tailored to the banks specific needs and risk profile including design, monitoring, and reporting initiatives . Monitoring and maintenance of the control's frameworks, to ensure compliance and adjust and update as internal and external requirements change. Embedment of the control framework across the bank through cross collaboration, training sessions and awareness campaigns which fosters a culture of knowledge sharing and improvement in risk management and the importance of internal control effectiveness. Vice President Expectations Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave. Show more Show less

Position Overview Job Title: Senior Technology Analyst Location: Pune, India Corporate Title: Associate Job Description The Associate ITAO supports the technical infrastructure required to supply IT services to the bank. They are involved in the strategy, design, development, and deployment of IT solutions. They are able to troubleshoot complex issues, being aware of overlapping and different technology areas. Based on their business knowledge, they are able to identify where IT designs can be strengthened and provide value to the businesses. They are responsible for providing detailed technical feedback into the Engineering function to deliver more robust IT solutions. They understand in detail, how IT needs to be supported and can create appropriate processes and controls which ensure IT failings are captured and remediated to ensure stability. They provide technical direction on all related IT platforms and are considered technical experts for level 3 support in outage coordination. The Lead Technologist is counted upon to provide technical guidance and recommendations for complicated business IT problems. They embrace a Continuous Service Improvement approach to drive efficiencies and remove repetition to streamline support activities, reduce risk, and improve system availability. Role Description The successful candidate is expected to have at least 5+ years’ experience in IT, preferably with Asset Management Business Applications and Processes. The IT Application Owner (ITAO) has sound IT risk management skills. They follow one of several possible service delivery approaches, acknowledge interference with the IT application’s life cycle and assist with incorporating the adopted approach into best practice. The focus is on applications moving onto cloud. Here you support tracking of the application control status and help application dev-teams with practical advice. Make sure that all steps in Identity & Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools. The ITAO is aware of the gap in the current infrastructure solutions and where industry innovations are along the maturity lifecycle. They work with application stakeholders to improve the infrastructure, ensuring compliance with the technical roadmap. The ITAO has a sound knowledge of development methodologies and the IT policies necessary to perform effectively in the organisation, aligned to the bank’s appetite for risk. The ITAO acts to improve safety and security of the application, compliance with regulations, policies and standards, enhance operational readiness, and ease maintenance of the environment for delivering change into production. The ITAO supports the bank’s audit function in the remediation of audit points and self-identified issues in order to reduce risk. The ITAO is responsible for producing and maintaining accurate documentation on compliance with methodologies, IT policies and IT security requirements. The ITAO interacts with and influences colleagues on the governance of IT platform reliability and resilience ITAOs will also be responsible for Application Decommissioning ITAOs will be driving activity that helps incidents reduction against an application Support compliance on all steps of SDLC process and make sure that all SDLC controls are green. You support the team’s role as key contact for all security controls in the software delivery process and ensure that the security controls are evidenced by driving automated evidence. You are consulting with the ITAO community, information security specialists in our CSO organization, and other infrastructure teams like the ORR/SDLC teams. What We’ll Offer You As part of our flexible scheme, here are just some of the benefits that you’ll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Enterprise IT Governance: Responsible for review of current and proposed information systems for compliance with the organisation's obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy Information security : Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. Information content publishing : Understands technical publication concepts, tools and methods and the way in which these are used. Uses agreed procedures to publish content. Obtains and analyses usage data and presents it effectively. Understands, and applies principles of usability and accessibility to published information. Business risk management : Investigates and reports on hazards and potential risk events within a specific function or business area. Continuity management : Implements and contributes to the development of a continuity management plan. Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes. Coordinates the planning, designing, and testing of maintenance procedures and contingency plans. Data management : Assists in providing accessibility, retrievability, security and protection of data in an ethical manner. Methods and tools : Provide support on the use of existing method and tools. Configures methods and tools within a known context. Creates and updates the documentation of methods and tools Overall Responsibilities Summary: Make sure that all critical activities in application are monitored and logs are reviewed. Ensure appropriate controls onboarded and implemented where appropriate. Make sure that all steps in Identity & Access Management cycle (on-boarding, recertification, off-boarding) are compliant against DB Policies and application is on-boarded to central tools. Manage Internal and external application audits and Audit issue remediation activities. Completion of regular/recurring assessments Timely response to audit & regulatory requirements with evidence, were compliant. Make sure that infrastructure is compliant and has up-to-date patches. Plan for Application Hardware / Software / License upgrades or migration activities to align to the compliant platforms. Keep up-to-date DR Test Plan and manage regular DR Tests Manage application capacity forecasting and monitoring. Manage any IT Security incidents that may occur in the application. Support compliance on all steps of SDLC process and make sure that all SDLC controls are green. Application Decommissioning Drive incidents reduction against an application Planning/Organizing: Able to manage work but also to make the estimate, scheme in detail, work on deployment plans and manage deadlines. Manage the technical roadmap of the application (technology roadmap compliance), estimate/budget capacity needed. Expertise in Planning and execution of Releases, Changes, Patches. Exposure of handling L3 role, incident analysis, patch preparation and implementation. Skilled individual to interact with L2 teams for incident and problem management cases. Your Skills And Experience Degree-level IT and/or information security qualification, or equivalent experience in Information Security and IT Security Experience in Software Development Lifecycle (SDLC) - from idea to production to understand our customer journey, these mostly application owners, business ISOs and development teams GCP-Cloud foundation knowledge General understanding of current security industry standards, best practices, and/or frameworks i.e.: NIST, ENISA, ISO27001, OWASP Problem-solving and analytical skills with the ability to oversee complex processes Ability to educate a technical and non-technical audience about various security measure Excellent communications skills and very service oriented and customer friendly behaviour even in stressful situations Self-driven behaviour Fluent in English (written/verbal) Preferable Knowledge of information security tools e.g., security scan and testing tools Understanding of cloud engineering and native security features to support the migration path for applications onto the cloud environment Firm understanding of DevSecOps and the banks shift left agenda to integrate security in the software development lifecycle as earliest as possible. ISO or ITAO certification (for internals only) How We’ll Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment. Show more Show less

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary As an OT Cybersecurity Data Engineer, you will manage the design, implementation, and testing of our Security Information and Event Management (SIEM) system with a specific focus on integrating and analyzing data from critical OT/ICS environments. You will work with cybersecurity teams to ensure the monitoring, detection, and reporting of security threats within industrial infrastructure. We are looking for a understanding of SIEM and SOAR technologies, OT protocols, and cybersecurity best practices. You will report to the Cyber Team Leader and have a hybrid schedule working in Hinjewadi-Pune. Your Responsibilities Develop SIEM and SOAR solutions tailored for OT environments, considering the unique challenges and protocols involved. Integrate multiple OT data sources (e.g., IDS, EDR, control system logs, network traffic from industrial protocols) into the SIEM platform. Maintain custom parsers, normalizers, and correlation rules to analyze OT-specific logs and events within the SIEM. Collaborate with OT operations and engineering teams to understand their systems, data sources, and security monitoring requirements. Configure and improve the SIEM platform for performance, scalability, and stability in an OT context. Maintain OT-focused dashboards and reports within the SIEM to provide actionable insights into security posture and potential threats. Tune and optimize SIEM rules and alerts to minimize false positives and ensure high-fidelity detection of OT security incidents. Maintain documentation for the OT SIEM architecture, data sources, rules, and operational procedures. Recommend new SIEM features, integrations, and related security technologies for enhancing OT security monitoring. The Essentials - You Will Have Have 4-5years of demonstrated experience working with SIEM platforms (e.g., Sumo Logic, Palo Alto Cortex XSOAR) and a understanding of their architecture, configuration, and rule development. Understanding of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their logging mechanisms. Experience parsing and normalising complex log formats, including those specific to OT devices and applications and, in the context of security event analysis, technical information to both technical and non-technical audiences and as part of a team in a environment. Specific experience integrating OT data sources with enterprise SIEM platforms. Knowledge of security frameworks and standards relevant to OT (e.g., NIST SP 800- 82, IEC 62443). Experience with scripting languages (e.g., Python, PowerShell) for SIEM automation and data manipulation. Relevant certifications such as GICSP, GRID, CISSP, or SIEM-specific certifications. Familiarity with threat intelligence platforms and their integration with SIEM for OT threat detection. The Preferred - You Might Also Have You will have to understand relevant evolving technology, understand complex technology dependency and working across a range of service offerings that may leverage a wide array of technologies and partners. Develop key product & service launches Collaborative culture across the automation engineering team while meeting C&I objectives Adopt technology best practices around technology & vendor evaluation and managing & maintenance of technology platforms. What We Offer Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm Volunteer Paid Time off available after 6 months of employment for eligible employees Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program Personalized wellbeing programmes through our OnTrack program On-demand digital course library for professional development and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office. Show more Show less