4004 Nist Jobs - Page 47

Our people work differently depending on their jobs and needs. From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such all normal working days must be carried out in India. Job description Join us as a Technology Controls Testing Analyst We’ll look to you to protect the bank by assuring that our applications and technology infrastructure is adequate, effective and fit for purpose on an end-to-end basis You’ll clearly document any control weaknesses identified within the adequacy and effectiveness assessments and testing undertaken This is a chance to join a talented and supportive team that will help you achieve great exposure as you develop with us We're offering this role at associate level What you'll do In this role, you’ll work with Information Technology General Controls, including complex Automated Controls and contribute to the ongoing design and development of assurance processes and methodology. You’ll also maintain detailed test documentation and reports for the technology you assess, keeping stakeholders informed of testing progress and results, in line with quality expectations. We’ll look to you to clearly communicate any identified control weaknesses to the team, relevant business contact or SME. In addition, you’ll: Contribute to the development and delivery of an annual risk-based assurance programme Collaborate with business teams, at relevant level, to ensure a comprehensive understanding of controls and their testing procedures Perform walkthroughs with stakeholders on the technology you assess, documenting high quality control testing workpapers Stay up to date with regulatory requirements and industry best practices for technology controls Undertake adequacy and effectiveness assessments of technology controls The skills you'll need To excel in this role, you’ll have a proven experience of developing and executing test plans on technology with IT General Controls and complex Automated Controls, including adequacy and effectiveness of technology controls. You’ll also have: Experience in developing and executing test plans for IT General Controls and complex Automated Controls. Strong understanding control frameworks (e.g., COSO, COBIT) and relevant regulations (e.g., SOX, GDPR, CCPA) and industry standards (e.g., NIST, ISO 27001) and their application in technology and financial processes. Proven ability to perform control testing activities. Excellent communication skills, with the ability to present findings to technical and non-technical audiences. A proactive mindset with a focus on continuous improvement and collaboration.

Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do The Global Information and AI Security Senior Manager provides internal BCG technical consulting around information security architecture and security design measures for new projects, ventures and systems. The architect defines the desired end state to meet solution Security Goals and overall business goals. The Security Architect ensures the digital applications, tools, and services protect our data, our clients’ data, and our intellectual property; are resilient to cyber-attack; meet BCG policy and standards, regulatory requirements, and industry best practices; while using a risk-based approach to meeting BCG business needs and objectives. The Global Information and AI Security Senior Manager works with teams inside BCG to secure the building and maintenance of complex computing environments to train, deploy, and operate Artificial Intelligence/ML systems by determining security requirements; planning, implementing and testing security systems; participate in AI/ML/LLM projects as the Security Subject Matter Expert; preparing security standards, policies and procedures; and mentoring team members. What You'll Bring Bachelor's degree (or equivalent experience) required. CSSLP certification required; additional certifications such as CISSP, CCSP, or CCSK strongly preferred. 7+ years of progressive experience in information security, specifically focused on secure architecture, secure development practices, and cloud-native security. Proven expertise supporting software engineering, data science, and AI/ML development teams, specifically with secure model lifecycle management, secure deployment practices, and secure data engineering. Expert understanding of the Secure Software Development Lifecycle (SSDLC), including secure architecture, threat modeling frameworks (e.g., MAESTRO, PASTA, STRIDE), penetration testing, secure coding practices, vulnerability management, and incident response. Demonstrated technical proficiency across multiple security technologies, platforms, and frameworks, with strong hands-on experience implementing secure cloud-native infrastructures (AWS, Azure, GCP). Familiarity with data warehouse and data lake environments such as Databricks, Azure Fabric, or Snowflake, including security best practices in managing and securing large-scale data ecosystems. In-depth knowledge and practical experience with AI and machine learning model security, ethical AI frameworks, secure handling of data, and comprehensive understanding of CI/CD pipelines specifically tailored for data science workloads. Extensive experience conducting security assessments, vulnerability triage, intrusion detection and prevention, firewall management, network vulnerability analysis, cryptographic implementations, and incident response analysis. Exceptional communication skills (written and oral), influencing capabilities, and ability to clearly articulate complex security concepts to stakeholders across various levels of the organization. Proactive professional development, continuous learning, active participation in industry forums, professional networks, and familiarity with current and emerging security trends and standards. Additional info YOU'RE GOOD AT The Senior Manager, Security and AI Architect excels at: Collaborating closely with software engineering, data science, data engineering, and cybersecurity teams to design, implement, and maintain secure solutions in agile environments leveraging cloud-native technologies and infrastructure. Defining security requirements by deeply understanding business objectives, evaluating strategies, and implementing robust security standards throughout the full Software Development Life Cycle (SDLC). Leading security risk assessments, threat modeling (utilizing frameworks such as MAESTRO, PASTA, STRIDE, etc.), security architecture reviews, and vulnerability analyses for client-facing digital products, particularly involving complex AI/ML-driven solutions. Advising development teams, including AI engineers and data scientists, on secure coding practices, secure data handling, secure AI/ML model deployment, and related infrastructure security considerations. Providing specialized guidance on secure AI model development lifecycle, including secure data usage, ethical AI practices, and robust security controls in Generative AI and large language model deployments. Actively participating in the APAC Dex process for managing digital builds, ensuring alignment with regional requirements, standards, and best practices. Staying ahead of emerging security trends and technologies, conducting continuous research, evaluation, and advocacy of new security tools, frameworks, and architectures relevant to digital solutions. Ensuring robust compliance with regulatory frameworks and industry standards, including ISO 27001, SOC2, NIST, and GDPR, particularly as they pertain to data privacy and AI-driven product development. Developing and delivering training programs on secure development, AI security considerations, and incident response practices. Partnering with internal stakeholders, articulating security risks clearly, influencing technical directions, and promoting comprehensive secure architecture roadmaps. Conducting vendor and market assessments, guiding tests, evaluations, and implementation of security products that address enterprise and client-specific information security requirements. Advising teams on compensating controls and alternative security measures to facilitate business agility without compromising security posture. Leading the implementation and continuous improvement of security tooling and practices within CI/CD pipelines, infrastructure-as-code (IaC), and model deployment automation. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. Click here for more information on E-Verify.

We are looking for a Cloud Security Engineer to join our team and work together with our other team members on our enterprise customer projects. This is a well-paid remote role that you can do from anywhere. Responsibilities Assist in maintaining our cloud infrastructure under supervision. Learn Kubernetes fundamentals and AWS services. Help implement and maintain CI/CD pipelines. Maintain an open-source SIEM Infrastructure. Operate a small SOC service. Monitor and respond to security alerts and events. Follow incident response procedures. Document security findings and maintain compliance requirements. Stay up to date with new emerging threats and vulnerabilities. Be available for 24/7 on-call rotation to respond to critical security incidents, though call volume is expected not to be frequent. Assist with routine monitoring and alerting tasks. Respond quickly to security incidents and alerts, with target response time under 30 minutes for critical issues. Your profile 0-3 years of experience with cloud infrastructure (AWS preferred). 0-3 years of experience with Terraform. Understanding of security concepts for infrastructure and networks. Willingness to learn Kubernetes and container technologies. Monitor and analyze security alerts from multiple sources including SIEM, EDR, and cloud security tools. Perform incident triage, investigation, and response according to established procedures. Assist with managing and optimizing SIEM rules, alerts, and dashboards. Help create and maintain security documentation, playbooks, and incident response procedures. Basic knowledge of Linux and Windows Server operating systems. Strong desire to learn about threat modeling and threat identification techniques. Excellent English – written and verbal. Service-oriented and customer-centric mindset. Ability to follow established processes. Nice to have: BSc or MSc in any relevant IT field. Basic scripting knowledge (Python, Shell Script, PowerShell). Interest in pursuing security certifications (e.g., Security+ certification). Familiarity with basic security concepts and tools. Knowledge of security frameworks and standards (ISO 27001, NIST, CIS). Basic understanding of cloud security principles. Eagerness to learn about threat hunting techniques. If this role excites you, but you are worried that you don't fit all the requirements, please send your application anyway. We would love to get in touch

Senior Manager EXL/SM/1419365 Global TechnologyNoida Posted On 16 Jul 2025 End Date 30 Aug 2025 Required Experience 10 - 12 Years Basic Section Number Of Positions 1 Band C2 Band Name Senior Manager Cost Code G070601 Campus/Non Campus NON CAMPUS Employment Type Permanent Requisition Type New Max CTC 2500000.0000 - 3000000.0000 Complexity Level Not Applicable Work Type Hybrid – Working Partly From Home And Partly From Office Organisational Group Enabling Sub Group Global Technology Organization Global Technology LOB Global Technology SBU Technology Operations Country India City Noida Center Noida - Centre 59 Skills Skill RISK & COMPLIANCE AUDITS CLOUD SECURITY AI TOOLS CYBER SECURITY ENDPOINT SECURITY Minimum Qualification BCA Certification No data available Job Description Key Responsibilities Assess, design, implement, and govern enterprise-wide cybersecurity and technology risk frameworks , including NIST, Zero Trust Architecture, MITRE ATT&CK , and other global standards. Build and deploy AI/ML and Generative AI-based solutions to automate cyber risk detection, response, control validation, and reporting processes. Utilize Prompt Engineering and Large Language Models (LLMs) such as GPT (OpenAI), Gemini (Google), LLaMA (Meta), Claude (Anthropic), etc., to solve real-world cybersecurity challenges. Apply code, low-code, and no-code approaches for automating and modernizing risk controls and compliance processes. Leverage advanced technologies including Next-Gen SIEM, SOAR, CNAPP, ZTNA, passwordless authentication , EDR/XDR, DLP, Microsegmentation, and multi-cloud native security services . Lead the design and implementation of AI-powered observability platforms to drive real-time telemetry, threat detection, behavioral analytics, and performance insights across infrastructure, applications, and security domains. Familiarity with platforms like Datadog, Dynatrace, New Relic, Splunk, Azure Monitor, Elastic, OpenTelemetry, and Grafana is expected. Collaborate across cross-functional teams to deliver secure-by-design outcomes for digital transformation and modernization programs. Frontend Internal / External audits and First Line Compliance control assurance and ensure key Risks are Self-Identified. Required Skills & Experience 10–12 years of experience in cybersecurity, technology risk, and compliance , with proven delivery in AI-infused environments . Hands-on expertise in Generative AI , ML , LLMs , vector databases , and related toolchains (e.g., LangChain, OpenAI APIs, HuggingFace, Pinecone, Weaviate). Experience with observability, AIOps, and telemetry pipelines using tools like Datadog, Prometheus, Loki, Fluentd, and Elastic Stack . Strong scripting and automation experience (e.g., Python, PowerShell, Bash, YAML) and proficiency in low-code/no-code platforms (e.g., Power Automate, ServiceNow, UiPath). Deep understanding of cloud-native security , DevSecOps , and risk automation across AWS, Azure, and GCP environments. Strong communication, stakeholder engagement, and analytical problem-solving abilities. Preferred Certifications CISSP, CISM, CRISC, CCSP, or equivalent cybersecurity and risk credentials. Certifications in AI/ML , cloud platforms (AWS, Azure, GCP) , are a plus. Mindset & Culture Fit Passion for innovation, automation, and continuous learning in cybersecurity and AI. Ability to collaborate across technology, operations, compliance, and business teams to build future-ready solutions. Self-starter with a bias toward action and measurable impact. Workflow Workflow Type L&S-DA-Consulting

Manager EXL/M/1424185 Emerging ConsultingNoida Posted On 17 Jul 2025 End Date 31 Aug 2025 Required Experience 5 - 10 Years Basic Section Number Of Positions 1 Band C1 Band Name Manager Cost Code P050117 Campus/Non Campus NON CAMPUS Employment Type Permanent Requisition Type New Max CTC 1725000.0000 - 2085000.0000 Complexity Level Not Applicable Work Type Hybrid – Working Partly From Home And Partly From Office Organisational Group Emerging Sub Group Emerging Business Unit Organization Emerging Consulting LOB FRAC Consulting SBU FRAC Consulting Country India City Noida Center Noida - Centre 42 Skills Skill ITGC IT AUDIT IT GOVERNANCE AND RISK CONTROLS INFORMATION SECURITY GOVERNANCE Minimum Qualification BTECH CA BCOM Certification No data available Job Description The Audit Manager position will be required to lead audit staff and manage the execution of IT and information system security audits along with leading operational assurance and advisory projects. Successful IT Audit Manager candidates must be able to lead the completion of technical IT audits that support financial or business operations including Sarbanes-Oxley 404 requirements. The IT Audit Manager must be able to effectively interact with IT and business leadership to drive risk mitigation and to stay abreast IT operational changes and emerging technologies. This position will be required to work with IT on key IT initiatives and priorities including Enterprise Risk Management. MUST : Business Development experienced professional with IT internal audit or controls experience to align on sales agenda while integrating practical knowledge on governance Proficient in SAP, S4 HANA, SAP GRC. Responsibilities Managing a team of auditors performing both IT audit and other advisory and assurance projects Building a team of talented IT auditors through coaching and development activities Developing annual IT audit plan of high risk / importance projects based on independent research and knowledge, interactions with Company leadership and peer benchmarking Performing pre- and post-implementation audits of new system implementations, expanding ERP footprint, application re-writes, etc. Auditing key system functionality and systematic controls Working together with management to assist in identifying opportunities to enhance efficiencies and effectiveness of processes and strengthen controls Liaising with IT management to provide ongoing advisory support for system implementations and key IT initiatives (IT security, BCDR, etc.) Evaluating the design and execution of the IT general and application controls for Sarbanes-Oxley compliance Establishing and maintaining effective relationships with management, external auditors, and other partners to further develop Company knowledge and auditing skills Requirements Bachelor's Degree, preferably in Management Information Systems, Accounting Information Systems, Computer Science or other IT related discipline. Master’s Degree preferred CISA, CISSP, CPA or CIA a plus Minimum of seven years of experience in IT audit, IT development, internal audit, public accounting, finance, and/or information systems Minimum of four years of experience in leading audit staff and managing execution of the audit plan Strong human relations, analytical, and oral and written communications skills Understanding of key IT processes such as Disaster Recovery, IT Security, Software Licensing, Third Party Hosted Services, etc. Knowledge of internal audit principles (IIA Standards, and COSO) and IT control frameworks (COBIT, NIST, SANS, and ISO) Familiarity with the following technical areas/platforms beneficial: Operating Systems: IBM Mainframe/RACF, Linux, AIX Databases: Oracle, SQL Server, Informix ERP: SAP, SAP HANA, S4 HANA, JDE Experience in conducting risk assessments and facilitating enterprise risk management a plus Experience developing and leading a data analytics program a plus Workflow Workflow Type L&S-DA-Consulting

The Audit Manager position will be required to lead audit staff and manage the execution of IT and information system security audits along with leading operational assurance and advisory projects. Successful IT Audit Manager candidates must be able to lead the completion of technical IT audits that support financial or business operations including Sarbanes-Oxley 404 requirements. The IT Audit Manager must be able to effectively interact with IT and business leadership to drive risk mitigation and to stay abreast IT operational changes and emerging technologies. This position will be required to work with IT on key IT initiatives and priorities including Enterprise Risk Management. MUST : Business Development experienced professional with IT internal audit or controls experience to align on sales agenda while integrating practical knowledge on governance Proficient in SAP, S4 HANA, SAP GRC. Responsibilities Managing a team of auditors performing both IT audit and other advisory and assurance projects Building a team of talented IT auditors through coaching and development activities Developing annual IT audit plan of high risk / importance projects based on independent research and knowledge, interactions with Company leadership and peer benchmarking Performing pre- and post-implementation audits of new system implementations, expanding ERP footprint, application re-writes, etc. Auditing key system functionality and systematic controls Working together with management to assist in identifying opportunities to enhance efficiencies and effectiveness of processes and strengthen controls Liaising with IT management to provide ongoing advisory support for system implementations and key IT initiatives (IT security, BCDR, etc.) Evaluating the design and execution of the IT general and application controls for Sarbanes-Oxley compliance Establishing and maintaining effective relationships with management, external auditors, and other partners to further develop Company knowledge and auditing skills Requirements Bachelor's Degree, preferably in Management Information Systems, Accounting Information Systems, Computer Science or other IT related discipline. Master’s Degree preferred CISA, CISSP, CPA or CIA a plus Minimum of seven years of experience in IT audit, IT development, internal audit, public accounting, finance, and/or information systems Minimum of four years of experience in leading audit staff and managing execution of the audit plan Strong human relations, analytical, and oral and written communications skills Understanding of key IT processes such as Disaster Recovery, IT Security, Software Licensing, Third Party Hosted Services, etc. Knowledge of internal audit principles (IIA Standards, and COSO) and IT control frameworks (COBIT, NIST, SANS, and ISO) Familiarity with the following technical areas/platforms beneficial: Operating Systems: IBM Mainframe/RACF, Linux, AIX Databases: Oracle, SQL Server, Informix ERP: SAP, SAP HANA, S4 HANA, JDE Experience in conducting risk assessments and facilitating enterprise risk management a plus Experience developing and leading a data analytics program a plus

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY-Digital Risk – OT – Manager As part of our Risk Consulting, you will be joining the Digital Risk Consulting Team. As part of the Consulting, you will handle leading and managing OT security engagements for various clients across the MENA region. Working with Digital Risk team, you will also perform IT/IS/OT Risk assessment, IT/IS Governance, ERP reviews and conduct maturity assessment on the client’s current IT/IS/OT posture. The client base spans across various sectors and includes collaboration with other teams within Consulting services. The opportunity We are looking for a manager with expertise in IT/ OT Assessments/Framework Implementation to join the Digital Risk team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering. Your Key Responsibilities Responsible for working with multiple client engagements and teams at a Senior level within the MENA region. Lead and deliver OT Risk assessments, Architecture review, and maturity evaluation across DCS and ICS environments. You can expect to work with high level client personnel to address Information security, IT/OT Security and Business continuity risks. You are also expected to perform internal control testing, develop control frameworks, and provide internal audit services in IT/OT/InfoSec space for the MENA stakeholders. You will assess the client’s current state of internal controls and identify risks and subsequent recommendations. Working with client personnel to analyse, evaluate and enhance systems facilitating the process control, and assisting clients and other technology professionals in performing IT/OT control audits, IT/OT security framework development engagements. Mentor and coach junior team members, fostering their technical and professional development. Help develop/respond to go to market, RFP/RFI responses. Practice building Skills And Attributes For Success Strong knowledge of industrial control systems (ICS), SCADA systems, and other OT technologies. Good understanding of how OT and IT devices interact with each other and how OT devices work. Good to have knowledge of regulatory requirements and standards related to ICS/OT security (e.g., NIST, IEC 62443) Excellent communication and stakeholder management skills, especially in cross functional industrial settings. Experience with network security solutions, including firewalls, intrusion detection systems (IDS) etc. Analytical skills to screen through data and logs to identify the patterns indicative of cyber threats or threat actor methods. Effective communication skills for interacting with technical and non-technical colleagues and stakeholders. Demonstrating and applying strong project management skills, inspiring teamwork, and responsibility with engagement team members Relevant certifications are desirable. To qualify for the role, you must have A bachelor’s degree A minimum of 10-15 years of experience working as Information security professional with IT/IS/OT internal audit background in a professional services firm. Excellent communication skills with consulting experience preferred. A valid passport for travel. Ideally, you’ll also have B. Tech/ B.E. / B.Sc. / M. Sc. in Computer Applications / Engineering, or a related discipline. ISA 62443 expert, CISA, CISSP, GICSP (anyone certification is desired) What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

At the International Maritime Institute (IMI), we are on a mission to prepare the next generation of seafarers who will shape the future of our global supply chain. As the Senior IT Operations Manager, you will be at the helm of our technological infrastructure and applications, ensuring smooth operations that propel our mission forward. This is your chance to help shape and drive the IT landscape across three campuses and over 700 students. Based in Delhi (Noida), you will be a vital member of the Caravel Group, which includes both IMI and Fleet Management Limited. Reporting to the Head of IT Operations in Hong Kong, you will collaborate closely in Delhi, giving you the unique opportunity to influence campus services and ensure they meet service-level agreements—all while championing high security and efficiency standards. We seek a dynamic leader with a strong technical background in IT infrastructure, system security, vendor management and cloud technologies. In this role, you will lead the IT team forging partnerships with academic and administrative stakeholders to build a secure and highly available IT ecosystem. If you are ready to tackle exciting technological challenges, drive transformative solutions and leave your mark on the future of maritime education then this is the role for you. Job Description : As an Senior IT Operations Manager, your typical day might include: Service Maestro: Mastering Incident & Change Management Handle incidents, problems, and change with precision, ensuring all issues are resolved within SLA. Escalate to internal and external teams as needed Continuously enhance your skills to assist with first-time incident resolution, transforming challenges into learning opportunities Identify recurring issues and service risks, crafting innovative solution to prevent future occurrences. Analyze incidents to uncover root causes and implement effective changes Infrastructure & Cloud Guardian: Elevating Technology Solutions Guide the organization in leveraging technology to achieve strategic outcomes, ensuring our systems are equipped for success Develop, build and implement a strategic roadmap to align to wider business goals for the growth of IMI Supervise upgrades and installations, guaranteeing that all systems are built and maintained to the highest standards Ensure adherence to policies for cloud management, including regular disaster recovery testing, safeguarding our digital assets Take ownership of risks identified in the Risk Register related to infrastructure, proactively addressing potential vulnerabilities Leader & Cross Functional Collaborator: Driving Excellence Inspire and develop team members to reach their full potential, fostering a culture of growth and excellence Encourage team members to share knowledge articles for the self-service portal, empowering others through information Work closely with the broader IMI family, including Caravel Group and Fleet Management Limited, ensuring seamless collaboration and standards across the Group. Essential – You must be able to show… 7+ years of experience independently leading IT Operations at a company with 200 staff members across 3 locations. Proven people management skills - Experience in leading, mentoring and developing a team of at least 3 people Experience with IT asset management and Firewalls such Meraki & Cisco Familiar and implementation experience of security standards such as ISO27001/NIST/CIS Strong vendor management skills, particularly for infrastructure and ERP systems Strong analysis skills in identifying root causes, defining options and recommendations Demonstrable in defining, leading and implementing continuous improvement plans Ability to influence and communicate effectively with senior (C-Level) executives in spoken and written English Desirable – Would be great if you have these… Industry certifications in Microsoft MCSE, Microsoft 365, AWS, Google Cloud, Azure, Security, or ITIL Project Management experience, focused around integrating external / SaaS solutions. Experience managing Linux Operating Systems and/or cloud environments such as AWS or Azure.

Information Protection Senior Advisor - HIH - Evernorth (Cyber S ecurity Architect) Position Summary: This role is for a highly motivated Security Architect, with a background in cloud and DevOps security. The Security Architect (PSA) works closely with architecture, development, product, and other teams across the enterprise to design and integrate security into the solution lifecycle from design through deployment. This person will be responsible for defining security requirements, performing security design assessments, and providing teams with remediation and mitigation guidance and advice. Security Architects engage on strategic initiatives, programs, and projects throughout the enterprise including cloud, AI/ML, etc., as well as provide on-going guidance on security best practices. Experience Required: 13-16 years’ experience in information technology Min 8+ years’ experience in an information security architecture Min 5+ years application development and/or administrating and managing cloud solutions Practical experience in the application of security controls in security engineering, design, or developing reference architectures: NIST 800-53r(4/5), ISO 27001 Annex A / ISO 27002, Cloud Security Alliance – Cloud Controls Matrix (CCM v4), Center for Internet Security – Critical Security Controls (v7/8) Solid understanding of services and capabilities delivered by mainstream cloud service providers. Job Description & Responsibilities : Translate business priorities into information security requirements to ensure protections regarding the confidentiality, integrity, availability, and privacy of the enterprise’s technologies and its data. Monitor current and future security trends, changes in the business and business environment, as well as the evolving regulatory landscape and incorporate emerging trends into architecture engagements and strategic planning. Produce written technical reports and documentation; develop presentations on security approaches and solutions. Work directly with program and project teams to ensure that all relevant security risks are identified, evaluated, and appropriate security solutions are implemented to help manage risks to the enterprise. Provide strategic and technical security guidance for cloud programs and projects deploying in cloud environments. Responsible for the identification and documentation of architectural gaps and inefficiencies in existing solutions; support remediation and mitigation efforts through appropriate planning and roadmap development. Solid understanding of services and capabilities delivered by mainstream cloud service providers. Solid understanding of DevOps processes and associated security requirements and capabilities. Contribute to the Security Architecture guidance library including the development of reference architecture, security standards, security baselines, and other reference material. Strong work ethic and sense of urgency Ability to influence technical discussions and decisions. Ability to interact with a broad cross-section of personnel throughout the global enterprise to explain and compel adoption of security requirements. Other job duties as assigned. Experience Desired: Certification GIAC Defensible Security Architecture (GDSA) or other security architecture certification (ex. SABSA). Familiarity with Security life cycle, design review across concept, development through deployment Experience with threat modeling (all OSI layers), security analysis Education and Training Required: BE degree in MIS/Computer Science or related degree required. Professional Certification such as (any one): Certified Information Systems Security Professional (CISSP) SANS GIAC Certification(s) AWS/Azure Cloud Engineering Certifications Primary Skills: Written Communication Produce written technical documentation and reports that will be consumed by partners in the U.S. and throughout the global enterprise. Verbal Communication Ability to communicate with and influence a broad cross-section of personnel throughout the global enterprise to explain and compel adoption of security requirements. Time Management Relationship Management Self-Starter About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Associate Advisor - HIH - Evernorth Position Summary: The Security Architect role will report to the Senior Director of CIP Global Security Architecture and will be responsible for the development and maintenance of the Enterprise Security Architecture documents that comprise the security guidance library to support the enterprise security frameworks which consist of; Security Architecture Requirements, Design Patterns and Reference Architecture documents. This role engages with strategic initiatives and enterprise solutions in the development of security guidance and requirements that aims to better protect the confidentiality, integrity, availability, and privacy of the technology and data of the enterprise. Experience Required: 8+ years’ experience in information technology 5+ years’ experience in an information security architecture or similar role 3+ years administrating and configuring IT systems Practical experience in the application of security controls in security engineering, design, or developing reference architectures: NIST 800-53r(4/5), ISO 27001 Annex A / ISO 27002, Cloud Security Alliance – Cloud Controls Matrix (CCM v4), Center for Internet Security – Critical Security Controls (v7/8) UML diagramming using tools such as MS Visio Job Description & Responsibilities : Monitor current and future security trends, changes in the business and business environment, as well as the evolving regulatory landscape and incorporate emerging trends into security architecture guidance and input into strategic planning. Produce written technical documentation and reports; develop presentations on security approaches and solutions. Maintain a centralized Information Security Architecture data repository that includes reference architectures, security design patterns, security requirements, and other security reference material. Provide technical and security expertise to IT and business teams with a focus on developing the reference architectures, design patterns and associated security standards that ensure the protection of the corporate assets, brand, and data. Solid understanding of security protocols, cryptography, authentication, authorization, and other information security controls and associated best practices. Proven ability to influence other key IT and engineering constituents on the opportunity and appropriate use of security patterns and frameworks. Excellent written and verbal communication skills as well as business acumen. Strong work ethic and sense of urgency. Other job duties as assigned. Experience Desired: Security architecture certification (SABSA) or Architecture certification (TOGAF). Experience with threat modeling (all OSI layers), security analysis Familiarity with Security life cycle, design review across concept, development through deployment Solid understanding of services and capabilities delivered by mainstream cloud service providers. Education and Training Required: BA/BS degree in MIS/Computer Science or related degree required. Professional Certification/Training such as: Certified Information Systems Security Professional (CISSP) SANS GIAC Certification(s) Primary Skills: Written Communication Produce written technical documentation and reports that will be consumed by partners in the U.S. and throughout the global enterprise. Verbal Communication Ability to communicate with and influence a broad cross-section of personnel throughout the global enterprise to explain and compel adoption of security requirements. Presenting security concepts to technical and non-technical audiences in-person and online video conferencing Time Management Relationship Management Self-Starter About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

What are we looking for? Consultants, Senior Consultants Where are we hiring? India Job Requirements: Responsible AI SME/Project Manager We are looking for people who have demonstrated proven success in roles and through abilities in managing AI Governance projects, perform RAI assessments, understanding of global AI regulations and exposure to implementing AI guardrails . The candidate will be working as part of a Responsible AI and risk management team and deliver individual competencies as per the delivery plan. Infosys is a global leader in next-generation digital services and consulting with annual revenues of $16.31B (FY ‘22). We enable clients in 46 countries to navigate their digital transformation. Infosys Consulting partners with clients from strategy through execution to transform their businesses in areas such as business/ IT strategy, processes, organization, systems and risk. Infosys Consulting has 2,500+ people across the US, Europe, APAC and India from strategy / setting direction through execution, including operating and optimizing delivered solutions. IC-LS is dedicated to serving Life Sciences firms globally. Activities in scope for the requirement : Develop Responsible AI roadmap for the client to transition from current state to target state Perform AI governance maturity assessment to understand the current state Responsible AI capabilities and if required recommend the target state and outline a roadmap from AS-IS to TO-BE state. Identify Responsible AI principles applicable for different clients Identify risks associated with different use case themes like consumer facing chatbots, marketing use cases, contact center operations, etc. Identify risks associated due to data used, model being used, industry where AI product will operate, version of AI product, intended and impacted end users Categorize risk level of use cases based on EUR AI Act Recommend mitigation strategies against the risks identified and ensuring that the recommendations are implemented Identify relevant controls for organizations based on ISO 42001:2023 and NIST AI RMF Collaborate with Governance, risk and compliance team to help draft AI related documents Development of AI literacy roadmap based on regulatory requirements. Able to identify preliminary mitigation steps required to be followed for high-risk use cases Conduct Responsible AI knowledge sharing sessions for clients Recommend the suitable AI governance tool to the client based customized to their needs Lead client proposals around Responsible AI strategy and implementation Contribute to Responsible AI process refinement. Skill requirements : Mandatory Requirements : Experience in working on different types of risks related to AI – pre implementation, during implementation and post implementation Experience in categorizing risks & conducting RAI assessments for different types of use cases/applications/tools Experience in assessing both in-house and 3rd party procured AI/Gen AI applications to identify relevant risks Experience in working on go-to-market strategy with RAI offering/capability Experience in working on AI governance tools like OneTrust, Archer, IBM WatsonX Experience managing vendors and stakeholders for the end-to-end implementation of an AI governance solution at the organizational level. Understanding of global regulatory requirement related to AI development and implementation (EUR AI Act, NIST AI framework, ISO 42001:2023) Experience in working on training modules for Responsible AI implementation Display a strong awareness of the current landscape in terms of data and AI and associated risks. Display original thinking and ability to collaborate to ideate and implement innovative solutions to complex problems, aligned to the organization’s data and AI risk appetite Excellent communication skills, both verbal and written. Able to identify and establish relationships with senior stakeholders and be able to simplify complex problems to be quickly understood. Preferred Requirements: Master’s degree or local equivalent. Proven experience of Responsible AI or AI governance from a large organization. Experience in FMCG, FMCH, Pharmaceutical Industries. Knowledge of AI, Gen AI and RAI. Where are we hiring? Multiple Locations (India) Key words: Responsible AI , AI Governance, RAI assessments, RAI, AIGP, AI risks, RAI frameworks, AI risk management, Responsible AI compliance, Adherence to Responsible AI standards, Responsible AI maturity assessment

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. EY-Digital Risk – OT – Manager As part of our Risk Consulting, you will be joining the Digital Risk Consulting Team. As part of the Consulting, you will handle leading and managing OT security engagements for various clients across the MENA region. Working with Digital Risk team, you will also perform IT/IS/OT Risk assessment, IT/IS Governance, ERP reviews and conduct maturity assessment on the client’s current IT/IS/OT posture. The client base spans across various sectors and includes collaboration with other teams within Consulting services. The opportunity We are looking for a manager with expertise in IT/ OT Assessments/Framework Implementation to join the Digital Risk team. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering. Your Key Responsibilities Responsible for working with multiple client engagements and teams at a Senior level within the MENA region. Lead and deliver OT Risk assessments, Architecture review, and maturity evaluation across DCS and ICS environments. You can expect to work with high level client personnel to address Information security, IT/OT Security and Business continuity risks. You are also expected to perform internal control testing, develop control frameworks, and provide internal audit services in IT/OT/InfoSec space for the MENA stakeholders. You will assess the client’s current state of internal controls and identify risks and subsequent recommendations. Working with client personnel to analyse, evaluate and enhance systems facilitating the process control, and assisting clients and other technology professionals in performing IT/OT control audits, IT/OT security framework development engagements. Mentor and coach junior team members, fostering their technical and professional development. Help develop/respond to go to market, RFP/RFI responses. Practice building Skills And Attributes For Success Strong knowledge of industrial control systems (ICS), SCADA systems, and other OT technologies. Good understanding of how OT and IT devices interact with each other and how OT devices work. Good to have knowledge of regulatory requirements and standards related to ICS/OT security (e.g., NIST, IEC 62443) Excellent communication and stakeholder management skills, especially in cross functional industrial settings. Experience with network security solutions, including firewalls, intrusion detection systems (IDS) etc. Analytical skills to screen through data and logs to identify the patterns indicative of cyber threats or threat actor methods. Effective communication skills for interacting with technical and non-technical colleagues and stakeholders. Demonstrating and applying strong project management skills, inspiring teamwork, and responsibility with engagement team members Relevant certifications are desirable. To qualify for the role, you must have A bachelor’s degree A minimum of 10-15 years of experience working as Information security professional with IT/IS/OT internal audit background in a professional services firm. Excellent communication skills with consulting experience preferred. A valid passport for travel. Ideally, you’ll also have B. Tech/ B.E. / B.Sc. / M. Sc. in Computer Applications / Engineering, or a related discipline. ISA 62443 expert, CISA, CISSP, GICSP (anyone certification is desired) What Working At EY Offers At EY, we are dedicated to helping our clients, from startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career. The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of the client's experienced, objective, and industry-grounded viewpoints. Requirements Role & RESPONSIBILTY: Cyber Security Strategy and Governance Roles and Responsibilities: You will be responsible to perform multiple risk and gap assessments on various applications, services and Infrastructure components. You will be required to have impeccable interpersonal skill and will require to connect with various stakeholders across the globe. >> Skills: Knowledge of various Information Security Compliance and frameworks such as ISO 27001, NIST, etc Ability to understand and have experience in ISO 27001 : 2013 implementation for large organizations Ability to write information security policies and procedures as per best practices Possess understanding of key cyber security tools and solutions Ability to assess maturity of cyber security using various standards and guidelines Ability to "talk the security language" with client's management Possess excellent communication skills and should be willing to walk the extra mile on client delivery and excellence Must be an excellent team member and willing to participate in organization's initiatives on cyber security >> For Senior Managers: Should demonstrate capabilities of driving sales and engagement management for clients Should be a Technically capable of showcasing SME abilities on cyber security domains Candidates from other consulting firms will be preferred >> Certifications: Candidates must possess ISO 27001 : 2013 LI/LA and should be able to demonstrate their knowledge on the certified standard CISA, CISSP, CISM would be preferred Cloud certifications like CCSP, CompTIA would be an added advantage >> Educational Qualifications: Bachelor of Science / Bachelor in Engineering or Technology Masters program in Technology / IT or Information Security >> Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only Benefits People BENEFITS Continuous learning program Driving a culture of recognition through ‘ENCORE' our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health check-up (Manager & above, and for staff above the age of 30) Les Concierge desks Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives

Role: Security Engineer – Security Audit & Compliance Management Location: Turbhe Working Days: 6 days a week (Alternative Saturdays off) Salary Range - 22LPA Job Description: To ensure the organization's security controls, processes, and systems comply with internal policies, industry standards, and regulatory requirements by managing audits and driving continuous compliance improvements. Responsibilities: Lead and support internal and external audits (e.g., ISO 27001, SOC 2, PCI-DSS). Ensure security controls meet compliance obligations. Collaborate with teams to collect evidence, close audit findings, and improve security posture. Conduct compliance assessments and risk-based control reviews. Maintain documentation, compliance dashboards, and audit logs. Align security practices with frameworks like NIST, CIS, and COBIT. Monitor regulatory changes and update policies accordingly. Work with stakeholders to address gaps and enhance audit readiness. Promote a culture of compliance across the organization. Establish compliance framework including supporting policies, procedures, checklists, control narrations for new regulatory circulars and notification. Liase across organization for validating and improving security controls If you feel interested call or Whatsapp -8591744131

Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of the client's experienced, objective, and industry-grounded viewpoints. Requirements Role & RESPONSIBILTY: Cyber Security Strategy and Governance Roles and Responsibilities: You will be responsible to perform multiple risk and gap assessments on various applications, services and Infrastructure components. You will be required to have impeccable interpersonal skill and will require to connect with various stakeholders across the globe. >> Skills: Knowledge of various Information Security Compliance and frameworks such as ISO 27001, NIST, etc Ability to understand and have experience in ISO 27001 : 2013 implementation for large organizations Ability to write information security policies and procedures as per best practices Possess understanding of key cyber security tools and solutions Ability to assess maturity of cyber security using various standards and guidelines Ability to "talk the security language" with client's management Possess excellent communication skills and should be willing to walk the extra mile on client delivery and excellence Must be an excellent team member and willing to participate in organization's initiatives on cyber security >> For Senior Managers: Should demonstrate capabilities of driving sales and engagement management for clients Should be a Technically capable of showcasing SME abilities on cyber security domains Candidates from other consulting firms will be preferred >> Certifications: Candidates must possess ISO 27001 : 2013 LI/LA and should be able to demonstrate their knowledge on the certified standard CISA, CISSP, CISM would be preferred Cloud certifications like CCSP, CompTIA would be an added advantage >> Educational Qualifications: Bachelor of Science / Bachelor in Engineering or Technology Masters program in Technology / IT or Information Security >> Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only Benefits People BENEFITS Continuous learning program Driving a culture of recognition through ‘ENCORE' our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health check-up (Manager & above, and for staff above the age of 30) Les Concierge desks Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives

Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Our professionals provide the experience to help companies stay on track and deal with risks that could unhinge their business survival. Our services enable clients to effectively co-ordinate their key growth, quality and operational challenges and working in partnership with us, clients have the benefits of the client's experienced, objective, and industry-grounded viewpoints. Requirements Role & RESPONSIBILTY: Cyber Security Strategy and Governance Roles and Responsibilities: You will be responsible to perform multiple risk and gap assessments on various applications, services and Infrastructure components. You will be required to have impeccable interpersonal skill and will require to connect with various stakeholders across the globe. >> Skills: Knowledge of various Information Security Compliance and frameworks such as ISO 27001, NIST, etc Ability to understand and have experience in ISO 27001 : 2013 implementation for large organizations Ability to write information security policies and procedures as per best practices Possess understanding of key cyber security tools and solutions Ability to assess maturity of cyber security using various standards and guidelines Ability to "talk the security language" with client's management Possess excellent communication skills and should be willing to walk the extra mile on client delivery and excellence Must be an excellent team member and willing to participate in organization's initiatives on cyber security >> For Senior Managers: Should demonstrate capabilities of driving sales and engagement management for clients Should be a Technically capable of showcasing SME abilities on cyber security domains Candidates from other consulting firms will be preferred >> Certifications: Candidates must possess ISO 27001 : 2013 LI/LA and should be able to demonstrate their knowledge on the certified standard CISA, CISSP, CISM would be preferred Cloud certifications like CCSP, CompTIA would be an added advantage >> Educational Qualifications: Bachelor of Science / Bachelor in Engineering or Technology Masters program in Technology / IT or Information Security >> Compensation Compensation is competitive with industry standards Details of the compensation breakup will be shared with short-listed candidates only Benefits People BENEFITS Continuous learning program Driving a culture of recognition through ‘ENCORE' our quarterly rewards and recognition program Comprehensive medical insurance coverage for staff and family Expansive general and accidental coverage for staff Executive Health check-up (Manager & above, and for staff above the age of 30) Les Concierge desks Internal & Global mobility Various other people friendly initiatives Strong commitment to our Values such as CSR initiatives

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. About The Job As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom. At EY, we don't just focus on who you are now, but who you can become. We believe that it’s your career and ‘It’s yours to build’ which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self. About EY-Parthenon EY-Parthenon is a leading global strategy consulting organization, providing deep sector expertise and strategic insights to help clients navigate complex business challenges. We offer a dynamic work environment that fosters innovation and growth, with a strong emphasis on client impact and personal development. Within SaT – EY Parthenon, the Transaction Strategy and Execution team services clients with a full range of hands-on, operationally focused support and advice across the transaction life cycle, across buyers and sellers. We cover a wide range of operational aspects, including divestiture advisory services, carve-out readiness and support, operational due diligence, synergy assessment and delivery, day-one readiness assessment, 100- day planning, integration process support, carve-out/stand-alone costs assessment and risks, and cost reduction. Our professionals work on transactions and business development across the globe. GDS SaT – Transaction Strategy and Execution – Deal Tech - IT Infrastructure - Manager, India The Opportunity EY-Parthenon’s GDS Transaction Strategy and Execution (TSE) Technology team helps clients with IT-related aspects of M&A transactions: IT diligence: EY-Parthenon professionals evaluate a target's IT infrastructure & Cyber security to help clients assess its attractiveness. Deal tech: The TSE Technology team assesses the technology ecosystem and its role in M&A transactions. Infrastructure: Managing IT due diligence, sign-to-close, and post-integration activities from an IT Infrastructure perspective EY-Parthenon’s GDS TSE Technology professionals help clients navigate transaction risk and increase value from the beginning of a deal to its execution. This role requires prior expertise in managing complex IT integrations, separations, and transitions during mergers, acquisitions with extensive knowledge of IT systems, Datacentre, Cloud, Networking, Microsoft 365 and IT Security. Key Responsibilities Manage large to mid-sized engagements or workstreams of large engagements that help our clients solve some of their most pressing issues during transaction lifecycle. Support key decision makers in developing and executing their transaction strategy to secure deal value. Lead projects that span one or more IT Infrastructure (Hosting, Network, Digital Workplace, Messaging & Collaboration, Active Directory, Service Excellence) and cyber security (identifying vulnerabilities, risks, and gaps) functions in both deal and non-deal environments. Manage engagements, problem-solve, facilitate, ensure engagement success, and quality in delivery, Establish regular connectivity and reporting to the regional TSE partners. Build relationships with EY offices across the globe. Responsible for high degree of GDS user satisfaction with engagement processes and work products Assist in business development activities, including preparing internal materials, GTM content and presentations for client and internal pursuit meetings, engage on larger SaT projects and pitch for potential technology interventions. Ability to analyse the evolving market environment and build solutions / services to cater to the same. Develop Point of View documents and support business development initiatives Provide insights and observations based on technology, industry and functional knowledge and best practices. Leverage expertise in transactions, synergy assessments, and deal implementation on transactions related projects Conduct IT due diligence to assess the IT infrastructure of target companies, including hardware, software, networks, datacentres, and cybersecurity. Develop IT integration plans and roadmaps that align with the overall deal strategy and business objectives. Collaborate with cross-functional teams to ensure seamless IT integration during the sign-to-close phase. Manage the execution of IT integration projects, ensuring they are completed on time, within budget, and to the required quality standards. Identify risks and issues related to IT infrastructure during the deal process and develop mitigation strategies. Provide expertise in IT infrastructure optimization and consolidation post-deal closure. Lead IT infrastructure transitions during M&A, including cloud and datacentre migration, network integration, and identity management, ensuring minimal disruption and security compliance. Oversee Microsoft 365 migration, service desk consolidation, and IT monitoring to enable seamless post-transaction operations. Establish and maintain communication with key stakeholders to provide updates on project status and resolve any concerns. Ensure compliance with regulatory requirements and company policies throughout the deal process. Document lessons learned and best practices to improve future IT deal processes Skills And Attributes For Success Business and Commercially Driven - work in a fast-paced, exciting environment with strong business acumen to drive value to our clients Capability Development - contribute to our practice development initiatives, supporting the continued focus on our team as a great place to work Learning - learn and develop technical and personal skills to support achievement of career goals, through a blend of structured learning, coaching and experiences Building Relationships - cultivate strong working relationships with clients and support to key decision makers To qualify for the role, you must have A post Graduate degree in business management from a premier institute with 5-8 years of applicable consulting experience At least 4 years of experience in Transaction Strategy, Technology Strategy or Technology Transformation in a top tier consulting firm Lead large IT project execution experience with in-depth knowledge of IT project life cycles. Broad knowledge and deep understanding of one or more technical areas such as Infrastructure and Network, Cyber Security Framework (e.g., NIST, ISO 27001, GDPR, HIPAA), Solution Architecture / Pre-Sales, IT Contracts Management, Enterprise Architecture, Cloud / On-premise Technology etc. Experience in Technology aspects of Transaction lifecycle during Mergers, Acquisitions, Divestitures, and Carveouts. Due Diligence: Working experience in Due Diligence, particularly IT Due Diligence, Cyber Diligence, and Technology Diligence. Post-Deal transaction lifecycle: Working experience in post-deal lifecycle for Sell and Separate and Buy and Integrate transactions: Separation / Integration planning, Standalone models and Costing, Infrastructure Separation, Cutover Management, TSA Costing and Exit, Day-1 planning, and Logical Separation Technology Strategy: Experience in Technology Cost optimization, Technology Business Management, IT Budget forecasting, IT Chargeback, Cloud Economics, Cloud Financial Management, IT Value realization, IT Org sizing Experienced in Business Development activities such as RFPs, opportunity pursuits, winning large to mid-sized deals Strong leadership and team management abilities, with experience in building and motivating high-performing teams Exceptional communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels Good to have relevant certifications (e.g., AWS/Azure/GCP Solution Architect, PMP, ITIL, MCSE, CCNA) What You Can Look For A Team of people with commercial acumen, technology experience and enthusiasm to learn new things in this fast-moving environment An opportunity to be a part of market-leading, multi-disciplinary team of 3,500+ professionals Opportunities to work with EY SaT practices globally with leading businesses across a range of industries What We Offer EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career. Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Broad Role Description As a Customer Success Manager – Azure & Security , you will be the key point of contact for customers adopting Microsoft Azure and Cybersecurity solutions. Your mission is to drive customer success by ensuring secure and effective adoption of TTBS offered services, managing customer relationships, and supporting long-term strategic cloud and security goals. It's an Individual Contributor role. Key Role Deliverables 1. Act as a trusted advisor for customers implementing Azure infrastructure, services, and security frameworks. 2. Lead onboarding, training, and enablement for customers transitioning to Azure and Microsoft Security solutions (e.g., Defender, Sentinel, Entra). 3. Monitor customer health, usage, and satisfaction to proactively address risks and promote solution value. 4. Drive adoption of Azure-native security tools and best practices to strengthen cloud environments. 5. Collaborate with technical delivery, cloud architecture, and support teams to ensure customer success and alignment. 6. Conduct regular Executive Business Reviews (EBRs) and strategic planning sessions with key stakeholders. 7. Maintain a deep understanding of Microsoft’s Azure & Security roadmap to guide clients on optimization and innovation. 8. Identify expansion and upsell opportunities in areas like Azure cost optimization, compliance, Zero Trust architecture, etc. Right Person (Qualification & Experience) 1. B. Tech (Computer Science, Electronics etc.) 2. 5- 8+ years in Customer Success, Technical Account Management, or Cloud Consulting with a focus on Azure and/or cybersecurity. 3. Strong knowledge of Microsoft Azure, including core services (IaaS, PaaS), networking, identity, and security features. 4. Familiarity with Security solutions: Defender for Cloud, SIEM, SOAR, VAPT, SOC, Purview, etc. 5. Experience with compliance frameworks (e.g., NIST, ISO 27001, GDPR) and security best practices in the cloud. 6. Ability to manage technical conversations with C-level stakeholders and IT teams. 7. Strong project management, communication, and interpersonal skills. 8. Certifications preferred: Microsoft Certified: Azure Solutions Architect Expert Microsoft Certified: Security, Compliance, and Identity Fundamentals Microsoft Certified: Azure Security Engineer Associate

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture Design Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Conduct regular assessments of security frameworks to ensure alignment with evolving business needs. - Facilitate training sessions for team members to enhance their understanding of security protocols. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management. - Good To Have Skills: Experience with Security Architecture Design. - Strong knowledge of cloud security principles and practices. - Experience in risk assessment methodologies and frameworks. - Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information: - The candidate should have minimum 7.5 years of experience in Integrated Security Risk Management. - This position is based at our Chennai office. - A 15 years full time education is required.

Skills:- vulnerability management, information security, or a related discipline, Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls), Experience with ITSM tools and ticketing systems for remediation tracking. Experience:- 3-5 Years Location:- Hyderabad Shift Timing:- 11.00 am - 8.00 pm Analyst, Vulnerability Management Omnicom Global Solutions, Hyderabad IN About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyze technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking.

We are seeking a highly skilled and experienced Security Consultant to join our team. The ideal candidate should have experience in ISO consulting and implementation, with a strong understanding of information security standards and best practices. . Experience: 5+ years. Location: Kozhikode, Kerala. Working Mode : Hybrid Key Responsibilities: ISO27001 Consulting: Conduct gap analysis and readiness assessments for ISO27001 . Develop and implement Information Security Management Systems (ISMS) based on ISO27001 standards. Perform internal audits and support clients during external audits. Provide ongoing support and guidance to ensure continuous compliance with ISO27001. GDPR / Data Privacy: Assist in conducting data privacy impact assessments ( DPIAs ). Develop data protection policies and procedures. Support the implementation of data privacy frameworks. Risk Management: Identify, assess, and mitigate risks related to information security and data privacy. Develop risk management strategies and frameworks. Conduct risk assessments and provide recommendations for risk treatment. Client Engagement: Work closely with clients from India & Middle East to understand their specific needs and requirements. Prepare detailed reports and presentations for clients. Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. At least 5-6 years of experience in information security. Experience in ISO consulting and implementation. Familiarity with security frameworks such as NIST, CIS , and ISO 27001. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Relevant certifications such as CISA or ISO Lead Implementer/Auditor are preferred. Job Types: Full-time, Permanent Pay: ₹1,000,000.00 - ₹2,000,000.00 per year Benefits: Flexible schedule Health insurance Paid sick time Provident Fund Work from home Application Question(s): Do you have the certificate of ISO27001 ? Experience: Cybersecurity: 5 years (Required) data privacy impact assessments : 5 years (Required) ISMS based on ISO27001 standards: 5 years (Required) NIST, CIS: 5 years (Required) data protection policies and procedures. : 5 years (Required) Location: Kozhikode, Kerala (Required) Work Location: In person

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NA Minimum 12 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring compliance with security policies and regulations. You will also engage in proactive monitoring of security systems and respond to incidents, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Expected to provide solutions to problems that apply across multiple teams. - Facilitate training sessions to enhance team knowledge on security best practices. - Conduct regular security audits and assessments to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance. - Strong understanding of risk management frameworks and methodologies. - Experience with security incident response and management. - Familiarity with security compliance standards such as ISO 27001 and NIST. - Knowledge of network security protocols and technologies. Additional Information: - The candidate should have minimum 12 years of experience in Security Delivery Governance. - This position is based at our Gurugram office. - A 15 years full time education is required.

Job Title: Senior Manager – Microsoft Defender Security Location: Mumbai / Bangalore / Gurgaon Experience: 8+ Years Mode of Work: Hybrid Position Type: Full-Time Department: Cybersecurity & Risk Services About the Role: We are seeking a dynamic Senior Manager – Microsoft Defender Security with proven expertise in architecting, implementing, and managing Microsoft security technologies across enterprise environments. The ideal candidate will have a strong understanding of the Microsoft 365 E5 security suite, cloud security (Azure), and incident response mechanisms, with a vision to define robust security strategies and ensure regulatory compliance across diverse industry verticals. Key Responsibilities: Lead end-to-end security solution design and implementation using Microsoft Defender XDR , Microsoft Sentinel , and Azure-native security tools . Drive Zero Trust architecture initiatives and deploy Microsoft 365 Security tools including Defender for Endpoint, Identity, Office 365, Cloud Apps, and Microsoft Information Protection. Manage security projects including threat protection, endpoint management, and external attack surface reduction using Microsoft EASM and DigitalShadows. Act as a technical advisor and escalation point for security incidents and vulnerabilities , ensuring timely resolution and continuous improvement. Build and manage cross-functional teams for security assessment, remediation, and solution delivery in alignment with PCI-DSS, NIST, CIS, ISO 27001, and CMMI standards. Engage with stakeholders including CISOs, CTOs, and business heads to translate business goals into actionable security strategies. Conduct assessments and audits, prepare reports, and drive remediation activities for endpoint security, compliance, and governance. Provide guidance on migration and modernization projects including Azure Landing Zone security, Defender for Cloud integration, and AIP deployments. Mentor and guide junior security consultants and architects within the cybersecurity practice. Liaise with Microsoft and other OEMs for certifications, partner recognitions, and incentive programs. Required Skills & Experience: 8+ years of experience in cybersecurity with strong hands-on in Microsoft Defender Suite , Microsoft Sentinel , Azure Security , and Zero Trust implementations . Deep understanding of Microsoft 365 security tools and frameworks such as: Microsoft Defender for Endpoint, Identity, Office365, and Cloud Apps Microsoft Information Protection (AIP, Purview) Microsoft Sentinel (SIEM) Microsoft Defender for Cloud (CSPM, CWPP) Experience in incident handling and response , malware analysis, data loss prevention, and advanced threat protection. Strong scripting knowledge with PowerShell for automation and orchestration of security operations. Familiarity with external threat monitoring and digital risk protection using tools like DigitalShadows . Experience with email security platforms (e.g., Proofpoint, Ironscales) and Microsoft Exchange Online Protection . Certifications (Preferred): CISSP – Certified Information Systems Security Professional ECIH – EC-Council Certified Incident Handler Microsoft Certifications (any of the below): SC-100 : Cybersecurity Architect Expert SC-200 : Security Operations Analyst Associate SC-300 : Identity and Access Administrator Associate SC-400 : Information Protection Administrator Associate SC-900 , MS-500 , or any relevant Defender/Sentinel-related certifications Good to Have: Experience working with global clients in BFSI, energy, manufacturing, or retail sectors. Exposure to Microsoft Partner ecosystem , incentive programs, and technical pre-sales. Why Join Us? Work on cutting-edge Microsoft security technologies in transformative projects across India and the Middle East. Lead security modernization journeys of Fortune 500 clients. Opportunity to define security architecture standards for enterprise customers. Dynamic work environment with continuous learning and certification support.

Job Summary: We are seeking skilled SOC Analysts (L2 and L3) to strengthen our Security Operations Center team. The candidates will be responsible for monitoring, analyzing, and responding to security incidents using advanced security tools and processes. The L2 role will focus on deeper analysis and initial remediation, while the L3 role will handle complex threats, lead incident response efforts, and support threat hunting and tuning. Key Responsibilities: SOC Analyst – L2 Monitor security events and alerts from SIEM tools (e.g., Microsoft Sentinel, Splunk, QRadar). Investigate and triage alerts to identify false positives and real incidents. Perform initial incident response actions (isolate systems, reset credentials). Escalate high-severity or complex incidents to L3 analysts. Document findings, actions, and recommendations in ticketing systems. Work with threat intelligence feeds to understand attack trends and indicators. Support vulnerability management efforts and patch validations. Assist in playbook execution and incident lifecycle management. SOC Analyst – L3 Lead end-to-end incident response, including containment, eradication, and recovery. Perform in-depth forensic investigations, malware analysis, and root cause analysis. Develop and tune SIEM detection rules and use cases. Mentor L1/L2 analysts and review their investigations. Threat hunting using behavioral analytics and threat intelligence sources. Collaborate with threat intelligence teams for proactive defenses. Work closely with other teams (IT, Cloud, Endpoint) for coordinated responses. Create and maintain runbooks, incident reports, and compliance documentation. Required Skills and Qualifications: Solid understanding of cybersecurity principles, MITRE ATT&CK, and NIST framework. Familiarity with tools: SIEM (Sentinel/Splunk/QRadar), EDR (Defender, CrowdStrike), SOAR platforms. Hands-on experience in log analysis, network traffic analysis, and endpoint investigations. Understanding of firewalls, proxies, IDS/IPS, and cloud security. L3 Specific: 5+ years in a SOC environment or cybersecurity field. Advanced knowledge of threat analysis, malware reverse engineering, and threat hunting. Experience in tuning and optimizing SIEM/SOAR rules. Industry certifications preferred (e.g., GCIA, GCIH, CEH, CISSP, Microsoft SC-200, SC-300). L2 Specific: 2–4 years of SOC or cybersecurity operations experience. Good understanding of the incident handling process. Basic scripting or automation knowledge (PowerShell, Python) is a plus.

WPP is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities. Working at WPP means being part of a global network of more than 100,000 talented people dedicated to doing extraordinary work for our clients. We operate in over 100 countries, with corporate headquarters in New York, London and Singapore. WPP is a world leader in marketing services, with deep AI, data and technology capabilities, global presence and unrivalled creative talent. Our clients include many of the biggest companies and advertisers in the world, including approximately 300 of the Fortune Global 500. Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. Why we're hiring: WPP ET provides IT services for WPP, group owned operating companies and agencies. The WPP group is the world’s largest communications services group, and as a creative transformation company, WPP is helping its clients transform the future through extraordinary work. WPP IT is an integral part of that journey, and we are proud to provide technology for some of the world’s most creative brands. As part of the organisational design initiative at WPP the Group CIO has created a new Target Operating Model (T.O.M), which consist of 4 distinct business clusters in the group. These are: Integrated Creative, Media, Production, PR & Specialist and the Corporate Business Cluster. You will bring deep expertise in managing SOX ITGC audits, risk, and compliance standards, frameworks, and methodologies for publicly listed organisations to strengthen the risk and compliance posture. As part of the Corporate Cluster, you will implement WPP CCRCO mandated processes and practices across WPP HQ functions. Actively managing and driving SOX audit remediation, you will oversee technology risk resolution, communication, and collaborate with the Corporate Director of Cyber Risk & Compliance to prioritise remediation efforts, minimizing impact on the Corporate Cluster and the wider WPP group. Who you'll be working with: WPP Enterprise Technology are proud technology solutions partner for WPP Corporate Functions. Our collaboration is instrumental in coordinating and assuring end-to-end change delivery, managing the IT technology lifecycle, and maintaining a robust innovation pipeline. The CRC discipline within WPP ET plays a crucial role in this partnership. We are responsible for providing advisory and support to the corporate business cluster on critical areas such as Technology Audits, Technology Risks, Control Assurance, and Technology Compliance. Our objective is to ensure that all central functions at WPP HQ operate in a safe, secure, and compliant manner. The CRC function in the Corporate Business Cluster drives compliant IT operations for WPP HQ teams, managing Legal, regulatory, and contractual obligations. As a Risk & Compliance Manager, you will play a critical role in developing and implementing a world-class technology risk and compliance program to support WPP HQ Finance Functions. You will collaborate with the WPP Chief Cyber, Risk and Compliance Officer (CCRCO), WPP CISO, Director of Cyber, Risk and Compliance, and WPP HQ Finance department heads to set the CRC function's vision and strategy, and manage escalations for technology operational risks, compliance, audit, BCP, and DR assessments. As an SME, you will lead and develop a highly effective risk and compliance function, strengthening defences and promoting a proactive, collaborative approach. You will operate in a highly complex environment with multiple risk categories, including IT operations, information security, legal, regulatory, financial and commercial with broad impacts spanning both the Corporate Cluster and the WPP Group. What you'll be doing: Work closely with and assist CRC department head in developing a risk and compliance strategy for the corporate cluster that is aligned to WPP ET and CRC strategies. Establish technology risk & compliance community across the range of WPP HQ functions to drive the implementation and standardisation of agreed security governance, risk & compliance approach. Drive the Cluster’s CRC strategy and approach, by closely working with Corporate CRC Director CRC Discipline Lead and other ET stakeholders. Drive BC/DR planning to the appropriate level across the Cluster and ensure BC/DR plans are updated and reviewed annually. Conduct and support Technology Risk Assessments – e.g., quarterly risk landscaping - owning and driving Cluster-specific risk mitigation actions. Respond to tracking and reporting from Internal, External or Client Audit findings within the Corporate Cluster. Conduct CRC Cluster self-certification and self-monitoring of IT controls, and maintain an active liaising channel with the IT Ops function at WPP group level. Support CRC Cluster-wide input into the WPP IT Asset Register and CMDB owned by IT Ops teams. Be CRC point of contact for relevant business stakeholder escalations relating to Technology risk and compliance. Lead and oversee resolution of the most complex, critical, and impactful risk & compliance issues. Work across the CRC Cluster teams like Operational Security, Technology Operations, and Strategy and Architecture to design controls, deliver management information (KRIs) and risk mitigation plans. Drive engagement, comms and adoption for all risk, compliance and security tasks to ensure the rationale for task is understood, the mandate is embedded, and colleagues and partners are trained and can perform effectively and efficiently. Design and deliver a range of educational activities and material to embed a strong SOX Compliant culture, mindset and behaviours across the Cluster. Build strong relationships with the external stakeholders (customer, suppliers, other major bodies) as well as build a network of peers to bring innovation and insights on industry best practice, standards, frameworks, and processes to deliver a future-fit capability. Ensure that the Corporate Function remains compliant with national legislative, regulatory, contractual and WPP technology governance obligations. Support Cluster teams and functions during client pitch for winning new work by providing a compelling narrative to our prospective clients around the strength of our risk, compliance and security proposition. What you'll need: A minimum of 5 to 7 years of strong and deep background in managing SOX ITGC audits in complex global organisations. Key certifications (e.g. CISA, CRISC, CISSP, CISM, Azure & Dynamic 365) desirable but not essential Degree or equivalent (i.e. BSc, BEng, MSc) desirable but not essential Comprehensive knowledge of information security risk standards, frameworks and best practices (i.e., COBIT, SOX ITGC, ISO27K1, NIST, CIS, SOC, Cyber Essentials, GDPR) Ability to provide leadership on complex and unfamiliar situations, often involving risk and emotion Expert communicator with a track record of operating, partnering with and influencing up to and including exec-level stakeholders Able to lead highly complex programmes across multiple units and geographies with high-pressure deliverable Risk and Compliance subject-matter-expert with in-depth knowledge of technology governance in the cloud and on-prem IT technologies Good understanding of managing internal and external audits (i.e., SOC:1-2, SOX) and assurance activities, including testing the design and operational effectiveness of security controls Ability to operate and lead in a fast-paced organizational transformation and able to navigate and champion change across organisational / geographical complexity A genuine desire to lead, develop, coach and mentor junior team members Who you are: You're open : We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working. You're optimistic : We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected. You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day. What we'll give you: Passionate, inspired people – We aim to create a culture in which people can do extraordinary work. Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry. Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge? We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process. WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers. Please read our Privacy Notice (https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment) for more information on how we process the information you provide.