1810 Nist Jobs - Page 48

Job Summary: We are seeking a highly experienced SOC SME to lead complex incident response, design advanced detective controls, and perform proactive threat hunting across multi-platform environments. This role demands strong technical expertise in security operations and a proactive approach to threat mitigation. Work from Office - Bangalore location [Brookfield] Rotational and Night Shift applicable Mandatory Skill Set: 8+ years in Security Operations/Incident Response Hands-on with SIEM, SOAR, XDR platforms (e.g., Cortex XSIAM, Torq) Expertise in threat hunting and event analysis Knowledge of cyber frameworks: MITRE ATT&CK, NIST, Kill Chain Experience with EDR tools , network forensics , and log analysis Strong understanding of incident lifecycle and post-incident reporting Excellent analytical and communication skills Bachelor's degree in Computer Science or related field Key Responsibilities: Lead incident response (IR) and analyze complex security events Design and improve detective controls and alert use cases Conduct proactive threat hunting and trend analysis Stay updated on cyber threat landscape and threat actor TTPs Contribute to security innovation , tool enhancement, and process maturity Deliver detailed incident reports and post-mortem reviews Preferred Skills: Scripting: Python, PowerShell Cloud Security: AWS, Azure, GCP Certifications: CISSP, GIAC, CEH Strong grasp of defense-in-depth and layered security strategies

Job Description Summary STO Privacy, Risk and Compliance Team is seeking a highly skilled and experienced Senior Compliance Analyst to lead and manage regulatory and security compliance initiatives within our organization. The ideal candidate will have deep expertise in international security and privacy frameworks, including ISO 27001, ISO 27701, ISO 27017, ISO 27018, and GDPR. This role requires a strong technical background, with the ability to translate compliance requirements into actionable tasks for engineering teams. Project management skills and cloud expertise will be advantageous. Job Description Regulatory Compliance & Risk Management: Ensure compliance with security and privacy regulations and frameworks such as HIPAA, ISO 27001, ISO 27701, ISO 27017, ISO 27018, GDPR, and other relevant standards. Develop, implement, and maintain compliance policies, procedures, and controls partnering with product, Security, Privacy and Legal Teams. Conduct risk assessments, audits, and gap analyses to ensure compliance with industry standards and regulatory requirements. Liaise with internal and external auditors and regulatory bodies to support certifications and assessments. Monitor emerging regulatory changes and assess their impact on the organization. Technical Compliance & Engineering Collaboration Work closely with engineering, security, and privacy teams to integrate compliance requirements into system architectures and processes. Translate compliance controls into technical requirements for cloud and infrastructure teams. Support DevSecOps initiatives to ensure security and compliance in CI/CD pipelines. Provide guidance on data protection strategies, encryption, access controls, and security best practices to GEHC Product Teams. Project & Stakeholder Management Lead cross-functional compliance projects, ensuring alignment with business objectives and technical feasibility. Work with engineering teams to develop automated compliance monitoring solutions. Collaborate with legal, security, privacy, and Product teams to drive a unified compliance strategy. Communicate compliance objectives and updates to senior leadership and key stakeholders. Cloud & Security Expertise Support compliance efforts in cloud environments (AWS) and assess security risks related to cloud adoption. Assist in security incident response and remediation efforts related to compliance. Required Qualifications & Experience Bachelor’s or Master’s degree in information security, Computer Science, Law, or a related field. 5+ years of experience in compliance, security risk management, or a related field. Strong knowledge of ISO 27001, ISO 27701, ISO 27017, ISO 27018, GDPR, NIST 800-53 and other security/privacy regulations. Technical understanding of cloud security, encryption, IAM, DevSecOps, and network security. Experience translating compliance controls into technical and operational requirements. Strong project management skills, with experience leading compliance initiatives. Excellent stakeholder communication and collaboration skills. Experience working in a cloud-based environment (AWS, Azure, or GCP) is an advantage. Relevant certifications such as CISSP, CISM, CIPP/E, ISO 27001 Lead Auditor/Implementer are advantage Fluent English About Us GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world. Inclusion & Diversity statement GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support. Additional Information Relocation Assistance Provided: No Show more Show less

Job Description We are looking for a skilled Information Security Auditor to join our team. In this role, you'll help protect our organization's data and IT systems from cyber threats and ensure compliance with industry standards. Responsibilities Gain a thorough understanding of Ford's business objectives, processes, goals, and strategies to effectively analyze and interpret IT risks and technology challenges. Take charge of examining and analyzing technology and business risks by conducting IT audits, developing audit plans, defining scope and procedures, and preparing comprehensive audit reports. Research industry trends relevant to our environment, including those in automotive, finance, mobility, technology, cybersecurity, and auditing. Contribute to the development of a risk-based IT audit plan and help assess areas of risk that need IT audit procedures. Execute these audit procedures based on their risk and impact on the business, spanning various applications, technologies, and business processes. Collaborate with internal and external partners and monitor the completion of planned actions. Support departmental transformation efforts by piloting new processes and developing audit responses. Proactively identify business initiatives and changes in the business environment and evaluate their impact on both the business and the control environment. Collaborate with global business auditors on joint business and IT audits. Engage regularly with the Internal Controls, Legal, and Cybersecurity & Policy teams. Travels may be required as part of this role. Work location: Chennai, Sholinganallur ELCOT, Ford GTBC Campus. Qualifications Education Qualification: Bachelors or Masters degree in Computer Science or Information Technology or Cybersecurity. Must have: A minimum of two years of IT Security or IT Audit experience. Knowledge of Software development processes. A minimum of one IT Security certification, such as CISA, CISSP, or a similar technical certification. Possesses extensive knowledge of industry security frameworks, such as NIST and CIS, along with an understanding of inherent and control risks. Strong understanding of ISO 27001/2 standards. Proven experience in implementing or testing IT General Controls (e.g. Change Management, Disaster Recover, Cloud Service Provider Controls). Possesses excellent verbal and written communication skills, with the ability to effectively engage with all levels of leadership. Ability to work independently in a dynamic environment. Nice to have: Varied IT experience, such as programming, systems analysis, and security administration. Strong project management skills and ability to handle multiple tasks simultaneously. Join us and help safeguard our information systems while gaining exposure to innovative technologies and business processes. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description WHAT YOU’LL DO We are seeking a skilled and experienced Attack Surface Reduction Analyst with a strong background in penetration testing to join our cybersecurity team. The successful candidate will be responsible for identifying potential security risks and vulnerabilities in our organization's systems, applications, and networks, performing penetration testing, and facilitating and managing third-party penetration testing engagements. Who You’ll Work With Attack Surface Reduction team helps and contribute to improve the security posture of H&M by operating within an Agile model. We play a crucial role in proactively identifying and help in mitigating potential security risks and vulnerabilities across H&M's systems, applications, and networks, with the aim of preventing unauthorized access, data breaches, and other security incidents. Key Responsibilities: Conduct comprehensive vulnerability assessments (VA) and penetration tests (PT) on H&M's systems, networks, and applications. Utilize industry-standard tools and methodologies to identify potential vulnerabilities and weaknesses in our attack surface. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in a timely manner. Experience in designing, implementing, and managing vulnerability management processes and workflows. Facilitate and manage penetration testing engagements with third-party vendors. Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface. Develop and maintain security policies and procedures for our organization's systems, applications, and networks. Monitor our organization's systems, applications, and networks for unauthorized access, suspicious activity, and other security threats. Stay up to date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques. Who You Are We are looking for people with… Bachelor's degree in computer science, information security, or a related field. 6-10 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing. Proficient in using industry-standard vulnerability assessment and penetration testing tools (e.g., Kali Distro, Qualys, Burp Suite, etc.). Familiarity with industry frameworks and standards, such as NIST, OWASP, and CIS. Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders. Excellent analytical, problem-solving, and communication skills. Relevant certifications, such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus. WHY YOU’LL LOVE WORKING HERE At H&M, we are proud to be a vibrant and welcoming company. We offer our employees attractive benefits with extensive development opportunities around the globe. We offer all our employees at H&M attractive benefits with extensive development opportunities around the globe. All our employees receive a staff discount card, usable on all our H&M brands in stores and online. Brands covered by the discount are H&M (Beauty and Move included), COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, Afound. In addition to our staff discount, all our employees are included in our H&M Incentive Program – HIP. You can read more about our H&M Incentive Program here. In addition to our global benefits, all our local markets offer different competitive perks and benefits. Please note that they may differ between employment types and countries. JOIN US Our uniqueness comes from a combination of many things – our inclusive and collaborative culture, our strong values, and opportunities for growth. But most of all, it’s our people who make us who we are. Take the next step in your career together with us. The journey starts here. We are committed to a recruitment process that is fair, equitable, and based on competency. We therefore kindly ask you to not attach a cover letter in your application. Additional Information This is a full-time position, starting in June 2025 . Apply by sending in your CV in English as soon as possible, but no later than the 30th of May 2025 . Due to data policies, we only accept applications through the SmartRecruiters or career page Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Join our high-performing Cybersecurity team as a Cybersecurity Incident Response Analyst / SOC Specialist and take on a critical role in defending our enterprise from sophisticated and evolving cyber threats. This is an exciting opportunity for experienced professionals with 5+ years of hands-on experience in Security Operations Center (SOC) environments, incident response, and threat detection to make a meaningful impact in a fast-paced and highly secure infrastructure. You will be working alongside skilled cybersecurity experts, using advanced tools and frameworks to safeguard our global operations and ensure business continuity. Key Responsibilities:- Monitor, analyze, and respond to security events using SIEM tools including Blusapphire, IBM QRadar, Securonix, and Splunk . Perform Tier 1 & Tier 2 SOC operations , including event triage, threat detection, and initial incident response. Integrate and administer SIEM platforms and develop effective use-cases, alerts, dashboards , and reports. Conduct in-depth forensic analysis and investigations using tools like EnCase, FTK, Sleuthkit, and SANS SIFT . Collaborate with global teams to ensure timely and effective incident detection, response, and resolution. Support crisis response and participate in scenario planning and deception environment development (e.g., honeypots, honeytokens). Analyze advanced attacker TTPs and contribute to the improvement of defensive controls and strategies. Maintain documentation, reporting, and communication in a clear, concise, and actionable format. Mandatory Technical Skills:- SIEM Expertise: Blusapphire, IBM QRadar, Securonix, Splunk SIEM Administration and SOC Integration SOC L1/L2 Monitoring and SOC Operations Knowledge of IDS/IPS, malware analysis, firewalls, proxies Strong grasp of network protocols (TCP, UDP, DNS, DHCP, etc.) Familiarity with Windows/Linux infrastructure , cloud platforms (AWS, Azure, GCP) Incident response and investigation tooling (e.g., Kali Linux, IDA Pro) Scripting or programming skills (Python, Bash, etc.) preferred Qualifications & Industry Experience:- 5+ years of experience in cyber incident response and/or digital forensics Experience in large enterprise or regulated sectors (e.g., finance) Industry certifications preferred: CEH, GCIH, GCIA, GCFA, GNFA, SANS, EnCE, CRISC Deep understanding of security frameworks: OWASP, ISO27001, NIST, PCI DSS, CIS Strong communication skills – able to explain complex issues clearly across technical and business audiences Self-driven, ethical, with a high sense of urgency and decision-making ability Show more Show less

OT Security Architect Would you like to work with the latest technologies in security? Do you like working in collaborative teams and solving critical issues? Join our Security Team! We operate at the heart of the digital transformation of our business. Our team is responsible for cybersecurity architecture and data protection for our global organization. Partner with the best You will lead efforts to establish security standards and conduct site-level cybersecurity assessments for our manufacturing environments at Baker Hughes. As an OT Security Architect, you will be responsible for: Architectural Leadership: Lead the design and development of secure and resilient OT solutions, ensuring alignment with business objectives and industry best practices. Technical Expertise: Serve as a subject matter expert in OT security, providing guidance and mentorship to the OT security architect team. Solution Design: Collaborate with cross-functional teams to design and implement robust OT security solutions, considering the evolving threat landscape and emerging technologies. Risk Assessment: Conduct risk assessments and vulnerability analyses of OT systems, recommending mitigation strategies and proactive security measures. Technical Documentation: Create and maintain detailed architectural documentation, ensuring clarity and compliance with company standards. Collaboration: Work closely with stakeholders, including IT, engineering, and business units, to integrate security requirements into the OT ecosystem. Innovation: Stay abreast of industry trends and emerging technologies in OT security to drive innovation and continuous improvement. Incident Response: Collaborate with the incident response team to develop and test incident response plans for OT systems, as well as assist with remediating gaps identified in our OT architecture through real incidents, audits, assessments, or exercises. Compliance: Ensure compliance with relevant regulatory and industry standards in the OT security domain. Coach, mentor and lead a diverse group of OT architecture & engineering team members. Work cross functionally with other business departments and architecture teams to align activities and deliverables. Fuel your passion. Have Bachelor’s Degree in a relevant field (e.g., Cybersecurity, Product Manufacturing, Computer Science, etc.); or a comparable level of expertise gained through on the job experience. Have Proven experience as an OT solutions architect, or comparable position, with a focus on security Have Strong knowledge of industrial control systems (ICS), SCADA, and Operational Technology environments Have expertise in cybersecurity principles and practices related to OT environments. Have exceptional leadership, communication, and interpersonal skills. Have Ability to collaborate effectively across teams and influence decision-makers. Should be willing to travel based on project requirements. Desired Qualifications Have Master’s degree in a relevant field or relevant Industry certifications such as CISSP, GICSP, GRID, or similar. Have Extensive experience in architecting and securing complex OT environments. Have Familiarity with industry-specific standards and regulations (e.g., NIST, IEC 62443). Have Previous experience in the oil and gas or manufacturing sector. Have Experience with advanced security technologies such as anomaly detection and threat intelligence. Strong problem-solving abilities and a track record of delivering innovative solutions. Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working remotely from home or any other work location Working flexible hours - flexing the times when you work in the day to help you fit in everything in and work when you are the most productive Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. R133083 Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

OT Security Architect Would you like to work with the latest technologies in security? Do you like working in collaborative teams and solving critical issues? Join our Security Team! We operate at the heart of the digital transformation of our business. Our team is responsible for cybersecurity architecture and data protection for our global organization. Partner with the best You will lead efforts to establish security standards and conduct site-level cybersecurity assessments for our manufacturing environments at Baker Hughes. As an OT Security Architect, you will be responsible for: Architectural Leadership: Lead the design and development of secure and resilient OT solutions, ensuring alignment with business objectives and industry best practices. Technical Expertise: Serve as a subject matter expert in OT security, providing guidance and mentorship to the OT security architect team. Solution Design: Collaborate with cross-functional teams to design and implement robust OT security solutions, considering the evolving threat landscape and emerging technologies. Risk Assessment: Conduct risk assessments and vulnerability analyses of OT systems, recommending mitigation strategies and proactive security measures. Technical Documentation: Create and maintain detailed architectural documentation, ensuring clarity and compliance with company standards. Collaboration: Work closely with stakeholders, including IT, engineering, and business units, to integrate security requirements into the OT ecosystem. Innovation: Stay abreast of industry trends and emerging technologies in OT security to drive innovation and continuous improvement. Incident Response: Collaborate with the incident response team to develop and test incident response plans for OT systems, as well as assist with remediating gaps identified in our OT architecture through real incidents, audits, assessments, or exercises. Compliance: Ensure compliance with relevant regulatory and industry standards in the OT security domain. Coach, mentor and lead a diverse group of OT architecture & engineering team members. Work cross functionally with other business departments and architecture teams to align activities and deliverables. Fuel your passion. Have Bachelor’s Degree in a relevant field (e.g., Cybersecurity, Product Manufacturing, Computer Science, etc.); or a comparable level of expertise gained through on the job experience. Have Proven experience as an OT solutions architect, or comparable position, with a focus on security Have Strong knowledge of industrial control systems (ICS), SCADA, and Operational Technology environments Have expertise in cybersecurity principles and practices related to OT environments. Have exceptional leadership, communication, and interpersonal skills. Have Ability to collaborate effectively across teams and influence decision-makers. Should be willing to travel based on project requirements. Desired Qualifications Have Master’s degree in a relevant field or relevant Industry certifications such as CISSP, GICSP, GRID, or similar. Have Extensive experience in architecting and securing complex OT environments. Have Familiarity with industry-specific standards and regulations (e.g., NIST, IEC 62443). Have Previous experience in the oil and gas or manufacturing sector. Have Experience with advanced security technologies such as anomaly detection and threat intelligence. Strong problem-solving abilities and a track record of delivering innovative solutions. Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working remotely from home or any other work location Working flexible hours - flexing the times when you work in the day to help you fit in everything in and work when you are the most productive Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. R133083 Show more Show less

Plan, execute and report all IT Security and Business Automation related audit activities for OakNorth Bank plc. to provide independent assurance to senior management that the bank’s IT infrastructure and digital transformation initiates (incl. non-IT) are fit for purpose to allow the bank to safely deliver best-in-class services to all its customers. Job Responsibilities: Plan, execute and report all IT and cyber security related audit activities for OakNorth Bank plc Provide independent assurance to senior management that the bank’s IT infrastructure is fit for purpose to allow the bank to safely deliver best-in-class services to all its customers Ensure best practice and frameworks are followed to adhere to various audit guidelines and standards A Subject Matter Expert who can build a strong network for himself/herself and execute audit work autonomously all the way through to review whilst having a strong sense of customer service Manage IT related audit activities for the OakNorth Bank plc Delivers at least one audit per quarter: some audits to be delivered alone and others in partnership with the existing OakNorth audit team or empanelled co-sourced partner Document audit fieldwork, findings and prepare audit reports Review audit evidences and track closure of management actions Report on audit activity to senior management Continuously improve the IT audit methodology which suits the highly technical, disruptive, global, and fast-moving environment Supports IA team and colleagues on subject matter whilst keeping in mind team goals, not only individual targets Deliver internal and external certification audits Execute ITGC, network, cyber and cloud security audits Conduct internal audits to provide information whether the firm’s Information Security Management System conforms to the Internationally recognised Standards Deliver audits to evaluate the evolving cybersecurity automation ecosystem(“best-in-breed”) Perform cloud security assessments for AWS / Azure cloud platforms and other cloud-based solutions Carry out technical security reviews of firewall configurations, DLP, IAM, IPS /IDS and other critical applications Audit the continuously improving IT infrastructure model with newly emerging and flexible work solutions, post Covid-19 Continuously assess and report, how well the Bank assesses internal and external threats including email attacks and vulnerabilities, as well as the fitness for purpose and effectiveness of its strategic and tactical responses Challenge incident, disaster response and business continuity plans and review the test reports, outcomes to verify backup / restore set-ups and RPO / RTO levels Desired Skills: Hunger, fire (10x, momentum) Ability to work with others across teams, geographies, and legal entities (one team) Not a prima donna / ego issue (right ambition) Not highly political or “spin doctor” (say it as it is) Logical thinking, ability to get to the simplest answer as opposed to a convoluted one (challenge and simplify) An honest person who operates with a high degree of ethics and integrity through any situation (right ambition, say it as it is) Someone with a minimum of 3 years of banking / consulting experience in IT security audits Someone who holds a degree in information technology from a top institute with a consistently good academic record Holds at least one globally recognised IT certification, and working towards a second (IA / Risk or technical) Hands-on experience of working on some of the latest and best auditing / GRC tools A good understanding and knowledge of IT Security Compliance frameworks and industry control standards and, such as NIST, ISO 27001, COSO, COBIT, and ITIL A self-starter and fast learner; someone who can work and learn on his/her own Someone with gravitas and whose opinion matters; someone who is trusted by colleagues across the firm, from the most junior to the most senior A person who focuses on what matters most: outcomes; someone who relentlessly avoids hypothetical risks and verbose Show more Show less

Responsibilities: • As part of the GRC team deliver on engagements pertaining to information security, cyber security, risk management and privacy for our customers across the globe • Responsible for managing and delivering on accounts in accordance with CyRAACS quality guidelines & methodologies. • Execute the engagement requirements, prepare reports and schedules that will be delivered to clients and other parties • Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress • Develop and maintain productive working relationships with client personnel • Prepare status updates and prepare management presentations etc. • Actively contribute to improving operational efficiency on projects & internal initiatives. • Assist in creating innovative insights for clients, adapt methods & practices to fit operational team needs, contribute to thought leadership documents and develop new methodologies. • Understand and follow workplace policies and procedures • Flexible to travel to client location for the project delivery. Desired skills: • 3-5 years experience (preferably in consulting environment) • Strong knowledge of cyber/information security concepts, risk and controls concepts • Strong knowledge of any standards such as ISO 27001/2, ISO 22301, ISO 27018, ISO 27701, PCI DSS, NIST standards on Cyber Security, HITRUST, etc. • Good knowledge of IT risk and control / audit environment • Good understanding of IT Management Frameworks such as COBIT, ITIL and regulations such as RBI Guidelines, PCI Compliance, GDPR, HIPAA] etc. • Knowledge of vulnerability management • A good understanding of IT data centre operations and a variety of technology platforms • Excellent business communication skills, proficient in reporting and documentation • Ability to deliver work within tight timescales, to budget and to a high quality • Demonstrate attention to detail • ISO 27001 Lead Auditor and Lead Implementer preferred. • CISSP, CISA, CISM certifications desirable. Show more Show less

OT Security Architect Would you like to work with the latest technologies in security? Do you like working in collaborative teams and solving critical issues? Join our Security Team! We operate at the heart of the digital transformation of our business. Our team is responsible for cybersecurity architecture and data protection for our global organization. Partner with the best You will lead efforts to establish security standards and conduct site-level cybersecurity assessments for our manufacturing environments at Baker Hughes. As an OT Security Architect, you will be responsible for: Architectural Leadership: Lead the design and development of secure and resilient OT solutions, ensuring alignment with business objectives and industry best practices. Technical Expertise: Serve as a subject matter expert in OT security, providing guidance and mentorship to the OT security architect team. Solution Design: Collaborate with cross-functional teams to design and implement robust OT security solutions, considering the evolving threat landscape and emerging technologies. Risk Assessment: Conduct risk assessments and vulnerability analyses of OT systems, recommending mitigation strategies and proactive security measures. Technical Documentation: Create and maintain detailed architectural documentation, ensuring clarity and compliance with company standards. Collaboration: Work closely with stakeholders, including IT, engineering, and business units, to integrate security requirements into the OT ecosystem. Innovation: Stay abreast of industry trends and emerging technologies in OT security to drive innovation and continuous improvement. Incident Response: Collaborate with the incident response team to develop and test incident response plans for OT systems, as well as assist with remediating gaps identified in our OT architecture through real incidents, audits, assessments, or exercises. Compliance: Ensure compliance with relevant regulatory and industry standards in the OT security domain. Coach, mentor and lead a diverse group of OT architecture & engineering team members. Work cross functionally with other business departments and architecture teams to align activities and deliverables. Fuel your passion. Have Bachelor’s Degree in a relevant field (e.g., Cybersecurity, Product Manufacturing, Computer Science, etc.); or a comparable level of expertise gained through on the job experience. Have Proven experience as an OT solutions architect, or comparable position, with a focus on security Have Strong knowledge of industrial control systems (ICS), SCADA, and Operational Technology environments Have expertise in cybersecurity principles and practices related to OT environments. Have exceptional leadership, communication, and interpersonal skills. Have Ability to collaborate effectively across teams and influence decision-makers. Should be willing to travel based on project requirements. Desired Qualifications Have Master’s degree in a relevant field or relevant Industry certifications such as CISSP, GICSP, GRID, or similar. Have Extensive experience in architecting and securing complex OT environments. Have Familiarity with industry-specific standards and regulations (e.g., NIST, IEC 62443). Have Previous experience in the oil and gas or manufacturing sector. Have Experience with advanced security technologies such as anomaly detection and threat intelligence. Strong problem-solving abilities and a track record of delivering innovative solutions. Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns: Working remotely from home or any other work location Working flexible hours - flexing the times when you work in the day to help you fit in everything in and work when you are the most productive Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect: Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits About Us: We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, cleaner and more efficient for people and the planet. Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let’s come together and take energy forward. Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. R133083 Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech – Senior (IT audit – General skills) Key Responsibilities Your key responsibilities will include: Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Foster relationships with client personnel to analyse, evaluate, and enhance information systems to develop and improve security at procedural and technology levels. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business. Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge. Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 3-6 years of related work experience At least 2-4 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX Implementation and Testing of internal controls such as IT general controls, IT application controls, IPE related controls, interface controls etc. Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc. IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc. Strong exposure working in client facing roles, collaborate with cross functional teams including internal audits, IT security and business stakeholders to assess control effectiveness and facilitate remediation activities. Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM, CISSP, CRISC, CCSK, ISO 27001, and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. JD for Business Analysts / Tech BA Job purpose : Professionals with expertise and prior work experience on one or more of Banking areas (any of the below) Retail and Corporate Banking: Deposits, Loans, Cash, Collections, Payments, Forex, Trade Finance, Liquidity Management, KYC Lending (Securitized, Unsecure, Mortgages) Payments and Cards – Payment networks, Switch Regulatory and Compliance Treasury and Investment Banking Wealth Management Technical experience of working on defining banks solution and technology architecture, interfaces specification and data model mapping. Experience on process workflow tools & mapping & API tools and core banking solutions such as Infosys Finacle, Temenos T24, FIS profile/Modern Banking Platform, Oracle Core Banking and any Next Gen Core Banking platform would be added advantage. Your client responsibilities : Need to work as a Business Analyst in one or more Banking transformation projects. Excellent business communication skills Should exhibit deep experience in Banking during the client discussions and be able to convince the client on the solution Mandatory skills : Technical: Application functional and technical design Understanding of technology landscape and providing system configuration design across various banking technologies Knowledge of databases, infrastructure, application servers, Technical Architecture, Security and Performance management Good understanding of the banking solution and technology architecture including data models and structure Data mapping – process flow development, review client processes and workflows and make recommendations to the client. Ability to understand API specifications, integration patterns and document the same. Understanding of evolving banking technology landscape (Microservices, Cloud, Devops, RPA (Automation) etc. Functional: Business process and workflow design Business requirements, definition, analysis, and mapping Experience in requirements gathering, documentation and gap analysis in Banking areas defined above Documenting epics and user stories for functional and non-functional requirements Exposure in conducting or participating in product demonstration, training, and assessment studies. Analytical thinking in finding out of the box solutions with an ability to provide customization approach and configuration mapping. Excellent client-facing skills Should be able to review the test cases and guide the testing team and Business on need basis. End to end banking implementation and transformation experience. Having experience in functional aspects of any Core Banking/Digital Banking/mobile Banking Solution (COTS or custom) will be an added advantage. Should have knowledge in online and mobile banking also. Skilled at analysing existing system documentation to summarize existing system functionality as it relates to the project at hand Ability to work well under constantly changing deadlines and priorities Knowledge of Security standards and regulations NIST, ISO27000 and other security standards (specific certifications is a plus) It is expected that the Business Analyst, when necessary consults Technical Analyst, Customer and Application Expert, he/she is responsible for defining the solution, from a functional point view. The Business Analyst consults Customer and Application Expert, will define which is a document containing a high-level description of test strategy, test phases and test types as well as test environment, data requirements and acceptance criteria. The Business Analyst will collect the User Acceptance Test cases prepared by the Customer and will verify whether they are coherent with the Functional Specification. Deep experience in payments processing Knowledge about settlement systems (e.g. EBA, Target 2) Specific know how of Banking Finance and Risk End to end processes Problem solving and Open Points management. Analytical skills in data analysis Preparation of project documentation, according to UniCredit and/or project standards: SIM (Service Implementation Management) and RM (Release Management) Monitoring of Business requirements delivery Test management and organization Experience in development team coordination Preferred Work Location : This position offers flexibility to work from any EY GDS office in India. Education and experience – Mandatory MBA/ MCA/ BE/ BTech or equivalent with banking industry experience of 7 to 12 years EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Overview: We are seeking a highly skilled and experienced Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be responsible for designing, implementing, and maintaining Cloud Security Platform and security technologies to protect Qualys systems across various cloud environments as: Oracle Cloud Infrastructure (OCI) Amazon Web Services (AWS) Microsoft Azure Google Cloud Platform (GCP) Alibaba IBM Responsibilities: You would be responsible for cloud resource provisioning, IAM, policy creation, UAR, establishing cloud security monitoring, cloud security posture management along with designing and architecting the cloud environments as per security best practices and cloud security guidelines of various standards. You will work closely with cross-functional teams to ensure the effectiveness of security measures and help establish and enforce cloud security policies and procedures. Security Architecture Review : Review and assess the security architecture of cloud-based systems and applications to identify gaps and recommend improvements in alignment with industry best practices and regulatory requirements. Cloud Compliance Management : Ensure cloud environments adhere to relevant compliance standards and regulations by implementing appropriate security controls, conducting compliance assessments, and generating compliance reports. Cloud Security Governance : Establish and maintain cloud security governance frameworks, policies, and procedures to ensure consistent and effective management of security risks across cloud environments. Incident Response : Actively participate in incident response activities related to cloud security incidents, including investigation, containment, eradication, and recovery. Cloud Security Tooling : Evaluate, select, deploy, and manage security tools and technologies specifically designed for cloud environments, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud-native security services. Tools like Prisma Cloud, Orca Security, etc. Cloud Security Automation : Develop and implement automation scripts and workflows to streamline security operations tasks, such as configuration management, vulnerability scanning, and incident response orchestration. Cloud Risk Assessment : Conduct risk assessments of cloud services, configurations, and deployments to identify and prioritize security risks, and collaborate with relevant teams to mitigate identified risks. Cloud Security Research and Innovation : Stay abreast of emerging threats, vulnerabilities, and security trends in cloud computing, and actively engage in research and innovation to enhance the organization's cloud security posture. Skills: Understanding of cloud platforms like AWS, Azure, Google Cloud, OCI etc., including their services and architecture. Skills in designing secure cloud architectures, including network segmentation, data encryption, and disaster recovery strategies. Proficiency in managing user identities, permissions, roles, and access controls within cloud environments. Ability to set up monitoring tools, analyze security logs, and respond to security incidents promptly. Familiarity with cloud-native security services and tools provided by cloud providers (e.g., AWS Security Hub, Azure Security Center). Ability to assess security risks, prioritize them based on impact and likelihood, and develop strategies to mitigate them. Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other network security concepts. Familiarity with encryption algorithms, SSL/TLS protocols, and cryptographic key management for data protection. Experience with vulnerability scanning tools, penetration testing methodologies, and patch management processes. Knowledge of scripting languages (e.g., Python, PowerShell) and automation tools (e.g., Terraform, Ansible) to automate security tasks and configurations. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CCSK, CCSP and cloud native certifications like AWS, Azure, OCI, GCP are highly desirable. Proven track record of designing and implementing complex cloud environments preferably in a cloud security engineer role. Experience implementing security controls in cloud environments using tools such as AWS Security Hub, AWS GuardDuty, AWS IAM Analyzer, Azure Security Center, or Azure Defender or Google Cloud Security Command Center or Oracle Cloud Guard. Knowledge of industry-standard security frameworks and regulations (e.g., NIST, CIS, GDPR, HIPAA). In-depth knowledge of cloud components, IAM, and best practices, including user provisioning, access/policy management, authentication mechanisms Familiarity with CSP environments like OCI, AWS, Azure, GCP etc Experience with cloud governance processes, cloud security implementation, cloud security monitoring etc. Strong problem-solving and analytical skills, with the ability to assess complex cloud requirements, identify gaps, and propose effective solutions. Excellent communication and collaboration skills to work effectively with cross-functional teams, stakeholders, and external vendors. Strong project management skills to drive cloud initiatives, manage timelines, and deliver successful outcomes. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Join our advanced cybersecurity team as a Senior Security Analyst , where your expertise will be instrumental in strengthening our organizational security framework. In this pivotal role, you will lead the strategic implementation and management of vulnerability management programs, with a specialized focus on Qualys solutions , while also driving improvements in Cloud Security Posture Management (CSPM) and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP) . As a senior member of our security team, you will provide technical leadership , mentor junior analysts, and collaborate closely with cross-functional teams to proactively identify and mitigate cybersecurity risks. Your role extends beyond daily security operations to influencing security strategy, policy development, and automation initiatives . If you have a deep understanding of evolving threats and a commitment to enhancing enterprise security, we invite you to bring your expertise to our team. Key Responsibilities: Leadership & Strategy: Serve as a subject matter expert on vulnerability management, cloud security, and endpoint protection. Mentor and provide guidance to junior security analysts. Develop and refine security policies, best practices, and frameworks. Lead cross-functional security initiatives, collaborating with IT, DevOps, and engineering teams. Qualys Vulnerability Management: Oversee and optimize Qualys deployment across enterprise infrastructure. Design and implement advanced scanning configurations to ensure complete asset coverage. Analyze vulnerability data to identify critical risks, trends, and areas for proactive improvement. Coordinate remediation efforts, providing strategic guidance to IT and system administration teams. Cloud Security Posture Management (CSPM): Lead cloud security audits and compliance enforcement for multi-cloud environments. Implement and fine-tune CSPM tools to enforce industry regulations and internal security policies. Develop best practices for secure cloud configurations and integrate security into DevOps pipelines. Endpoint Security (EDR/EPP): Deploy and manage EDR/EPP solutions for advanced threat detection and response. Assist Qualys SOC in threat hunting and forensic investigations to identify and mitigate advanced threats. Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls. Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions. Automation & Security Orchestration: Design and implement security automation workflows to enhance efficiency. Explore orchestration solutions to automate remediation processes for recurring security gaps. Integrate security tools to provide a unified real-time security monitoring framework. Compliance & Risk Management: Ensure security controls align with industry standards (NIST, ISO 27001, CIS Benchmarks, DISA STIG etc.). Conduct periodic risk assessments and audits to proactively address security weaknesses. Maintain compliance with regulatory requirements and Qualys internal governance policies. Collaboration with Qualys Support: Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices. Participate in Qualys user forums and communities to share insights and learn from others' experiences. Qualifications & Experience: Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field. 3+ years of experience in cybersecurity, with a focus on vulnerability management, cloud security, and endpoint protection. Strong expertise in Qualys Vulnerability Management and security policy enforcement. Hands-on experience with CSPM tools and cloud security best practices. Proven track record in EDR/EPP deployment and security incident handling. Experience in security automation, orchestration, and integration with SIEM and SOAR platforms. Relevant certifications such as CISSP, CISM, CEH, or OSCP are preferred. Strong analytical, problem-solving, and communication skills. Ability to lead projects and mentor junior analysts while driving a security-first culture. If you're passionate about enhancing enterprise security , driving innovation , and leading critical cybersecurity initiatives , we encourage you to apply and join our team as a Senior Security Analyst ! Show more Show less

Company Description Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, all using our unique combination of data, analytics and software. We also assist millions of people to realise their financial goals and help them save time and money. We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.co m Job Description Job Description You will be based in Hyderabad and reporting to your manager. This is individual contributor (Non-Managerial) role The Vulnerability Management and Endpoint Security Compliance Team perform the following key functions: Vulnerability Management: You will assess and address vulnerabilities to minimize security risks. Endpoint Security: You will ensure comprehensive security measures are in place to protect all endpoints from threats. Data Analytics: Utilize data analytics to interpret security data, identify trends, and create applicable insights. Provide comprehensive reporting to support informed decision-making. Collaboration and Innovation: Work closely with teams to ensure security is integrated into our operations. Continuous improvement: Stay ahead of emerging threats and technologies to enhance our security posture. Conduct regular vulnerability testing to identify security weaknesses. Develop and implement strategies to mitigate identified vulnerabilities. Monitor security incidents to identify trends and patterns. Collaborate with IT and development teams to ensure security best practices are integrated into system designs. Maintain and operate vulnerability management tools such as Defender VM, Qualys, Tenable, and Rapid7. Generate detailed reports on vulnerability findings and remediation efforts. Stay up to date with the latest security threats, vulnerabilities, and technology trends. Provide training and guidance to staff on vulnerability management and security best practices. Maintain documentation for vulnerability management processes. Utilize Tines for automation of security workflows. Leverage Power BI for data analytics and visualization to interpret vulnerability data and provide actionable insights. Technical Skills: Proficiency with vulnerability management tools (e.g., Defender VM, Qualys, Tenable, Rapid7). Experience with network protocols and architecture. Knowledge of security frameworks such as NIST, ISO 27001/27002, and HIPAA. Experience with scripting languages (e.g., Python, Perl) for automation. Familiarity with cloud security and application security principles. Experience with Tines for security automation and orchestration. Proficiency with Power BI for data analytics and visualization. Data Analytics Skills: Ability to analyze large datasets to identify trends and patterns in vulnerability data. Proficiency with data visualization tools (e.g., Power BI) to present findings. Experience with statistical analysis and data modeling techniques. Qualifications Qualifications Bachelor's degree in computer science, information security, or a related field. Relevant certifications such as CISSP, CEH, CISM, or similar. 5 years' experience in a related role. Additional Information Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; World's Best Workplaces™ 2024 (Fortune Global Top 25), Great Place To Work™ in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site and Glassdoor to understand why. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is a critical part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, color, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Benefits Experian care for employee's work life balance, health, safety and wellbeing. To support this endeavor, we offer best-in-class family well-being benefits, enhanced medical benefits and paid time off. This is a hybrid remote/in-office role. Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here Show more Show less

Job description: Job Description Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats ͏ Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFP’s received from clients and ensure overall design assurance ͏ i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs ͏ 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails ͏ Deliver No Performance Parameter Measure 1Customer centricityTimely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers.2Support sales team to create wins% of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led Mandatory Skills: Palo Alto Networks - Firewalls . Experience: 8-10 Years . Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Risk Consulting - Protect Tech - Staff – IT Internal Controls Skills And Attributes For Success You will leverage your proven track record of IT Audit experience and strong personal skills, to effectively deliver quality results in the assessment, design, and support implementation of controls, security and IT risk solutions. To qualify for the role, you must have A bachelor’s or master’s degree and approximately 2-3 years of related work experience At least 1-2 years of experience in IT Risk and Compliance Design IT Risk Controls framework such as IT SOX framework Implementation and Testing of internal controls such as IT general controls, IT application controls, business controls, interface controls etc Identify control gaps, weaknesses and areas of improvements. Conducting IT internal control reviews, and review of SOC1 or SOC2 reports Knowledge of IT risk, information security or cyber security frameworks such as COSO, COBIT, ISO, NIST etc IT Compliance and regulatory assessments – IT Risk and Controls assessment with exposure of any of the technologies such as SAP, Oracle, Workday, MS Dynamics or emerging technologies such as Cloud, RPA, AI/ML OR IT Infrastructure and Architecture risk assessments including data quality and data migration reviews, data privacy reviews, OS DB reviews etc Excellent communication, documentation and report writing skills. Good to have relevant industry certifications such as CISA, CISM and others (as relevant) EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

About the Role We are seeking a highly skilled and motivated AI/ML Security Engineer to join our cutting-edge security team. You will be responsible for ensuring the security and governance of AI/ML models and systems, focusing on AI Governance , Threat Modeling , and Red Teaming . Your expertise will help safeguard critical AI applications from potential threats and vulnerabilities while establishing robust governance practices. Key Responsibilities Design and implement AI Governance frameworks to ensure security, compliance, and ethical use of AI models Conduct Threat Modeling to identify vulnerabilities within AI/ML pipelines and develop mitigation strategies Perform Red Teaming exercises to simulate real-world attacks on AI systems and evaluate their resilience Collaborate with data scientists and ML engineers to build secure AI models that resist adversarial attacks Develop and maintain security policies and best practices related to AI/ML applications Monitor and assess AI model behavior to detect anomalies and potential security breaches Stay up-to-date with the latest threats and vulnerabilities specific to AI/ML systems Document and communicate findings to stakeholders, including detailed technical reports and recommendations Skills and Qualifications Must-Have: Proven experience in AI/ML security and governance Strong knowledge of AI Governance frameworks and risk management practices Expertise in Threat Modeling techniques for AI/ML pipelines Proficiency in conducting Red Teaming exercises with a focus on AI systems Hands-on experience with Python and libraries related to AI and security (e.g., TensorFlow, PyTorch, Scikit-learn) Familiarity with adversarial attack techniques and defense mechanisms in ML models Solid understanding of cybersecurity principles and secure coding practices Excellent problem-solving skills and the ability to analyze complex security scenarios Good to Have: Experience with ML model explainability and interpretability techniques Familiarity with security frameworks like NIST and ISO related to AI/ML governance Knowledge of cloud security (AWS, Azure, or GCP) related to AI deployments Strong analytical and technical writing skills for documenting findings and solutions Show more Show less