6026 Nist Jobs - Page 5

#KeyResponsibilities #Governance & #RiskManagement Oversee tech-driven processes and ensure compliance #RiskAssessments Identify and monitor risks & controls across tech and security domains #Collaboration Work with stakeholders on RCMs, narratives, and process flowcharts #ControlTesting Evaluate design and operating effectiveness of controls #SelfAssessments & #Audits Conduct RCSAs and support external/internal audits #ProjectManagement Monitor project status, risks, and ensure compliance alignment #RegulatoryCompliance Advise on regulations related to tech/security #TeamLeadership Guide and mentor team members #TimeManagement Handle competing priorities effectively #Skills & Qualifications...

1.Conduct information security management reviews and information security management system (ISMS) assessments 2.Must have knowledge of various compliances like ISO 27001, SOC 2, PCI DSS, GDPR etc. 3.Ensure technical implementation and business processes are aligned 4.Lead the design, implementation, operation and maintenance security management systems 5.Participate in the creation, review and update of information security policies 6.Provide complex technical advice, recommendations and consultancy on networks, infrastructure, products and services supplied 7.Provide or assist with implementation documentation Ongoing project management 8. Must be ISO 27001 LA certified

Job Title: AI Solutions Architect Department: AI & Emerging Tech Location: Hyderabad and Pune Reports To: Head of AI Engineering Practice Role Summary The AI Solutions Architect is a senior technical leader responsible for designing, orchestrating, and guiding the implementation of GenAI, RAG, and agentic systems for P&C insurance clients. This role leads AI delivery pods, working closely with engineers, platform specialists, and evaluation teams to deliver scalable, compliant, and production-ready AI solutions. You will shape solution architectures, define agentic workflows, and act as a technical advisor to both internal stakeholders and client teams, ensuring that innovation translates in...

Key responsibilities Lead operational security initiatives across infrastructure and cloud environments Implement and maintain network security controls, including firewalls and segmentation Conduct vulnerability assessments and manage remediation workflows Drive adoption of Zero Trust principles across systems and services Oversee access control policies and identity management practices Coordinate and respond to security incidents and investigations Perform regular security audits and configuration reviews Develop and enforce backup and recovery strategies aligned with security policies Apply security hardening techniques across endpoints, servers, and cloud assets Align operational practi...

Job Title: GRC Consultant / Sr. Consultant Location: Coimbatore, Tamil Nadu Experience: Minimum 2 years Employment Type: Full-time About the Role: We are seeking experienced Governance, Risk & Compliance (GRC) Consultants to join our dynamic team in Coimbatore . You will play a critical role in helping our clients design, implement, and enhance their GRC frameworks, processes, and tools. If you have hands-on experience in GRC platforms (e.g., RSA Archer, MetricStream, ServiceNow GRC, etc.), compliance frameworks (ISO 27001, SOC 2, NIST, etc.), and a strong understanding of enterprise risk, this role is for you. Responsibilities: For GRC Consultant (2+ years): Assist in implementing and confi...

As a Cybersecurity GRC , this position plays an vital role to support the implementation and management of governance, risk, and compliance initiatives that safeguard the organization's information assets. This role involves assisting in the execution of cybersecurity policies, conducting risk assessments, participating in audits, and evaluating third-party risk. You will contribute to aligning business objectives with security best practices and regulatory standards such as ISO 27001, NIST, and ITGC. The position requires a foundational understanding of security frameworks and a collaborative approach to strengthening the organization’s cyber risk posture. Key Responsibilities Assist in the...

About Us: Soul AI is a pioneering company founded by IIT Bombay and IIM Ahmedabad alumni, with a strong founding team from IITs, NITs, and BITS. We specialize in delivering high-quality human-curated data, AI-first scaled operations services, and more . Based in SF and Hyderabad, we are a young, fast-moving team on a mission to build AI for Good, driving innovation and positive societal impact. About the Role We are looking for a Security Engineer to join us for critical projects. You will be working with big techs to help them in building cutting-edge AI foundational models meant to perform exceptionally well on secure architectures, threat detection, and risk mitigation workflows. In this ...

Required Skills & Qualifications: Proven experience (10+ years) in cybersecurity pre-sales Strong knowledge of security frameworks, standards, and compliance requirements (ISO 27001, NIST, GDPR, PCI-DSS, etc.). Hands-on expertise with one or more of the following: Network Security (Firewalls, IDS/IPS, VPNs, Zero Trust) Cloud Security (AWS, Azure, GCP, CASB, CSPM, CWPP) Endpoint Security (EDR/XDR, DLP) Identity & Access Management (IAM, PAM, MFA, SSO) Application Security (WAF, API Security, DevSecOps) Excellent communication, presentation, and interpersonal skills. Ability to engage with both technical and business stakeholders. Security certifications (CISSP, CISM, CCSP, CEH, or equivalent)...

As a Security Advisory Consultant at EY, you will play a crucial role in advising EY's Advisory and TAS service lines on security matters, including managing a global managed services platform, big data and analytics solutions, as well as individual line of business solutions. Your responsibilities will involve defining security architectures, providing security guidance, identifying security-related requirements, promoting secure designs, and facilitating the delivery of information security services throughout the system development life cycle. You will also be responsible for translating technical vulnerabilities into business risk terminology for effective communication with stakeholders...

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-l...

As an Identity Security Engineer at JLL, you will play a crucial role in supporting engineering efforts to enable and enforce identity security across JLL's global technology footprint. Your responsibilities will include: - Supporting the JLL enterprise Identity Security Engineering team's focus on both human and non-human identities - Serving as an engineer on both implementing and supporting secure identity practices in technology architectures - Systematically modifying and controlling identity security policy, standards, and guidance to address use cases related to users, on-premises services, cloud service providers, and SaaS - Collaborating closely with teams responsible for Active Dir...

About Us Sophos is a global leader and innovator of advanced security solutions for defeating cyberattacks. The company acquired Secureworks in February 2025, bringing together two pioneers that have redefined the cybersecurity industry with their innovative, native AI-optimized services, technologies and products. Sophos is now the largest pure-play Managed Detection and Response (MDR) provider, supporting more than 28,000 organizations. In addition to MDR and other services, Sophos’ complete portfolio includes industry-leading endpoint, network, email, and cloud security that interoperate and adapt to defend through the Sophos Central platform. Secureworks provides the innovative, market-l...

Chennai, Tamil Nadu, India Practice Information Systems Security Job posted on Sep 19, 2025 Employee Type Full Time Employee Experience range (Years) 5 years - 8 years Client Projects Investigate and analyze escalated security alerts and events from L1 analysts. Perform in-depth threat analysis using SIEM, EDR, IPS Conduct triage and root cause analysis of security incidents. Respond to and contain incidents according to the incident response plan. Provide guidance and mentorship to L1 SOC Analysts. Maintain and update security documentation and playbooks. Collaborate with IT and other departments during investigations and remediation. Required Skills & Qualifications: 3–6 years of experienc...

Job Title – Industry 4.0 – Enterprise Architect Management Level: 06 – Senior Manager Location: Mumbai/ New Delhi/Bangalore Must have skills: Industrial IoT, Data Analytics, Cloud Platforms, Manufacturing Execution Systems (MES)/SCADA Good to have skills: Digital Twin concepts and platforms, AI/ML model deployment and MLOps Job Summary: As a Solution Architect for Industry 4.0, you will be the crucial link between business problems and technology solutions. You will be responsible for designing end-to-end architectures that integrate client’s Operational Technology (OT) with Information Technology (IT) landscape , enabling data-driven decision-making, automation, and innovation on the factor...

As the Chief Manager (Governance/Risk) for a Scheduled commercial Bank, your role will be crucial in developing and implementing risk management policies to identify and mitigate operational, credit, market, and cybersecurity risks. Your responsibilities will include ensuring compliance with RBI regulations, Basel norms, and other legal requirements. Conducting risk control self-assessments (RCSA) and collaborating closely with internal audit teams are vital to enhancing governance practices. Your key responsibilities will also involve establishing and enforcing corporate governance policies, leading risk committees, and presenting risk reports to senior management. It will be essential to d...

Role Overview: You should have a Bachelor's degree in computer science, information systems, cyber security, or a related field. With at least 10 years of relevant experience in cyber security. Your knowledge should include information technology operation such as cloud, data, system, application, and infrastructure. You should also have knowledge of cyber security assessment including security audit, vulnerability assessment, and penetration testing. Familiarity with cyber security products like End-Point Solution (EDR), WAF, DLP, SIEM, and SOAR is required. Understanding market best practices and frameworks such as ITIL, ISO, PCI-DSS, and NIST is essential. Certification in cyber security ...

Job Summary Opening from Default - All locations The Company Serving the People Who Serve the People Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and their constituents together. We are on a mission to support our customers by meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn. Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more t...

Position: AI-Powered Data Security & Compliance Manager (with External Triage Oversight) Location: Remote (Global candidates welcome) Employment Type: Full-time / Contract-to-Hire About Us Proof Response Group builds high-trust service brands across North America — from PipeProof to HVACProof and now DataProof, our newest vertical specializing in urgent data breach triage and compliance support. We believe trust is everything. When businesses and individuals face a breach, they turn to us to restore confidence fast. This role sits at the center of that mission. The Role We are seeking a Global Data Security & Compliance Manager to: Protect data across our group of companies through rigorous ...

Position Summary The GRC Lead will lead the strategic governance, risk management, and compliance agenda to strengthen the organization's cybersecurity resilience and ensure regulatory compliance. Acting as a key leader and collaborator, the GRC Lead will own the development, implementation, and continuous improvement of the GRC framework, ensuring alignment with business goals, regulatory mandates, and industry best practices. This role will manage GRC operations, lead cross-functional teams, engage executive leadership, and steer strategic risk decisions to safeguard organizational resilience. Key Responsibilities Strategic Governance & Leadership Lead the design, execution, and maturation...

Overview: PracticeSuite, Inc. is an innovative platform to enable medical practices and other healthcare facilities to create an amazing patient experience. As a single platform, PracticeSuite has diverse features to modernize practices and take them to the next level. We are currently recruiting for a Manager, IT Security Governance. This position will be responsible for developing, implementing, and managing the organization's IT security governance programs. This role ensures that security policies, processes, and controls align with business objectives, industry standards, and regulatory requirements. The Manager will work closely with stakeholders across IT, legal, audit, and business u...

Role Summary This role requires a senior level Risk & Compliance thought leader, SME and portfolio lead with extensive experience in managing Risk & Compliance system development and products Implementation (NICE, FICO, Feedzai, Quantexa, LexisNexis, SymphonyAI, Clari5 etc) projects and portfolios. The candidate should have extensive domain knowledge in Risk, Compliance & KYC domain, API based application development. Exposure to AI based Risk & Compliance solutions is preferred. Job Duties Lead a Risk & Compliance industry solutions portfolio comprising of several development and implementation projects for clients with international repute. Ownership of point-of-view and thought leadership...

Position Summary - The position is a member of Risk & Compliance team within HCL Technologies. The DCO will be aligned to critical service delivery engagements and will be responsible for ensuring compliance in accordance to client, organizational & regulatory security requirements. Key Responsibilities - Perform the following functions: Required to have excellent understanding of the IT Control framework, in particular risk assessment and control selection Working experience in any two of the compliance programs (PCI DSS,HIPPA,ISO 27001,SOC2, SOX,NIST,FISMA,COBIT) Lead teams and efforts to ensure effective execution of periodic risk assessments and drive integration of remediation efforts w...

TJX Companies At TJX Companies, every day brings new opportunities for growth, exploration, and achievement. You'll be part of our vibrant team that embraces diversity, fosters collaboration, and prioritizes your development. Whether you're working in our four global Home Offices, Distribution Centers or Retail StoresTJ Maxx, Marshalls, Homegoods, Homesense, Sierra, Winners, and TK Maxx, you'll find abundant opportunities to learn, thrive, and make an impact. Come join our TJX familya Fortune 100 company and the world's leading off-price retailer. Job Description What you'll discover Inclusive culture and career growth opportunities Global IT Organization which collaborates across U.S., Cana...

CSOC Level 2 Analyst (Enterprise IT): Experience: • 3-6 years NP : Immediate - 15 days Expertise: • Well-versed in Microsoft Security Products, including MS Defender for Endpoint, Cloud, Identity, AV, and MS Sentinel. • Knowledge of Incident Response frameworks knowledge (NIST, MITRE ATT&CK, Cyber Kill Chain) • C-SOC Level 2 Analysts are responsible for advanced incident response activities, comprehensive log analysis, and detailed incident reporting. • Skilled in utilizing tools to enhance the efficiency of Incident Response within a SOC. • Experienced with THOR Scanner, VMRay, and Recorded Future Sandbox is a plus. • Knowledgeable in Application, Cloud, and Infrastructure security, includi...

Description: Information Security Risk Specialist Experience: 7 to 9 years Location: Bengaluru Key Responsibilities: • Develop, implement, and maintain an enterprise-wide information security risk management program. • Identify, assess, and document information security risks, ensuring alignment with business objectives. • Perform risk assessments, vulnerability analyses, and impact evaluations on IT systems and processes. • Collaborate with cross-functional teams to establish risk mitigation strategies and action plans. • Monitor, track, and report on risk metrics and key performance indicators (KPIs). • Stay updated on regulatory requirements and ensure compliance with standards such as IS...