3659 Nist Jobs - Page 8

We are seeking a highly motivated and experienced professional to build and lead our Insider Threat Risk Management team within the Information Security group. This role is critical in identifying, assessing, and mitigating insider risks to protect our firms critical data, intellectual property, and operational integrity. The Lead will develop and execute an insider threat program, leveraging behavioral analytics, security tools, and cross-functional collaboration to proactively detect and respond to threats. What You'll Do: Program Development Leadership: Design and implement a comprehensive insider threat and risk management program aligned with business and security objectives. Threat Detection Response: Utilize data analytics, behavioral indicators, and security tools (e.g., UEBA, DLP, SIEM) to monitor and investigate potential insider threats. Risk Assessment Mitigation: Conduct insider risk assessments, define detection methodologies, and recommend mitigation strategies. Collaboration Stakeholder Engagement: Work closely with Legal, HR, IT, Security Operations, and Compliance teams to develop policies, response frameworks, and training initiatives. Incident Handling Investigations: Lead investigations into potential insider threats, ensuring timely response and remediation while adhering to privacy and legal considerations. Security Awareness Training: Drive awareness programs to educate employees and leaders about insider risks and best practices. Regulatory Compliance Alignment: Ensure the program aligns with industry standards (e.g., NIST, ISO 27001, SOC2) and regulatory requirements. Continuous Improvement: Regularly assess and refine the program to adapt to evolving threats and business needs. What You'll Bring: Bachelors degree in information security, Cybersecurity, or related field. 6+ years of experience in information security, with a focus on information protection, DLP and data protection. Strong understanding of information security frameworks, regulations, and standards (e.g., ISO 27001, NIST, GDPR). Familiarity with network security, endpoint protection, and cloud security principles. Ability to balance proactive prevention with reactive incident response. High ethical standards and discretion when handling sensitive information. Demonstrated ability to build and lead teams, with excellent communication and interpersonal skills. Experience with security technologies such as data classification, DLP, encryption, SIEM, and access controls. Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Excellent analytical and problem-solving skills, with the ability to assess risks and recommend effective solutions. Strong communication and interpersonal skills to collaborate with various teams and stakeholders. Proven track record of successfully implementing and managing information protection programs.

Job Description: The Cloud Azure Network and Security Engineer is a pivotal role in the IT organization, responsible for architecting, implementing, and maintaining complex cloud environments that support the company's critical applications and services. As a Cloud Network and Security Engineer, you will be responsible for designing, implementing, and managing network infrastructure within AWS and Azure public cloud environments (primarily Azure) including on-prem DC to cloud connectivity, multi-cloud connectivity and intra-cloud connectivity . You will also be responsible for design and implementation of cloud based security controls . Your expertise will be pivotal in ensuring the reliability, scalability, and security of our cloud-based networks. You will work closely with cross-functional teams to optimize cloud network performance and troubleshoot complex issues. Key Responsibilities: Network Design & Implementation: Design and implement scalable and secure network architectures in Azure public cloud environments. Ensure integration with existing on-premises networks and cloud services. Configuration & Management: Configure and manage virtual networks, subnets, VPNs, load balancers, and firewall s , routing, etc. within Azure. Implement network segmentation and security controls to protect data and applications. Performance Optimization: Monitor network performance and troubleshoot issues to maintain high availability and reliability. Optimize network configurations to enhance performance and reduce latency. Security & Compliance: Implement and manage security policies and practices to protect cloud-based network resources. Ensure compliance with industry standards and company policies. Automation & Scripting: Develop and maintain automation scripts using tools like Terraform, Azure Resource Manager or other tools to streamline network provisioning and management tasks. Collaboration: Work closely with operations teams, application developers, and system administrators to support and troubleshoot network-related issues. Provide guidance on best practices for cloud network architecture and operations. Documentation & Reporting: Create and maintain detailed documentation for network configurations, processes, and procedures. Generate reports on network performance, incidents, and resolutions. Qualifications: Education: Bachelor’s degree in Computer Science , Network Engineering, Information Technology, or a related field, or equivalent work experience. Experience: Minimum of 5-7 years of experience in network engineering with a focus on cloud environments (AWS and Azure). Certifications: Relevant certifications such as Microsoft Certified: Azure Network Engineer Associate, or similar are highly desirable. Skills: Strong understanding and hands on experience with public cloud networking concepts and services (multi-tier networks, VNet , VPC, VPN, Azure Virtual Network, ExpressRoute, transit gateways, VPC Peering, VPN Gateways, DNS/Route53, Load Balancing, NAT, etc ). Proficiency in network protocols and services (TCP/IP, BGP, DNS, DHCP, HTTP/HTTPS). Experience with NiST security framework and implementation of security policies and controls. Experience with network monitoring and diagnostic tools. Knowledge of network security practices and tools (firewalls, IDS/IPS, encryption). Deep experience with network design within a public cloud environment with a strong focus on perimeter security. Familiarity with automation tools and frameworks (Terraform, AWS CloudFormation, Azure Resource Manager). Excellent problem-solving skills and the ability to troubleshoot complex network issues. Strong communication skills with the ability to work collaboratively in a team environment. Preferred Qualifications: Hands-on experience with setting up DR environments in multi-region scenarios. At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact. CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law. Applicants for employment in the US must be authorized to work in the US. CDK may offer employer visa sponsorship to applicants.

Who we are looking for An AVP within IT Regulatory Management Services (RMS) in India (Mum, BLR & Hyd only) who will assist in operational management and continuous improvement of regulatory exams, assessments and inquiries across any SS regulated entities. The role requires close collaboration with Technology stakeholders, Enterprise Risk Management, and IT Compliance – both globally and in region. This role can be performed in a hybrid model, where you can balance work from home and office to match your needs and role requirements. What you will be responsible for Deliver on time and with minimal oversight the execution of regulatory assessments, questionnaires, and examinations, including identification of gaps for issues management. Manage the review and self-assessment of new and/or changed IT regulatory obligations across SS regulated entities. Closely collaborate with Technology teams and risk and control stakeholders across the lines of defense, both globally and regionally. Provide guidance, regulatory interpretation and technical support for various elements of the risk management and compliance programs Drive improvements in how we manage new and/or changed IT regulatory obligations globally. Assist with driving a culture of risk and control management, transparency, and accountability Keeps up to date on relevant policy, standards and regulatory requirements What we value These skills will help you succeed in this role Excellent communication, interpersonal, and organisational skills Proven ability to project manage, collaborate and drive execution at all levels within the organization within a regionally diverse and complex environment Tenacious self-starter with a keen sense of accountability, ownership, commitment to work and passion for delivering results Ability to solve problems, develop alternative approaches to problems, and resolve conflicts Working knowledge of risk management frameworks including related regulatory compliance requirements (for example, NIST, ITIL, COSO, COBIT, ISO, etc.) Experience with GRC platforms a plus (Archer, Open Pages, etc.) Strong Microsoft Excel, Access, Word, Powerpoint skills necessary. Strong written and spoken English ability Education & Preferred Qualifications We value and appreciate the different career journeys and experiences that individuals have. The following may be helpful in delivering this role to the highest level, although they are not necessarily required: Degree in business, technology or equivalent Relevant industry experience (5-10 years) in technology risk management, audit or compliance Background in MIS, Technology Infrastructure and/or development Risk Certifications (ISACA, ISC2 etc.) Why this role is important to us Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation. We offer a collaborative environment where technology skills and innovation are valued in a global organization. We’re looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company. Join us if you want to grow your technical skills, solve real problems and make your mark on our industry. About State Street What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients. Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You’ll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential. Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you. State Street is an equal opportunity and affirmative action employer. Discover more at StateStreet.com/careers

SOC Analyst (Tier 2) Locations & Number of Openings Delhi: 15 openings Jaipur: 15 openings Pune: 15 openings Chandigarh: 15 openings Experience: 4 years Certification: Minimum CISA (required) Job Description We are hiring a SOC Analyst (Tier 2) to handle advanced security threats and incidents. You will investigate escalations from Tier 1, perform deep-dive analysis, and assist in coordinating response efforts. Key Responsibilities Investigate escalated security alerts, incidents, and vulnerabilities. Analyze logs, network traffic, and endpoint data for potential threats. Coordinate with Tier 1 to share best practices and streamline incident triaging. Work with cross-functional teams (IT, NOC, etc.) to contain and remediate security incidents. Maintain accurate incident records in SIEM and ticketing systems. Preferred Skills & Tools Experience Security Monitoring : SIEM, SOAR Identity & Access : IDAM, PAM Threat Detection & Response : ESP+IPmediation, UTM+TrueView Knowledge of relevant frameworks (ISO 27001, NIST) and threat intelligence sources. Qualifications 4+ years of experience in a Security Operations Center or cybersecurity role. CISA certification (required). Hands-on experience with intrusion detection/prevention, threat intelligence, and log analysis. Familiarity with compliance requirements and regulations. Strong communication, collaboration, and analytical skills. Additional Details Training and growth opportunities in advanced cybersecurity tools. May involve rotating shifts or on-call schedules in a 24/7 SOC environment. How to Apply Send your CV to mailto:shreyag@aeroqube.com with the subject line “SOC Analyst (Tier 2) – [Preferred Location].” #SOC #Tier2 #CISA #SIEM #SOAR #IDAM #PAM #UTM #SecurityOperations #Hiring #DelhiJobs #JaipurJobs #PuneJobs #ChandigarhJobs

About Us SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone. SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work. Join us to shape the future of digital payment in India and unlock your full potential. What’s in it for YOU SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees Dynamic, Inclusive and Diverse team culture Gender Neutral Policy Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits Commitment to the overall development of an employee through comprehensive learning & development framework Role Purpose Responsible for implementing and managing Infrastructure vulnerability tools and processes to reduce technical risks due to vulnerabilities, including identifying and evaluating vulnerabilities and supporting remediation activities. This role is also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment. Role Accountability Lead the Vulnerability Assessment, Penetration Testing & Patch Management Program in support of the functional & company strategy, goals, and performance objectives Manage development, implementation, and effectiveness of vulnerability management and security testing programs, initiatives, and capabilities Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements Develop Vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks Provide technical expertise for information security policies and standards Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience Perform vulnerability risk profiling and prioritization of vulnerabilities Identify, research, validate, and exploite various different known and unknown security vulnerabilities on server and client side Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies Coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.) Develop and Monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness Provide communications across the organization, interfacing with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team Maintain relationship with managed security services vendor leadership to ensure effective implementation and operation of security programs, ongoing support and deployment of competent resources Oversee the development, implementation and maintenance of vendor standard operating procedures/ run book in line with SBI Card policies & standards Provide technical & program management expertise and oversight over vendor teams Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership Ensure process documentation and compliance adherence Measures of Success Reduction in security vulnerabilities in SBI Card IT platforms Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card Reduction in information leakage and exploitation from vulnerabilities Security metrics / SLA / KPIs are within acceptable threshold Timely updation of Application Security & Vulnerability Management related standards and SOPs and other documents No adverse observations in Internal / External Audits Process Adherence as per MOU Technical Skills / Experience / Certifications Understanding of Vulnerability Management Program including Assessment and Remediation Experience analyzing risk and prioritization of vulnerabilities, validating vulnerability reports and driving remediation. Understanding of the overall threat and vulnerability management process, including metrics to measure performance Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, NIST CSF. PCI-DSS etc.) Thorough understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments) Strong knowledge in industry standard VAPT tools like Nessus, Rapid7, AWS Inspector and open-source tools Competencies critical to the role Stakeholder Management Analytical ability Innovation & Problem Solving Market Awareness Qualification Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science Preferred Industry BFSI / NBFC /E-commerce/IT & ITES / Telecom

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Compliance Management Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role ensures that the organization complies with industry standards and regulations such as ISO/IEC 27001, PCIDSS, NIST CSF, SOC 2, TISAX, and others. The candidate will work cross-functionally to manage audits, assess risks, and drive continuous improvement in the security posture of the organization. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security managed operations, ensuring that all security measures align with organizational standards and compliance requirements. You will also engage in continuous improvement initiatives to enhance the security posture of the organization. Roles & Responsibilities: Expected to perform independently and become an SME or manage a team of GRC professional. Required active participation/contribution in client discussions. Contribute in providing solutions to compliance related complex situations Conduct regular assessments of security framework based or cloud security controls to ensure compliance with established standards. Collaborate with cross-functional teams to identify and mitigate potential security risks. Professional & Technical Skills: Proficient in Information Security, Cyber Security and Governance, Risk, and Compliance (GRC). Has significant exposure to evolving landscape of security compliance requirements Lead and manage security compliance initiatives across the organization. Manage/ Conduct gap assessments and implement controls in alignment with compliance standards (e.g., ISO 27001, PCIDSS, NIST, SOC 2, GDPR and other relevant frameworks). Coordinate and support internal and external security audits, including evidence collection and remediation planning. Partner with business, IT, and legal teams to ensure compliance requirements are understood and implemented. Develop and maintain security policies, procedures, and documentation in line with regulatory needs. Monitor compliance status and prepare reports and metrics for leadership. Educate teams on compliance requirements and drive a culture of security awareness. Relevant certifications : ISO27001LA/LI, ISO3100 or CISA, CISM, CRISC, or equivalent. Additional Information: - The candidate should have 8-10 years of relevant experience in Information Security Governance, Risk and Compliance (GRC). - This position is based at our Gurugram office. - A 15 years full time education is required. 15 years full time education

🔐 We're Hiring: Cyber Security Expert (4–5 Years Experience) 📍 Location : CS Soft Solutions Pvt. Ltd., I-18, Sector 101, IT City Rd, JLPL Industrial Area, Sahibzada Ajit Singh Nagar, Punjab – 160062 📧 Email: shivani-kanwar@cssoftsolutions.com At CS Soft Solutions, we're not just about building digital products—we’re about building trust in every digital interaction. We're expanding our cybersecurity division and are on the lookout for a Cyber Security Expert who’s ready to take ownership, drive strategic initiatives, and protect our clients across industries. 🚀 Key Responsibilities : Act as a trusted advisor to clients, assessing posture & identifying risks Conduct vulnerability assessments, penetration tests & risk analyses Design and implement tailored cybersecurity policies & frameworks Respond to incidents & coordinate response with internal and client teams Ensure compliance (GDPR, HIPAA, ISO 27001, NIST, SOC 2) Lead client workshops, trainings, and briefings Collaborate with DevOps, IT, and Engineering for secure solution design Engage directly with CXOs to understand needs & propose solutions Drive proposal creation, pre-sales, and client success Mentor and lead junior cybersecurity professionals ✅ Required Qualifications : Bachelor’s/Master’s in Cybersecurity, InfoSec, or related field 5+ years hands-on cybersecurity experience Expertise in threat detection, incident response, and network security Hands-on with SIEMs (Splunk, QRadar), Nessus, Qualys, Metasploit, etc. Cloud security exposure (AWS, Azure, GCP) Knowledge of compliance & frameworks (ISO 27001, NIST, SOC 2) Industry exposure: IT, BFSI, Healthcare, Manufacturing Certifications Preferred: CEH, CISSP, OSCP, CISM, ISO 27001 LA/LI 💡 Nice to Have : MSSP or cybersecurity consulting experience DevSecOps and secure SDLC familiarity Forensics or threat hunting background 🧠 Key Traits : Strategic mindset with strong business acumen Excellent communication & client-handling skills Ownership-driven, independent, and team-oriented 📩 If you're passionate about securing digital transformation journeys and thrive in a dynamic, high-growth environment—CS Soft wants you on board! #CyberSecurityJobs #HiringNow #CSSoftSolutions #InformationSecurity #CybersecurityExpert #MSSP #ISO27001 #SIEM #DevSecOps #CloudSecurity #CISSP #OSCP #JoinOurTeam

Required minimum 7 years of experience in system administration. Manage and maintain on-premise and cloud-based servers (Linux/Windows) Administer user accounts, access control, and Active Directory policies Manage virtual infrastructure (VMware, Hyper-V, AWS/GCP/Azure) Monitor system performance and resolve hardware/software issues Ensure availability and reliability of critical business systems Configure and maintain firewalls, routers, VPNs, switches (Fortinet, Cisco, Ubiquiti, etc.) Monitor and respond to intrusion detection/prevention systems (IDS/IPS) Implement and manage endpoint protection and antivirus solutions Conduct vulnerability assessments and remediation Manage secure email gateways, spam filtering, and DLP policies Strong knowledge of HIPAA security rules Responsible for enforcing HIPAA administrative, physical, and technical safeguards Maintain documentation of compliance controls and risk assessments Oversee data encryption, audit logs, access controls, and PHI handling Train staff on HIPAA security awareness and handle incident reporting Lead annual HIPAA security risk assessments and audits Develop and enforce IT and security policies, including data retention, access control, and BYOD Maintain audit trails for compliance purposes Coordinate third-party vendor risk assessments and compliance reviews Familiar with NIST, ISO 27001, and general IT compliance frameworks Ability to communicate clearly with technical and non-technical teams Good to have : Certified HIPAA Professional (CHP) Job Type: Full-time Pay: ₹500,000.00 - ₹800,000.00 per year Benefits: Health insurance Schedule: Day shift Ability to commute/relocate: Ahmedabad, Gujarat: Reliably commute or planning to relocate before starting work (Required)

About the Team At Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data. We lead the charge on cyber risk management, regulatory compliance, and data protection, while championing a security-first culture across all teams. Our mission: Protect what powers Navi - securely, compliantly, and confidently. About the Role Navi is looking for an Associate Manager II – Information Security to pilot key aspects of its group-wide information security and regulatory compliance program. This role involves interpreting and implementing information security and technology risks mandates from regulators such as RBI, IRDAI, SEBI, and NPCI, ensuring continuous tech compliance across all business units. You will collaborate closely with engineering, infrastructure, legal, and IT teams to establish and maintain robust security policies, frameworks, and controls. Additionally, the role includes conducting risk assessments, enabling audit readiness, managing third-party/vendor security audits, and driving awareness initiatives across the organization, while also representing Navi in internal and external forums when needed. What We Expect From You As Navi operates in the regulatory space, this role requires interpreting and helping implement regulations related to cyber security by Reserve Bank of India (RBI), IRDAI and SEBI, as well as any other applicable regulatory guidance related to the service offerings issued by relevant institutions. Further to the point above, ensure on-going monitoring and tech-compliance with existing regulatory expectations across these dimensions Lead the Information security - GRC practice for Navi group level. Ensuring that information security principles, policies, frameworks, standards and controls are defined, implemented and managed effectively. Partner and collaborate extensively with cross-functional teams, such as Engineering, Infrastructure, IT, Legal, and help minimize information security risks Architect and deliberate on the solutions that are compliant with relevant regulatory cybersecurity requirements Conduct and review results of Technology Risk Assessment, recommending mitigation strategies to bring the Risk to appropriate levels Nav is looking for a Senior Manager Information Security (GRC) to be part of the information security Ensure readiness of the organization for internal and external audits by keeping all documents, evidences, ready If required, represent Navi in Board and Board Committee meetings, as well as in discussions with regulators Conduct Security awareness programs, train personnel on data security & privacy related processes and responsibilities Review / conduct Third Party Risk Assessments & Vendor assessments before onboarding Review security solutions / controls implemented by Tech / Engineering teams, controls at data center, cyber / information security incidents, IT BCP and DR drills, cloud security controls Identify and define Security KPIs including weekly, monthly reports and update Security Dashboards Must Haves Minimum 7 + years of experience working in information security GRC Prior experience in the Fintech/Startup industry and knowledge of one of the regulatory compliances like PCI DSS, RBI Master Directives, IRDA, SEBI cyber security guideline is preferred. Hands-on approach in solving complex security problems Experience with Information Security & Risk Management frameworks like ISO27001, NIST SP 800-37, etc Cyber Kill Chain, MITRE ATT&CK, or other relevant frameworks Working knowledge of Cloud environments like AWS, GCP, Oracle cloud is beneficial Exposure to Agile methodologies, DevOps, Cloud technologies is beneficial Soft Skills Ability to multitask and meet deadlines, and to prioritize in a highly dynamic work environment Ability to balance risk, potential impact, resourcing, business drivers, and timelines Excellent verbal and written communication skills Strong Product Thinking Strong problem solving Business acumen Technology grounding Strategic thinking Strong written and verbal communication skills with a talent for articulating. Inside Navi We are shaping the future of financial services for a billion Indians through products that are simple, accessible, and affordable. From Personal & Home Loans to UPI, Insurance, Mutual Funds, and Gold - we’re building tech-first solutions that work at scale, with a strong customer-first approach. Founded by Sachin Bansal & Ankit Agarwal in 2018, we are one of India’s fastest-growing financial services organisations. But we’re just getting started! Our Culture The Navi DNA Ambition. Perseverance. Self-awareness. Ownership. Integrity. We’re looking for people who dream big when it comes to innovation. At Navi, you’ll be empowered with the right mechanisms to work in a dynamic team that builds and improves innovative solutions. If you’re driven to deliver real value to customers, no matter the challenge, this is the place for you. We chase excellence by uplifting each other and that starts with every one of us. Why You'll Thrive at Navi At Navi, it’s about how you think, build, and grow. You’ll thrive here if: You’re impact-driven : You take ownership, build boldly, and care about making a real difference. You strive for excellence : Good isn’t good enough. You bring focus, precision, and a passion for quality. You embrace change : You adapt quickly, move fast, and always put the customer first.

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3-5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

What is the Security Operations responsible for? Security Operations is responsible for continuous monitoring and improving organizations security posture while preventing, detecting, analyzing, and responding to Cyber Security incidents with the aid of both technology and well-defined processes and procedures. Security Operations is expected to possess extensive knowledge of incident response methodologies, a deep understanding of cybersecurity threats, and hands-on experience in managing and mitigating security incidents. What are the ongoing responsibilities of Analyst Security Operations? Lead and coordinate incident response activities, ensuring timely and effective resolution. Develop and maintain incident response playbooks and procedures. Perform threat hunting using SIEM, EDR, and threat intelligence. Conduct digital forensics and malware analysis to determine the scope and impact of incidents. Collaborate with IT, legal, and business teams to contain and remediate threats. Stay current with emerging threats, vulnerabilities, and security trends. Mentor and guide junior SOC analysts. Required Qualifications: Experience:6-8 years in cybersecurity, with a focus on SOC operations and incident response. Environment:Experience in a 24x7 operational environment, preferably across multiple geographies. Technical Skills: Good understanding of networking protocols, operating systems (Windows/Linux), and security technologies. Exposure to malware analysis and digital forensics. Familiarity with cybersecurity frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001). Hands-on experience with tools such as: SIEM:Splunk, CrowdStrike, QRadar EDR:CrowdStrike, Carbon Black, SentinelOne SOAR:Palo Alto XSOAR, Splunk SOAR Forensics:FTK Imager, Autopsy, Wireshark, Procmon Preferred Certifications: GIAC Certified Incident Handler (GCIH) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Soft Skills & Attributes: Strong analytical and problem-solving mindset. Excellent communication and collaboration skills. Ability to work under pressure and manage multiple priorities. High integrity and a proactive, team-oriented attitude. Strategic and tactical thinking with attention to detail. Work Shift Timings - 6:00 AM 3:00 PM 2:00 PM - 11:00 PM IST

Job Title: GRC Consultant (Governance, Risk, Compliance, ISO 27001) Location: Mumbai Job Type: Full-time Experience : 2-3 years Introduction: We are looking for a detail-oriented and proactive GRC Consultant to join our team. The ideal candidate will have strong expertise in ISO 27001 , information security policy creation , and implementation of Governance, Risk, and Compliance frameworks . This role will be instrumental in developing and maintaining an organization-wide ISMS, ensuring regulatory compliance, managing audits, and strengthening risk and policy governance. ISO 27001 Audits & ISMS Implementation: Lead internal audits and gap assessments for ISO 27001 compliance. Assist in planning, implementing, maintaining, and improving the Information Security Management System (ISMS) as per ISO 27001 standards. Maintain and update the Statement of Applicability (SoA) and Risk Treatment Plans. Identify non-conformities and drive corrective/preventive actions. Coordinate external ISO 27001 surveillance and certification audits. 📝 Policy Development & Documentation: Create, review, and update policies and procedures to meet GRC and ISO 27001 standards. Ensure documentation reflects current compliance requirements and emerging risks. Map controls to policies and ensure alignment with audit and regulatory expectations. ⚖️ GRC Framework Implementation & Management: Design and implement GRC frameworks aligned with international standards and regulatory requirements. Collaborate with senior leadership to define key risk indicators (KRIs), controls, and governance procedures. Maintain GRC registers, including asset inventory, risk register, and control mapping. ⚠️ Risk Management: Conduct information security risk assessments using structured methodologies. Evaluate and prioritize risks based on likelihood and impact. Develop risk mitigation strategies and assist with control implementation and monitoring. 📊 Audit & Compliance Reporting: Prepare comprehensive audit reports highlighting compliance status, gaps, and risk exposure. Track implementation of corrective actions post-audit and maintain audit trails. Assist in the preparation of audit plans, checklists, and evidence collection processes. 👥 Stakeholder Engagement & Training: Collaborate with business functions, IT, external auditors, and vendors to ensure audit readiness and policy compliance. Conduct awareness programs and training sessions on ISO 27001, information security best practices, and GRC responsibilities. Promote a culture of compliance and continuous improvement across departments. 🔄 Continuous Monitoring & Improvement: Stay updated with changes in ISO standards, cybersecurity threats, and regulatory requirements. Recommend and implement improvements in policies, controls, and audit processes to maintain an effective GRC posture. Key Skills & Qualifications: 🎓 Experience: 2–3 years in GRC, ISO 27001 implementation/audits, policy management, and ISMS operations. 🧠 Knowledge: In-depth understanding of ISO 27001, NIST, GDPR, and other information security and privacy standards. Strong grasp of risk management frameworks and internal control systems. Familiarity with GRC tools (e.g., RSA Archer, MetricStream) is an advantage. 🛠 Skills: Expert in writing and implementing security policies and procedures. Strong auditing, documentation, and risk assessment capabilities. Excellent analytical, communication, and project coordination skills. 📜 Certifications: ISO 27001 Lead Auditor or Lead Implementer certification (preferred). Additional certifications such as CISA, CISM, CISSP, or GRCP are a plus. 💼 Soft Skills: Self-motivated and accountable. Strong attention to detail and organizational skills. Ability to work cross-functionally and manage multiple priorities. Why Join Us? ✔️ Competitive compensation package. ✔️ Opportunity to lead ISO 27001 projects and policy frameworks ✔️ Growth in the high-demand area of Governance and Information Security ✔️ Collaborative work culture focused on compliance, innovation, and security excellence. How to Apply: Interested candidates are encouraged to submit their resume and cover letter outlining their relevant experience and qualifications to: hr@synradar.com.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Data Loss Prevention (DLP) Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities: - Expected to perform independently and become an SME. - Required active participation/contribution in team discussions. - Contribute in providing solutions to work related problems. - Engage in continuous learning to stay updated with the latest security trends and technologies. - Assist in the development of security policies and procedures to enhance the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Data Loss Prevention (DLP). - Strong understanding of cloud security principles and practices. - Experience with security frameworks such as NIST, ISO 27001, or CIS. - Familiarity with risk assessment methodologies and tools. - Knowledge of incident response and management processes. Additional Information: - The candidate should have minimum 3 years of experience in Data Loss Prevention (DLP). - This position is based at our Chennai office. - A 15 years full time education is required.

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Network Security Operations Good to have skills : NA Minimum 12 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: We are seeking an experienced and proactive Infrastructure Security Manager to lead and manage the security of our IT infrastructure. This role is responsible for monitoring and managing security services delivery and maintaining security controls to protect the organization’s networks, systems, and data from internal and external threats. Roles & Responsibilities: - Develop and implement infrastructure security strategies, policies, and procedures. - Lead the design and enforcement of security controls across on-premises and cloud environments. - Manage firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint protection. - Conduct regular vulnerability assessments, penetration tests, and risk assessments. - Monitor security alerts and respond to incidents, coordinating with SOC and IT teams. - Ensure compliance with relevant regulations and standards (e.g., ISO 27001, NIST, GDPR). - Collaborate with IT, DevOps, and application teams to embed security into infrastructure projects. - Oversee third-party security assessments and vendor risk management. - Prepare and present security reports and metrics to senior leadership. - Lead and mentor a team of security engineers and analysts. - Experience in IT security, with managerial role. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations. - Strong understanding of risk assessment methodologies and frameworks. - Strong knowledge of network security, cloud security (AWS, Azure, GCP), and endpoint protection. - Experience with SIEM, firewalls, IDS/IPS, DLP, Application Security, OT/IoT Security and vulnerability management tools. - Familiarity with compliance frameworks (ISO 27001, NIST, CIS, PCI-DSS). - Excellent leadership, communication, and project management skills. - Relevant certifications such as CISSP, CISM, CCSP, or equivalent. Additional Information: - The candidate should have minimum 12 years of experience in Network Security Operations. - This position is based at our Chennai office. - A 15 years full time education is required.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. You will engage in discussions to refine security strategies and provide guidance on implementing effective security measures across the organization. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Facilitate training sessions to enhance team knowledge on security practices. - Evaluate emerging security technologies and recommend improvements to existing frameworks. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design. - Strong understanding of cloud security principles and frameworks. - Experience with risk assessment and management methodologies. - Knowledge of compliance standards such as ISO 27001, NIST, and GDPR. - Familiarity with security tools and technologies for threat detection and response. Additional Information: - The candidate should have minimum 7.5 years of experience in Security Architecture Design. - This position is based in Chennai. - A 15 years full time education is required.

Key Responsibilities Incident Response and Management: Lead the incident response process, including identification, containment, eradication, and recovery. Analyze and respond to complex security incidents and breaches. Conduct post-incident analysis and develop reports with recommendations to prevent future incidents. Security Monitoring and Analysis: Oversee the continuous monitoring of security alerts and events. Analyze logs and data from various sources (e.g., SIEM, firewalls, EDR, IDS/IPS) to identify suspicious activity. Perform advanced threat hunting and forensic analysis. Vulnerability Management: Conduct regular vulnerability assessments. Identify, prioritize, and remediate security vulnerabilities in systems and applications. Collaborate with IT and development teams to implement security patches and updates. Security Architecture and Engineering: Design and implement security solutions to protect the organization's networks, systems, and data. Develop and maintain security policies, standards, and procedures. Evaluate and recommend new security technologies and tools. Compliance and Risk Management: Ensure compliance with relevant regulatory requirements and industry standards (e.g., ISO 27001, NIST). Perform risk assessments and develop mitigation strategies. Document and maintain security controls and frameworks.Required Skills and Qualifications Technical Expertise: Advanced knowledge of cybersecurity principles, techniques, and technologies. Proficiency in using security tools such as SIEM, IDS/IPS, firewalls, and endpoint protection solutions. Experience with vulnerability management, penetration testing, and forensic analysis. Experience: Minimum of 7-10 years of experience in cybersecurity, with at least 2-3 years in an L3 or senior role. Proven track record of handling complex security incidents and leading incident response efforts. Experience in designing and implementing security architectures and solutions. Certifications: Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable. Analytical and Problem-Solving Skills: Strong analytical skills with the ability to identify and mitigate security threats. Excellent problem-solving skills and the ability to think critically under pressure. Communication and Collaboration: Strong communication skills, both written and verbal. Ability to collaborate effectively with cross-functional teams and stakeholders.Preferred Skills and Qualifications Experience with cloud security (e.g., AWS, Azure, Google Cloud). Knowledge of scripting and automation tools (e.g., Python, PowerShell). Familiarity with regulatory requirements and standards (e.g., GDPR, HIPAA).

Inside Sales Representative (ISR) – Compliance & Cybersecurity Location: Mumbai Job Summary As an Inside Sales Representative (ISR) at CyberSigma, your role will be to drive revenue growth by proactively engaging with leads and prospects in regulated industries such as fintech, healthcare, SaaS, and e-commerce. You'll focus on identifying customer needs, promoting our cybersecurity and compliance services, and closing deals through strategic outreach. You will work closely with Regional Sales Managers, Solution Architects, and the Marketing team to convert inbound interest into long-term clients and expand the reach of CyberSigma's compliance and security offerings. Key Responsibilities Conduct high-volume outbound calling, email campaigns, and virtual meetings to generate qualified leads. Drive the sales process for cybersecurity compliance services including PCI DSS, ISO 27001, SOC 2, GDPR, HIPAA, DPDPA, and VAPT audits and consulting. Qualify prospects through discovery calls and needs assessments. Schedule demos and consultations for senior sales or technical consultants. Follow up on marketing-generated leads and events/webinars. Support proposal creation and respond to client RFPs or RFIs. Coordinate with Regional Sales Managers on territory strategy and account penetration plans. Achieve and exceed monthly and quarterly sales targets. Compliance standards : PCI DSS, ISO 27001/27701, SOC 1 & SOC 2, HIPAA, GDPR, DPDPA, NIST, etc. Security Testing : VAPT (Web, Mobile, Infra), Red Team exercises. Managed Services : GRC automation tools, MDR, SIEM/SOC offerings. Qualifications & Skills 2–5 years of B2B inside sales or lead generation experience (cybersecurity or compliance domain preferred). Strong understanding of cybersecurity frameworks, risk management, and regulatory compliance services is a major plus . Demonstrated ability to manage full sales cycle or handoff after qualification. Excellent written, verbal, and interpersonal communication skills. Strong organizational skills with attention to detail and follow-through. A self-starter with a results-driven approach and the ability to work independently. Bachelor’s degree preferred (in Business, Marketing, Information Security, or related fields).

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title And Summary Senior Cybersecurity Risk Analyst Overview Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships, and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Mission First, People Always Corporate Security is responsible for keeping Mastercard safe and secure from cyber and physical threats. We are a highly effective team protecting a major component of global payments infrastructure. Our Security Risk and Control Operations team is at the forefront of this effort in the “1st Line of Defense,” coordinating efforts across Corporate Security, enterprise risk management, and market-facing technology owners to assess risks, implement controls to mitigate them, and provide assurance to regulators and stakeholders that Mastercard is best-in-class in information security. We are seeking a Senior Cybersecurity Risk Analyst to play a central role in identifying, managing, and monitoring risks. As a member of the Security Risk and Control Operations team, you will apply your practical knowledge of technical controls and leverage different risk methodologies to deliver assessments that inform high-level information security risk management decisions within the Company. In This Position, You Will: Perform risk assessments using both qualitative and quantitative methodologies in support of Information Security Management System (ISMS) and other regulatory requirements Assess the impact of compensating controls and mitigation actions on risk likelihood and magnitude Engage with technology owners, control owners, risk owners, and senior management to assist in managing risks Prioritize risks and identify risks requiring escalation to senior management Develop and deliver executive-level updates on the status of security risks Compose responses to regulators and auditors on queries regarding security risks Maintain documentation of risk management and analysis procedures for Corporate Security The Ideal Candidate For This Position Should Be: Literate in standard cyber security and risk management frameworks such as National Institute of Standards and Technology Cyber Security Framework (NIST CSF) Familiar with risk management methodologies including Factor Analysis of Information Risk (FAIR) and tools utilized to perform FAIR risk assessments (e.g. Ostrich) Adept at recognizing control shortfalls with the most significant risk implications for the business Familiar with RSA Archer or similar governance, risk, and compliance (GRC) tools Effective at working with and communicating to a wide range of stakeholders across technology and business functions, including senior executives, product owners, and information security engineers Knowledgeable of technology systems and platform functions Willing to learn new technical skills Able to influence and drive results cross-functionally This Position Aligns With National Initiative For Cybersecurity Education (NICE) Competency Proficiency Levels Of Advanced To Expert In The Following Areas: Data Management Policy Management Legal, Government, and Jurisprudence Risk Management This Mastercard role shares Knowledge, Skills, and Abilities (KSAs) with the following related NICE work roles: Security Control Assessor Corporate Security Responsibility Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security. All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And Therefore, It Is Expected That The Successful Candidate For This Position Must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines. Corporate Security Responsibility All Activities Involving Access To Mastercard Assets, Information, And Networks Comes With An Inherent Risk To The Organization And, Therefore, It Is Expected That Every Person Working For, Or On Behalf Of, Mastercard Is Responsible For Information Security And Must: Abide by Mastercard’s security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines.

Job Title-Senior Manager – Cybersecurity (CISSP, GRC & Risk Assessment) Experience-8-10Years. Location-Pune. Key Responsibilities: Lead the development and execution of the organization’s Cybersecurity GRC framework. Conduct comprehensive cyber risk assessments, threat modeling, and impact analyses for critical systems and processes. Define and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements (ISO 27001, NIST, GDPR, HIPAA, etc.). Manage internal and external cybersecurity audits and ensure closure of findings and action items. Work closely with business and IT stakeholders to drive cyber risk mitigation plans and ensure alignment with risk appetite. Develop executive-level reports, dashboards, and KPIs on cyber risk posture and GRC performance. Oversee vendor risk assessments and third-party cybersecurity due diligence. Provide guidance on compliance with data privacy, regulatory, and legal obligations. Ensure incident response readiness and participate in tabletop exercises and investigations. Support training and awareness programs across the enterprise to strengthen the cyber risk culture. Required Skills & Qualifications: 8+ years of experience in Cybersecurity, with at least 4 years in GRC or Risk Management leadership roles. CISSP certification is mandatory; additional certifications like CISA, CISM, CRISC, ISO 27001 LA are a plus. Strong understanding of cybersecurity principles, frameworks, and standards (NIST CSF, ISO 27001, COBIT, PCI-DSS, etc.). Deep expertise in risk assessment methodologies (OCTAVE, FAIR, etc.). Experience with GRC platforms like RSA Archer, ServiceNow GRC, MetricStream, etc. Familiarity with data protection regulations (GDPR, HIPAA, SOX, etc.). Strong analytical, leadership, and communication skills to engage with executive stakeholders.

Job Description: AML RightSource is a leading provider of anti-money laundering (AML) and financial crimes compliance solutions. Our team of experts provides our clients with the highest quality of service, while ensuring compliance with regulatory requirements. We are currently seeking a Senior SOC Analyst to join our team. Responsibilities: Monitor and analyze security events from multiple sources, including security information and event management (SIEM) systems, network and host-based intrusion detection/prevention systems, and other security technologies. Conduct investigations into security incidents, analyze evidence, and report findings to management. Provide technical guidance and support to junior SOC analysts. Develop and maintain standard operating procedures for the SOC. Participate in security assessments and penetration testing activities. Conduct threat hunting activities to identify and respond to advanced persistent threats (APTs). Participate in incident response activities and coordinate with other teams to contain and remediate security incidents. Maintain awareness of new and emerging security threats, vulnerabilities, and mitigation techniques. Collaborate with other teams, including the IT team, to ensure the security of the organization's infrastructure and systems. Provide regular reports to management on the SOC's performance and effectiveness. Requirements: Bachelor's degree in Computer Science, Information Systems, or related field. Minimum of 2.5 years of experience in a SOC or security operations role. Strong knowledge of security technologies, including SIEM systems, intrusion detection/prevention systems, and other security tools. Familiarity with security standards and frameworks, such as NIST, ISO, and SOC 2. Experience with security incident response, including investigation, containment, and remediation. Excellent analytical and problem-solving skills. Ability to work well in a team environment. Strong verbal and written communication skills. Relevant security certifications, such as CISSP, CISM, or GSEC, are highly desirable. AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

As a part of Cisco's Security team, you will play a crucial role in helping businesses maintain cyber resiliency in the face of rapidly evolving digital threats. Your efforts will contribute to preparing for, responding to, and recovering from cyber incidents, ultimately ensuring business acceleration for organizations. By providing guidance, utilizing cutting-edge tools, and offering trusted services, you will assist businesses in achieving cyber resiliency and safeguarding their operations. At Cisco, we are dedicated to developing a comprehensive security portfolio that caters to organizations of all sizes amidst an expanding and sophisticated threat landscape. Through investments in artificial intelligence (AI) and a range of security offerings, we aim to ensure end-to-end security for everything connected to an organization, from applications and services to end users. By leveraging AI and machine learning advancements, we empower security teams with simplified operations and heightened effectiveness. Our innovative solutions such as Cisco XDR and the security service edge (SSE) aim to enhance security operations and provide frictionless access across diverse locations and devices, ultimately benefiting both users and IT professionals. In your role, you will have a significant impact by engaging with customer executives to build deep relationships and establish yourself as a trusted advisor. By identifying customer business issues and challenges, you will communicate solutions in a thought-provoking and insightful manner. Your responsibilities will include presenting comprehensive business cases aligned with customers" strategies, calculating return on investment, negotiating agreements, and capturing market and industry insights. To excel in this role, you are required to have 8-12 years of experience in techno-commercial roles within the cybersecurity domain, knowledge of new technologies, and at least 3 years of experience in selling SaaS and subscription delivery models. Your track record should demonstrate success in achieving sales quotas, strong hunting skills, and the ability to communicate technical propositions at an executive level. Additionally, industry certifications like CISSP, CSSP, CEH, or a Bachelor's Degree in Cybersecurity are preferred, along with a good understanding of NIST guidelines, MITRE ATT&CK framework, and Cisco Security products. Joining Cisco means becoming a part of a diverse and inclusive environment where individual skills and perspectives are celebrated. We prioritize learning and development at every stage of your career, offering opportunities for growth and advancement. Our commitment to inclusion is reflected in our employee resource organizations and volunteer programs, allowing Cisconians to make a positive impact in their communities. By working with us, you will contribute to shaping a more inclusive future for all while embracing your unique talents and potential. Cisco offers a comprehensive benefits package for employees in the U.S. and Canada, including medical, dental, and vision insurance, a 401(k) plan with a matching contribution, disability coverage, life insurance, and wellbeing offerings. Your performance and achievements will be rewarded with a competitive incentive structure that recognizes and values your contributions to the organization's success.,

Required minimum 7 years of experience in system administration. Manage and maintain on-premise and cloud-based servers (Linux/Windows) Administer user accounts, access control, and Active Directory policies Manage virtual infrastructure (VMware, Hyper-V, AWS/GCP/Azure) Monitor system performance and resolve hardware/software issues Ensure availability and reliability of critical business systems Configure and maintain firewalls, routers, VPNs, switches (Fortinet, Cisco, Ubiquiti, etc.) Monitor and respond to intrusion detection/prevention systems (IDS/IPS) Implement and manage endpoint protection and antivirus solutions Conduct vulnerability assessments and remediation Manage secure email gateways, spam filtering, and DLP policies Strong knowledge of HIPAA security rules Responsible for enforcing HIPAA administrative, physical, and technical safeguards Maintain documentation of compliance controls and risk assessments Oversee data encryption, audit logs, access controls, and PHI handling Train staff on HIPAA security awareness and handle incident reporting Lead annual HIPAA security risk assessments and audits Develop and enforce IT and security policies, including data retention, access control, and BYOD Maintain audit trails for compliance purposes Coordinate third-party vendor risk assessments and compliance reviews Familiar with NIST, ISO 27001, and general IT compliance frameworks Ability to communicate clearly with technical and non-technical teams Good to have : Certified HIPAA Professional (CHP) Job Type: Full-time Pay: ₹500,000.00 - ₹800,000.00 per year Benefits: Health insurance Schedule: Day shift Ability to commute/relocate: Ahmedabad, Gujarat: Reliably commute or planning to relocate before starting work (Required)

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. Primary Responsibilities Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Bachelor's degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission. #njp

Job Description About Us Tsaaro’s prime focus is on Data Privacy and Security. Our team of specialist data privacy consultants, information security consultants, and penetration testers help and advise our clients to make running a secure business easier, with high efficiency. Everything we do is tailored to the individual organizational requirements, aligned with their budget and resource challenges. We take a pragmatic, risk-based approach to provide our clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges. Responsibilities As a Senior Data Protection Consultant, you will be entrusted with the following key responsibilities: Design and implement data protection and privacy programs that cater to our clients' specific business needs, ensuring their sensitive information is well safeguarded. Evaluate and assess our clients' data protection and privacy practices, offering valuable insights and actionable recommendations for continual improvement. Demonstrate expertise in various standards, such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc., to assist clients in compliance and governance. Provide guidance and support to clients in adhering to a complex web of national and international laws and regulations, including the EU General Data Protection Regulation (GDPR) and other privacy laws. Assist in preparing policies, reports, and schedules for clients and relevant stakeholders, ensuring clear communication and alignment with industry best practices. Conduct thorough audits of Privacy controls to monitor program effectiveness and compliance, ensuring data protection is at its optimal level. Utilize online tools to facilitate Incident Management and Data Subject Rights processes, ensuring efficient and timely responses to potential data incidents. Foster and maintain productive working relationships with client personnel, promoting effective collaboration and understanding of their specific needs. Demonstrate a strong commitment to adhering to workplace policies and procedures, maintaining the highest standards of professionalism and confidentiality. Contribute to cybersecurity engagements, developing cybersecurity strategies, governance, risk, and compliance activities, and cybersecurity policies in line with ISO 27001 and ISO 27701. Perform Gap Assessments, Risk Assessments, ISMS Documentation, Internal Audits, and support during Certification Audits to strengthen overall security frameworks. Requirements To be considered for this role, the candidate must meet the following requirements: Possess a sound knowledge of fundamentals of information security systems. Have 4+ years of relevant experience in the field. Demonstrate proficiency in standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, ISO 27701, etc. Exhibit a good understanding of GDPR, CCPA, or other privacy laws. Display competence in governance and reporting, as well as a strong grasp of cyber and privacy risks. Hold relevant qualifications such as CIPM, CIPT, CIPP/E. Showcase excellent communication skills, both written and verbal. Benefits Competitive salary and performance-based bonuses. Professional development opportunities, including training and certifications. Flexible working hours. Collaborative and inclusive work environment. Opportunity to work with a passionate team dedicated to making a difference in data privacy and security. Join and hustle with the India's fastest privacy and information security consulting company. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

At EY, you have the opportunity to shape a career that reflects your uniqueness, supported by a global network, inclusive culture, and cutting-edge technology to help you reach your full potential. Your distinct voice and perspective are valued in contributing towards making EY even better. Join us in creating an extraordinary experience for yourself while striving towards a better working world for all. As a Technology Risk Manager at EY, you will play a pivotal role in IT Risk and Assurance client projects and internal initiatives. Building and maintaining relationships, identifying business opportunities, and proactively addressing risks are key aspects of your responsibilities within the EY- Technology Risk team. You will have the chance to lead as a Manager within the EY- Technology Risk Team, contributing to the growth of a new service offering and shaping the direction of the firm. Your primary duties include evaluating control portfolios, ensuring compliance with policies and standards, supervising control assessments, and providing valuable insights to clients for enhancing processes and managing risks effectively. Key Responsibilities: - Conduct assessments of control design, operating effectiveness, and risk management outcomes - Ensure accuracy, effectiveness, and timely delivery of assigned control assessments - Manage relationships with control owners and stakeholders, resolving issues and escalating when necessary - Apply risk management concepts to identify and formulate findings, offering insights for process improvement - Stay updated on regulatory standards, industry best practices, and control frameworks Skills and Attributes: - Ability to guide team members and perform procedures related to complex issues - Experience in information security assessments and audits - Proficiency in conducting NIST assessments, ISO assessments, and privacy impact audits - Strong project management skills and understanding of complex information systems - Extensive knowledge of clients" business/industry to identify technological impacts Qualifications: - Graduate (CS/ IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with a minimum of 6 years of experience - Significant experience in technical knowledge relevant to IT assessments and audits Preferred Qualifications: - Familiarity with program and project management practices - Understanding of IT systems development life cycle EY offers a dynamic work environment where you can collaborate with talented individuals globally and engage with leading businesses across diverse industries. Your growth and development are prioritized, supported by coaching, feedback, and opportunities to enhance your skills and advance your career in a way that suits you best. Join EY in building a better working world through creating long-term value, fostering trust, and providing innovative solutions to complex global challenges.,