The DevSecOps Leader is responsible for integrating security into the software development lifecycle (SDLC) and ensuring secure, scalable, and compliant application delivery across business units. This role bridges the gap between development, security, and operations by implementing security best practices, automating security controls, and fostering a culture of security awareness. The ideal candidate will have deep expertise in DevSecOps methodologies, cloud security, and regulatory compliance, ensuring that security is embedded at every stage of the software development and deployment process. Key Responsibilities: Develop and execute a DevSecOps strategy that aligns with business objectives and regulatory requirements. Change management process Embed security controls, tools, and automation within CI/CD pipelines to enhance security without disrupting development velocity. Establish secure coding practices, vulnerability management, and threat modeling across business units. Lead efforts to implement Zero Trust Architecture and security-by-design principles. Design and deploy security automation solutions for code scanning, container security , and infrastructure as code (IaC). Implement SAST, DAST, SCA, and RASP tools to detect and mitigate vulnerabilities in real time. Enforce privileged access management (PAM) and identity federation for DevOps toolchains. Optimize container and cloud security ( Docker, Kubernetes, AWS/Azure/ GCP ). Develop incident response playbooks for DevSecOps environments. Lead security incident investigations related to applications, APIs, and cloud environments. Collaborate with security operations (SOC) teams to improve threat detection and response capabilities. Ensure proactive threat intelligence integration into the DevSecOps lifecycle. Act as a security champion within business units, fostering collaboration between security, development, and operations teams. Provide technical mentorship and training to developers and DevOps engineers. Work closely with enterprise security teams to align security frameworks with corporate standards. Communicate security risks and solutions effectively to senior leadership.

The Senior Consultant, Central Policy and Committee Office Director will play a vital role in supporting the Director in maintaining and enforcing governing documents and committee governance policies within Northern Trust s enterprise risk management function. This position offers an excellent opportunity for a motivated individual to gain valuable experience in risk management and policy governance while working closely with senior leadership and cross-functional teams. Has experience and strong working knowledge of enterprise risk management framework of a firm, and how its risk management lifecycle including risk identification, monitoring & control , reporting integrate together with risk measurements, risk committees and governance structures for information cascade & escalations to steer decision making Key Responsibility - Assist in maintaining an inventory of governing documents and committee mission statements/charters. - Support the Director in embedding governing document and committee governance policies across the lines of defense through training and adherence monitoring. - Help coordinate the administration, review and approval process of governing documents through the Central Policy approval Committee. - Contribute to driving consistency and quality of governing documents and committee charters across various risk domains, business units, and legal entities. - Stay informed about industry trends, regulatory changes, and emerging risks to Assist in identifying potential threats and opportunities. - Participate in fostering a culture of risk awareness through training and monitoring adherence across the organization. Experience and Qualifications - 7+ years of experience in risk management, policy governance, or a related field within a financial services organization is preferred. - Understanding of designing, training, and monitoring governing documents and committees. Strong organizational skills with the ability to manage multiple tasks and deadlines effectively. - Familiarity with Governance, Risk, and Compliance tools, such as ServiceNow, is a plus. Ability to identify, escalate, and assist in driving actions to mitigate priority risks. Skills: The ideal candidate will possess the following skills: - Strategic and logical thinking abilities. - Strong stakeholder management and communication skills, both verbal and written. - Project management and change management capabilities. - Digital literacy and proficiency in relevant software

Major Duties : Lead procurement enhancements and procurement projects for the Procurement technology team Lead the Supplier Enablement and Supplier Information process and reporting, including key performance indicators, compliance analysis and enhancements Conduct and lead discussions with key global stakeholders Initiate and drive initiatives promoting Digital Procurement and Automation Suggest and lead ideas to drive Purchasing Spend Insights Collaborate and partner with all procurement teams to initiate best practices and reduce overall time taken to generate these reports Carry out in-depth analysis and create dashboards which in turn aids in decision making in Category planning and contribute to other efficiencies within the procurement processes Take measures to simplify and standardize the reporting process Lead and conduct team discussions to encourage team members to execute Automation projects and Process standardization Suggest ideas to minimize cost and expenses within project Provide guidance to the team as and when appropriate Improve productivity and minimize quality issues Utilize procurement data to power advanced analytics Implement change and develop new processes assisting the reporting team Knowledge : High-End Analytical skills Previous experience with Procurement tools is required (Coupa, SAP Ariba preferred, DocuSign) Automation Skills /Advanced Programming skills Critical thinking skills Stakeholder management skills Quality management Project management skills Risk management skills Experience : Bachelor s degree / Engineering degree/ MBA degree Experience of 6 + years in Procurement Technology Development and/or Support Hands on experience in Advance excel, automation tools (including Business Intelligence, Artificial Intelligence) Hands on Stakeholder management experience Team building

Greetings from Northern Trust! We are seeking a highly skilled Tech lead with deeper expertise in various security products, authentication, authorization, access management, governance with Java development background. As a key member of Workforce Authentication and Authorization team you lead a team to play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .NET etc. Company Details - Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the worlds most sophisticated clients using leading technology and exceptional service. Job Role: Lead, IAM Workforce Job Location: Pune Experience: 10+ years Skills: IAM Solutions, Workforce Security, Scripting tools, Azure AD Requirements/Responsibilities - Lead Identity centric Workforce Security solutions team to develop authentication and access management solutions using Java, Python, .Net Drive automation development using scripts such as Python, PowerShell, bash script Drive the development of identity solutions , access patterns , modern security protocols , practicing Zero trust , least privileged, defense in depth principles Review and provide feedback on Identity and access management related security solutions proposed by stakeholders and can provide consultation to the partners and IT Management on authentication and authorization. In-depth knowledge and experience on Spring Security, Microservices , Entra ID, Azure, AWS Security Knowledge on Okta, PingFederate, Entitlement management solutions is preferable Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc. Experience in providing security solutions for Java based Micro services, React based frontends and Android/iOS based mobile applications on the Azure Hands-of experience in JWT, session handling, Code signing, Certificate authentication, TLS/SSL, API Security, Application registration, application integration scenarios etc. Awareness of API Management , Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs , Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc. Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure smooth remediation of toxic combinations, high risk entitlements etc. Understanding and application of threat modeling concepts and methodologies Understanding of Applications security, OWASP standards, security best practices, browser compatibilities/storages/cookies Acts as Workforce cybersecurity expert to in solutions spanning end user computing, proxy solutions, MFA , SSO , conditional accesses , Passwordless, Yubikey, bio-metric solutions, identity and governance scenarios , Secrets Management, automation, role based access control, Privileged identity management, Just in time accesses etc. Participates in solutions to support- token handling , OIDC / OAuth flows , authorization patterns, identity federation , cloud architectures, cryptograpgy , cloud native services, cloud security etc. Deeper understanding on Cloud Security areas such as Policies, RBAC, activities, identities, privileged access management etc Ability to support operations in troubleshooting complex identity scenarios with hands-on experience on Sentinel/KQL/Audit logs etc. Good understanding of concepts related to docker Security, container orchestrations/ Kubernetes Qualifications Bachelor's degree in computer science or a related discipline and experience in information security, or an equivalent combination of education and work experience. Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies. Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. Ten years of experience in the Information Security role. Five years of experience as a Tech lead CISSP, CSSP, or Cloud security certification preferred Strong collaboration skills and a analytical ability Certifications on Azure, AWS security will be preferred

Job description : The Data Protection IAM (Identity and Access Management ) Sr. Lead is responsible for developing, implementing, and overseeing data security and IAM strategies across the organization s business units. This role ensures compliance with regulatory requirements, enforces security policies, and strengthens access control mechanisms to protect sensitive business data. The role involves close collaboration with IT, security, risk, compliance, 2LOD and business stakeholders to maintain a strong security posture. Key Responsibilities: Develop and execute data protection policies, procedures, and standards to safeguard sensitive business information. Implement encryption, tokenization, and data loss prevention (DLP ) solutions to protect critical assets. Ensure compliance with data privacy regulations such as GDPR, CCPA, HIPAA, and industry-specific security frameworks . Work with business units to classify and manage data based on sensitivity, risk, and business impact. Lead the design and enforcement of IAM policies , including role-based access control (RBAC) and least privilege principles. Manage identity lifecycle processes (provisioning, de-provisioning, access reviews) to prevent unauthorized access. Oversee authentication mechanisms, such as multi-factor authentication (MFA) and single sign-on (SSO), to enhance security. Conduct periodic access audits and ensure alignment with security best practices. Assist in the investigation and resolution of security incidents related to data protection and IAM. Partner with cybersecurity teams to enhance threat detection and response capabilities. Continuously assess and improve IAM and data protection frameworks to align with evolving business and security needs. Monitor and report on security metrics, vulnerabilities, and compliance status to leadership. Experience working with commercial IAM products for a sizeable enterprise .

We are seeking a technical resource with experience in various security products, authentication, authorization, and access management with Java development background. As a member of Authentication and Authorization team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Requirements/Responsibilities - Drive automation development using scripts such as Python, Powershell, bash script Drive the development of identity solutions , access patterns , modern security protocols , practicing Zero trust , least privileged, defense in depth principles Knowledge on Okta, PingFederate, Entitlement management solutions is preferable Knowledge on OAuth, OIDC, SAML, SSO, MFA Experience in providing security solutions for Java based Micro services , React based frontends Hands-of experience in JWT, session handling, TLS/SSL, API Security , Application registration, application integration scenarios etc. Understanding and application of threat modeling concepts and methodologies Understanding of Applications security, OWASP standards, security best practices, browser compatibilities / storages / cookies Participates in solutions to support- token handling , OIDC / OAuth flows , authorization patterns, identity federation , cloud architectures Good understanding of concepts related to docker Security, container orchestartions/Kubernetes Qualifications Bachelors degree in computer science or a related discipline and experience in information security, or an equivalent combination of education and work experience. Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies. Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. 5+ years of experience in the Information Security role. CISSP, CSSP, or Cloud security certification preferred Strong collaboration skills and a analytical ability Certifications on Azure, AWS security will be preferred

We are seeking a technical resource with experience in various security products, authentication, authorization, and access management with Java development background. As a member of Authentication and Authorization team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Requirements/Responsibilities - Drive automation development using scripts such as Python, Powershell, bash script Drive the development of identity solutions , access patterns , modern security protocols , practicing Zero trust , least privileged, defense in depth principles Knowledge on Okta, PingFederate, Entitlement management solutions is preferable Knowledge on OAuth, OIDC, SAML, SSO, MFA Experience in providing security solutions for Java based Micro services , React based frontends Hands-of experience in JWT, session handling, TLS/SSL, API Security , Application registration, application integration scenarios etc. Understanding and application of threat modeling concepts and methodologies Understanding of Applications security, OWASP standards, security best practices, browser compatibilities / storages / cookies Participates in solutions to support- token handling , OIDC / OAuth flows , authorization patterns, identity federation , cloud architectures Good understanding of concepts related to docker Security, container orchestartions/Kubernetes Qualifications Bachelors degree in computer science or a related discipline and experience in information security, or an equivalent combination of education and work experience. Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies. Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. 5+ years of experience in the Information Security role. CISSP, CSSP, or Cloud security certification preferred Strong collaboration skills and a analytical ability Certifications on Azure, AWS security will be preferred

Key Responsibilities: Disaster Recovery Automation and Strategy Develop and implement the automated DR framework to improve failover and recovery speed. Integrate automation into DR Runbooks, testing and execution to minimize manual intervention. Optimize RTO (Recovery Time Objective) and RPO (Recovery Point Objective) through automation. Work closely with Infrastructure teams like Database, Storage, Platforms Engineering, Network to enhance DR capabilities. Ensure DR plans meet the Standards and compliance requirements Own and maintain a DR Automation backlog to deliver automation initiatives using agile methodology. Ability to breakdown, estimate and schedule work items for automation initiatives during project life cycle Automation Tooling Implementation: Review requirements and approve design artefacts with engineering team. Strategize and Utilize Organization infrastructure tools to automate DR process. Lead DR automation solutions and implement across on-premise, hybrid and multi-cloud environments. Enhance monitoring and alerting capabilities for DR automation using organization accredited tools DR Testing Validation Conduct disaster recovery tests, failover drills and resilience simulations using automation. Monitor and analyze test results, identifying areas for improvements in automation and response time. Collaborate with IT, security, and other relevant departments to ensure alignment between disaster recovery, authentication and security strategies. Lead disaster recovery efforts in the event of a disruption, coordinating the response and recovery activities. Create and maintain a consistent set of documents to support automation capabilities including knowledge articles, standard operating procedures. Communication, Collaboration Leadership: Lead a team of engineers and specialists focused on DR Automation Serve as a subject matter expert in the disaster recovery automation, providing guidance and training to IT and business units. Develop and present effective presentations for strategy and approach to management and stakeholders. Create and Confidently deliver information and key metrics in a professional manner. Must be able to leverage excel data, pivots, charts, graphics to support the content/message. Facilitate meetings with stakeholders, including department heads, executives, and entrusted external parties, to relay automation metrics. Maintains an effective technical network across technical SMEs and architects for multiple service areas Qualifications: Bachelors degree or equivalent experience. Strong Knowledge of IT automation strategies, tools and framework Proven experience in disaster recovery and business continuity planning. Strong knowledge of disaster recovery methodologies, tools, and technologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills for effective collaboration. Financial or Regulatory domain experience a plus Proven experience of working in a global organization distributed across countries and time zones such as APAC, EMEA and US, collaborative environment is essential. Ability to work effectively under pressure and in high-stress situations. Knowledge of relevant regulations and compliance standards. Experience: Minimum 12+ years of experience in Management or Team Lead role in IT Industry Minimum 5 years of experience in disaster recovery, business continuity planning or point in time recovery planning and execution. Practical experience operating in an Agile development environment. Proven hands on experience in leading DR automation projects. Strong communications, analytical, problem solving and incident response skills. Experience in coordinating and leading disaster recovery exercises and response efforts. Demonstrated management soft skills including team building, time management, conflict resolution, and strategic planning.

Education and/or Experience: 5+ years Privileged Account Management Experience utilizing current methodologies Bachelor s Degree or higher in Computer Science or related security field 5+ years experience working directly with CyberArk 12+ years total experience Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily: Line Management experience: overseeing, developing, and driving the delivery of a team of technical specialists Assist driving the Privileged Access Management (PAM) strategy and roadmap Manage and maintain the firm s CyberArk solution Manage and lead CyberArk AAM integrations (including Conjur) Manage Privileged Session Management, Privileged Threat Analytics, Endpoint Privilege Manager and Business Secrets Management solutions Provide subject matter expertise across CyberArk scope to PAM engineering and support teams and technology stakeholders across the enterprise Provide cross functional and global technical leadership to help drive adoption and understanding of PAM across the enterprise. Assist with the management of PAM-related audit or other security findings. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required: Extensive knowledge in CyberArk and PAM architecture, functionality and administration. Ability to manage multiple intricate projects with strict deadlines while maintaining best in class work. Ability to functionally serve as a primary point of contact across multiple teams within the organization and to lead program delivery requirements. Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Effective oral and written communication, analytical, judgment and collaboration skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong organization skills. Technical Skills: 5+ Years CyberArk experience 2+ Years Cloud Services Implementation (Azure) Strong CyberArk hands-on experience including advanced CyberArk modules like PSM, PSMP, and AIM/AAM/Conjur, EPM. Strong experience with CyberArk utilities and their usage - PUU, PACLI and EVD. Experience in working with CPM plugins custom PSM connectors. Familiarity with CyberArk configuration files, logs files, access control and user management. Experience in working with CyberArk support. Good knowledge of Microsoft AD (Active Directory) knowledge and experience. Strong Privileged Access Management solutions knowledge and experience. Good knowledge of Identity and Access Management technology solutions and processes. Basic understanding of the main network protocols (IPv4/IPv6/TCP/UDP/DNS/SMPT). A good knowledge of Azure environment for managing/troubleshooting CyberArk components on Azure Certificates or Licenses: CyberArk PAM Certified Delivery Engineer (CDE-PAM) is required Cloud practitioner for Azure/AWS

MAJOR DUTIES Team Leadership and Management: Lead and manage the BPA production support team, including hiring, training, and performance management. Develop and maintain a high-performing, motivated team by implementing best practices, encouraging continuous learning, and providing opportunities for skill enhancement. Establish and communicate KPIs and scorecards for production support and ensure team adherence to performance standards. Service Delivery and Incident Management: Oversee the resolution of production issues and incidents, ensuring minimal impact on business operations and ensure prompt root-cause identification. Act as an escalation point for critical production issues, working with cross-functional teams to provide timely and effective resolutions. Implement and oversee the incident management and communication strategy to ensure smooth issue resolution and regular updates to impacted stakeholders. Operational Efficiency and Continuous Improvement: Design and implement strategies to improve production support processes, minimize service disruptions and enhance system reliability. Identify opportunities for automation and improvements in service delivery processes to reduce non BPA queries, repetitive issues, functional queries, manual interventions and operational impacts. Conduct regular reviews and post-incident analyses with technology to improve the overall stability and performance of applications. Stakeholder Management and Communication: Serve as the primary point of contact for senior business leaders and stakeholders on all matters related to BPA production support for the applications used by TA business in Northern Trust globally. Communicate effectively with stakeholders about production issues, status updates, business impacts scheduled maintenance, and improvements, ensuring alignment with business priorities. Build and maintain strong relationships with business units and IT teams to facilitate quick resolutions and anticipate future needs. Compliance, Risk Management, and Reporting: Ensure compliance with auditors, regulatory and operational standards as related to production support activities. Oversee the development and maintenance of documentation, including cheat sheets, issues logs, and user guides. Regularly report on production support performance, SLAs, and KPIs to senior leadership, providing insights and recommendations for improvement. Strategic Planning and Development: Develop and implement a strategic roadmap for production support, aligned with the organization s overall technology and business strategies. Collaborate with development, infrastructure, and technology teams to influence system enhancements that improve production stability. Stay updated on industry trends, technologies, and best practices in production support and apply them as appropriate. KNOWLEDGE / SKILLS Proven experience in managing production support teams, setting service standards, and delivering consistent support services. Strong understanding of IT operations, incident management, and change management processes. Familiarity with TA applications, infrastructure support, and system monitoring tools. Excellent leadership, communication, and interpersonal skills. Ability to work under pressure and manage crisis situations effectively. Strong Persuasion, Problem-solving skills and Analytical thinking. Experience in managing multiple projects simultaneously, handling complex relationships, reporting to senior management and/or steering committees EXPERIENCE Seasoned expert with an overall experience of 15 years and minimum 8 years of experience in IT / TA production support. ELIGIBILITY FOR INTERNAL PARTNERS Seasoned expert with an overall experience of 15 years and minimum 8 -10 years of experience in IT / TA production support / Transfer Agency operations and minimum of 3 years of people management experience.

Job Description We are seeking an analyst with experience in governance of security products, authentication, authorization, and access management with business analysis background. As a member of Governance team you will play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Requirements/Responsibilities - Drive governance and risk framework around applications using authentication and authorization Define and respond to risks surrounding the business functions and the security capabilities Define and respond to audits from internal and external parties Knowledge of control execution and design Collect and maintain evidence of control testing Collect and maintain evidence of application attestation to standards Knowledge of SOX methodology implementation for applications Internal External Audit executions Qualifications Bachelors degree in computer science, audit or a related discipline and experience in information security, or an equivalent combination of education and work experience. Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. 2 years of experience in the Information Security or Audit role.

IT Strategic Spending seeks an APAC manager to oversee day to day activities of our regional team of 4-7 resources that the incumbent will help to supervise, mentor and recruit as needed. This role will liaise directly with global counterparts to collaborate with Technology leadership, IT Finance, Procurement and Human Resources. The incumbent will be a self-starter with a proven track record delivering exceptional results by adding structure to ambiguous situations and aligning stakeholders to a common agenda. Responsibilities: Develop capabilities of supervised staff and identify opportunities for their professional advancement Ensure supervised resources are fully engaged, working on prioritized tasks and delivering high quality output Serve as APAC manager for IT Strategic Spending resources spread across several functions including: Third-Party Risk, Software Asset Management and Operational Reporting Develop methods to automate aggregation of data, derive insights and create executive-ready presentation materials Drive delivery of third-party artifacts and dashboards to facilitate transparency and alignment with technology s most important vendors Drive delivery of Software Asset Management (SAM) activities around the onboarding of software publishers into the SAM process and tool, testing related to software change activities, SAM tool maintenance, and day-to-day control process execution Build a broad network of relationships across IT and seek to improve collaboration among stakeholders Identify inefficiencies and propose alternatives to improve with appropriate monitoring and data Produce quality deliverables, effectively manage expectations and deadlines to drive exceptional performance from team Knowledge / Skills Required: Strong managerial background with demonstrated ability to develop talent Ability to navigate and work across multiple stakeholders in a fast-paced, high performing environment Ability to structure work and delegate independently Strong executive presence and communication skills (both oral and written), story-telling, visual design, and PowerPoint skills Strong organization and facilitation skills Diverse problem-solving experience and ability to analyze problems using data-driven approaches across technology areas Project management fundamentals Understanding of the software development lifecycle and broad technology concepts Thoughtful listener Deep sense of personal integrity Strong desire to drive projects to completion. Identifies issues and recommends solutions 7+ years of professional experience in related disciplines preferred 3+ years of management experience preferred

Northern Trust Technology Risk Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers and meet regulatory requirements. The Sr. Associate Risk and Control Officer is part of the InfoSec/Infra Control Officer Team, responsible for leading and supporting risk and control assessments for core cyber security domains, performing security testing, and evaluating compliance to information security policies and procedures and regulatory requirements. The role will work directly with cybersecurity, Infrastructure and business units teams providing guidance to implement defense-in-depth controls to protect Northern Trust and the customers. As well as work with a dynamic team and contribute to the overall cyber security of the firm. Major Duties include but not limited to; Support risk and control assessments for core cyber security domains Support remediation of cyber security findings from various sources Solves problems and timely management of open risk and control gaps Participate in the development and maintenance of cyber security standards in line with industry best practices, as well as support technical engagements around security threats vulnerabilities and software security testing Knowledge /Skills/Abilities/ Experience Desirable Criteria include; Technical or audit experience in core cyber security fields such as IAM, vulnerability / threat management, Pen-Testing, Data Protection, IH / IR, AppSec, Network Security, System Administrator, GRC Understanding of Technology Risk Controls across domains Knowledge of performing risk management and industry standards , NIST etc. Ability to proactively assess issues, identify solutions and problem solve. Ability to understand and interact with technology subject matter experts regarding technology topics Analytical, consultative and communication skills with ability to communicate control requirements to partners in terms easily understood Organized and time management skill, with ability to produce high quality timely deliverables Flexible approach towards changing work methods, deadlines and variable workloads. Ability to adapt and react timely and positively in a changing and dynamic work environment. Knowledge Microsoft Office Suite and ability to learn new tools as needed. Applicable industry standard certification(s) desired Bachelor degree in Computer Science or a related discipline and technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience Major Duties : Provides technical expertise and support to client, IT management and staff in risk assessments, implement. Identifies, evaluates, conducts, schedules and leads technical analyses functions to ensure all applicable IS security requirements are met. Participates in the evaluation, development, implementation, communication, monitoring and maintenance of information technology security policies and procedures. May act as Project Member. May be involved in providing assistance and training to lower level specialists. Keeps abreast on the direction of emerging industry standards. Provides technical analysis of requirements necessary for the protection of all information processed, stored, or transmitted by systems. Serves as an resource or go to person within a group. Conducts preliminary analysis and reviews work of others. Handles more extensive, high-profile work. Responsible for direct interaction with different committees and/or management. Knowledge : Is technical with working knowledge in area of expertise and strong knowledge of other areas. Requires good analytical ability, consultative and communication skills, strong judgment and the ability to work effectively with client, IT management and staff, vendors and consultants. Experience: Bachelor degree in Computer Science or a related discipline and at least four, typically six or more years of technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.

The Key Responsibilities of the role include: Collaborates, elicit, analyse, outline and develop requirements for projects and technical changes coordinating with business and technology teams. Provide analysis and takes ownership throughout the lifecycle of the project from scoping, high level business requirements, detailed business requirements and implementation as required. Utilize available subject matter expertise to perform functional reviews of transformational initiatives and on-going BAU change agendas. Review and analyze system specifications, collaborate with project team to develop effective test strategies and plans. Formulate application testing strategies and test plans Execute test cases (manual or automated) and review results for SunGard Invest One and other Fund Accounting applications, report and troubleshoot defects Consistently demonstrates expertise in high profile projects and system upgrades, testing for large and small projects/changes, system changes and upgrades Serve as a Change Advocate; establish trust within the corresponding business teams; gain enthusiasm within the teams. Work closely with regional functional managers in various processes / projects to ensure communication and smooth implementation. Provide Support and timely resolution for functional and technical queries raised by Fund Accounting, Financial Reporting, Pricing, Corporate Actions and other partner areas on SunGard Invest One and its ancillary applications The successful candidate will benefit from having: Proven experience as a Business analyst or similar role for Fund accounting/applications Demonstrates strong experience in change initiatives, covering areas such as Scrum, Agile, IT and product development; with a track record of accomplishment in complex projects and change initiatives. Excellent communication skills (both written and oral) to interact and manage expectations with stakeholders and management Able to provide project management consultation and leadership to peers and others. A good understanding of the FIS InvestOne Enterprise platform, overall experience of 10-15 years and minimum 8 years of Business Analyst experience Agile Scrum Master Certification, ISTQB certification, CCBA, CBAP or other BA certification would be preferred 3 years as a Team Leader to move as a Section Manager currently at an Officer level. 24 months as a Consultant to move as a Senior Consultant. Movement within Senior Consultant and Section Manager is applicable if they have prior 36 months of people management experience

Oversight of the 1st Line of Defense adherence to the RCSA policy Provide 2LOD effective challenge and oversight ensuring risks and controls are inventoried accurately, adhere to program requirements and align to defined Risk Taxonomies Provide objective oversight of risks through quality control using defined methodologies and subject matter expertise. Analyze RCSA results and prepare reports that highlight themes, root causes, and emerging risks as needed to the Operational Risk Management Committee Lead team of 2LOD controls testers responsible for testing, validating, and enhance control testing post RCSA approvals and 1LOD Controls Testing execution. Lead NFR teams responsible for Technology Risk, Third-Party Risk, and Risk Reporting Metrics Advance the companys risk culture and program knowledge through training, education and communication Strong stakeholder engagement to ensure identification of issues and timely completion of actions to meet deadlines Improve overall risk management culture and knowledge via training/awareness sessions Review key risk indicator framework, scorecards, dashboards to ensure appropriateness of metrics / key performance indicators Collaborate with senior management risk partners and lines of business partners to coordinate operational risk management activities Manage or lead projects aimed at improving the overall NFR programs Act as the Site Manager to include, but not limited to, coordinating with functional managers to onboard new hires locally, provide local support and guidance required to access the premises, meeting right stakeholders, IT and system access related support. Ensure smooth onboarding of all the new NFR staff. Review of Issues, IA and Exam Findings, and New Product/Initiatives to determine potential impact to risk and control inventories and work with the 1LOD to address Perform other duties as assigned. Knowledge, Skills, and Experience Ability to communicate in a clear, concise and effective manner (verbal and written) 15+ years financial services experience with minimum 7 years of operational risk, controls, or audit experience Excellent working knowledge of audit, risk and operational management concepts, and the ability to understand and interpret the impact of decisions, as well as identify and convey potential problem areas Ability to foster a positive and proactive approach to process assessment and improvement and to identify trends and improve processes for both the customer and the business Strong organizational, attention to detail, time management, and planning skills Ability to handle multiple competing priorities Ability to make independent decisions and also be a team player and effective communicator to ensure that issues are appropriately resolved Confidence and expertise to advise management and the business Ability to use initiative and work unsupervised in a proactive manner A collaborative approach to work and ability to build relationships with strong interpersonal skills

Job Summary: This role manages going statutory compliances under Software Technology Parks of India (STPI) Special Economic Zone (SEZ) and working knowledge under Income Tax, Goods Service Tax and Reserve Bank of India rules. Major Duties: Software Technology Parks of India (STPI) - Bangalore a) Regular interaction with STPI authorities for various approvals b) Monitoring of limit for approval of capex, renewal of Licenses. c) Interaction with Customs agent for clearing of goods. d) Interaction with internal team for various approvals under STPI scheme. e) Submission of Monthly/Annual returns, Tentative performance reports, SERF and Monthly Softex. f) Follow up with bank for Electronic Bank Clearance certificate (EBRC) g) Interaction with bankers for obtaining GR waiver form etc and other related approvals as required under STPI scheme. Special Economic Zone (SEZ) - Pune a) Regular interaction with SEZ office for various approvals. b) Monitoring of Bond amount and applying for approvals as required c) Monitoring and renewal of SEZ license. d) Interaction with clearing agent for various SEZ related activities, import clearing, SEZ approval for regular clearance of materials, and service invoices. e) Preparing of Domestic Service Procurement form (DSPF) periodically and monitoring the certification and interact with customers and internal team for issuance of approval to various customers. f) Interaction with Internal team for various clearance activity. g) Preparation of Monthly report, Annual reports, SERF, Softex and other reports as requested by SEZ authorities. Goods Service Tax (GST) Bangalore and Pune: a) Preparation of E-Invoice for export of services. b) Preparation of Delivery Challans regularly. c) Preparation of Domestic sales invoices d) Issuance of E-way Bill. e) Accounting for Domestic sales invoices. g) Preparation of GSTR 1 returns on monthly basis. h) Reconciliation of E-way bills. i) Preparation of all documents required on regular basis as required under GST. Skills Basic accounting skills to account for GST invoices. Analysis and preparation of GSTR 1 returns. Payment of monthly GST and computation of tax liability. Experience Qualifications: Experience in with below listed subject matter of 5-6 years with commerce graduation qualification preferrable. Commerce graduation can be B.Com/M.Com/CA Inter etc. Chartered Accountant (CA) Intermediate qualified would be preferred with 2-3 years of experience. Candidates from IT/ITES Sector preferable.

Greetings from Northern Trust. Northern Trust is looking to hire a Lead, Cyber Sec Eng position for Pune/Bangalore location. Company Details - Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the worlds most sophisticated clients using leading technology and exceptional service. Job Description Job Role: Lead, Cyber Security Engineer Job Location: Pune OR Bangalore Experience: 10+ years Skills: Cyber Security (CyberArk), Privilege Access Management (PAM), Central Credential Provider, AAM Integration, Conjur Summary This position is responsible for managing the activities of the Privileged Access Management (PAM) team in India, working closely with many different global teams to ensure all aspects of privileged access are maintained according to organizational standards and controls. This position will play a key role in managing the CyberArk product suite, including implementations, integrations, and remediation activities. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily: Line Management experience: overseeing, developing, and driving the delivery of a team of technical specialists Assist driving the Privileged Access Management (PAM) strategy and roadmap Manage and maintain the firms CyberArk solution Manage and lead CyberArk AAM integrations (including Conjur) Manage Privileged Session Management, Privileged Threat Analytics, Endpoint Privilege Manager and Business Secrets Management solutions Provide subject matter expertise across CyberArk scope to PAM engineering and support teams and technology stakeholders across the enterprise Provide cross functional and global technical leadership to help drive adoption and understanding of PAM across the enterprise. Assist with the management of PAM-related audit or other security findings. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required: Extensive knowledge in CyberArk and PAM architecture, functionality and administration. Ability to manage multiple intricate projects with strict deadlines while maintaining best in class work. Ability to functionally serve as a primary point of contact across multiple teams within the organization and to lead program delivery requirements. Proven team player will be working primarily with other staff members, on both long-term projects and rapid response under tight deadlines. Effective oral and written communication, analytical, judgment and collaboration skills. Ability to effectively communicate in both formal and informal review settings with all levels of management. Ability to work with local and remote IT staff/management, vendors and consultants. Ability to work independently and possess strong organization skills. Technical Skills: 5+ Years CyberArk experience 2+ Years Cloud Services Implementation (Azure) Strong CyberArk hands-on experience including advanced CyberArk modules like PSM, PSMP, and AIM/AAM/Conjur, EPM. Strong experience with CyberArk utilities and their usage PUU, PACLI and EVD. Experience in working with CPM plugins & custom PSM connectors. Familiarity with CyberArk configuration files, logs files, access control and user management. Experience in working with CyberArk support. Good knowledge of Microsoft AD (Active Directory) knowledge and experience. Strong Privileged Access Management solutions knowledge and experience. Good knowledge of Identity and Access Management technology solutions and processes. Basic understanding of the main network protocols (IPv4/IPv6/TCP/UDP/DNS/SMPT). A good knowledge of Azure environment for managing/troubleshooting CyberArk components on Azure Education and/or Experience: 5+ years Privileged Account Management Experience utilizing current methodologies Bachelors Degree or higher in Computer Science or related security field 5+ years experience working directly with CyberArk 12+ years total experience Certificates or Licenses: CyberArk PAM Certified Delivery Engineer (CDE-PAM) is required Cloud practitioner for Azure/AWS If you are interested in this job opportunity, please share your updated resume to take your candidature forward. Regards, Northern Trust Recruitment Team

Responsible for collaborating with Chief Operating Office senior leaders, as well as other business leaders to develop strategic and financial objectives and for leading the execution of those objectives. Responsible for assessing opportunities to streamline processes and implement change via system enhancements and/or automation, as appropriate. Proactively build relationships and partner with capability teams to uncover opportunities and develop strategies to improve service. Management responsibilities and decisions likely include hiring, performance reviews, pay decisions and development. Conduct the performance management process, identify training and development needs, and establish performance standards for the Practice. Major Duties: Responsible for directing and supporting the Payments Sanctions functions Responsible for regulatory oversight for the corporation, at the corporate level of compliance policy development and/or evaluation of regulatory policies and procedures Define the Sanctions function and necessary production organization to carry out business objectives Advises partners, including senior management, on compliance with applicable laws, rules and standards, including keeping them informed on developments with business procedures and processes Oversees the development of Sanctions compliance programs that impact the corporation Proactively research and coordinate enhancements and transformation Support Business in providing thought leadership to benefit NT R esponsible for maintaining quality service with future considerations Ensure changes match industry trends and client expectations in terms of partnering with technology and service delivery Identify opportunities for continuous efficiencies, scale, and value Organize the functional work from a process and locational regulatory standpoint Provide input to Talent Decisions as related to upskilling the function from a service perspective Effectively manage change and transformation objectives Point of contact for issues specific to functions under management Coordinate operational response to complex issues Collaborate with other Practice Execs and capabilities to deliver and overall seamless operational offering Coordinate response between operational teams Liaise between BU stakeholders and operational leaders on recurring issues Stay updated on relevant laws, regulations and industry trends related to financial crimes. Monitor anomaly detection system performance and implement detection strategies to reduce false positives and increase detection rates. Knowledge : Leadership and strategic thought skills are required to determine the Enterprise sanctions goals, resources needed and to asses and develop the skills of staff Excellent oral and written communication skills are required Extensive knowledge of Sanctions processes, laws, regulations, and legislate and regulatory processes are required Requires strong leadership and forethought to lead the function globally Exceptional ability to analyze and interpret complex data sets and metrics. Experience : 20 years of industry experience and 5 years of experience into Sanctions Proven experience contributing to the development of functional/operational long-term strategy and developing annual business plans to ensure alignment Relevant proven work experience in regulatory oversight, ani-money laundering/sanctions and compliance risk management Association of Certified Anti Money Laundering Specialists (ACAMS), Certified Fraud Examiner (CFE) or similar professional certification preferred. Deep understanding of digital banking and Wealth Management, Asset Servicing and Asset Management businesses. Ability to exercise good judgment to make timely decisions, while working in a fast-paced and results-driven environment.

Role/Department: Associate, Cyber Security Engineering The APAC Security Operations/Engineering organization is seeking a junior to mid-level associate developer to join their team. The Cyber Security Engineering team directly supports APAC CISOs organization by providing developing and administering solutions that meets or exceeds end user expectations relative to performance, scalability, fault tolerance, usability, and data integrity; while supporting cyber risk reduction efforts by identifying emerging Cyber Threats facing Northern Trust and Northern Trust technologies. Major Duties | Key Responsibilities: Full stack engineering (predominantly Python, react.js and SQL server) on a range of internally developed tools covering the information security production environment. Assists the APAC CISO in a range of technology-related regulatory obligations across multiple jurisdictions within Asia Pacific. Tactical automation work as required to support the wider Cybersecurity organization, including the security operations center lead in Pune. Assists in the implementation of operating systems, database or network projects as required. Prepares or modifies high-level and detail-level business requirements documents for development of functional and system specifications. Carries out complex activities with significant financial, client, and/or internal business impact. More technically sound in area of expertise and has broader knowledge of other areas. Role is balanced between operational execution and development. Skills : Excellent oral and written communication skills are required. In-depth Information Technology/ Industry Knowledge is required. Experience of software development using technologies such as Python, react.js and SQL Server. Knowledge of information security, operating systems, software development, database systems and information technology concepts needed to effectively manage the group. Analytical and problem solving skills are required. Qualifications | Experience: A College or University degree and/or relevant proven work experience in the area of Information Security / software development is required. 3-5 years of development experience.

We are seeking a highly skilled Tech lead with deeper expertise in various security products, authentication, authorization, access management, governance with Java development background. As a key member of Workforce Authentication and Authorization team you lead a team to play a vital role in ensuring the secure implementation of various solutions (Hybrid and Cloud) developed in technologies like Java, .Net etc. Requirements/Responsibilities - Lead Identity centric Workforce Security solutions team to develop authentication and access management solutions using Java, Python, .Net Drive automation development using scripts such as Python, PowerShell, bash script Drive the development of identity solutions , access patterns , modern security protocols , practicing Zero trust , least privileged, defense in depth principles Review and provide feedback on Identity and access management related security solutions proposed by stakeholders and can provide consultation to the partners and IT Management on authentication and authorization. In-depth knowledge and experience on Spring Security, Microservices , Entra ID, Azure, AWS Security Knowledge on Okta, PingFederate, Entitlement management solutions is preferable Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc. Experience in providing security solutions for Java based Micro services, React based frontends and Android/iOS based mobile applications on the Azure Hands-of experience in JWT, session handling, Code signing, Certificate authentication, TLS/SSL, API Security, Application registration, application integration scenarios etc. Awareness of API Management , Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs , Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc. Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure smooth remediation of toxic combinations, high risk entitlements etc. Understanding and application of threat modeling concepts and methodologies Understanding of Applications security, OWASP standards, security best practices, browser compatibilities / storages / cookies Acts as Workforce cybersecurity expert to in solutions spanning end user computing, proxy solutions, MFA , SSO , conditional accesses , Passwordless, Yubikey, bio-metric solutions, identity and governance scenarios , Secrets Management, automation, role-based access control, Privileged identity management, just in time accesses etc. Participates in solutions to support- token handling , OIDC / OAuth flows , authorization patterns, identity federation , cloud architectures, cryptography , cloud native services, cloud security etc. Deeper understanding on Cloud Security areas such as Policies, RBAC, activities, identities, privileged access management etc. Ability to support operations in troubleshooting complex identity scenarios with hands-on experience on Sentinel/KQL/Audit logs etc. Good understanding of concepts related to docker Security, container orchestrations/Kubernetes Qualifications Bachelors degree in computer science or a related discipline and experience in information security, or an equivalent combination of education and work experience. Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies. Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff. Ten years of experience in the Information Security role. Five years of experience as a Tech lead CISSP, CSSP, or Cloud security certification preferred Strong collaboration skills and a analytical ability Certifications on Azure, AWS security will be preferred