103 Pci Jobs

Responsible for assessing, challenging, and testing the design and operational effectiveness of controls using TRs control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected. About the Role: In this opportunity as Compliance Program Technical Auditor, you willassess, challenge, and test the design and operational effectiveness of controls using TRs control framework by working collaboratively with control owners and stakeholders to improve the control testing process, including defining re-test cycles and evidence expected. Execute a testing plan by communicating requirements to control owners, reviewing evidence submitted, agreeing on deficiencies found and finalizing the next steps in meeting control requirements. Oversee and act as a liaison for both external and internal audits. Identify procedures and practices that are not compliant with industry Frameworks Recommend and support stakeholders making changes to address non-compliance issues. Compile reports on audit results and present them to managers & supervisors. Propose efficiencies and automation where possible to optimize workflow. Work closely with other teams like ERM, Finance, business and application owners, third party or contractors supporting processes to report and track remediation plans for any control deficiencies identified. Ensure awareness about security risks, best practices and policy/standard requirements are essential to ensure compliance. Work independently, act decisively and ensure personal deadlines and team requirements are met. Willingness and drive to learn continuously and approach change with openness. About You: You're a fit for the role of Senior Business Technology Analyst if your background includes: Bachelor's degree in IT, Accounting, Finance or equivalent education and experience. At least 4+ years of relevant work experience in SoX, ITGC, SOC, PCI within Audit, Big 5, consulting firms or as line 1a or line 1b completing IT-IS control testing or working within a Governance or Compliance function across Financial Services organizations. One of these certifications in order of preference is essential CISA, CISSP, CCAK, CISM, CRISC. Strong ethical principles and understanding of business and IS ethics. Awareness about common security vulnerabilities of web and cloud applications and operating techniques from sources such as SANS, OWASP Top 10 and Cloud Security Alliance (CSA). Experience in testing Cloud controls and related technologies will be an asset. Excellent oral and written communication skills in English. Additional expertise in French, Spanish or another language will be an asset. Knowledge about GRC platforms like ServiceNow, Process Unity, RSA Archer, MetricStream and like. #LI-HS1 Whats in it For You Hybrid Work Model Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected. Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance. Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrows challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future. Industry Competitive Benefits We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing. Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our valuesObsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together. Social Impact Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives. Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world. Thomson Reuters informs the way forward by bringing together the trusted content and technology that people and organizations need to make the right decisions. We serve professionals across legal, tax, accounting, compliance, government, and media. Our products combine highly specialized software and insights to empower professionals with the data, intelligence, and solutions needed to make informed decisions, and to help institutions in their pursuit of justice, truth, and transparency. Reuters, part of Thomson Reuters, is a world leading provider of trusted journalism and news. We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments. At a time when objectivity, accuracy, fairness, and transparency are under attack, we consider it our duty to pursue them. Sound excitingJoin us and help shape the industries that move society forward. As a global business, we rely on the unique backgrounds, perspectives, and experiences of all employees to deliver on our business goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity Employer providing a drug-free workplace. We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law. More information on requesting an accommodation here. Learn more on how to protect yourself from fraudulent job postings here. More information about Thomson Reuters can be found on thomsonreuters.com.

Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. About Team The Internal Audit team at Paytm comprises seasoned professionals with diverse skill sets and experience across different verticals like process audits, technology audits and forensics. The team focuses on implementing the approved audit plan, ensuring delivery of qualitative audits and conducting internal / special reviews while leveraging technology & data analytics and gauging key risks across business processes. About the role: We are seeking an experienced and detail-oriented Information Security and Cloud Security Auditor to join our team. The ideal candidate will have 3-7 years of expertise in data security and privacy control implementation, internal auditing, third-party risk management, cybersecurity governance, and cloud security (banking sector preferred). This role will be responsible for conducting comprehensive IT and cloud security audits, ensuring compliance with regulatory requirements, and enhancing our information security policies and procedures. Key Responsibilities: Conduct IT and cloud security audits across various domains, including IT General Controls, Information Security Controls, Cloud Security, Network Security, Vulnerability Management, and Vendor Risk Assessments. Assess compliance with relevant laws, regulations, and organizational policies, providing expertise in regulatory requirements specific to both on-premises and cloud environments. Develop and enhance information security and cloud security policies and procedures in alignment with industry best practices. Maintain thorough documentation of audit findings, risk assessments, and security measures for internal and external reporting. Validate ITGC, cloud security, and application-specific controls, and manage audit documentation including risk assessments, working papers, audit program checklists, and evidence gathering. Follow up on and ensure closure of non-compliance issues identified during audits. Manage and oversee third-party risk assessments and audits, ensuring robust security controls are in place for both traditional and cloud-based service providers. Lead and participate in the development, migration, and implementation of security controls and policies for network and cloud security solutions. Conduct risk-based security assessments on internal, vendor, and third-party hosted environments, focusing on both traditional IT and cloud infrastructure. Participate in product and vendor selection processes, contributing to the implementation and integration of new technologies, with a strong emphasis on cloud security solutions. Experience/ Skills Required: Minimum 5 years of experience in information security and auditing, with a strong background in cloud security, and the banking and IT industries. Proven experience in performing IT and cloud security audits, validating ITGC and cloud application controls, and maintaining audit documentation. Hands-on experience with vulnerability management, risk management, physical security, identity & access management, encryption, secure development, incident management, security infrastructure, and security policy for both on-premises and cloud environments. Expertise in third-party risk management, regulatory compliance, and managing IT audit findings in both traditional and cloud-based contexts. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Strong analytical and problem-solving skills. Excellent communication and documentation skills. Ability to manage multiple projects and meet deadlines. Strong understanding of IT, cloud security, and cybersecurity frameworks and standards. Proficiency in using various security assessment tools and technologies, particularly those related to cloud environments. Qualifications & Certification: Bachelor's / Master s degree in Information Technology, Cyber Security, or a related field. ISO 27001/CNSS/CCNA/CISA/CISM/CISSP Preferred Detailed knowledge of security tools, PCI-DSS, general ITGC controls, compliance testing, cloud risk assessment, GRC, OWASP, MITRE ATT&CK, change management, and policies and procedures. Proficiency in various security and cloud technologies including AWS, Azure, Google Cloud Platform, Palo Alto, Fortinet & Checkpoint Firewalls, SOAR (Cortex), Force scout Why join us 1. A collaborative output driven program that brings cohesiveness across businesses through technology 2. Improve the average revenue per use by increasing the cross-sell opportunities 3. A solid 360 feedback from your peer teams on your support of their goals 4. Respect, that is earned, not demanded from your peers and manager Compensation: If you are the right fit, we believe in creating wealth for you With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants - and we are committed to it. India s largest digital lending story is brewing here. It s your opportunity to be a part of the story!

So, what’s the role all about? In this position we are looking for a strong DevOps Engineer to work with Professional Services teams, Solution Architects, and Engineering teams. Managing an On-prem to Azure Cloud onboarding, Cloud Infra & DevOps solutions.The Engineer will work with US and Pune Cloud Services and Operations Team as well as other support teams across the Globe. We are seeking a talented DevOps Engineer with strong PowerShell scripting skills to join our team. As a DevOps Engineer, you will be responsible for developing and implementing cloud automation workflows and enhancing our cloud monitoring and self-healing capabilities as well as managing our infrastructure and ensuring its reliability, scalability, and security. We encourageInnovative ideas,Flexible work methods,Knowledge collaboration,good vibes! How will you make an impact? Define, build and manage the automated cloud workflows enhancing overall customer experience in Azure SAAS environment saving time, cost and resources. Automate Pre-Post Host/Tenant Upgrade checklists and processes with automation in Azure SAAS environment. Implement, and manage the continuous integration and delivery pipeline to automate software delivery processes. Collaborate with software developers to ensure that new features and applications are deployed in a reliable and scalable manner. Automation of DevOps pipeline and provisioning of environments. Manage and maintain our cloud infrastructure, including provisioning, configuration, and monitoring of servers and services. Provide technical guidance and support to other members of the team. Manage Docker containers and Kubernetes clusters to support our microservices architecture and containerized applications. Implement and manage networking, storage, security, and monitoring solutions for Docker and Kubernetes environments. Experience with integration of service management, monitoring, logging and reporting tools like ServiceNow, Grafana, Splunk, Power BI etc. Have you got what it takes? 4-7 years of experience as a DevOps engineer with Azure preferably. Strong understanding of Kubernetes & Docker, Ansible, Terraform, Azure SAAS Infrastructure. Strong understanding of DevOps tools such as AKS, Azure DevOps, GitHub, GitHub Actions, and logging mechanisms. Working knowledge of all Azure Services and compliances like CJIS/PCI/SOC etc. Exposure to enterprise software architectures, infrastructures, and integration with Azure (or any other cloud solution) Experience with Application Monitoring Metrics Hands on experience with PowerShell, Bash & Python etc. Should have good knowledge on Linux and windows servers. Comprehensive knowledge of design metrics, analytics tools, benchmarking activities, and related reporting to identify best practices. Consistently demonstrates clear and concise written and verbal communication. Passionately enthusiastic about DevOps & cloud technologies. Ability to work independently, multi-task, and take ownership of various parts of a project or initiative. Azure Certifications in DevOps and Architecture is good to have. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NiCE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NiCEr! Enjoy NiCE-FLEX! At NiCE, we work according to the NiCE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7452 Reporting into: Director Role Type: Individual Contributor

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk

Generate compliance reports from an existing dashboard or build requirements to create a new reporting dashboard Proactively Monitor, track, and report on security compliance status across systems and processes. Analyze large datasets to identify trends, anomalies, and compliance risks. Support security audits, assessments, and certification efforts through data collection and analysis. Possess strong communication skill, collaborate with cross-functional matrix teams to drive root cause analysis, corrective actions and improvements based on data insights. Maintain and enhance compliance reporting dashboards and metrics for leadership visibility and decision making. Required education Bachelor's Degree Required technical and professional expertise Experience working with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Working with the Development teams to ensure automation of evidence collection and evidence management is always in line with compliance expectations, otherwise, identifies specific actions and owners to meet the expectations. Assisting team members in addressing highly complex security issues applicable to enterprise environment Ability to utilize project management principles to properly scope compliance work efforts by service lines, identify common areas of work, and create a measurable milestone plans across service lines to enable completion of compliance work items on time. Ability to manage multiple priority projects simultaneously under a short timeline Experience/familiar with enterprise risk management (ERM) framework, service delivery operations, software development lifecycle and be able to understand when to request and integrate risk items into compliance reporting. Experience with compliance programs such as FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, PCI, NIST, ISO, ITAR, etc. Conducting regular reviews on compliance progression of systems and hosting internal audit/assessment as required to maintain compliance certifications. Ability to translate and interpret regulatory compliance requirements into technical controls Ability to understand cloud enterprise business computing operations/requirements, and effectively communicate to service lines what is expected in order to consider a work item complete. Also, will possess good understanding of networking security including security systems such as firewalls, intrusion detection, vulnerability scanning, OS patching, health-checking Diagnosing the root cause of problems and propose solutionsExamples would be failed patches, tooling issues, false positives on system tests, authentication problems. Drive and track audit, security and compliance finding remediation to closure. Experience with enterprise configuration Management database (CMDB) or IT Asset inventory Management. Understand CMDB's structure, data quality, relationships between CIs (Configuration Items), and updates. Use the CMDB for risk, audit, and compliance analysis and reporting Proficiency in SQL, Excel (advanced levelpivot tables, macros), and ServiceNow— data analytics and visualization functionalities Ability to process large datasets, identify and handle missing data, data transformation, normalization, and data quality checks. Ability to perform data analysis to discover patterns and trends to mitigate security risks and drive business results Work with stakeholders to define key metrics and KPIs; develop dashboards and reports for business users. Collaborate with database engineers, data owners, security focal, product managers, and broader metrics teams to understand data needs. Results oriented with intense focus on achieving both short and long term goals. He/she should be able to drive and execute an agenda in a fast paced, dynamic environment. Strong project management skills with ability to design visual and appealing presentations Strong collaboration, problem-solving and critical-thinking abilities. Excellent communication skills — ability to explain technical findings to non-technical audiences. Good time management, organizational skills, and ability to prioritize tasks. Curiosity and a continuous learning mindset. A highly organized with strong attention to detail, analytical and project management skills Work independently within a team focused organization. Preferred technical and professional experience Experience or familiar with cloud service models; IaaS preferred. Project management and consulting experience is a plus Experience with process automation is a plus Experience with Linux Shell, Perl or Python is a plus

Job Title - Information Security Management System (ISMS) domains + 9/10 + CF Management Level: 09 or 10 Location: Bangalore Must have skills: Information Security Management System (ISMS) domains Good to have skills: Software/Application Development, Cloud /infrastructure concepts Must have skills: Excellent English communication skills both in speaking and writing Knowledge of Information Security concepts and Information Security Management System (ISMS) domains Information security risk analysis Able to confidently present and assert findings with global counterparts Able to handle and balance time when working on multiple tasks Good attention to details Experienced in auditing/assessment Willing to continuously learn Microsoft Office (Excel, Word, Outlook, MS Teams) Good to have skills: Basic knowledge or familiarity with Software/Application Development, Cloud /infrastructure concepts Knowledge on various data privacy regulations such as GDPR, PCI and HIPAA Job Summary : A Client Data Protection (CDP) assessment is a review of a client accounts CDP plan and implemented controls to ensure that the clients sensitive business and personnel data is safeguarded. The assessment is intended to address data protection issues related to applications, systems, and business processes. The CDP Assessor will: Gather relevant information via interviews, meetings with account teams, review of supporting artifacts, about the client account and their processes Identify by conducting Risk Analysis all areas or processes that are vulnerable and where client sensitive data may be compromised Identify, rate and document risks found in the assessment Recommend security measures to remediate assessment findings Follow-up with the account team to review progress for closing findings Learn and apply new data privacy regulations, risk on emerging technologies etc. Roles & Responsibilities: The CDP Assessor will: Gather relevant information via interviews, meetings with account teams, review of supporting artifacts, about the client account and their processes Identify by conducting Risk Analysis all areas or processes that are vulnerable and where client sensitive data may be compromised Identify, rate and document risks found in the assessment Recommend security measures to remediate assessment findings Follow-up with the account team to review progress for closing findings Learn and apply new data privacy regulations, risk on emerging technologies etc. Complete and submit timely required assessment deliverables Professional & Technical Skills: Holder of any of the following Certifications is preferred but not required: Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) Information Security Management System (ISMS) 27001 Lead Auditor Additional Information: Work involves virtually meeting with teams from various Accenture locations around the world so there is a need from time to time to find an overlapping time with those teams that may be outside of the home location time-zone. About Our Company | AccentureQualification Experience: Minimum 2 year(s) of experience on Information Security-related work is required Educational Qualification: Bachelors degree in any Information Technology or Information Security course

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- 1. Identity and Access Management (IAM)IAM ensures that only authorized individuals have access to the systems and data they need to perform their job functions. Proper governance ensures compliance with security policies, legal regulations, and business requirements.Key Aspects:Identity Lifecycle Management:Governance involves defining policies for how identities are created, modified, and deleted. This includes managing user access rights and ensuring that users have appropriate permissions for their roles.Authentication and Authorization:Governance ensures that access is properly authenticated (e.g., multi-factor authentication) and authorized based on role-based or attribute-based access control.Compliance:IAM governance helps organizations adhere to industry regulations (e.g., GDPR, HIPAA) by enforcing policies around data access and ensuring that sensitive information is adequately protected.Audit and Monitoring:Regular audits and monitoring help ensure that access is being granted according to policy, and that improper access is flagged and remediated.2. Security Operations Center (SOC)A SOC is responsible for detecting, analyzing, and responding to security incidents and events in real-time. Governance in this area is crucial to ensuring that the SOC operates efficiently, effectively, and in line with corporate and legal requirements.Key Aspects:Incident Response:A key element of governance in SOC is ensuring that incident response procedures are well-defined, tested, and followed when a security breach or anomaly is detected.Monitoring and Detection:Ensuring that SOC uses appropriate tools (e.g., SIEM, IDS/IPS) to monitor network traffic and detect suspicious activities in real-time.Compliance and Reporting:The SOC must generate reports for regulatory compliance (e.g., PCI-DSS, NIST) and provide visibility into the organization's security posture.Continuous Improvement:Governance includes reviewing the performance of SOC teams, assessing incidents, and refining processes to improve the security posture over time.3. Network Security (NetSec)Network security governance focuses on protecting an organization's network infrastructure from internal and external threats. Proper governance ensures that network security policies are in place, enforced, and continuously reviewed.Key Aspects:Firewall and Perimeter Security:Ensuring that the network perimeter is adequately secured by firewalls, intrusion prevention systems (IPS), and other technologies.Network Segmentation:Governance involves defining policies around network segmentation to limit the spread of threats and control traffic flow.Encryption and Data Protection:Ensuring that sensitive data in transit and at rest is encrypted, and that secure communication protocols are enforced.Vulnerability Management:Network security governance requires regular vulnerability assessments and patch management to address known threats and weaknesses.Security Delivery Governance FrameworkTo ensure effective security governance across IAM, SOC, and NetSec, a comprehensive framework should include:Policies and Procedures:Clear, actionable security policies, procedures, and guidelines must be established and regularly updated. These should cover all aspects of IAM, SOC, and NetSec.Risk Management:Regular risk assessments to identify vulnerabilities and mitigate them proactively. This involves continuous evaluation of potential threats and alignment with the overall risk tolerance of the organization.Compliance and Legal :Governance must ensure that all activities related to IAM, SOC, and NetSec are compliant with relevant laws and regulations, such as GDPR, HIPAA, PCI-DSS, and more.Incident Management and Response:Well-defined processes for responding to incidents that include communication protocols, escalation procedures, and documentation to ensure compliance and improvement.Auditing and Reporting:Regular audits should be conducted across IAM systems, SOC operations, and network security controls to ensure compliance with the organizations security policies and regulatory requirements.Continuous Monitoring and Improvement:An ongoing process of reviewing and refining security strategies, implementing new technologies, and training staff to adapt to emerging threats. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security architecture principles.- Experience in implementing security controls in cloud environments.- Knowledge of regulatory compliance requirements.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Skills Required : ISO 27001, NIST, PCI

you will: Develop and integrate products deployed by leading service providers worldwide. Collaborate with a vibrant, BU-wide technical community to exchange ideas and innovate on next-generation technology. Explore opportunities for personal growth while mentoring colleagues and working on cutting-edge technologies. As a key member of this team, you will: Work alongside seasoned engineers to architect, design, and develop some of routers and solutions for the world's largest service provider, web centers, and enterprises. Contribute to the evolution of these systems to support exciting new customer business paradigms. Interact and collaborate with some of the finest talent in the industry, making work both fun and challenging. Engage with other groups such as Product Management, Marketing, Sales, Customer Support, and Advanced Services. Who You Are: You possess: In-depth knowledge of C and a solid understanding of Python. Extensive experience in a Unix/Linux-based development environment. Excellent coding, automation, and debugging skills. Strong teamwork and communication skills. Familiarity with hardware architectures such as PCI, PCIe, DMA, I2C, SPI , NPUs/DPUs and processors like x86, AMD, and ARM . Experience with board bringup is a plus. Experience with emerging technologies such as AI/ML and cloud computing is a plus. Experience and Qualifications: Experience: 9 to 12 years in embedded firmware development. Education: BE/B.Tech/ME/M.Tech/MS in CS/EE/IT/ECE, MCA, or similar education. Proven ability to derive design and code based on technical standards and write comprehensive, focused design documents. Experience in developing software/firmware for networking equipment. Excellent knowledge of software architecture and system design.

Hands on strong experience in C coding preferably in Automotive Domain, for a non-OS platform. Experience in microcontrollers and lowlevel sw to test the HW elements Strong understanding of Ethernet protocols and Ethernet switch architectures. Familiarity with hardware-software co-design and FPGA/ASIC development. Experience with network performance analysis and optimization tools. Knowledge of real-time operating systems (RTOS) and embedded systems. Strong knowledge on peripherals & programming on SPI, I2C, PCI, ethernet.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: 10+ years of experience in the embedded domain to design, develop and support software solutions on multi-core ARM (V7A or V8A)/CPUs, Strong C/C++ programming skills. Embedded Platforms experience including low-level firmware, kernel (Linux or QNX), Hypervisor/Virtualization and user-space components. Design and development of software for heterogeneous compute platforms consisting of ARMs, GPUs, DSPs, and specialized hardware accelerators in an embedded SoC systems with J-TAG or ICE debuggers. Experience in real-time SW development for embedded products. Hands-on experience using JTAG to debug real-time problems Hands-on experience using different version control systems like perforce, GIT Expertise in Development of PCI RC/EP Device Driver. Expertise in writing kernel space device drivers in areas of MMU, Power(clocks/thermal). Solid understanding of Linux/QNX boot flow on embedded systems. Solid understanding of computer system architecture (core, cache, memory models, bus architecture, etc.). Experience in Board Bring-up, Device drivers, peripheral buses (SPI, I2C, USB), Memory controller DDR, eMMC, UFS and Performance. Solid understanding of different debug methods offered by Linux Kernel/QNX. Motivated self-starter with excellent verbal and written communication skills, demonstrated ability to work with engineers/partners/customers across different geographies. Hands-on technical lead who is not hesitant to dig into the details where needed to get first-hand knowledge of the issues and play an active and personal role in steering team success Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. 2+ years of work experience with Programming Language such as C, C++, Java, Python, etc.

Role Purpose The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats. Do Design and develop enterprise cyber security strategy and architecture Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses Identify risks associated with business processes, operations, information security programs and technology projects Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge Identify security design gaps in existing and proposed architectures and recommend changes or enhancements Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. Provide support during technical deployment, configuration, integration and administration of security technologies Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity Provide solution of RFP’s received from clients and ensure overall design assurance Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture Depending on the client’s need with particular standards and technology stacks create complete RFPs Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps Evaluate and recommend solutions to integrate with overall technology ecosystem Tracks industry and application trends and relates these to planning current and future IT needs Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers Provide training to employees on issues such as spam and unwanted or malicious emails Stakeholder Interaction Stakeholder Type Stakeholder Identification Purpose of Interaction Internal Program Manager/Director Regular reporting & updates Infrastructure (CIS team) For infrastructure support External Customer To coordinate for all security breaches & resolutions Display Lists the competencies required to perform this role effectively Functional Competencies/ Skill Leveraging Technology - Knowledge of current and upcoming security technologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) and understanding of compliance regulatory requirement like PCI DSS, HIPAA, etc.- Expert Systems Thinking - Understanding of the Wipro system (interrelatedness, interdependencies and boundaries) and perform problem solving in a complex environment - Expert Leveraging Technology - In-depth knowledge of and mastery over ecosystem technology that commands expert authority respect - Master Technical Knowledge - Certified Information Systems Security Professional (CISSP), Cloud Architect Certification from AWS and Azure, ToGAF or SABSA certification- Master Competency Levels Foundation Knowledgeable about the competency requirements. Demonstrates (in parts) frequently with minimal support and guidance. Competent Consistently demonstrates the full range of the competency without guidance. Extends the competency to difficult and unknown situations as well. Expert Applies the competency in all situations and is serves as a guide to others as well. Master Coaches others and builds organizational capability in the competency area. Serves as a key resource for that competency and is recognized within the entire organization. Behavioral Competencies Effective Communication Managing Complexity Client centricity Technology Acumen Innovation Problem Solving approach Collaborative Working Execution Excellence Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2. Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led

About The Role :About The Role : Technology GRC Manager C1 Role Purpose: As GRC (Governance, Risk, and Compliance) Manager is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. This role involves ensuring that all risk and compliance activities are performed effectively by various control functions. The GRC Manager also serves as an internal consultant, providing guidance to operating functions and business lines on risk-related matters. Additionally, they are tasked with identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to ensure the organization''s overall security and compliance posture. Responsibilities: Ensure strong governance on risk and compliance performed by various control functions. Manage risk assessment, remediation, and monitoring of information and technology process risks. Serve as an internal risk consultant to operating functions and business lines. Identify, assess, quantify, report, communicate, mitigate, and monitor process risks. Support the implementation of information security policies. Discuss risk closure, mitigation, and acceptance with stakeholders. Ensure periodic entitlement reviews are completed, and risks are managed to an acceptable level. Collaborate with control functions to track and mitigate identified risks. Work with technology leaders to identify control gaps. Act as a subject matter expert for risk and controls related to operations. Maintain strong working relationships with stakeholders. Review and refine policies and processes based on industry best practices. Track identified risks and ensured their closure within defined timelines. Prepare and maintain risk heat maps and risk registers. Required Skills: Excellent executive-level communication skills. Strong working relationships with team members and the ability to motivate them. Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits. Solid understanding of Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, NIST Control, etc. Understanding of Security incident response aspects is desirable. Good analytical, problem-solving, and interpersonal skills. B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience. Industry-recognized certification in information security such as CISSP, CISM, CISA, etc.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Lead and mentor a team of Tier 1, Tier 2, and Tier 3 SOC analysts.- Define and enforce SOC processes, workflows, SLAs, and escalation protocols.- Provide regular performance feedback and conduct training to upskill the team.- Collaborate with IT, DevOps, Risk, and Compliance teams on security initiatives.- Oversee daily security monitoring, triage, and incident response activities.- Ensure timely detection, investigation, and resolution of security incidents.- Maintain incident tracking and reporting for internal stakeholders and audits.- Conduct root cause analysis and ensure lessons learned are documented and implemented.- Manage and optimize SIEM, SOAR, EDR, and other monitoring tools.- Define and tune detection rules, playbooks, and alerts to reduce false positives.- Evaluate and recommend new tools and technologies to improve SOC capabilities.- Ensure log sources and telemetry are complete and properly ingested.- Ensure SOC operations support compliance requirements (ISO 27001, NIST, PCI DSS, GDPR).- Prepare and deliver regular security metrics and executive reports.- Coordinate with internal and external auditors during assessments. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Governance.- Strong understanding of risk management frameworks and compliance standards.- Experience with cloud security architecture and implementation.- Ability to conduct security assessments and audits.- Familiarity with security tools and technologies for threat detection and response. Additional Information:- The candidate should have minimum 12 years of experience in Security Governance.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

As an Application Security Specialist,youll play a vital role in building secure systems from the ground up. Workingclosely with engineering, compliance, and DevOps teams, you will ensure ourapplications meet rigorous security and regulatory standards across globaljurisdictions. Your Impact on the Mission: Integrate security into the Software Development Lifecycle (SDLC) , embedding security controls at every phase. Conduct threat modeling , secure code reviews , and penetration testing for internal and third-party applications. Collaborate with development teams to address security issues across CI/CD pipelines (DevSecOps). Manage and mitigate application-level risks in line with security frameworks and regulatory requirements. Support compliance efforts for GDPR , NIS2 , PCI-DSS , and DORA by applying security controls and maintaining evidence. Drive secure practices in the software supply chain , improving defenses against attacks like those seen in SolarWinds. Business Impact Reduces application security vulnerabilities across internal and customer-facing systems. Helps ensure Noventiqs compliance with global cybersecurity regulations. Lowers production defects and remediation costs through early detection. Strengthens resilience ofcloud-native and third-party platforms. What Youll Bring to The Table About You: 5 years in Application Security, including secure development, testing, and DevSecOps. Solid understanding of OWASP Top 10 , SAST/DAST , threat modeling , and common attack vectors. Familiarity with CI/CD environments (e.g., GitLab, GitHub Actions, Azure DevOps). Hands-on experience with tools such as Burp Suite , OWASP ZAP , SonarQube , Checkmarx , or similar. Preferred Certifications Industry-recognized certifications are a plus, including: OSCP , GWAPT, CISSP, or CSSLP Bonus for Azure Security Engineer (AZ-500) or Certified DevSecOps Professional Frameworks Compliance Working knowledge of: OWASP , CIS Controls v8, ISO/IEC 27001 GDPR , NIS2 Directive, PCI-DSS, DORA Regulation

Overview Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Reporting to the Vendor Risk Lead, Vendor Risk Specialists will support risk initiatives relating to policies, standards, and guidelines, risk management (internal and 3rd party), certifications, audits, external reviews of IT controls, and ensure that the appropriate audit artifacts are available for the compliance teams and security related audits. The role supports risk profiles with business objectives. This role also supports efforts to continually evaluate risk, keep abreast of regulatory and contractual requirements, and implement solutions to keep risk levels within levels acceptable to the business. Enforce and communicate processes and procedures to deal with potential threats. In addition, they will work with the manager of Risk to perform and maintain risk analyses of agencies, Practice Areas/Networks, client relationships, and vendors. The Manager, Regulatory and Compliance will collaborate with the other security teams to ensure information risks are identified, assessed, mitigated and / or remediated accordingly, to enhance the risk posture across the global Omnicom footprint. The position may be in any appropriate Omnicom office. Responsibilities Partner with a qualified global team of cyber security risk management professionals to protect company assets and support security risk initiatives. Work cooperatively with the Risk and other leads to validate appropriateness of procedures and controls (to ensure compliance with regulatory, contractual, and legal requirements). Work collaboratively with Internal Audit, Legal, and business units to track risk reduction over time. Develop and maintain expertise in regulatory trends, client contractual trends, and risk management strategies. Provide monthly, quarterly, bi-annual, and annual metrics to track, validate, and provide continuous improvement to the compliance and risk management programs. Support the development of and enhance a governance framework aligned with ISO27001 to ensure compliance with stated metrics and documented controls. Maintain a risk register aligned with Omnicom’s Risk Management Framework as it pertains to regulatory and compliance risks. Measure compliance with policy and standards as part of assessing the overall security risk posture of the enterprise and develop remediation plans as needed. Qualifications Bachelor's degree required, preferably in computer science, information systems, engineering, business administration, or related field 5 years of experience required. In-depth understanding of common regulatory frameworks (SOX, HIPAA, PCI, GDPR) Practical knowledge of risk assessment and management approaches and delivery Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and NIST Past Media and Entertainment industry experience Skills/Abilities Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Excellent problem solving and analytical skills, individual must be a team player, strategic and analytical thinker, able to think “big picture”, as well as focus on trends and data coupled with industry themes, and able to multi-task on projects. Ability to build-out risk & compliance strategy aligned with business objectives that will continually improve and enhance cybersecurity within the organization. Demonstrate the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives. Possess a strong technology background with the ability to challenge or validate technology decisions from a position of knowledge and experience. Possess the ability to rapidly assimilate business strategies, coupled with the insight to seize high impact opportunities by applying creative problem-solving solutions. Track record of managing across multiple global locations, with a solid understanding of the challenges and benefits Ability to lead and motivate cross-functional, interdisciplinary teams to build-out new capabilities and achieve tactical and strategic goals.

Job ID: 199874 Required Travel :Minimal Managerial - No LocationIndia- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit www.amdocs.com In one sentence We are seeking a highly skilled and experienced Senior Governance, Risk, and Compliance (GRC) Specialist to join our dynamic team. The ideal candidate will have a strong background in GRC, with a proven track record of managing and implementing comprehensive risk management and compliance programs, particularly within the EMEA (Europe, Middle East, and Africa) and IMEA (India, Middle East, and Africa) regions. What will your job look like Develop and maintain governance frameworks, policies, and procedures. Ensure compliance with industry standards, regulations, and contractual obligations. Identify, assess, and prioritize security risks, implementing mitigation strategies. Conduct regular risk assessments, audits, and maintain risk registers. Ensure adherence to GDPR, CRA, and other relevant security regulations. Monitor and enforce security compliance across EMEA and IMEA regions. Develop and deliver compliance training programs for employees. Prepare and present security reports to senior management and stakeholders. Collaborate with internal teams and liaise with external auditors and regulators. Communicate security risks and mitigation strategies effectively to stakeholders. All you need is... Bachelor's degree in Business Administration, or a related field. Professional certification (e.g., CISA, CRISC, CISSP) is preferred. Minimum of 6 years of experience in governance, risk management, and compliance. Strong knowledge of relevant laws, regulations, and industry standards, particularly in the EMEA and IMEA regions. Strong understanding of NIST CSF, CIS, ISO 27001, PCI DSS, and Data Protection frameworks. Excellent analytical, problem-solving, and decision-making skills. Strong communication and interpersonal skills, with experience in defending and explaining security risks and mitigations to customers and stakeholders. Ability to work independently and as part of a team. Proficiency in GRC software and tools. Why you will love this job: You will be able to demonstrates an understanding of key business drivers and ensures strategic directions are followed and the organization succeeds You will be able to gathers relevant data, identifies trends and root causes, and draws logical conclusions to develop solutions You will have ability to assess details, systems and other factors as part of a single and comprehensive picture We are a dynamic, multi-cultural organization that constantly innovates and empowers our employees to grow. Our people our passionate, daring, and phenomenal teammates that stand by each other with a dedication to creating a diverse, inclusive workplace! We offer a wide range of stellar benefits including health, dental, vision, and life insurance as well as paid time off, sick time, and parental leave Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Information and Event Management (SIEM) Good to have skills : No Technology Minimum 18 year(s) of experience is required Educational Qualification : be btech mtech Summary :As a Security Delivery Lead, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of the cloud security controls and transitioning to cloud security-managed operations using your expertise in Security Information and Event Management (SIEM). Roles & Responsibilities: Lead multiple accounts where SIEM and other security solutions are offered. Lead the design and implementation group of SIEM & SOAR, ensuring it meets business requirements and performance goals. Support and enhance availability of SIEM, SOAR & EDR SME pool and proficiency improvements Enhance the Practice Team on latest advancements like GENAI, Quantum Computing Enable and maintain client visit experience Provide technical guidance and support to security operations teams, ensuring the effective implementation of security controls and processes. Communicates with stakeholders; serves as an organizational point of contact for business-critical and escalated issues Provide thought leadership to plan and accomplish cyber security objectives aligned with practice team Continually plan and improve efficiency and effectiveness of security operations and service delivery Identify opportunities to add-value to SIEM function as part of continuous improvement Provides overall direction for the SIEM, SOAR function and input to overall security strategy. Co-ordinate with stakeholders, build and maintain positive working relationships with themProfessional & Technical Skills: Must To Have Skills:Expertise in Security Information and Event Management (SIEM). Good To Have Skills:Experience with cloud security technologies such as AWS, Azure, or GCP. Strong understanding of security architecture principles and best practices. Experience with security operations, including incident response, vulnerability management, and threat intelligence. Solid grasp of regulatory compliance requirements, including GDPR, HIPAA, and PCI-DSS. Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.Additional Information: The candidate should have a minimum of 18 years of experience in Security Information and Event Management (SIEM). The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions. This position is based at our Bengaluru office. Qualification be btech mtech

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

locationsBangalore, Indiaposted onPosted 14 Days Ago job requisition id30672 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity We are seeking a skilled and proactive Cybersecurity Engineer/Analyst to join our Product Security Testing Team. This team helps ensure that our products and clients are protected and maintain trust in our security processes. We protect the FICO brand and our products by engaging with development teams at every step of the product development lifecycle. We assess and influence product design, analyze applications for flaws that may lead to security issues, and provide security testing to help ensure our products are secure. We seek candidates who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work. This role focuses on validating secure coding practices, conduct and coordinate security testing/pen testing .- Sr Manager, Cyber Security What You'll Contribute Collaborate with engineers, consultants and leadership to identify security risks and recommend mitigations within the Secure Development Lifecycle (SDLC). Perform activities such as secure code reviews, security testing and vulnerability triage across various applications. Regularly interact with internal and external customers on security-related projects and operational tasks. Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks. Analyse test results, draw conclusions from results, and develop targeted exploit examples. Clearly and professionally document root cause and risk analysis of findings. Consult with operations and software development teams to help ensure potential weaknesses are tracked and addressed. Collaborate with other teams to improve the overall security posture of applications/infrastructure. Stay current on security best practices, vulnerabilities, and attacker tactics, techniques, and procedures. Develop and test effective functional security testing strategies for new/emerging product security requirements. Suggest improvements to existing processes/tooling; ideate and implement automation where possible. What We're Seeking Bachelor's degree in computer science, Cybersecurity, or a related field. Relevant cyber security certifications (e.g., CEH, CCSP, CISSP, OSCP etc) are highly desirable. Proven experience of at least 3 years in a similar role within Cybersecurity. Strong understanding of AWS infrastructure and cloud security principles. In-depth knowledge of cybersecurity principles, methodologies, frameworks and best practices. (OSI, NIST, OWASP, SANS, PCI etc) Knowledge of secure coding principles and experience with code review processes and tools. Experience with Pen testing, infrastructure as a code scan reviews and dynamic application security testing (DAST) methodologies and tools. Knowledge and experience in CI/CD, shift left security. Strong analytical and problem-solving skills with a keen attention to detail. Strong written and oral communication skills with the ability to convey complex security concepts to non-technical stakeholders. Strong organizational and interpersonal skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

locationsBangalore, Indiaposted onPosted 11 Days Ago job requisition id30648 FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity FICO is seeking Cyber Security Engineer to join our growing GRC Team. This is a full-time regular position (hybrid), and a great opportunity for an individual with strong PCI, ISO 27001, SOC2 audit skills or great interest in security Compliance and Risk Management frameworks and grow in exciting field of GRC". Cyber Security - Director What Youll Contribute A pplicable work experience, in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results. Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. Strong knowledge of common security legal and regulatory requirements. (e.g., PCI, SOC, CSA STAR, NIST, ISO/IEC 27001, COBIT, etc.) Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures. Monitor activities of assigned IT areas to ensure compliance with internal policies and standards. Assist Corporate Compliance and the Business with all required compliance/security-related documentation. Facilitate for external audits to ensure compliance with all industry-mandated regulations. Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance. Provide guidance to business functions on compliance/security-related matters. Good understanding of IT concepts, including Cloud hosting, containerization, encryption, networking, operating systems, databases, middleware, and applications. Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required. Ability to effectively communicate to all levels of the organization, including senior management, and other stakeholders that influence the security and compliance posture of FICO. Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage. What Were Seeking Bachelors degree in the field of Information Security, Computer Science or discipline and/or certifications. (e.g., ISO 27001 LI/LA, ISA/QSA, CISSP, CISA, CISM, and related GIAC.) Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. Experience implementing cloud security and compliance standards, frameworks, and controls (ISO/IEC 27001, SOC 2, PCI, NIST) for cloud service delivery models (IaaS, PaaS, SaaS). AWS Certifications (added advantage). Experience or understanding of governance, risk and compliance (GRC) processes and solutions. Background in security controls, auditing, network and system security. Ability to express technical concepts in business terms. Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently. Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change. Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status. Our Offer to You An inclusive culture strongly reflectingourcore valuesAct Like an Owner, DelightOurCustomers and Earn the Respect of Others. The opportunitytomake an impact and develop professionally by leveraging yourunique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourageyoutobring yourbest every day and be recognized for doing so. An engaging, people-first work environmentoffering work/life balance, employee resource groups, and social eventstopromote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and threat management.- Familiarity with regulatory compliance frameworks such as GDPR, HIPAA, or PCI-DSS.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education