24 Pcidss Jobs

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Compliance Management Good to have skills : Security Architecture Design Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Seeking an experienced Security Architect/ Security Compliance Professional to lead and support the design, implementation, and maintenance of security governance, risk, and compliance (GRC) frameworks. This role ensures that the organization complies with industry standards and regulations such as ISO/IEC 27001, PCIDSS, NIST CSF, SOC 2, TISAX and other security frameworks.. The candidate will work cross-functionally to manage audits, assess risks, and drive continuous improvement in the security posture of the organization. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security managed operations, ensuring that all security measures align with organizational standards and compliance requirements. You will also engage in continuous improvement initiatives to enhance the security posture of the organization. Roles & Responsibilities: Expected to perform independently and become an SME GRC professional. Required active participation/contribution in client discussions. Contribute in providing solutions to compliance related complex situations Conduct regular assessments of security framework based or cloud security controls to ensure compliance with established standards. Collaborate with cross-functional teams to identify and mitigate potential security risks. Professional & Technical Skills: Proficient in Information Security, Cyber Security and Governance, Risk, and Compliance (GRC). Has significant exposure to evolving landscape of security compliance requirements Lead and manage security compliance initiatives across the organization. Manage/ Conduct gap assessments and implement controls in alignment with compliance standards (e.g., ISO 27001, PCIDSS, NIST, SOC 2, GDPR and other relevant frameworks). Coordinate and support internal and external security audits, including evidence collection and remediation planning. Partner with business, IT, and legal teams to ensure compliance requirements are understood and implemented. Has exposure or working knowledge of Third party risk assessments (TPRM) Develop and maintain security policies, procedures, and documentation in line with regulatory needs. Monitor compliance status and prepare reports and metrics for leadership. Educate teams on compliance requirements and drive a culture of security awareness. Relevant certifications : Any one -ISO27001LA/LI, ISO3100 or CISA, CISM, CRISC, or equivalent. Additional Information: The candidate should have 3-5 years of relevant experience in Information Security Governance, Risk and Compliance (GRC). A 15 years of full time education is required. This position is based at our Gurgaon/ Bangalore and Other Accenture locations Show more Show less

Join our team as a Security Analyst in India, where you will play a crucial role in assessing, triaging, and proactively responding to security-related threats, incidents, and events. You will be tasked with defending our assets, information, and systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction. By collaborating with internal and external stakeholders, including third-party suppliers, you will ensure that incident response, user access, alert monitoring, root cause analysis, and scenario planning activities are carried out in accordance with standard operating procedures and to a high standard. This role is available at the associate vice president level. In this role, you will work across various domains, stakeholders, and specialists to anticipate and identify security events, incidents, and trends that could impact the bank, our customers, employees, or assets adversely. Your responsibilities will include contributing to security operations, conducting root cause analysis on security incidents, providing training and scenario planning, preparing reports and briefings, and developing response plans, procedures, and playbooks to enhance response capability. Moreover, you will proactively manage risks to achieve key security-related customer and compliance outcomes, participate in security operations such as production support, incident response, and on-call rotations, maintain security response processes, and ensure the delivery of security-related services align with expectations. Act swiftly in responding to customer queries and complaints, establish feedback loops to enhance service and response, and analyze large volumes of data to identify trends and causal factors. We are seeking an individual with a strong passion for cloud security and automation utilizing Agile and DevOps methodologies and promoting a shift-left culture that integrates security analysis into each CI/CD stage. The ideal candidate will have experience with Azure Cloud and security stack, including Defender, Azure Sentinel, and Azure Security Centre, automated security assessments, third-party security tools integration, and compliance standards like PCI-DSS. Additionally, you should possess expertise in security controls, the ability to communicate technical issues to various stakeholders, experience in penetration testing and vulnerability management, and an understanding of Agile methodologies gained through working in an Agile team.,

Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it's not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders. We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart, and Sanofi. Checkmarx, a leader in the application security testing market, actively seeks talented application security engineers (AppSec Eng.) to support Checkmarx Global Services and our customers. The perfect candidate has a robust background in software development and application security. Support some of our strategic/top-tier customers in conducting security-focused code reviews using the Checkmarx Platform. Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities. Create proof-of-concept based on identified vector attacks. Daily and monthly responsibilities include conducting security-focused statical code analysis on top of a broad range of development languages and open-source libraries. Support customer AppSec/Dev teams with mitigation strategy/advice for identified vulnerabilities. When required, create proofs-of-concept that can illustrate a given vulnerability exploitability. When needed, support AppSec/Dev teams in analyzing applications. Requirements: - Bachelor's degree in computer science or another highly technical scientific discipline. - +3 years experience in development using one or more high-level programming languages like Java, .Net, Javascript, Go, Python, etc. - +3 years experience in security-focused code review covering some market standards AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI-DSS, etc. - A proactive approach to spotting problems, areas for improvement, and performance bottlenecks. - Strong technical aptitude - being able to pick up technical concepts rapidly is required. - Highly motivated self-starter. - Fluent in English (++ for other languages). The fine print: - Work from office/home (hybrid). - Some international travel required (less than 10%). If you have the skillset we're looking for, we will get you up-to-speed with Checkmarx Platform solutions and invest in you to improve your knowledge and technical skills. Your new title will be Checkmarx Experienced Application Security Engineer.,

You are seeking a Senior Auditor specializing in Security Compliance and Governance, with a profound understanding of cyber security, IT systems, applications, and infrastructure. As a Cyber Security Auditor, you are required to possess exceptional problem-solving abilities, meticulous attention to detail, and a comprehensive comprehension of cybersecurity trends. Your primary responsibilities will include evaluating internal IT controls, analyzing operational effectiveness, assessing risk exposure, and formulating remediation strategies. You will be tasked with responding to system or network security breaches, conducting audits, and preparing detailed reports for clients. Moreover, your role will involve hands-on experience in cyber risk management, vendor/3rd party security risk management, compliance assessments, and policy lifecycle. A strong grasp of Linux, Windows, Firewalls, VPN, IDS/IPS, and Security Audits is essential, along with proficiency in ISO27001, PCI-DSS, and other compliance standards. To excel in this role, you must hold a degree in Cyber Security or relevant certifications such as Security+, ISO 27001 LA, or CISA. A minimum of 3 years of experience as an IT Auditor is required, alongside a deep understanding of network security, infrastructure security, and various technical controls. Expertise in Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits is crucial. You should be well-versed in IT audit methodologies and possess the ability to work efficiently under pressure in a dynamic environment. Your analytical mindset, keen attention to detail, and exceptional problem-solving skills will be key assets in fulfilling the responsibilities of this role.,

You are a highly skilled Senior Python Developer who will be responsible for designing and developing scalable and efficient software applications using Python and AWS services. Your role involves collaborating with cross-functional teams to ensure high-quality software applications. Key Responsibilities: Design and develop scalable and efficient software applications using Python and AWS services, including the development of RESTful APIs using Flask or Django, data processing and analytics pipelines using AWS services (e.g. S3, Lambda, Glue), and cloud-based applications using AWS services (e.g. EC2, RDS, Elastic Beanstalk). Collaborate with cross-functional teams, including development teams to ensure testability and feasibility of requirements, Quality Assurance teams to ensure alignment with testing methodologies and standards, and Product Management teams to ensure alignment with product vision and requirements. Develop and maintain AWS services, including S3 bucket management and data processing, Lambda function development and deployment, and Glue data catalog management and ETL development. Participate in testing activities, including unit testing using Python testing frameworks (e.g. unittest, pytest), integration testing using AWS services (e.g. S3, Lambda), and end-to-end testing using AWS services (e.g. API Gateway, Elastic Beanstalk). Collaborate with development teams to ensure timely and accurate defect fixes, including defect tracking and prioritization, defect reproduction and debugging, and defect verification and closure. Stay up-to-date with the latest AWS services and cloud-based technologies, and apply this knowledge to improve software applications and efficiency. Requirements: 5+ years of experience in software development, with a strong understanding of Python and AWS services. Strong understanding of testing frameworks and tools, including Python testing frameworks (e.g. unittest, pytest) and AWS services (e.g. S3, Lambda, Glue). Experience with cloud-based architectures and AWS services, including EC2, RDS, Elastic Beanstalk, S3, Lambda, and Glue. Strong problem-solving skills, with the ability to troubleshoot and debug complex issues. Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams. Bachelor's degree in Computer Science or related field, or equivalent experience. Nice to Have: Experience with Agile development methodologies and Scrum frameworks. Knowledge of containerization using Docker. Familiarity with DevOps tools, such as Jenkins or GitLab. Certification in AWS services or related technologies. Experience with security and compliance frameworks, such as HIPAA or PCI-DSS. What We Offer: Competitive salary and benefits package. Opportunities for career growth and professional development. Collaborative and dynamic work environment. Flexible working hours and remote work options. Access to the latest technologies and tools. Recognition and rewards for outstanding performance. AWS Services Experience: Experience with AWS services, including S3, Lambda, Glue, EC2, RDS, Elastic Beanstalk, API Gateway, and CloudFormation. Experience with AWS SDKs and tools, including Boto3, AWS CLI, and AWS SDKs for Python. Experience with AWS best practices and security guidelines, including IAM roles and permissions, VPC and subnet configuration, security groups and network ACLs, and data encryption and access control.,

At Bravura Solutions, collaboration, diversity, and excellence are highly valued. We provide a space for you to be curious, innovative, and contribute to our culture in an exciting and fast-paced environment. As a global FinTech market leader and ASX listed company, Bravura partners with over 350 top financial services clients, offering wealth management technology and products. We are dedicated to developing cutting-edge, digital-first solutions that help our clients achieve financial security and prosperity for their customers. Join us in our mission to drive innovation and make a positive impact in the financial services industry. We are currently seeking a Senior Information Security Officer to join our Information Security team. In this role, you will be responsible for implementing and operating the organization's Information Security Management System (ISMS) within your region. Your main tasks will include driving security risk management, ensuring policy compliance, conducting audits, providing training and awareness, managing supply chain risk, and supporting security operations in incident management. Key Responsibilities: - Oversee the implementation and operations of the ISMS within the region. - Ensure alignment with global security policies and regulatory requirements. - Identify, assess, and mitigate security risks. - Maintain the risk register and track remediation activities. - Develop and enforce security standards and client requirements. - Lead internal and external security audits and ensure timely remediation of findings. - Provide security assurance to clients and coordinate with service delivery teams. - Develop and deliver security awareness programs and support training initiatives. - Assess and manage security risks associated with third-party vendors and suppliers. - Assist in managing and responding to security incidents within the region. Qualifications: - Bachelor's degree in Information Security, Computer Science, or related field. - 5+ years of experience in an information security role, preferably in an MSP or data processing environment. - Strong understanding of ISO27001, NIST, GDPR, and other security frameworks. - Experience in security risk management, audits, compliance, and client security assurance. - Knowledge of security operations, incident response, and managed security services. - Excellent communication and stakeholder management skills. - Security certifications such as CISSP, CISM, or CRISC are preferred. At Bravura, we offer a competitive salary, employee benefits scheme, parental leave policy, free meals, and transport facilities. If you are passionate about information security and want to work in a dynamic and innovative environment, we would love to hear from you. Apply now and be part of our team dedicated to shaping the future of financial technology.,

As a Security-focused Code Reviewer, your primary responsibility will be conducting thorough security assessments by reviewing source code utilizing the Checkmarx Platform. Your tasks will involve performing static application security testing (SAST) and software composition analysis (SCA) across various programming languages and frameworks. It will be essential for you to identify, document, and communicate vulnerabilities discovered during the code review process, ensuring comprehensive reports and analysis are provided. In terms of Customer Support for Vulnerability Mitigation, you will directly collaborate with customers" Application Security (AppSec) and Development teams to offer actionable advice on remediating vulnerabilities. Your role will also include providing hands-on guidance on secure coding practices, assisting in understanding the root cause of vulnerabilities, and applying best practices for remediation. Additionally, you will support customers in prioritizing security fixes based on severity and potential impact. You will be expected to develop and present proof-of-concept (PoC) attacks to illustrate how identified vulnerabilities can be exploited in real-world scenarios. Providing technical demonstrations to help customers understand the risk level of specific vulnerabilities and the importance of remediation will be crucial aspects of your responsibilities. Collaboration with AppSec and Dev teams for Application Architecture Analysis will also be part of your role. You will collaborate to analyze the security aspects of application architecture, provide recommendations to secure the architecture at the design stage, and conduct threat modeling to identify potential attack vectors, embedding security into the development lifecycle. Furthermore, you will play a key role in mentoring junior engineers and security analysts, conducting internal training sessions, and staying updated on the latest security vulnerabilities, exploit techniques, and industry trends to contribute to continuous improvement. Act as a trusted advisor to clients, provide security consulting services, and collaborate with internal teams to ensure that security tools and platforms remain at the cutting edge of technology. Your skills should include a Bachelor's degree in computer science or a related technical discipline, 8+ years of experience in high-level programming languages, 5+ years of experience in security-focused code review, a deep understanding of enterprise-grade systems and architectures, and a proactive approach to problem-solving. Proficiency in English and security-related certifications are highly desirable. Please note that the role involves a hybrid work model with international travel occasionally required.,

As a member of the Vulnerability Management Services team at Atos Group, you will play a crucial role in executing vulnerability scanning and managing VM programs for our clients. Your responsibilities will include completing projects within budgeted efforts and agreed timelines with high-quality deliverables. You will utilize various scanning solutions such as SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc., to perform vulnerability scanning and gain a deep understanding of client network architecture and infrastructure to be scanned. Moreover, you will be involved in threat identification, vulnerability identification, and control analysis, as well as developing customized reports and dashboards based on client expectations. Proactiveness in project planning and execution, likelihood determination, impact analysis, and risk determination are key aspects of this role. You will also prioritize risks, provide solution recommendations, and document findings, identifying the business risks posed by weaknesses identified during assessments. Collaboration with both business and technical teams within and outside the organization will be essential for project scope definition, execution, and closure. The ideal candidate for this role should have at least 5 years of experience in Vulnerability Scanning, with expertise in tools like Qualys, Tenable, Rapid7, etc. Additionally, you should possess the ability to understand and explain vulnerabilities to stakeholders, knowledge of platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, as well as familiarity with standards like PCIDSS, CIS Benchmarks, etc. A flexible approach to working on challenging activities, creative problem-solving skills, strong communication, and writing abilities are crucial for success in this role. Join us at Atos Group to expand the possibilities of data and technology, now and for generations to come. Let's grow together.,

The role involves ensuring seamless integration, compliance, and technical support coordination between internal teams and gateway partners. You will be responsible for developing customized solutions and pricing models to meet client needs in corporate sales and business development. Additionally, you will oversee onboarding processes, documentation, and integration support for new clients while acting as the primary point of contact for key accounts, handling escalations, and driving client satisfaction. You will be required to analyze industry trends, competitor offerings, and pricing strategies to provide strategic input for product development, new features, and market positioning. Maintaining accurate sales pipelines and forecasts, tracking KPIs, revenue contribution, and account health metrics will also be part of your responsibilities. The ideal candidate should possess excellent negotiation, communication, and stakeholder management skills with the ability to work independently and in cross-functional teams. Understanding regulatory frameworks like PCI-DSS, KYC/AML, and RBI guidelines will be advantageous. This is a full-time, permanent role that requires the applicant to have experience in managing banking relationships or working as a Relationship Manager. The work location is in person.,

Role :Information Security Exp - 10+yrs (8+Relevant Exp) Must have - GRC, ISO 27001, ISO 23001, Internal and external Audits, IT Audits, SOC 2& GDPR(EU)/HIPAA Loc - Chennai /Bangalore/hyderabad Budget - 22LPA Regards, Ragul 8428065584

Qatar Airways is seeking for an experienced professional for the role of Fraud Screening & Chargebacks Manager, based at our Global Business Services (GBS) in Ahmedabad, India As a Fraud Screening & Chargebacks Manager, you are responsible for the functioning and performance of the Fraud Screening & Chargeback unit You must continuously review fraud rules, revise scorecards in Fraud Screening system to safeguard QR's interests at all times You must ensure fraud rates of QR are kept below the KPI set by Management Furthermore, you will ensure RIF/Chargeback are defended appropriately and timely to safeguard QR interests You will also create procedure documents to screen/control fraudulent transactions in the card not present (CNP) environment and ensure its compliance by the team Job Responsibilities Monitoring and controlling of fraudulent activities on all CNP transactions to ensure QR's risk is minimized Ensuring the team complies with the defined fraud process to ensure QR interests are protected at all times Identifying the fraud trends, educating the team and making necessary changes to rules/scores to minimize the fraudulent sales Keep abreast with the market trends in both fraud trends and fraud mitigation solutions to protect QR Groups interests Maintaining chargeback rates below the KPls set by QR Management Create and amend fraud rules in the fraud screening system as and when required Ensure all RFls/Chargebacks are correctly and timely defended so that QR is not suffering any financial loss Ensure RFl/Chargeback data are incorporated in Fraud Screening system to prevent loss to QR Ensure to take all steps to avoid QR falling under Card scheme's audit program which may lead to a financial penalty to QR Ensure accurate, timely response to Card Scheme's audit program and take necessary actions to ensure QR comes out the audit program ASAP Prepare budget for costs related to Fraud Screening Unit and monitor monthly expenses incurred Ensure that the actual cost does not beyond budgeted cost Prepare MIS on monthly basis / adhoc on all Fraud related statistics and submit to management in monthly dashboard reporting Implement process improvement to have a best-in-class fraud screening/chargeback process Create, Review/amend existing Internal Accounting and Standard Operating Procedure (SOP) for Fraud Screening Unit Review JDs/KPls of Fraud Screening Unit to ensure department KPl's are met Ensure strict adherence to PCI-DSS compliance within the section to avoid any findings during annual Audit review for PCI-DSS certification Collaborate with stakeholders (e-g , Digital, IT, etc,) for smooth functioning of Fraud Screening unit Conduct scheduled meetings with stakeholders on the performance of Fraud Screening unit Lead and guide the team towards achieving overall Finance divisions objectives Be part of an extraordinary story Your skills Your imagination Your ambition Here, there are no boundaries to your potential and the impact you can make Youll find infinite opportunities to grow and work on the biggest, most rewarding challenges that will build your skills and experience You have the chance to be a part of our future, and build the life you want while being part of an international community Our best is here and still to come To us, impossible is only a challenge Join us as we dare to achieve whats never been done before Together, everything is possible Qualifications Bachelors Degree with minimum 5 years of relevant experience (Fraud Screening/Chargeback) with at-least 3 years of team management skills Knowledge of banking and financial activities/process Working knowledge in MS Office Expert level experience in any fraud screening/Chargeback activity Working knowledge in Global Distribution System Data mining experience would be an advantage Strong analytical skill and an eye to identify suspicious transaction Strong English Language skills, both verbal and written About Qatar Airways Group Our story started with four aircraft Today, we deliver excellence across 12 different businesses coming together as one Weve grown fast, broken records and set trends that others follow We dont slow down by the fear of failure Instead, we dare to achieve whats never been done before So, whether youre creating a unique experience for our customers or innovating behind the scenes, every person contributes to our proud story A story of spectacular growth and determination Now is the time to bring your best ideas and passion to a place where your ambition will know no boundaries, and be part of a truly global community

The Technology GRC Manager at C1 is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. In this role, you will ensure that all risk and compliance activities are effectively performed by various control functions. As an internal consultant, you will provide guidance to operating functions and business lines on risk-related matters, in addition to identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to uphold the organization's overall security and compliance posture. Your responsibilities will include ensuring strong governance on risk and compliance, managing risk assessment, remediation, and monitoring of information and technology process risks, serving as an internal risk consultant, and collaborating with control functions to track and mitigate identified risks. You will work closely with technology leaders to identify control gaps, act as a subject matter expert for risk and controls related to operations, and maintain strong working relationships with stakeholders. Additionally, you will review and refine policies and processes based on industry best practices, track identified risks, and ensure their closure within defined timelines, as well as prepare and maintain risk heat maps and risk registers. To excel in this role, you must possess excellent executive-level communication skills, strong working relationships with team members, and the ability to motivate them. Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits is essential. A solid understanding of the Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, and NIST Control are required. An understanding of Security incident response aspects is desirable, along with good analytical, problem-solving, and interpersonal skills. The ideal candidate should have a B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience. An industry-recognized certification in information security such as CISSP, CISM, CISA, etc., would be advantageous.,

You will be joining our team in Etawah, Uttar Pradesh as a Technology Leader with at least 5 years of experience in a full-time capacity. As a part of the Technology department, your role will encompass various responsibilities that are crucial to the success of our organization. Your primary responsibility will be to provide technology leadership by defining and implementing the tech vision and roadmap that aligns with our business objectives in the PG domain. You will be tasked with overseeing the architecture and scalability of the entire PG stack, including APIs, backend, database, integrations, and dashboards. Additionally, you will lead engineering teams working on backend development, DevOps, and security. In terms of product and platform development, you will be responsible for optimizing system performance and transaction success ratios. You will also lead the integration efforts with banks (Acquiring, Issuing), NPCI, VISA/Mastercard, UPI TPAPs, and other PG players, ensuring smooth UAT, certification, and production deployments. Compliance and security will be another crucial aspect of your role, where you will need to ensure PCI-DSS compliance, secure key vault management, tokenization, and fraud monitoring. Collaboration with the InfoSec and compliance teams will be essential in this regard. Team and process management will also fall under your purview, where you will be expected to build and mentor a high-performing tech team and implement best practices in software development such as CI/CD, code reviews, and agile processes. To excel in this role, you should possess hands-on expertise in Java, Node.js, or Go, along with experience in RESTful APIs, microservices, Kafka/RabbitMQ, and SQL/NoSQL databases. Knowledge of PCI-DSS, tokenization, and secure infrastructure architecture will be crucial. Your ability to collaborate with cross-functional teams including Product, Compliance, Operations, and Partner Banks will be highly valued. While not mandatory, previous experience in scaling fintech infrastructure to handle millions of transactions per day, exposure to cross-border PG, Nodal/escrow account flows, real-time settlement, DevSecOps, and cloud-native deployments (AWS, GCP) would be advantageous. Joining our team will place you at the forefront of fintech innovation, working on large-scale, mission-critical systems alongside a passionate and experienced team, with competitive compensation to match your skills and expertise.,

As an Internal Auditor at Justdial Ltd in Bangalore, you will be responsible for projects in IT Advisory focusing on the assessment and evaluation of IT systems, along with the mitigation of IT-related business risks. Your role will involve IS audit, ITGC reviews, internal audit engagements, IT infrastructure review, and risk advisory, including supporting IT audit activities. Your responsibilities will include coordinating and managing statutory external audits for SOX (ITGC), providing management reports by collecting and analyzing audit information, conducting ISMS security awareness training programs within the organization, and supporting the Information Security Manager in managing and mitigating risk assessments. You will also be involved in implementing ISO 27001 controls across the organization, conducting risk assessments and gap analyses for ISO 27001/IT General Control, and performing internal audits for various business functions. Additionally, you will conduct data center audits as per ISO 27001 standards, develop and review information security policies and procedures, handle end-to-end ITGC statutory audit requirements, assist in the implementation of ISO 27001:2013 and managing the ISMS, and consult the organization on business continuity for critical functions. You will also be involved in implementing and consulting on PCI DSS SAQ A-EP certification. The ideal candidate for this role should have a bachelor's degree in engineering or BSc-IT, experience in performing IT audits of banking/financial sector applications, and knowledge of IT regulations, standards, and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ISO 27001). Technical knowledge of IT audit tools, experience in carrying out OS/DB/Network reviews, exposure to risk management and governance frameworks/systems, and proficiency in project management, communication, and presentation skills are essential. Being a team player with strong self-directed work habits, initiative, drive, creativity, maturity, self-assurance, and professionalism is crucial for success in this role. Preferred certifications include CISA, CISSP, ISO 27001 Lead Auditor/Implementer, and CISM. Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools is also required.,

You will be joining the Vulnerability Management Services team at Atos Group, a global leader in data-driven, trusted, and sustainable digital transformation. With an annual revenue of approximately 5 billion, Atos operates as a next-generation digital business with leading positions in digital, cloud, data, advanced computing, and security across more than 47 countries. By leveraging high-end technologies and a team of 47,000 world-class talents, Atos expands the possibilities of data and technology for current and future generations. Your role will be based in Mumbai (Onsite) with a required experience of 5 to 8 years and the highest qualification of any full-time graduate. As a part of the team, you will be responsible for executing vulnerability scanning and managing VM programs for clients. It is crucial to complete projects within budgeted efforts and agreed timelines while ensuring high-quality deliverables. Key Responsibilities: - Perform vulnerability scanning using tools like SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc. - Gain a deep understanding of client network architecture and infrastructure - Identify threats, vulnerabilities, and perform control analysis - Develop customized reports and dashboards as per client expectations - Proactively plan and execute projects - Determine likelihood, analyze impacts, and assess risks - Prioritize risks, recommend solutions, and document findings - Identify business risks associated with weaknesses identified during assessments - Collaborate with both business and technical teams for project scope definition, execution, and closure Skills Required: - 5+ years of experience in Vulnerability Scanning with expertise in tools like Qualys, Tenable, Rapid7, etc. - Ability to understand and explain vulnerabilities to stakeholders - Knowledge of various platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc. - Familiarity with standards like PCIDSS, CIS Benchmarks, etc. - Flexibility in handling challenging activities and creativity in problem-solving - Strong communication and writing skills with fluency in verbal communication If you are looking to grow and thrive in a dynamic and innovative environment, we invite you to join us on this exciting journey at Atos Group.,

SYX Services Private Limited, a subsidiary of Global Industrial Company (NYSE: GIC), provides information technology services exclusively to Global Industrial Company and its subsidiaries in the United States and Canada. Established in July 2011, we have grown to a 70-member team comprising Java developers, SAP professionals, .net developers, Oracle developers, a creative team, and a Web Chat team. With over 70 years of experience, Global Industrial Company and its subsidiaries have been industry leaders in supplying private label and brand name industrial equipment and supplies to businesses across North America. As a part of the SYX Services team, your responsibilities will include working closely with the IA manager to plan IT audits, develop work programs, timelines, risk assessments, and other planning documents. You will collaborate with IT leadership to document IT processes, identify and test controls, and participate in recurring SOX testing activities and Internal Audit programs. Acting as a fieldwork leader, you will oversee the daily progress of IT fieldwork, update management on audit status and issues, and demonstrate a thorough understanding of complex information systems. Your commitment to personal development will be key in staying abreast of technology trends and legislative changes impacting IT in North America and Europe. Additionally, you will leverage strong project management skills, collaborate with audit team members, and utilize current technology and tools to enhance deliverables" effectiveness. The ideal candidate will possess audit/risk experience in a $1B+ business, familiarity with PCI-DSS, ERP controls and security (preferably SAP), and knowledge of COBIT and Sarbanes-Oxley. Holding one or more of the following certifications: CPA, CA, CISA, CISSP, CISM, CBCP, CIA, or CFE will be advantageous. Qualifications for this role include a degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline, along with two to five years of experience as an auditor or risk adviser in a public accounting firm, professional services firm, or industry setting. Strong understanding of IT processes, risks, technologies, and controls, as well as excellent presentation, verbal communication, and report writing skills, will be essential. Furthermore, solid project management, teamwork, and relationship-building abilities are crucial for success in this role.,

You should have 7 to 12 years of experience and be located in Pune, Hyderabad, Chennai, or Bangalore. As a key member of the team, your responsibilities will include providing expert inputs for projects during Design and Delivery. You will be responsible for producing various documents such as Requirements Documents, High Level and Detailed Design documents, Testing strategies and plans, and Training material for each solution. It will be your duty to manage the solution design throughout the project lifecycle up to deployment, ensuring timely resolution of any identified defects. Additionally, you will analyze and resolve production issues by collaborating with IT Operations L2/L3 teams and support compliance with PCI, FCA, SOX, and Ofcom regulations. You will also assist in the transformation strategy for the Billing Domain in the Finance area, focusing on engineering excellence and cost transformation. Supporting IT Operations with Operational stability and performance enhancements will also be part of your role. Your experience will be crucial in providing ROM estimates of cost and timescales for projects under early consideration. Furthermore, you will support the Domain Head/Project Lead in assuring and challenging supplier work package technical scope and pricing while using estimation model estimation tools agreed with Supply Chain Management. Your knowledge and experience should encompass hands-on experience of complex design and familiarity with PCI-DSS, BACS, and Telecom. Domain expertise in Pre-paid, Post-paid Billing areas for ISP, Broadband, GSM, IPTV, GPRS service providers is essential. You should possess high-level knowledge of end-to-end BSS practices as well as strong technical skills in Unix and PL/SQL. Experience with product upgrades will also be beneficial. Sandhata is an equal opportunity employer that values diversity and is dedicated to creating an inclusive environment for all employees. The company culture promotes innovation, collaboration, and continuous learning. A supportive and inclusive work environment is fostered where employees are encouraged to take ownership of their work, make a meaningful impact, and grow professionally.,

IT Auditor Associate Designation: IT Auditor Associate Updated Radford Job Profile: Compliance Analyst 2 Location: Bangalore, India Why should you choose us? Are you interested in working for a Global Leader in E-commerce? Are you excited about working on highly scalable platforms and applications that are accessed by millions of users every day? If so, read on to find out more about the opportunity. Rakuten Symphony is a Rakuten Group company, providing global B2B services for the mobile telco industry and enabling next-generation, cloud-based, international mobile services. Building on the technology Rakuten used to launch Japans newest mobile network, we are taking our mobile offering global. To support our ambitions to provide an innovative cloud-native telco platform for our customers, Rakuten Symphony is looking to recruit and develop top talent from around the globe. We are looking for individuals to join our team across all functional areas of our business – from sales to engineering, support functions to product development. Let’s build the future of mobile telecommunications together! About Rakuten Rakuten Group, Inc. (TSE: 4755) is a global leader in internet services that empower individuals, communities, businesses and society. Founded in Tokyo in 1997 as an online marketplace, Rakuten has expanded to offer services in e-commerce, fintech, digital content and communications to approximately 1.5 billion members around the world. The Rakuten Group has over 27,000 employees, and operations in 30 countries and regions. For more information visit https://global.rakuten.com/corp/. What will you do? Rakuten Symphony is a Rakuten Group business organization with operations across Japan, the United States, Singapore, India, Europe and Middle East and Africa region, created to empower the global adoption of cloud-native Open RAN infrastructure and services-including Rakuten Communications Platform-by mobile network operators, enterprises, and government bodies. The IT Auditor Associate will report to the EU Senior Manager for IT audit and will be a critical part of the Internal Audit Team. IT Auditor Associate will assist in conjunction with the IT Senior, the IT Audit Manager and the IT Audit Engagement Lead in establishing an effective IT internal audit program including helping to identify, plan, organize and execute audits that work towards Rakuten’s goals and objectives. The position will have a key role in helping document and assess the company's compliance with the requirements of various Information Security Compliance frameworks (SOC, ISO 27001, PCIDSS, etc.), IT framework (COBIT, ITIL, etc.) and any regulations deem necessary such as the EU GDPR, CCPA, Key Responsibilities include: 1. Audit Support and Execution : Assist in the development of audit plans, including scoping, objectives, and testing procedures. Participate in risk assessments to identify key areas for audit focus. Conduct audit procedures, including data gathering, documentation review, and testing of IT/IS controls. Assist in the evaluation of IT/IS controls and the identification of potential vulnerabilities or weaknesses. 2. Compliance Monitoring and Reporting : Support the monitoring of the implementation of recommended actions and ensure compliance with audit recommendations. Contribute to the preparation of audit reports summarizing findings, recommendations, and management responses. Participate in the presentation of audit findings and recommendations to key stakeholders, under the guidance of senior team members. 3. IT Systems and Controls Evaluation : Assist in the assessment of the design and operating effectiveness of IT systems, processes, and controls. Contribute to the review of IT policies, procedures, and guidelines to ensure compliance with industry standards and best practices. Participate in the identification of control deficiencies and provide input for improvement recommendations. 4. IT Governance and Risk Management : Support the evaluation of IT governance structures and processes to ensure alignment with organizational objectives. Assist in the assessment of IT risk management practices and provide support for improvement recommendations. Collaborate with senior team members to develop and implement risk mitigation strategies. 5. Continuous Learning and Development : Actively participate in the ongoing development of audit methodologies and tools. Stay informed about emerging technologies, industry trends, and regulatory changes to enhance audit coverage. Requirements (Duties and Responsibilities/Education and Experience Requirements): Bachelor's degree in Information Systems, Computer Science, or a related field. Minimum of 3 years of experience in IT/IS audit, internal audit, or a related field. Strong knowledge of IT frameworks (e.g., COBIT) and Security frameworks (e.g., ISO27001, NIST). Experience in assessing IT/IS controls, conducting IT/IS audits, and identifying IT/IS-related risks. Familiarity with IT infrastructure, systems, and applications, including network security, database management, and cloud computing. Proficiency in using audit tools and software for data analysis and testing. Professional certification such as CISA (Certified Information Systems Auditor) or ISO27001 Lead Auditor is preferred. Ability to adapt to changing priorities and manage multiple audit engagements simultaneously. Excellent communication skills in both written and verbal forms; previous experience in writing internal audit reports, preferred. Travel up to approximately 30%. Our commitment to you: Rakuten Group’s mission is to contribute to society by creating value through innovation and entrepreneurship. By providing high-quality services that help our users and partners grow, We aim to advance and enrich society. To fulfill our role as a Global Innovation Company, we are committed to maximizing both corporate and shareholder value.

As a Senior Security Risk Analyst at Snowflake, you will play a crucial role in managing and enhancing the existing program for assessing the risk associated with third-party tools and services utilized by Snowflake. Your responsibilities will include overseeing the intake process, collaborating with stakeholders to gather necessary information, comprehensively understanding the use case for each tool or service, and reviewing documentation to ensure compliance with security controls. Your role will involve identifying and mitigating third-party security risks to safeguard Snowflake's assets. Key Responsibilities: - Conduct ongoing security risk assessments for third-party vendors to identify and evaluate potential risks, providing detailed evaluations and actionable recommendations based on security best practices. - Support and monitor remediation efforts for identified gaps, conducting audits to validate closure. - Review evidence provided by vendors to align their security controls with Snowflake's data protection requirements. - Assess and manage security findings from various vendor security monitoring systems. - Develop and enhance security documentation and collaborate cross-functionally to achieve team objectives. - Adopt a risk-based approach to review and negotiate security agreements, measure program effectiveness, and ensure SLAs are met. - Establish viewpoints, negotiate effectively with stakeholders, and drive desired outcomes. Qualifications of an Ideal Senior Security Risk Analyst: - 6+ years of experience in security compliance, with at least 3 years focusing on third-party security risk. - Strong motivation to excel in fast-paced environments. - Proficiency in various security best practices and technologies, including risk management, data protection, encryption, access management, and security governance. - Ability to work across different time zones and exceptional communication skills for presenting technical documents and reports. - Deep understanding of industry regulations and standards such as PCI-DSS, HIPAA, SOC, GDPR, and ISO. - Exceptional organizational skills, analytical ability, and deadline management. - Technical competence to explain complex security concepts to stakeholders with varying cybersecurity expertise. - Self-motivated problem solver with the capacity to work both independently and collaboratively. - Strategic thinking, attention to detail, and a strong commitment to accuracy and accountability. - Proficiency in leading meetings with internal and external stakeholders to achieve desired outcomes. - High ethical standards demonstrated through successful background checks and references. Preferred Experience: - Familiarity with JIRA, Confluence, and ServiceNow. - Experience in reviewing and negotiating security agreements. - Security certifications such as CISSP, CCSP, or CISA. - Cloud platform experience with AWS, Azure, Google Cloud, or similar providers. Snowflake is an innovative and fast-growing company, and we are seeking individuals who align with our values, challenge conventions, and drive innovation while contributing to their own and Snowflake's future success. To explore opportunities for impact and growth, please refer to the job posting on the Snowflake Careers Site for details on salary and benefits in the United States: careers.snowflake.com.,

As a Senior Security Risk Analyst at Snowflake, you will be an integral part of the Global Security Compliance & Risk team. Your primary responsibility will be managing and enhancing the existing program that evaluates the risk associated with third-party tools and services used by Snowflake. This includes overseeing the intake process, collaborating with stakeholders to gather necessary information, analyzing the use case for each tool/service, and reviewing documentation to ensure compliance with security controls. Your role will be crucial in identifying and mitigating third-party security risks to safeguard Snowflake's assets. In this role, you will independently conduct ongoing security risk assessments for third-party vendors, providing in-depth evaluations and actionable recommendations aligned with security and compliance best practices. You will also be involved in monitoring and supporting remediation efforts for identified security gaps, ensuring closure through thorough audits. Additionally, you will assess security findings from various monitoring systems, compare vendor security controls with Snowflake data protection requirements, and enhance security documentation. Ideal candidates for this position will have at least 6 years of experience in security compliance roles, including a minimum of 3 years focusing on third-party security risks. You should possess a strong understanding of security best practices across various domains such as application security, risk management, encryption, identity and access management, and network security. Proficiency in industry regulations and standards like PCI-DSS, HIPAA, GDPR, as well as experience with frameworks like SOC1, SOC2, and ISO, will be advantageous. Moreover, you should demonstrate exceptional communication skills, both written and verbal, and the ability to work effectively across different time zones. Your role will involve collaborating with cross-functional teams to achieve security objectives, negotiating security agreements, and measuring program effectiveness against SLAs. Strong organizational skills, technical competence, and the ability to lead meetings with stakeholders from diverse backgrounds are essential for success in this role. Bonus points will be awarded for experience with tools like JIRA, Confluence, and ServiceNow, as well as security certifications such as CISSP, CCSP, or CISA. Previous exposure to major cloud providers like AWS, Azure, or Google Cloud will also be advantageous. If you are a motivated individual who thrives in a fast-paced environment, possesses a strong ethical foundation, and is committed to enhancing security practices, Snowflake offers an exciting opportunity to contribute to our growth and innovation. Join us in building a secure future for Snowflake while challenging conventional thinking and driving impactful change.,

Purpose of Job: The Risk & Compliance Analyst is an indirect customer-facing position, where the resource has ownership and is responsible for reviewing new and existing contracts form a risk, security, compliance perspective as they come in for review for sign-off before BlackBox enters a legal agreement with any other entity. The analysis required is for evaluating contents of the contract for IT Compliance to any global or local regulations and service expectations, Risks, business service expectations, security expectations and compliance keeping blackbox interests and capabilities in mind for delivery and adhering to defined business and IT service level expectations. The role will also be responsible for maintaining organization policies, coordinating external customer/vendor IT Audits, ensuring adherence to IT controls, and coordinating external customer/vendor audit & control remediation activities internally and externally. This position will take an advisory role in making sure data privacy and governance procedures contain the right level of controls and responsibilities to support risk and compliance oversight across the organization. A good understanding and experience / exposure to global industry standards, regulatory compliance requirements, data privacy laws, security standards etc. is required. Good written and spoken English essential for this position Primary Roles & Responsibilities: Understand Blackbox Internal Business services and review proposed customer contracts for compliance, risks privacy, security and regulatory issues Coordinate external & Internal audits of the Blackbox IT environment and collate evidence submitted by technical team God understanding of security concepts, drivers of risk and mitigation control, BCP, DR, Risk Management 3rd party vendor Audits and Management, policies and procedure writing and evaluations, IT general and application controls Develop and maintain both continuous and spot check, autonomous and manual audit processes Educate users on IT controls processes and play an advisory role internally. Perform end to end contracts evaluation for risk, compliance, and security evaluations and expectations. Report on compliance results & metrics to executive teams Provide continual improvement objectives to better align to external requests Build a strong knowledge and understanding of systems and processes Assist in development of data governance processes and RACI Review and update internal corporate Policies based on Industry best practices and Regulatory requirements Understand and document Data workflows and lifecycles Establish Processes to improve the life cycle Management of Contracts Possess experience or good knowledge on IT controls mapping as per global standards. Knowledge, Skills, Abilities: Strong familiarity with risk, compliance, and audit frameworks and the various ways they are applied in IT environments Understanding of Global data privacy and security regulations – like GDPR, CCPA etc. both at global and US state levels for data privacy laws and requirements. Ability to scope, assess, and revise contracts and suggest edits based on business drivers and compliance needs. Ability to find root causes of control failures and mitigate risks accordingly Ability to create and maintain policies, procedures and guidelines for the Company and maintain its lifecycle in SharePoint Ability to educate the company employees and respond to policy related queries. Ability to implement controls in a diverse technical and geographically distributed environment to mitigate risk Ability to convince a highly varied audience to follow prescribed controls Comfort with presenting progress reports and results to senior leadership Understanding of process design and compliance terminology Ability to write and speak clearly, consistently, and concisely Ability to Multitask responses to multiple Contracts and meet given deadlines Ability to be self-driven, Motivated with end-to-end ownership on contracts management Excellent Audit Life Cycle Management skills, Expert use of Excel sheet, Word document management, PPT, ability to track documents versions, evidence etc. Excellent written and verbal communication skills and English language command. Education/Experience Requirements: BA business or information technology or equivalent experience. Minimum 5 years or more of prior experience in IT-GRC domain like IT risk, auditing, Contracts evaluation, Data privacy, compliance evaluation etc. strongly preferred. Knowledge of working with US & Global regulations and compliance requirements like HIPAA, PCIDSS, GDPR and US state level laws like CCPA etc. Frameworks / Industry Standard & Regulations Data Privacy Laws like GDPR, CCPA, PCIDSS, SOC2, HIPAA Security and Assurance standards like NIST 800-53 controls, NIST CSF, CIS controls, ISO 27001 standards Supervisory Responsibility: This position may take on a leadership role of other employees & Teams in other teams to engage in responding to certain compliance and IT audits requirements Certifications Desired / Preferred CISA and/or CRISC and/or CGEIT ISO 27001 L.A or CISM or CISSP – Desirable. Notice Period : - 0-45 Days.

Purpose of Job: The Risk & Compliance Analyst is an indirect customer-facing position, where the resource has ownership and is responsible for reviewing new and existing contracts form a risk, security, compliance perspective as they come in for review for sign-off before BlackBox enters a legal agreement with any other entity. The analysis required is for evaluating contents of the contract for IT Compliance to any global or local regulations and service expectations, Risks, business service expectations, security expectations and compliance keeping blackbox interests and capabilities in mind for delivery and adhering to defined business and IT service level expectations. The role will also be responsible for maintaining organization policies, coordinating external customer/vendor IT Audits, ensuring adherence to IT controls, and coordinating external customer/vendor audit & control remediation activities internally and externally. This position will take an advisory role in making sure data privacy and governance procedures contain the right level of controls and responsibilities to support risk and compliance oversight across the organization. A good understanding and experience / exposure to global industry standards, regulatory compliance requirements, data privacy laws, security standards etc. is required. Good written and spoken English essential for this position Primary Roles & Responsibilities: Understand Blackbox Internal Business services and review proposed customer contracts for compliance, risks privacy, security and regulatory issues Coordinate external & Internal audits of the Blackbox IT environment and collate evidence submitted by technical team God understanding of security concepts, drivers of risk and mitigation control, BCP, DR, Risk Management 3rd party vendor Audits and Management, policies and procedure writing and evaluations, IT general and application controls Develop and maintain both continuous and spot check, autonomous and manual audit processes Educate users on IT controls processes and play an advisory role internally. Perform end to end contracts evaluation for risk, compliance, and security evaluations and expectations. Report on compliance results & metrics to executive teams Provide continual improvement objectives to better align to external requests Build a strong knowledge and understanding of systems and processes Assist in development of data governance processes and RACI Review and update internal corporate Policies based on Industry best practices and Regulatory requirements Understand and document Data workflows and lifecycles Establish Processes to improve the life cycle Management of Contracts Possess experience or good knowledge on IT controls mapping as per global standards. Knowledge, Skills, Abilities: Strong familiarity with risk, compliance, and audit frameworks and the various ways they are applied in IT environments Understanding of Global data privacy and security regulations – like GDPR, CCPA etc. both at global and US state levels for data privacy laws and requirements. Ability to scope, assess, and revise contracts and suggest edits based on business drivers and compliance needs. Ability to find root causes of control failures and mitigate risks accordingly Ability to create and maintain policies, procedures and guidelines for the Company and maintain its lifecycle in SharePoint Ability to educate the company employees and respond to policy related queries. Ability to implement controls in a diverse technical and geographically distributed environment to mitigate risk Ability to convince a highly varied audience to follow prescribed controls Comfort with presenting progress reports and results to senior leadership Understanding of process design and compliance terminology Ability to write and speak clearly, consistently, and concisely Ability to Multitask responses to multiple Contracts and meet given deadlines Ability to be self-driven, Motivated with end-to-end ownership on contracts management Excellent Audit Life Cycle Management skills, Expert use of Excel sheet, Word document management, PPT, ability to track documents versions, evidence etc. Excellent written and verbal communication skills and English language command. Education/Experience Requirements: BA business or information technology or equivalent experience. Minimum 5 years or more of prior experience in IT-GRC domain like IT risk, auditing, Contracts evaluation, Data privacy, compliance evaluation etc. strongly preferred. Knowledge of working with US & Global regulations and compliance requirements like HIPAA, PCIDSS, GDPR and US state level laws like CCPA etc. Frameworks / Industry Standard & Regulations Data Privacy Laws like GDPR, CCPA, PCIDSS, SOC2, HIPAA Security and Assurance standards like NIST 800-53 controls, NIST CSF, CIS controls, ISO 27001 standards Supervisory Responsibility: This position may take on a leadership role of other employees & Teams in other teams to engage in responding to certain compliance and IT audits requirements Certifications Desired / Preferred CISA and/or CRISC and/or CGEIT ISO 27001 L.A or CISM or CISSP – Desirable. Notice Period : - 0-45 Days.

As a Cloud Architect - AVP, you will be instrumental in defining and executing our AWS cloud strategy to ensure the effective deployment and administration of AWS cloud solutions. Your role will involve leading a team of AWS cloud engineers and architects, collaborating with diverse stakeholders, and utilizing your extensive expertise to promote AWS cloud adoption and innovation throughout the organization. Your primary responsibilities will include formulating and executing the company's AWS cloud strategy in alignment with business objectives, overseeing the design, architecture, and deployment of AWS cloud solutions with a focus on scalability, security, and reliability, collaborating with various teams to seamlessly integrate AWS services, evaluating and selecting appropriate AWS services and technologies, managing the migration of on-premises applications and infrastructure to AWS, establishing and enforcing AWS cloud governance, security policies, and best practices, providing technical leadership and guidance to the AWS cloud team to promote innovation and continuous enhancement, staying abreast of the latest AWS technologies and industry trends to incorporate relevant advancements into the AWS cloud strategy, and effectively communicating AWS cloud strategy, progress, and challenges to senior leadership and stakeholders. To qualify for this role, you should possess a Bachelor's or Master's degree in computer science, Information Technology, or a related field, along with a minimum of 15 years of IT experience, with at least 10 years dedicated to cloud architecture and implementation, particularly with AWS. Additionally, you should have experience with AWS cloud services SOC 2, ITIL, PCI-DSS, SAE16, ISO27001, Cobit, and/or HiTrust, cloud-native architectures, leading large-scale AWS cloud transformation projects, AWS cloud security, governance, and compliance, infrastructure as code (IaC) and automation tools such as AWS CloudFormation and Terraform, networking, storage, databases, and application development in AWS, exceptional problem-solving abilities, innovative design skills for AWS cloud solutions, strong leadership and communication capabilities, and a track record of managing and mentoring teams effectively. Preferred qualifications include being an AWS Certified Solutions Architect - Professional, experience with multi-cloud and hybrid cloud environments, familiarity with DevOps practices and tools like AWS CodePipeline and Jenkins, and knowledge of emerging technologies such as AI, ML, and IoT in relation to AWS cloud computing.,

Client interface for understanding the IT Governance, IT Risk & Compliance Management Controls as applicable to Infrastructure operations. Responsible and accountable for driving and maintaining the Compliance Program Which Includes: I. Defining and implementing controls as per Customer defined Security and Privacy policies II. Ensuring measurement and compliance to the policies. III. Drives Internal and External Audits IV. Participate and advise on Security Incident Investigation V. Training and awareness of Employees on Security Policies Well versed and hands-on experience for establishing processes, controls and audits of compliances like ISO 27001, ISO 15408. SOX ITGCs, SSAE 18 SOC 1 & SOC 2, PCIDSS,HIPAA, Data Privacy Standards (GDPR/Schrems) Frameworks. Documentation of IT & risk management Controls as they are currently being executed in client environment and ensuring that the same controls are followed and implemented in service delivery operations Work with the client & technical teams for change request on any risk or control implementation as well as governance process Participate in internal as well as external regulatory audits as well as IT security audits. Understand IT Risks and define audit & governance mechanisms for assets, processes & physical security Point of contact for the client compliance & IT audit team for provisioning audit evidences within the SLAs defined. Provide strategic guidance & consulting support on implementation of IT controls for Networks, Operating Systems, System Security, Backup & Recovery, Storage, BCP/DR Work with the client & team in identifying any process/ control gaps and suggesting the remediation plan& tracking the plan progress till closure. Liaison with Audit Firms and Client for all types of External audits like (ISO 27001, SSAE 16 SOC 1/ SOC 2 etc)