62 Security Frameworks Jobs

As the Strategic and hands-on IT leader responsible for managing multi-site GxP-compliant IT operations and plant infrastructure in a regulated pharmaceutical environment, your role will be pivotal in ensuring uptime, compliance, and driving impactful technology-led business enablement. You will act as the Single Point of Contact (SPOC) for IT for site leadership, maintaining real-time audit readiness, enforcing regulatory-compliant practices, and collaborating with central SAP teams to align plant needs. With 9-14 years of experience in Pharma Plant IT Operations and audit exposure, along with a qualification in B.E. / B.Tech / BCA / BCS or an equivalent qualification, you will be expected to fulfill the following responsibilities: GxP IT Operations & Compliance: - Ensure 100% uptime of GxP-critical systems and infrastructure. - Maintain real-time audit readiness, manage SOP adherence, QMS notifications, CAPA closure, and periodic reviews. - Enforce regulatory-compliant practices for user access control, data integrity, and electronic records. - Collaborate with central SAP teams to align plant needs. IT Infrastructure & Security Management: - Oversee standardization, qualification, AMC, retirement, and reusability of IT assets. - Implement robust IT security controls, patch management, and cybersecurity governance. - Identify and eliminate CSV bottlenecks affecting manufacturing continuity. Audit & Regulatory Readiness: - Act as audit-facing SPOC for IT during internal and external audits. - Guide Site IT Leads to ensure readiness and compliance. - Lead pre-audit checks, documentation reviews, and post-audit CAPA implementation. - Ensure full alignment of IT practices with regulatory guidelines. Project Delivery & Solution Implementation: - Lead IT solution implementation at plant level. - Ensure IT assets and integrations are fully compliant with GxP requirements. - Drive digital transformation and automation initiatives. Team Leadership & Stakeholder Engagement: - Lead, coach, and upskill a 25+ member IT team. - Collaborate with Quality, Manufacturing, Engineering, and Projects teams. - Align IT strategy with plant KPIs. IT Governance & AIOps: - Implement AIOps and predictive monitoring for system reliability. - Define and track IT SLAs, KPIs, and compliance scorecards. - Drive innovation while ensuring adherence to IT Security standards. Value Addition: - Proven success in business continuity and audit compliance through IT solutions. - Spearheaded SAP-integrated projects and AIOps implementation. - Delivered cross-site standardization of IT operations. Desired Skills: - Deep knowledge of Pharma IT Compliance, plant automation systems, and IT infrastructure lifecycle. - Strong leadership, audit-facing, communication, and stakeholder management skills. - SAP certification & relevant IT certifications preferred. - Technical knowledge of SAP systems and IT infrastructure components. - Experience in SAP HANA, SAP Fiori, or similar technology is a plus. - Strong problem-solving, analytical, and troubleshooting skills. - Project management experience with familiarity in Agile and Waterfall methodologies. - Familiarity with security frameworks in SAP and IT infrastructure management. - Strong understanding of cybersecurity principles in plant IT environments. Your role will require a strategic mindset focused on operational efficiency and business alignment, along with the ability to lead a multidisciplinary team effectively and ensure compliance with regulatory and InfoSec standards.,

As a Vulnerability Management Specialist at Amdocs, you will play a crucial role in leading, implementing, identifying, assessing, and mitigating security vulnerabilities across our infrastructure, including cloud environments. Your responsibilities will include conducting regular vulnerability scans, analyzing scan results, prioritizing vulnerabilities, collaborating with stakeholders to implement remediation plans, and overseeing patch deployment processes to ensure timely remediation. You will also perform risk and vulnerability assessments, document findings, engage with stakeholders to address risks, and oversee risk acceptance and exclusion processes. Additionally, you will monitor container security and cloud security posture, provide threat management support, respond to identified threats effectively, maintain comprehensive reports on vulnerability findings and trends, and support security audits and compliance requirements related to vulnerability management. To excel in this role, you should have 6-9 years of experience in vulnerability management and threat management, hands-on experience with vulnerability scanning tools such as Wiz, Rapid7, Nessus, CrowdStrike, MDE, and Axonius, proficiency in container security, On-prem and Cloud Vulnerability Management, and experience with cloud platforms like AWS, Azure, or GCP. You should also be familiar with risk acceptance and exclusion processes, have a basic understanding of Generative AI (GenAI) concepts, possess strong analytical skills, attention to detail, excellent communication, and stakeholder management skills. Moreover, you should have a good understanding of Security Frameworks and Standards such as NIST, CIS, PCI-DSS, and experience leading a team of Vulnerability Analysts. Preferred qualifications for this role include experience with other security tools and frameworks, data visualization tools like Power BI, AWS Quicksight, scripting and automation experience in Python, Go, and security certifications like CISSP, CISM, or CEH. By joining Amdocs as a Vulnerability Management Specialist, you will have the opportunity to work with industry-leading technologies and experts in a global company, evolve yourself in cutting-edge technologies and business trends, and collaborate with a great team. Amdocs is an equal opportunity employer that welcomes applicants from all backgrounds and is committed to fostering a diverse and inclusive workforce.,

As the Lead, Technology Risk Analyst at Mastercard, you will play a crucial role in ensuring the company's safety and security from cyber and physical threats. Your primary responsibility will be to drive readiness and compliance on security aspects related to evolving regulatory and statutory needs across global markets. Your passion for information security and cybersecurity, along with your analytical skills and exposure to the regulatory environment, will be instrumental in this role. Your key responsibilities will include monitoring and assessing security obligations stemming from new and changing regulations worldwide. You will collaborate with various teams across Corporate Security to advise and ensure compliance with region-specific regulatory requirements within Information Security and Cyber Security domains. Engaging with partner teams on supporting Regulatory audits and obligations, you will lead and monitor remediation efforts in the realm of Security. Moreover, you will be tasked with developing and implementing governance processes to manage regulatory risks effectively, ensuring the sustainability of controls and measures implemented for compliance. Managing documentation, tracking, and reporting of security requirements and ongoing compliance efforts will also fall under your purview. Additionally, you will represent the company on Risk & Governance Committees and internal forums, providing regular reports to senior leadership. To excel in this role, you should possess a strong understanding of information and cyber security domains, governance, and risk management practices. Your experience in handling security audits, conducting assessments, and managing senior stakeholders will be invaluable. Demonstrated leadership abilities in leading cross-functional teams and managing complex projects are essential. A solid grasp of security frameworks such as NIST, ISO 27001, and PCI-DSS, as well as familiarity with regulatory standards, will be advantageous. Holding a preferred security certification like CISSP, CISM, or CISA is a plus. Excellent written and verbal communication skills are a must, enabling you to effectively interact with stakeholders. You should be viewed as a trusted advisor who comprehends business processes and can offer security consultation and advisory services. Your confidence, analytical mindset, and ability to drive security discussions with stakeholders will set you up for success in this role. In line with Mastercard's commitment to information security, it is expected that you adhere to the company's security policies and practices diligently. Safeguarding the confidentiality and integrity of accessed information, promptly reporting any suspected security violations or breaches, and completing all mandatory security trainings are integral parts of your responsibilities as a member of the Corporate Security team.,

As a Blue Team Cybersecurity Engineer, your main responsibility will involve safeguarding an organization's systems, networks, and applications from cyber threats. You will be part of a team tasked with monitoring, analyzing, and responding to security incidents while also implementing measures to strengthen the organization's security posture. Your expertise is vital in ensuring that the organization's systems are secure, resilient, and capable of withstanding cyber-attacks. You will be responsible for Security Monitoring and Incident Response by monitoring systems, networks, and applications for security incidents, investigating and analyzing security alerts, developing incident response plans, and collaborating with other teams to contain and recover from security incidents promptly. In terms of Security Operations and Threat Hunting, you will develop and maintain security monitoring systems, perform security assessments and vulnerability scans, conduct proactive threat hunting activities, and stay updated with the latest threat intelligence to enhance security measures proactively. Security Infrastructure Management will also fall under your duties, involving managing security tools and technologies, monitoring and fine-tuning security configurations, implementing security policies aligned with industry best practices, and collaborating with other teams to ensure secure configurations are in place. You will also conduct Security Awareness and Training programs to educate employees about security threats and best practices, provide guidance on secure coding practices, and foster a culture of security awareness throughout the organization. Your responsibilities will include preparing detailed incident reports, maintaining documentation of security incidents and response activities, and collaborating with stakeholders for proper reporting and escalation of security incidents. Qualifications and Skills: - Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field. - Proven experience in security monitoring, incident response, and threat hunting. - Strong knowledge of networking protocols, operating systems, and security technologies. - Familiarity with security frameworks (e.g., NIST, CIS) and regulatory requirements (e.g., GDPR, HIPAA). - Experience with security tools such as SIEM solutions, firewalls, and endpoint protection systems. - Understanding of security concepts like encryption, access control, authentication, and vulnerability management. - Knowledge of scripting and automation for security operations tasks. - Excellent problem-solving and analytical skills. - Strong communication and collaboration skills. - Professional certifications such as CISSP, GIAC, CompTIA Security+, or Certified Incident Handler (GCIH) are desirable.,

The IT Security Manager is a key role within our IT Infrastructure department at Emkay. As the IT Security Manager, you will be responsible for implementing security measures to safeguard our systems and networks. Your main objective will be to identify and mitigate security risks, ensure compliance with industry standards, and develop strategies to protect sensitive information. Your primary responsibilities will include: 1) Implementation of Security Strategy: - Develop and execute the IT security strategy in alignment with organizational goals. - Conduct risk assessments and provide recommendations to enhance our security posture. - Collaborate with key stakeholders to implement security policies, standards, and procedures. - Enhance IT Infrastructure change management practices following ITIL processes. - Maintain a strong focus on vulnerability and patch management for the entire IT infrastructure. 2) Focus on Infrastructure Security: - Oversee the implementation of security measures for networks, systems, and applications. - Ensure data integrity and confidentiality through access controls and encryption. - Monitor and respond to security incidents, including assisting with forensic investigations. 3) Ensuring Security Compliance: - Ensure compliance with relevant regulatory requirements and industry standards. - Conduct regular assessments of the infrastructure and implement corrective actions as needed. - Stay informed about emerging security threats, vulnerabilities, and technologies. 4) Security Awareness: - Create and promote security awareness initiatives to educate the Infra team on the importance of cybersecurity. - Provide guidance to staff on security best practices and procedures. 5) Incident Response and Management: - Develop and maintain an incident response plan to address security breaches. - Lead and coordinate the response to security incidents, collaborating with internal teams and external partners as required. Qualifications required for this role include: - Bachelor's degree in computer science, Information Technology, or a related field. - Certified ITIL Practice Manager. - 4-5 years of experience in IT security roles focusing on managing security programs. - Industry certifications such as CISSP, CISM, ISO27001, or equivalent are highly desirable. - Strong knowledge of security frameworks, standards, and best practices. - Excellent communication and interpersonal skills. Additional requirements for the role include a strong ITIL background, the ability to keep up with industry trends and emerging technologies, proficient problem-solving and analytical skills with a focus on Cyber Security, demonstrated leadership and team management experience, good communication and interpersonal skills to build relationships with internal stakeholders, and the ability to work independently or as part of a team with a high level of self-motivation and initiative.,

Role & responsibilities Preferred candidat Position : Senior Security Engineer/ Tech Lead Location : Bangalore, Notice : Immediate to 30days Budget-12-21 lpa ( it will be negotiable based on exp) Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA e profile

Job Description: As a Security Analyst in our IT Services industry, you will be responsible for monitoring and analyzing security alerts generated by Securonix SIEM. Your role will involve performing initial triage of security incidents based on risk scores and behavioral analytics. In addition, you will escalate security incidents to L2 for deeper investigation and assist in fine-tuning Securonix correlation rules to reduce false positives. Documenting incidents, investigation steps, and outcomes in the incident management system will also be part of your daily tasks. Supporting phishing investigations and basic threat analysis, as well as following standard operating procedures (SOPs) for incident response, are crucial aspects of this role. To qualify for this position, you should hold a Bachelor's degree in Cybersecurity, IT, or a related field. Basic knowledge of SIEM and User Entity Behavior Analytics (UEBA) is required, along with an understanding of security frameworks such as NIST, SOC 2, and MITRE ATT&CK. Strong analytical skills, attention to detail, and certifications like Securonix Security Analyst, Security+, or Microsoft SC-900 are preferred. Join our team in Chennai, Tamil Nadu, India, where you will play a key role in maintaining the security posture of our organization. Note: This job is a full-time position with a salary of INR 600,000 per year.,

As a Platform and Network Security Expert at ANDREW in Bangalore, Karnataka, you will play a crucial role in enhancing security measures for DAS and RAN products. Your responsibilities will include designing and defining security policies, architecting secure environments, and ensuring compliance with telecom security standards and customer requirements. You will collaborate with internal and external stakeholders, engage in security testing, and develop tools to automate security monitoring and vulnerability management. To be successful in this role, you should have a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security, along with 10+ years of experience in the Telecommunications and Cellular industry. Expertise in mobile network security principles, knowledge of O-RAN architecture, cloud security, and security frameworks is essential. Proficiency in security testing tools, Linux security, and scripting is also required. Strong communication and collaboration skills are key for interfacing with centralized security teams and development stakeholders. Certifications such as CISSP, CEH, GICSP, or vendor-specific security certifications are a plus. Experience with AI/ML-based threat detection, 3GPP standards, and telco cloud environments will excite us. Join ANDREW, part of the Amphenol family, and be a part of our legacy of over 85 years in wireless innovation. We offer exciting career opportunities, a supportive work environment, and the chance to make a positive impact within a global organization. Visit our website at https://www.andrew.com to learn more about us.,

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

Join us as a "Lending DevOps Efficiency Engineering Lead" at Barclays, where you will play a crucial role in supporting the successful delivery of Location Strategy projects. Your responsibilities will include planning, budgeting, ensuring agreed quality, and adhering to governance standards. As a key member of the team, you will lead the evolution of our digital landscape, driving innovation and excellence to enhance our digital offerings and deliver unparalleled customer experiences. To excel in this role, you should have a minimum of 7 years of project management experience in technology environments with a strong DevOps background. You must possess a solid understanding of the software development lifecycle and DevOps practices and have experience implementing security controls within development processes. Additionally, familiarity with CI/CD pipelines, infrastructure as code, and automation tools is essential. Excellent communication and stakeholder management skills, along with a proven ability to drive organizational change and process improvements, are key requirements. Experience with Agile methodologies and tools is also highly desirable. In addition to the above requirements, the following skills will be considered advantageous: - Possession of PMP, CSM, or other project management certifications - Experience working with Java-based applications and microservices architecture - Knowledge of cloud platforms such as AWS and OpenShift - Understanding of regulatory compliance requirements in technology - Experience with security frameworks - Background in financial services or other regulated industries As the "Lending DevOps Efficiency Engineering Lead," you will be based in Pune and will be responsible for leading and managing engineering teams. Your primary focus will be to provide technical guidance, mentorship, and support to ensure the delivery of high-quality software solutions. By driving technical excellence, fostering innovation, and collaborating with cross-functional teams, you will align technical decisions with business objectives and contribute to the overall success of the projects. Your key accountabilities will include: - Leading engineering teams effectively to achieve project goals and organizational objectives - Overseeing timelines, team allocation, risk management, and task prioritization for successful solution delivery - Mentoring team members, conducting performance reviews, and identifying opportunities for growth - Evaluating and enhancing engineering processes, tools, and methodologies to increase efficiency and optimize team productivity - Collaborating with stakeholders to translate business requirements into technical solutions and ensure a cohesive approach to product development - Enforcing technology standards, facilitating peer reviews, and implementing robust testing practices to deliver high-quality solutions If you are appointed as an Assistant Vice President, you will be expected to advise and influence decision-making, contribute to policy development, and ensure operational effectiveness. As a leader, you will set objectives, coach employees, and drive performance excellence. If you are an individual contributor, you will lead collaborative assignments, guide team members, and identify new directions for projects to meet required outcomes. All colleagues at Barclays are expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship. Additionally, they should embody the Barclays Mindset of Empower, Challenge, and Drive, which serves as the operating manual for the organization's behavior.,

To be successful as a Lending DevOps Efficiency Engineering Lead you should have experience with: 7+ years of project management experience in technology environments with DevOps background. Strong understanding of software development lifecycle and DevOps practices Experience implementing security controls within development processes Knowledge of CI/CD pipelines, infrastructure as code, and automation tools Excellent communication and stakeholder management skills Proven ability to drive organizational change and process improvements Experience with Agile methodologies and tools Additional Skills: PMP, CSM, or other project management certifications Experience with Java-based applications and microservices architecture Knowledge of cloud platforms (AWS, OpenShift) Understanding of regulatory compliance requirements in technology Experience with security frameworks Background in financial services or other regulated industries You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. Purpose of the role To lead and manage engineering teams, providing technical guidance, mentorship, and support to ensure the delivery of high-quality software solutions, driving technical excellence, fostering a culture of innovation, and collaborating with cross-functional teams to align technical decisions with business objectives. Accountabilities Lead engineering teams effectively, fostering a collaborative and high-performance culture to achieve project goals and meet organizational objectives. Oversee timelines, team allocation, risk management and task prioritization to ensure the successful delivery of solutions within scope, time, and budget. Mentor and support team members professional growth, conduct performance reviews, provide actionable feedback, and identify opportunities for improvement. Evaluation and enhancement of engineering processes, tools, and methodologies to increase efficiency, streamline workflows, and optimize team productivity. Collaboration with business partners, product managers, designers, and other stakeholders to translate business requirements into technical solutions and ensure a cohesive approach to product development. Enforcement of technology standards, facilitate peer reviews, and implement robust testing practices to ensure the delivery of high-quality solutions. Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/ business divisions. Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes. Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues. Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda. Take ownership for managing risk and strengthening controls in relation to the work done. Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy. Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc). to solve problems creatively and effectively. Communicate complex information. Complex information could include sensitive information or information that is difficult to communicate because of its content or its audience. Influence or convince stakeholders to achieve outcomes.

As a Director, Data Protection at Cognizant, you will play a crucial role in overseeing the Corporate Security's data protection strategy. Your responsibilities will include ensuring regulatory compliance, training staff on data protection, communicating with regulators, and identifying relevant data processing risks within internal systems. Your expertise in data protection law and practices will be essential in this position, as you navigate Cognizant's infrastructure, technology, and organizational structure. Taking a risk-based approach, you will serve as the primary point of contact for Corporate Security in handling potential complaints, queries, notices, and other notification requirements. General Compliance You will inform and advise Corporate Security on their obligations regarding data protection provisions and provide recommendations on the interpretation and application of relevant data protection rules. Conducting data audits, overseeing compliance tools, and developing due diligence processes for information sharing will be part of your role. Documentation Creating, reviewing, and updating various documentation such as privacy policies, security policies, and incident response processes will be crucial. You will also author technical data protection standards relating to cryptography methods and encryption solutions as needed. Risk Management Maintaining a risk assessment process for personal data, advising on data protection impact assessments, and reporting risks into the Corporate Security Risk Register are key responsibilities. You will also serve as the subject matter expert for data protection efforts across Cognizant's applications, services, and environments. Communication Acting as the point of contact between regulators and facilitating communication with data subjects are important aspects of this role. Handling queries, complaints, and other communications from stakeholders will require your attention and expertise. Requirements To excel in this role, you should have a university degree in computer science or related field, along with certifications in privacy such as CIPP/E, CIPP/US, or CIPM. Your proven expertise in data protection law, strong knowledge of privacy laws and security frameworks, and experience in interpreting regulatory requirements will be valuable assets. Your leadership skills, project management experience, and ability to work with diverse stakeholders will be essential in building and leading a global data protection discipline. Experience in developing legal and technical training, managing compliance tools, and ensuring staff awareness of data protection rights and responsibilities will also be beneficial. Join Cognizant in shaping a secure and compliant data protection strategy that upholds the company's values and commitment to regulatory compliance.,

The Senior Cyber Security Engineer / Cyber Security Engineer position in Bangalore requires 3 to 6 years of experience in the security domain. As a part of your role, you will be responsible for performing Application, API, and Microservices Pentest, Network Pentest (Internal and External), Mobile App Pentest, Mobile Assessments, Threat Modeling, Legal Reviews, Reporting, Proof of Concepts (PoCs) of vulnerabilities, Documentation, coordinating with various stakeholders, conducting R&Ds, and other security analysis. The mandatory requirements for this role include at least 3 years of relevant experience in the security domain, proven expertise in Web Application Penetration testing (Web, Mobile, API/Web Services on JAVA & .Net) through DAST Manual approach, hands-on experience in DAST tools, API (SOAPUI, PostMan), DAST Manual Assessments, Threat Modeling, and Penetration Testing. You should also possess good Network Pentest skills for external and internal networks, and excellent written and verbal communication skills. Preferred skillsets for this position include hands-on experience of DevSecOps, good knowledge of Java, .NET, SQL queries (Oracle, PostgreSQL, etc.), experience in automating security tasks using Python or Java Frameworks, System/Network Exploitation, Red Teaming, understanding of Security Frameworks, and hands-on experience with MS Tools. If you meet the above requirements and have the necessary skillsets, you will be a valuable addition to our team as a Senior Cyber Security Engineer / Cyber Security Engineer.,

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. Position Summary We are seeking a System Test Engineer with expertise in SaaS applications providing cybersecurity solution to join our dynamic team. The ideal candidate will play a critical role in testing, validating, and ensuring the reliability and security of our SaaS-based cyber security platform. This position requires strong analytical skills, hands-on experience with automation, and a deep understanding of cloud environments, networking protocols, firewalls and security frameworks. Key Responsibilities Design, develop, and execute system-level test plans, test cases, and automated test scripts for a SaaS-based cyber security platform. Validate end-to-end functionality, scalability, and performance of security applications integrated with external ITSM systems. Develop and maintain automation frameworks to streamline test execution and enhance test coverage. Conduct security, performance, and regression testing to identify vulnerabilities, bottlenecks, and reliability issues. Test and validate the functionality of agents that connect with the SaaS platform. Work closely with development, product management, and DevOps teams to troubleshoot issues and ensure high-quality product releases. Implement and execute API testing, system integration testing, and user acceptance testing. Participate in test strategy planning and provide feedback for continuous improvement of the test process. Basic Qualifications A bachelors or masters degree in computer science, electronics engineering or a related field. 8-10 years of experience in system testing for SaaS applications and Cyber Security platforms. Strong knowledge of networking protocols (TCP/IP, HTTP/HTTPS, DNS, VPN, IPSec, TLS, etc.). Strong understanding of security concepts such as firewalls, IDS/IPS, zero-trust architecture, and cloud security controls. Hands-on experience with test automation tools (Selenium, Robot Framework, PyTest, etc.). Proficiency in scripting and automation using Python, Bash, or similar languages. Experience working with cloud platforms such as AWS, Azure, or Google Cloud. Familiarity with containerization and orchestration tools like Docker and Kubernetes. Experience with CI/CD pipelines and DevOps processes. Strong troubleshooting and debugging skills in distributed systems and cloud environments. Preferred Qualifications Knowledge of security frameworks such as SOC2, ISO 27001, and compliance standards. Experience with security testing tools such as Burp Suite, Nessus, Wireshark, or Metasploit. Familiarity with Infrastructure as Code (IaC) tools such as Terraform or Ansible. Certifications such as AWS Certified Security - Specialty, CCNA Security, CISSP, or CEH are a plus. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you're passionate about technology and eager to make an impact, we'd love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.,

In security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do. To support this we need to use industry best practices paired with emerging threat information to to promote risk identification, quantification, impact analysis, and modelling to ultimately drive decision making. In this role, you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will not only work within the team but also cross-functionally with various teams across the organisation. The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks. Additionally, the team collaborates with our Organisational Learning and Development team to develop playbooks and facilitate security training across Canonical. The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Define Canonical's security risk management standards and playbooks Analyse and improve Canonical's security risk practices Evaluate, select and implement new security requirements, tools and practices Grow the presence and thought leadership of Canonical security risk management practice Develop Canonical security risk learning and development materials Work with Security leadership to present information and influence change Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others) Participate in risk management, decision-making, and collaborative discussions Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action Develop templates and materials to help with self-service risk management actions Monitor and identify opportunities to improve the effectiveness of risk management processes Launch campaigns to perform security assessments and help mitigate security risks across the company Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities. What we are looking for An exceptional academic track record Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Drive and a track record of going above-and-beyond expectations Deep personal motivation to be at the forefront of technology security Leadership and management ability Excellent business English writing and presentation skills Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management Expertise in threat modelling and risk management frameworks Broad knowledge of how to operationalize the management of security risk Experience in Secure Development Lifecycle and Security by Design methodology What we offer you We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally. Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events

As an experienced IAM professional, you will be responsible for leading IAM operations, which includes account provisioning, access control, and audits. You will architect and manage IAM systems such as Okta, Active Directory, and G-Suite. Your role will also involve conducting compliance checks to ensure adherence to security frameworks. Additionally, you will guide junior team members and review their IAM work for accuracy. To excel in this role, you should have 7-10 years of experience in IAM and Access Control. You must possess expertise in identity security, regulatory compliance (SOX, GDPR), and auditing. Familiarity with IAM tools like Okta, Active Directory Manager, and Single Sign-On (SSO) systems will be crucial for success in this position.,

As an L3 SOC Analyst at CyberProof, a UST Company, you will be a key member of our Security Operations Group, dedicated to helping enterprises react faster and smarter to security threats. With 5 to 7 years of experience under your belt, you will play a crucial role in maintaining secure digital ecosystems through automation, threat detection, and rapid incident response. Your must-have skills include expertise with SIEM vendors such as QRadar, Sentinel, and Splunk, incident response capabilities, and a strong understanding of attack patterns, Tools, Techniques, and Procedures (TTPs). You are experienced in writing procedures, runbooks, and playbooks, possess strong analytical and problem-solving skills, and have hands-on experience with system logs, network traffic analysis, and security tools. Proficiency in identifying Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) is essential for this role. Additionally, good-to-have skills involve experience in setting up SIEM solutions, troubleshooting connectivity issues, familiarity with security frameworks and best practices, and the ability to collaborate effectively with IT and security teams. Your responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting in-depth investigations to assess impact and understand the extent of compromise, analyzing attack patterns, and providing recommendations for security improvements. You will be responsible for proactive threat hunting, log analysis, providing guidance on risk mitigation, improving security hygiene, identifying gaps in security processes, and suggesting enhancements. Ensuring end-to-end management of security incidents, documenting incident response processes, defining future outcomes, participating in discussions, meetings, and briefings, as well as training team members on security tools and incident resolution procedures are also part of your role.,

As an API and Application Security Specialist at Cywarden, you will play a crucial role in ensuring the robustness and resilience of APIs and applications. Working closely with developers, architects, and security teams, you will be responsible for implementing advanced security measures to protect critical digital assets. Your expertise will be instrumental in identifying and addressing potential security threats and vulnerabilities within API ecosystems and software applications. Your key responsibilities will include developing and implementing comprehensive security strategies aligned with organizational goals, conducting security assessments through penetration testing and code reviews, performing threat modeling and risk assessments, managing authentication and authorization mechanisms, enforcing secure coding practices, responding to security incidents, ensuring compliance with industry standards, maintaining detailed documentation, providing training to development teams, and implementing security monitoring solutions. To excel in this role, you should hold a Bachelor's degree in Computer Science, Information Technology, or a related field, along with a minimum of 3-5 years of experience in API and application security. Proficiency in security frameworks and protocols, experience with API gateways, familiarity with RESTful and GraphQL APIs, understanding of encryption mechanisms, knowledge of security testing tools, familiarity with secure coding practices, experience with programming languages, and awareness of DevSecOps practices are essential. Relevant certifications such as CISSP, CEH, CSSLP, GWAPT, or OSWE are preferred. Additionally, strong problem-solving skills, effective communication, and the ability to collaborate within a team environment are key soft skills required for this role. This is a full-time permanent position with benefits including paid sick time, paid time off, performance bonuses, yearly bonuses, and a work schedule of Monday to Friday with night shifts and rotational shifts. The work location is in Mohali, Punjab, and candidates must be willing to commute or relocate before starting work. Your dedication to securing APIs and applications at Cywarden will contribute significantly to safeguarding critical digital assets and ensuring the integrity of client systems and data.,

Key Skills: SIEM, SOAR, Azure Sentinel, FortiSOAR, Python, PowerShell, Cyber Security, Automation, Security Frameworks, Compliance, Incident Response, Playbook Creation, Log Onboarding, Cyber Kill Chain. Roles & Responsibilities: Manage and oversee SIEM and SOAR solutions, including log onboarding and creation of automated playbooks. Provide hands-on technical expertise across Cyber Security and technology domains. Collaborate with internal teams to integrate and optimize security monitoring tools and automate workflows. Maintain and ensure the performance of SIEM and SOAR platforms, enhancing detection and response capabilities. Design and implement automation solutions using scripting languages (e.g., Python, PowerShell). Support and ensure compliance with security frameworks and industry regulations. Analyze and remediate security incidents, leveraging expertise in the Cyber Kill Chain and common attack methods. Work closely with cross-functional teams to define security requirements, processes, and practices. Communicate complex security concepts to non-technical stakeholders. Monitor and report on security events and incidents to ensure continuous improvement of security posture. Experience Required: 8-11 years of experience in IT Security, with at least 6 years managing SIEM and SOAR solutions. Strong hands-on experience with SIEM (e.g., Azure Sentinel) and SOAR platforms (e.g., FortiSOAR). Experience in log onboarding for SIEM solutions and creating automated playbooks on SOAR platforms. Solid understanding of security frameworks, compliance regulations, and industry standards. Technical experience in Cyber Security and technology domains, including threat analysis and remediation. Proven ability to work under pressure and manage time effectively. Familiarity with e-commerce, logistics, supply chain, and port operations applications is a plus. Education: A ny Graduation.

You are a detail-oriented and experienced IAM Governance manager who will be a valuable addition to our cybersecurity team. In this role, you will be responsible for governance, risk management, and compliance within the Identity and Access Management (IAM) domain. Your primary focus will be to ensure that our IAM processes and policies align with industry best practices and regulatory requirements. Your key responsibilities will include: - Ensuring that IAM processes comply with policies, industry standards, and regulatory requirements. - Developing and enforcing governance policies, procedures, and standards to enhance the IAM program. - Governing the onboarding of applications to the IAM solution by ensuring adequate security controls are in place for each integration, including role matrices, Role-Based Access Control (RBAC), and access recertification cycles. You will also be responsible for: - Governing and maintaining Role-Based Access Controls (RBAC) and Segregation of Duties (SoD) principles for internal applications and infrastructure. - Monitoring user access review cycles, including access certifications and privileged access management. - Reviewing Multi-Factor Authentication (MFA) and conditional policies for internal teams. - Managing the complete user lifecycle to identify access control gaps and implement necessary controls. Additionally, you will: - Design and maintain role definitions and role-based access control frameworks. - Conduct risk assessments related to identity and access management and mitigate potential security risks. - Collaborate with various departments to ensure smooth onboarding, role changes, and offboarding processes. - Provide support and guidance on IAM to business units and end-users. - Prepare and present IAM governance reports and metrics to senior management and document IAM policies, procedures, and compliance activities. To excel in this role, you should possess strong interpersonal, analytical, and technical skills, along with decision-making and prioritization abilities. A background in the banking environment with a solid understanding of key security frameworks such as ISO27001, PCI DSS, and NIST 800-63 is preferred. Additionally, you should have over 5 years of experience in managing enterprise projects and coordinating in an enterprise environment. Your commitment to continuous learning, driving security risk reduction, and aligning actions with business priorities will be crucial in ensuring the success of our IAM governance initiatives.,

As a Senior Principal Information Security Analyst at NTT DATA, you will play a crucial role in influencing and leading the implementation of the information security strategy. Your expertise will be instrumental in aligning security measures with business goals and industry best practices. You will act as a consultant in designing and implementing security systems to safeguard the organization's computer networks from cyber threats and maintaining security standards. Additionally, you will provide guidance to junior team members and contribute high-level insights on industry best practices. Your responsibilities will include monitoring security alerts, investigating potential threats, implementing security controls, conducting vulnerability assessments, supporting incident response efforts, ensuring compliance with industry standards, and developing best practices for IT security. You will also be involved in installing and operating security software, performing penetration testing, and staying updated on security trends and standards. Collaboration with cross-functional teams and contributing to security awareness initiatives will be essential aspects of your role. To excel in this position, you should possess excellent communication skills, analytical thinking, problem-solving abilities, leadership qualities, and a strong understanding of network security concepts. Proficiency in firewalls, proxies, SIEM, antivirus, patch management, MAC and OS, security frameworks, network architecture, and system protocols is crucial. Strong analytical skills, the ability to work independently and collaboratively in a fast-paced environment are also key requirements. Academic qualifications such as a Bachelor's or Master's degree in information security, cybersecurity, computer science, or related fields are preferred. Security certifications like CompTIA Security+, CISSP, or CISM are advantageous. You should have significant experience in information security, cybersecurity, global IT organizations, network penetration testing, security assessment, and mentoring junior team members. NTT DATA is a trusted global innovator providing business and technology services to Fortune Global 100 companies. With a commitment to innovation, optimization, and transformation, NTT DATA invests in research and development to support organizations in navigating the digital future confidently. As an Equal Opportunity Employer, NTT DATA offers a hybrid working environment and values diversity, inclusion, and employee growth.,

We are looking for a highly skilled and experienced Security Consultant to join our team. The ideal candidate should have a strong background in ISO consulting and implementation, with a deep understanding of information security standards and best practices. As a Security Consultant, your primary responsibility will be to collaborate with clients to identify security risks, develop strategies to address these risks, and provide the necessary support for ISO compliance. Your key responsibilities will include: - Conducting gap analysis and readiness assessments for ISO27001. - Developing and implementing Information Security Management Systems (ISMS) based on ISO27001 standards. - Performing internal audits and assisting clients during external audits. - Offering continuous support and guidance to ensure compliance with ISO27001. - Assisting in conducting data privacy impact assessments (DPIAs) and developing data protection policies. - Supporting the implementation of data privacy frameworks. - Identifying, assessing, and mitigating risks related to information security and data privacy. - Developing risk management strategies and frameworks, and providing recommendations for risk treatment. - Collaborating closely with clients from India & Middle East to understand their specific needs. - Preparing detailed reports and presentations for clients. Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - 7-8 years of experience in information security. - Experience in ISO consulting and implementation. - Familiarity with security frameworks such as NIST, CIS, and ISO 27001. - Strong analytical and problem-solving skills. - Excellent communication and interpersonal skills. - Ability to work independently and as part of a team. - Relevant certifications such as CISA or ISO Lead Implementer/Auditor are preferred. Experience Required: 8-10 years Location: Govt Cyberpark, Kozhikode, Kerala If you are a motivated and experienced Security Consultant with expertise in ISO consulting and implementation, we invite you to apply for this exciting opportunity. We offer competitive compensation, comprehensive benefits, and a dynamic work environment. Job Types: Full-time, Permanent Benefits: - Health insurance - Paid sick time Work Location: In person,

Description We are seeking a highly skilled Security Architect to join our team in India. The ideal candidate will have 7-8 years of experience in designing and implementing security architectures across various platforms and technologies. This role is critical in ensuring the confidentiality, integrity, and availability of our systems and data. Responsibilities Design and implement security architecture for applications and systems. Conduct risk assessments and vulnerability assessments to identify potential security threats. Develop and enforce security policies, standards, and guidelines for the organization. Work closely with IT and development teams to integrate security into the software development lifecycle. Monitor security incidents and respond to security breaches in a timely manner. Provide security training and awareness programs for employees. Evaluate and recommend security solutions and technologies to enhance the organization's security posture. Skills and Qualifications 7-8 years of experience in security architecture or related field. Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST, OWASP). Proficiency in security technologies such as firewalls, intrusion detection systems, and encryption protocols. Experience with cloud security (AWS, Azure, Google Cloud) and securing cloud-based applications. Knowledge of networking protocols and security technologies (e.g., VPNs, IDS/IPS). Ability to analyze security risks and recommend appropriate mitigations. Strong communication skills to articulate security concepts to non-technical stakeholders.

Incident Documentation : Review security incidents and vulnerabilities, documenting all findings clearly and accurately. Ensure that findings are categorized, prioritized, and assigned appropriate severity levels. Security Reporting : Prepare detailed reports on security issues, including root cause analysis, impact assessments, and recommended remediation actions. Reports should be tailored to different stakeholders, from technical teams to executive leadership. Tracking and Follow-up : Maintain a clear and organized system for tracking open findings, vulnerabilities, and remediation efforts. Follow up regularly to ensure issues are being addressed in a timely manner. Collaboration with Teams : Work closely with Security Operations, Threat Intelligence, and IT teams to gather relevant data, understand technical details, and ensure comprehensive documentation of findings. Continuous Improvement : Assist in refining documentation processes, templates, and reporting standards to improve efficiency and clarity. Knowledge Sharing : Contribute to the development of internal security knowledge base, documenting lessons learned, common vulnerabilities, and best practices for future reference. Compliance Support : Ensure that all documentation complies with internal policies and external regulatory requirements (e.g., GDPR, HIPAA, PCI DSS). Security Tools Utilization : Use security tools and platforms (such as SIEM, ticketing systems, vulnerability management tools) to document and track findings. Required Skills and Qualifications: Education : Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience). Experience : 2+ years of experience in cybersecurity, with a focus on incident documentation, analysis, or reporting. Technical Knowledge : Familiarity with common security threats, vulnerabilities, and security frameworks (e.g., OWASP, NIST). Strong Writing Skills : Exceptional written communication skills with the ability to document complex technical issues clearly for both technical and non-technical audiences. Attention to Detail : Ability to review and document security findings meticulously, ensuring accuracy and clarity. Familiarity with Security Tools : Experience with security tools like SIEM (Security Information and Event Management), vulnerability scanners, ticketing systems (Jira, ServiceNow, etc.), and similar platforms. Analytical Thinking : Ability to analyze complex security incidents and break them down into understandable documentation, identifying root causes and trends. Problem-Solving : Proactive in identifying gaps in documentation processes and recommending solutions to enhance clarity, consistency, and effectiveness. Desired Skills: Certifications : Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar are a plus. Knowledge of Regulatory Standards : Familiarity with industry regulations and compliance standards such as GDPR, HIPAA, PCI DSS, and ISO/IEC 27001. Security Operations Knowledge : Exposure to Security Operations Center (SOC) environments or incident response teams. Experience with Threat Intelligence : Understanding of threat intelligence concepts and how to document emerging threats and vulnerabilities.

Incident Documentation : Review security incidents and vulnerabilities, documenting all findings clearly and accurately. Ensure that findings are categorized, prioritized, and assigned appropriate severity levels. Security Reporting : Prepare detailed reports on security issues, including root cause analysis, impact assessments, and recommended remediation actions. Reports should be tailored to different stakeholders, from technical teams to executive leadership. Tracking and Follow-up : Maintain a clear and organized system for tracking open findings, vulnerabilities, and remediation efforts. Follow up regularly to ensure issues are being addressed in a timely manner. Collaboration with Teams : Work closely with Security Operations, Threat Intelligence, and IT teams to gather relevant data, understand technical details, and ensure comprehensive documentation of findings. Continuous Improvement : Assist in refining documentation processes, templates, and reporting standards to improve efficiency and clarity. Knowledge Sharing : Contribute to the development of internal security knowledge base, documenting lessons learned, common vulnerabilities, and best practices for future reference. Compliance Support : Ensure that all documentation complies with internal policies and external regulatory requirements (e.g., GDPR, HIPAA, PCI DSS). Security Tools Utilization : Use security tools and platforms (such as SIEM, ticketing systems, vulnerability management tools) to document and track findings. Required Skills and Qualifications: Education : Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience). Experience : 2+ years of experience in cybersecurity, with a focus on incident documentation, analysis, or reporting. Technical Knowledge : Familiarity with common security threats, vulnerabilities, and security frameworks (e.g., OWASP, NIST). Strong Writing Skills : Exceptional written communication skills with the ability to document complex technical issues clearly for both technical and non-technical audiences. Attention to Detail : Ability to review and document security findings meticulously, ensuring accuracy and clarity. Familiarity with Security Tools : Experience with security tools like SIEM (Security Information and Event Management), vulnerability scanners, ticketing systems (Jira, ServiceNow, etc.), and similar platforms. Analytical Thinking : Ability to analyze complex security incidents and break them down into understandable documentation, identifying root causes and trends. Problem-Solving : Proactive in identifying gaps in documentation processes and recommending solutions to enhance clarity, consistency, and effectiveness. Desired Skills: Certifications : Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar are a plus. Knowledge of Regulatory Standards : Familiarity with industry regulations and compliance standards such as GDPR, HIPAA, PCI DSS, and ISO/IEC 27001. Security Operations Knowledge : Exposure to Security Operations Center (SOC) environments or incident response teams. Experience with Threat Intelligence : Understanding of threat intelligence concepts and how to document emerging threats and vulnerabilities.