121 Security Frameworks Jobs - Page 3

As a Risk Manager & Vulnerability Engineer at Wildnet Technologies, you will play a crucial role in enhancing the security posture of our organization through effective risk management, vulnerability assessments, and penetration testing. Your responsibilities will involve collaborating with key stakeholders, designing security frameworks, and implementing strategies to mitigate potential threats. You will work closely with the CISO, CTO, SOC, and other teams to ensure the organization's security standards are in line with industry best practices. Your key responsibilities will include identifying, analyzing, and assessing various risks across business, financial, and security domains. You will develop and implement risk management controls, policies, and contingency plans to address potential vulnerabilities. Additionally, you will lead vulnerability assessments, penetration testing, and security scans for network and web applications using tools such as Tenable and BurpSuite. Your role will also involve documenting findings, presenting them to executive management, and providing clear mitigation steps. In this role, you will be expected to have a strong technical background with expertise in vulnerability and penetration testing. Knowledge of risk management frameworks, security frameworks, and data protection regulations such as PCI, GDPR, and CCPA will be essential. Proficiency in operating systems like Linux, Windows, and MacOS, as well as programming experience in languages like Python or Ruby, will be beneficial. You will also need to demonstrate strong analytical and problem-solving skills, along with excellent communication and presentation abilities. Wildnet Technologies offers a dynamic work environment with opportunities for learning, growth, and career advancement. As an established industry leader with over 15 years of experience, we provide a positive and people-first work culture. You will have the chance to work on diverse projects with top clients from around the world while enjoying benefits such as comprehensive insurance, wellness support, flexible working hours, and a generous leave policy to maintain a healthy work-life balance. If you are self-motivated, adaptable, and have a passion for cybersecurity, this role at Wildnet Technologies will provide you with the platform to showcase your skills and contribute to the organization's success. Join us in our mission to deliver high-quality digital marketing services and IT solutions while prioritizing security and excellence in all endeavors.,

As the Product Security and QA Lead at Aptiv, you will play a crucial role in driving security and quality assurance initiatives for our edge AI applications. Your deep technical expertise in AI/ML systems will ensure that our edge computing solutions meet the highest standards of security, reliability, and performance. Leading cross-functional teams, you will establish robust security frameworks and quality processes tailored specifically for AI applications deployed at the edge. In terms of security leadership, you will design and implement comprehensive security frameworks for edge AI applications, conduct threat assessments, establish security testing protocols, ensure compliance with industry standards, and implement privacy-preserving techniques. Additionally, you will develop and execute comprehensive QA strategies for edge AI products, create detailed test plans, lead and mentor QA engineers, establish quality metrics, and continuously optimize testing processes for edge AI applications. Your background should include a Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related field, along with 10+ years of experience in product security and/or QA leadership roles, with at least 3 years specifically in AI/ML or edge computing. Deep understanding of cybersecurity principles, AI/ML knowledge, experience with edge computing platforms, proficiency in programming languages such as Python and C/C++, familiarity with security testing tools and AI frameworks, as well as experience with cloud platforms and testing frameworks are essential for success in this role. Joining Aptiv means you will have the opportunity to grow in an inclusive work environment, make a meaningful impact on safety, and receive the necessary support for personal and professional development. Benefits at Aptiv include hybrid and flexible working hours, higher education opportunities, life and accident insurance, Sodexo cards, well-being programs, EAP employee assistance, access to fitness clubs, and a creche facility for working parents. Apply today and be a part of shaping a safer and more sustainable future at Aptiv!,

Roles & Responsibilities: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of data for all Amgen global operations. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for data protection. Authors procedures and guidelines and advises on policies related to data protection requirements and remediation or investigation of violations. Develops and conducts training on data protection technologies for operations staff. Educates business leadership about data risk. Advises other technology groups on data protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Data Security to liaise to legal and human resources leadership on violation remediations. Collaborates with cloud strategy leaders and business unit leadership to ensure that cloud data protection is incorporated by design into new business projects. Collaborates with Cloud Security Engineers to integrate cloud data protection technology into the operations of traditional Data Loss Prevention operations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree and 4 to 6 years of experience OR Bachelor s degree and 6 to 8 years of experience OR Diploma and 10 to 12 years of experience. Functional Skills: Must-Have Skills Familiarity with one or more security frameworks, especially in regulated environments. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Demonstrated competence maintaining applications on Windows and Linux based operating systems, and basic understanding of one or more programming or scripting languages. Demonstrated proficiency with one or more Cloud Access Security Platforms (Elastica, Netskope, SkyHigh, etc) Track record of project management leadership, preferably using Agile methodology. Deep knowledge of the principles of Data Protection, including availability, integrity, and confidentiality of data. Good-to-Have Skills: Proficiency with communications focused on both the development of written technical processes and the ability to convey complex ideas clearly in front of an audience. Experience with data analytics focused on building executive reports Reputation of successfully navigating large enterprise environments, understanding both ITIL driven processes and business relationship building Ability to self-direct work on multiple priorities with little to no oversight, based on critical initiatives. Professional Certifications (please mention if the certification is preferred or required for the role): Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Cloud security certifications Relevant vendor-specific certifications Soft Skills : Established analytical and gap/fit assessment skills. Ability to work effectively with global, virtual teams High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals Effective presentation and public speaking skills.

As a Middleware Engineer at Netradyne, you will be a part of the Device Middleware team where you will play a crucial role in designing and developing middleware components and services for our embedded Linux-based platforms. Your responsibilities will include working on IPC mechanisms, system daemons, service orchestration, and collaborating with various teams to ensure software reliability and scalability. To excel in this role, you should possess a Bachelor's or Master's degree in Computer Science or Electronics with 5 to 8 years of experience in system software development on Linux. Strong C/C++ programming skills and a solid understanding of Linux internals are essential. You should also have experience with IPC mechanisms, multithreading, synchronization concepts, and working with build systems like CMake and Make. Preferred skills include experience in embedded Linux, socket programming, video streaming, and familiarity with container technologies like Docker and Kubernetes. Additionally, knowledge of scripting languages such as Bash and Python, exposure to security frameworks for Linux systems, and contributions to open-source Linux projects are advantageous. If you are passionate about low-level software, embedded systems, and enjoy solving complex problems, Netradyne offers an opportunity to shape the future of intelligent mobility solutions. Join our team of forward-thinking individuals and contribute to our growth in the transportation ecosystem.,

As a Senior Lead DevSecOps at our Pune location, you will play a pivotal role in combining technical leadership, security expertise, and DevSecOps best practices to embed security within the software development lifecycle. Your key responsibilities will include proactively assessing security gaps, developing innovative solutions, and driving DevSecOps transformation to enhance resilience and efficiency. You will collaborate extensively with business, technology, risk, and other corporate teams to establish and strengthen the adoption of security by design. Reporting to the Business Information Security Officer (BISO) for Wealth and Asset Management, you will operate within a complex landscape driven by client expectations and diverse needs across the globe. As the primary liaison between development and cybersecurity teams, you will ensure the seamless integration of security into the DevOps pipeline. Your role will involve implementing security automation, risk mitigation strategies, and CI/CD security integration to ensure secure software delivery. Building trust with clients, stakeholders, and engineering teams will be crucial as you advocate for security best practices and DevSecOps adoption across the organization. You will collaborate with development teams to integrate secure coding practices and vulnerability assessments while leading the DevSecOps strategy to align with business objectives and regulatory requirements. To excel in this role, you must have 12+ years of experience in DevSecOps, Cloud Security, or Secure Software Development, with expertise in CI/CD, cloud security, Azure DevOps, container security, and automation tools. Experience in implementing security checks within a Secure SDLC Pipeline, Secrets Management, SCA, open-source tools, and strong knowledge of security frameworks and security testing are essential. Your proven ability to engage with clients, lead teams, and drive strategic security initiatives will be critical for success in this multi-functional team environment.,

POSITION RESPONSIBILITIES Percent of Time Conduct security testing and vulnerability assessments for various applications, including web applications, mobile apps, business systems, and APIs. Assist in the identification, analysis, and prioritization of vulnerabilities, ensuring timely and effective remediation in collaboration with development teams. Support the development and execution of secure coding practices and application security guidelines. Monitor and interpret vulnerability scanning results to identify trends, root causes, and systemic risks, providing actionable insights to stakeholders. Collaborate with the wider Vulnerability Management team and other stakeholders to maintain and improve security processes and tools. Stay updated on emerging threats, vulnerabilities, and industry best practices to enhance testing methodologies and overall security strategies. Create and maintain detailed documentation and reports to track security metrics and demonstrate compliance with applicable standards. 100% ORGANIZATIONAL RELATIONSHIPS The Analyst will work closely with the Vulnerability Management Application Security Engineer and the onshore vulnerability management team to execute security testing initiatives. This role will also collaborate with: Application Development teams to address vulnerabilities and implement secure coding practices. Cloud and Application Security teams to align on strategy and processes. Other stakeholders within the Zoetis Tech & Digital (ZTD) organization to support vulnerability remediation efforts. EDUCATION AND EXPERIENCE Education University Degree in Computer Science or Information Systems is required MS or advanced identity courses or other applicable certifications is desirable, including: o Certified Information Systems Security Professional (CISSP) Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred Experience A minimum of 4+ years of relevant experience with a strong background in vulnerability management and security engineering. 2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health. Experience working with global teams across multiple time zones. Demonstrated ability to work within diverse technical teams . TECHNICAL SKILLS REQUIREMENTS Hands-on experience in application security assessments, penetration testing, or secure development practices. Proficiency with application security and vulnerability scanning tools, such as Burp Suite, Veracode, and HCL AppScan. Knowledge of web application, mobile app, and API penetration testing methodologies. Familiarity with the Software Development Lifecycle (SDLC), secure coding practices, and application development processes. Understanding of application security vulnerabilities (e.g., OWASP Top 10), security frameworks (e.g., NIST), and risk mitigation strategies. Experience working with cloud platforms such as AWS and Azure is desirable. Strong analytical skills and a detail-oriented approach to identifying and addressing vulnerabilities. Excellent verbal and written communication skills to create reports and collaborate with internal teams. Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences. PHYSICAL POSITION REQUIREMENTS Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone) Full time

POSITION RESPONSIBILITIES Conduct security testing and vulnerability assessments for various applications, including web applications, mobile apps, business systems, and APIs. Assist in the identification, analysis, and prioritization of vulnerabilities, ensuring timely and effective remediation in collaboration with development teams. Support the development and execution of secure coding practices and application security guidelines. Monitor and interpret vulnerability scanning results to identify trends, root causes, and systemic risks, providing actionable insights to stakeholders. Collaborate with the wider Vulnerability Management team and other stakeholders to maintain and improve security processes and tools. Stay updated on emerging threats, vulnerabilities, and industry best practices to enhance testing methodologies and overall security strategies. Create and maintain detailed documentation and reports to track security metrics and demonstrate compliance with applicable standards. 100% ORGANIZATIONAL RELATIONSHIPS The Analyst will work closely with the Vulnerability Management Application Security Engineer and the onshore vulnerability management team to execute security testing initiatives. This role will also collaborate with: Application Development teams to address vulnerabilities and implement secure coding practices. Cloud and Application Security teams to align on strategy and processes. Other stakeholders within the Zoetis Tech & Digital (ZTD) organization to support vulnerability remediation efforts. EDUCATION AND EXPERIENCE Education: University Degree in Computer Science or Information Systems is required MS or advanced identity courses or other applicable certifications is desirable, including: o Certified Information Systems Security Professional (CISSP) Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred Experience: A minimum of 4+ years of relevant experience with a strong background in vulnerability management and security engineering 2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health Experience working with global teams across multiple time zones Demonstrated ability to work within diverse technical teams TECHNICAL SKILLS REQUIREMENTS Hands-on experience in application security assessments, penetration testing, or secure development practices Proficiency with application security and vulnerability scanning tools, such as Burp Suite, Veracode, and HCL AppScan Knowledge of web application, mobile app, and API penetration testing methodologies Familiarity with the Software Development Lifecycle (SDLC), secure coding practices, and application development processes Understanding of application security vulnerabilities (e.g., OWASP Top 10), security frameworks (e.g., NIST), and risk mitigation strategies Experience working with cloud platforms such as AWS and Azure is desirable Strong analytical skills and a detail-oriented approach to identifying and addressing vulnerabilities Excellent verbal and written communication skills to create reports and collaborate with internal teams Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences PHYSICAL POSITION REQUIREMENTS Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone) Full Time

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion its a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Vulnerability Assessment Specialist is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization&aposs systems and infrastructure. This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks. Key responsibilities: Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities. Assesses the potential risks associated with identified vulnerabilities. Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses. Utilizes manual testing techniques and industry-standard methodologies. Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage. Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization. Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis. Identifies root causes, provide recommendations for improvement, and drive preventive measures. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals. Builds relationships and influence stakeholders to drive remediation efforts. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Performs any other related task as required. To thrive in this role, you need to have: Understanding of vulnerability assessment methodologies, tools, and industry best practices. Good understanding of networking concepts, operating systems, and common software vulnerabilities. Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders. Familiarity with security frameworks, standards, and regulatory compliance requirements. Ability to collaborate and work effectively with stakeholders and cross-functional teams. Academic qualifications and certifications: Bachelor&aposs degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial. Required experience: Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts. Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

As a Senior Solution Architect at NewRocket, a global, full-service Elite ServiceNow partner, you will play a crucial role in leading, coaching, and mentoring a team of Software Engineers specializing in GRC & SecOps. Your responsibilities will include developing and implementing customizations based on functional and technical requirements, adhering to leading practices and internal code standards on large-scale professional services projects. You will have the opportunity to work on some of the most amazing projects and receive official ServiceNow training to achieve multiple certifications, setting expectations for success and allowing you to leverage your skills and experience to deliver innovative solutions that meet customer goals. Your role will involve interfacing with end-users and key stakeholders to gather systems requirements for GRC/SecOps, developing and implementing GRC programs, policies, and control frameworks, and performing advanced troubleshooting and root cause analysis on the ServiceNow platform. Additionally, you will participate in project teams defining, designing, and developing IRM solutions on the ServiceNow platform, supporting and maintaining integrations between ServiceNow and external systems, and collaborating with stakeholders to deliver effective ServiceNow solutions. To be successful in this role, you should have a minimum of 8 years of experience in developing and implementing on the ServiceNow platform, with a focus on GRC and SecOps, Custom Applications, Policy, and Compliance. You should also possess at least 5 years of experience in software development involving ServiceNow Risk Management products and a minimum of 3 years in an architect role. Strong experience with ServiceNow modules such as ITSM, GRC & SecOps, solid understanding of security frameworks and compliance standards, and the ability to code and configure integrations between ServiceNow and data source systems are essential. Furthermore, you should have experience working with risk or compliance teams, tools, and practices, collaborating with customers to understand business problems and translate them into technical requirements, and designing and building solutions. Your expertise in Web Services Integration (SOAP, REST), ServiceNow scripting, and creating technical design documents and user documentation will be valuable assets in this role. A four-year undergraduate degree in Computer Science, Computer Engineering, Information Systems, or equivalent work experience is required. Preferred certifications for this role include CSA (Certified System Administrator), CISGRC/CISSecOps, and CAD (Certified Application Developer). At NewRocket, we take care of our people by providing support, guidance, and opportunities for professional growth and development. Join our crew and be part of a team that goes beyond workflows to create exceptional experiences for our customers.,

As the Strategic and hands-on IT leader responsible for managing multi-site GxP-compliant IT operations and plant infrastructure in a regulated pharmaceutical environment, your role will be pivotal in ensuring uptime, compliance, and driving impactful technology-led business enablement. You will act as the Single Point of Contact (SPOC) for IT for site leadership, maintaining real-time audit readiness, enforcing regulatory-compliant practices, and collaborating with central SAP teams to align plant needs. With 9-14 years of experience in Pharma Plant IT Operations and audit exposure, along with a qualification in B.E. / B.Tech / BCA / BCS or an equivalent qualification, you will be expected to fulfill the following responsibilities: GxP IT Operations & Compliance: - Ensure 100% uptime of GxP-critical systems and infrastructure. - Maintain real-time audit readiness, manage SOP adherence, QMS notifications, CAPA closure, and periodic reviews. - Enforce regulatory-compliant practices for user access control, data integrity, and electronic records. - Collaborate with central SAP teams to align plant needs. IT Infrastructure & Security Management: - Oversee standardization, qualification, AMC, retirement, and reusability of IT assets. - Implement robust IT security controls, patch management, and cybersecurity governance. - Identify and eliminate CSV bottlenecks affecting manufacturing continuity. Audit & Regulatory Readiness: - Act as audit-facing SPOC for IT during internal and external audits. - Guide Site IT Leads to ensure readiness and compliance. - Lead pre-audit checks, documentation reviews, and post-audit CAPA implementation. - Ensure full alignment of IT practices with regulatory guidelines. Project Delivery & Solution Implementation: - Lead IT solution implementation at plant level. - Ensure IT assets and integrations are fully compliant with GxP requirements. - Drive digital transformation and automation initiatives. Team Leadership & Stakeholder Engagement: - Lead, coach, and upskill a 25+ member IT team. - Collaborate with Quality, Manufacturing, Engineering, and Projects teams. - Align IT strategy with plant KPIs. IT Governance & AIOps: - Implement AIOps and predictive monitoring for system reliability. - Define and track IT SLAs, KPIs, and compliance scorecards. - Drive innovation while ensuring adherence to IT Security standards. Value Addition: - Proven success in business continuity and audit compliance through IT solutions. - Spearheaded SAP-integrated projects and AIOps implementation. - Delivered cross-site standardization of IT operations. Desired Skills: - Deep knowledge of Pharma IT Compliance, plant automation systems, and IT infrastructure lifecycle. - Strong leadership, audit-facing, communication, and stakeholder management skills. - SAP certification & relevant IT certifications preferred. - Technical knowledge of SAP systems and IT infrastructure components. - Experience in SAP HANA, SAP Fiori, or similar technology is a plus. - Strong problem-solving, analytical, and troubleshooting skills. - Project management experience with familiarity in Agile and Waterfall methodologies. - Familiarity with security frameworks in SAP and IT infrastructure management. - Strong understanding of cybersecurity principles in plant IT environments. Your role will require a strategic mindset focused on operational efficiency and business alignment, along with the ability to lead a multidisciplinary team effectively and ensure compliance with regulatory and InfoSec standards.,

As a Vulnerability Management Specialist at Amdocs, you will play a crucial role in leading, implementing, identifying, assessing, and mitigating security vulnerabilities across our infrastructure, including cloud environments. Your responsibilities will include conducting regular vulnerability scans, analyzing scan results, prioritizing vulnerabilities, collaborating with stakeholders to implement remediation plans, and overseeing patch deployment processes to ensure timely remediation. You will also perform risk and vulnerability assessments, document findings, engage with stakeholders to address risks, and oversee risk acceptance and exclusion processes. Additionally, you will monitor container security and cloud security posture, provide threat management support, respond to identified threats effectively, maintain comprehensive reports on vulnerability findings and trends, and support security audits and compliance requirements related to vulnerability management. To excel in this role, you should have 6-9 years of experience in vulnerability management and threat management, hands-on experience with vulnerability scanning tools such as Wiz, Rapid7, Nessus, CrowdStrike, MDE, and Axonius, proficiency in container security, On-prem and Cloud Vulnerability Management, and experience with cloud platforms like AWS, Azure, or GCP. You should also be familiar with risk acceptance and exclusion processes, have a basic understanding of Generative AI (GenAI) concepts, possess strong analytical skills, attention to detail, excellent communication, and stakeholder management skills. Moreover, you should have a good understanding of Security Frameworks and Standards such as NIST, CIS, PCI-DSS, and experience leading a team of Vulnerability Analysts. Preferred qualifications for this role include experience with other security tools and frameworks, data visualization tools like Power BI, AWS Quicksight, scripting and automation experience in Python, Go, and security certifications like CISSP, CISM, or CEH. By joining Amdocs as a Vulnerability Management Specialist, you will have the opportunity to work with industry-leading technologies and experts in a global company, evolve yourself in cutting-edge technologies and business trends, and collaborate with a great team. Amdocs is an equal opportunity employer that welcomes applicants from all backgrounds and is committed to fostering a diverse and inclusive workforce.,

As the Lead, Technology Risk Analyst at Mastercard, you will play a crucial role in ensuring the company's safety and security from cyber and physical threats. Your primary responsibility will be to drive readiness and compliance on security aspects related to evolving regulatory and statutory needs across global markets. Your passion for information security and cybersecurity, along with your analytical skills and exposure to the regulatory environment, will be instrumental in this role. Your key responsibilities will include monitoring and assessing security obligations stemming from new and changing regulations worldwide. You will collaborate with various teams across Corporate Security to advise and ensure compliance with region-specific regulatory requirements within Information Security and Cyber Security domains. Engaging with partner teams on supporting Regulatory audits and obligations, you will lead and monitor remediation efforts in the realm of Security. Moreover, you will be tasked with developing and implementing governance processes to manage regulatory risks effectively, ensuring the sustainability of controls and measures implemented for compliance. Managing documentation, tracking, and reporting of security requirements and ongoing compliance efforts will also fall under your purview. Additionally, you will represent the company on Risk & Governance Committees and internal forums, providing regular reports to senior leadership. To excel in this role, you should possess a strong understanding of information and cyber security domains, governance, and risk management practices. Your experience in handling security audits, conducting assessments, and managing senior stakeholders will be invaluable. Demonstrated leadership abilities in leading cross-functional teams and managing complex projects are essential. A solid grasp of security frameworks such as NIST, ISO 27001, and PCI-DSS, as well as familiarity with regulatory standards, will be advantageous. Holding a preferred security certification like CISSP, CISM, or CISA is a plus. Excellent written and verbal communication skills are a must, enabling you to effectively interact with stakeholders. You should be viewed as a trusted advisor who comprehends business processes and can offer security consultation and advisory services. Your confidence, analytical mindset, and ability to drive security discussions with stakeholders will set you up for success in this role. In line with Mastercard's commitment to information security, it is expected that you adhere to the company's security policies and practices diligently. Safeguarding the confidentiality and integrity of accessed information, promptly reporting any suspected security violations or breaches, and completing all mandatory security trainings are integral parts of your responsibilities as a member of the Corporate Security team.,

As a Blue Team Cybersecurity Engineer, your main responsibility will involve safeguarding an organization's systems, networks, and applications from cyber threats. You will be part of a team tasked with monitoring, analyzing, and responding to security incidents while also implementing measures to strengthen the organization's security posture. Your expertise is vital in ensuring that the organization's systems are secure, resilient, and capable of withstanding cyber-attacks. You will be responsible for Security Monitoring and Incident Response by monitoring systems, networks, and applications for security incidents, investigating and analyzing security alerts, developing incident response plans, and collaborating with other teams to contain and recover from security incidents promptly. In terms of Security Operations and Threat Hunting, you will develop and maintain security monitoring systems, perform security assessments and vulnerability scans, conduct proactive threat hunting activities, and stay updated with the latest threat intelligence to enhance security measures proactively. Security Infrastructure Management will also fall under your duties, involving managing security tools and technologies, monitoring and fine-tuning security configurations, implementing security policies aligned with industry best practices, and collaborating with other teams to ensure secure configurations are in place. You will also conduct Security Awareness and Training programs to educate employees about security threats and best practices, provide guidance on secure coding practices, and foster a culture of security awareness throughout the organization. Your responsibilities will include preparing detailed incident reports, maintaining documentation of security incidents and response activities, and collaborating with stakeholders for proper reporting and escalation of security incidents. Qualifications and Skills: - Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field. - Proven experience in security monitoring, incident response, and threat hunting. - Strong knowledge of networking protocols, operating systems, and security technologies. - Familiarity with security frameworks (e.g., NIST, CIS) and regulatory requirements (e.g., GDPR, HIPAA). - Experience with security tools such as SIEM solutions, firewalls, and endpoint protection systems. - Understanding of security concepts like encryption, access control, authentication, and vulnerability management. - Knowledge of scripting and automation for security operations tasks. - Excellent problem-solving and analytical skills. - Strong communication and collaboration skills. - Professional certifications such as CISSP, GIAC, CompTIA Security+, or Certified Incident Handler (GCIH) are desirable.,

The IT Security Manager is a key role within our IT Infrastructure department at Emkay. As the IT Security Manager, you will be responsible for implementing security measures to safeguard our systems and networks. Your main objective will be to identify and mitigate security risks, ensure compliance with industry standards, and develop strategies to protect sensitive information. Your primary responsibilities will include: 1) Implementation of Security Strategy: - Develop and execute the IT security strategy in alignment with organizational goals. - Conduct risk assessments and provide recommendations to enhance our security posture. - Collaborate with key stakeholders to implement security policies, standards, and procedures. - Enhance IT Infrastructure change management practices following ITIL processes. - Maintain a strong focus on vulnerability and patch management for the entire IT infrastructure. 2) Focus on Infrastructure Security: - Oversee the implementation of security measures for networks, systems, and applications. - Ensure data integrity and confidentiality through access controls and encryption. - Monitor and respond to security incidents, including assisting with forensic investigations. 3) Ensuring Security Compliance: - Ensure compliance with relevant regulatory requirements and industry standards. - Conduct regular assessments of the infrastructure and implement corrective actions as needed. - Stay informed about emerging security threats, vulnerabilities, and technologies. 4) Security Awareness: - Create and promote security awareness initiatives to educate the Infra team on the importance of cybersecurity. - Provide guidance to staff on security best practices and procedures. 5) Incident Response and Management: - Develop and maintain an incident response plan to address security breaches. - Lead and coordinate the response to security incidents, collaborating with internal teams and external partners as required. Qualifications required for this role include: - Bachelor's degree in computer science, Information Technology, or a related field. - Certified ITIL Practice Manager. - 4-5 years of experience in IT security roles focusing on managing security programs. - Industry certifications such as CISSP, CISM, ISO27001, or equivalent are highly desirable. - Strong knowledge of security frameworks, standards, and best practices. - Excellent communication and interpersonal skills. Additional requirements for the role include a strong ITIL background, the ability to keep up with industry trends and emerging technologies, proficient problem-solving and analytical skills with a focus on Cyber Security, demonstrated leadership and team management experience, good communication and interpersonal skills to build relationships with internal stakeholders, and the ability to work independently or as part of a team with a high level of self-motivation and initiative.,

Role & responsibilities Preferred candidat Position : Senior Security Engineer/ Tech Lead Location : Bangalore, Notice : Immediate to 30days Budget-12-21 lpa ( it will be negotiable based on exp) Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA e profile

Job Description: As a Security Analyst in our IT Services industry, you will be responsible for monitoring and analyzing security alerts generated by Securonix SIEM. Your role will involve performing initial triage of security incidents based on risk scores and behavioral analytics. In addition, you will escalate security incidents to L2 for deeper investigation and assist in fine-tuning Securonix correlation rules to reduce false positives. Documenting incidents, investigation steps, and outcomes in the incident management system will also be part of your daily tasks. Supporting phishing investigations and basic threat analysis, as well as following standard operating procedures (SOPs) for incident response, are crucial aspects of this role. To qualify for this position, you should hold a Bachelor's degree in Cybersecurity, IT, or a related field. Basic knowledge of SIEM and User Entity Behavior Analytics (UEBA) is required, along with an understanding of security frameworks such as NIST, SOC 2, and MITRE ATT&CK. Strong analytical skills, attention to detail, and certifications like Securonix Security Analyst, Security+, or Microsoft SC-900 are preferred. Join our team in Chennai, Tamil Nadu, India, where you will play a key role in maintaining the security posture of our organization. Note: This job is a full-time position with a salary of INR 600,000 per year.,

As a Platform and Network Security Expert at ANDREW in Bangalore, Karnataka, you will play a crucial role in enhancing security measures for DAS and RAN products. Your responsibilities will include designing and defining security policies, architecting secure environments, and ensuring compliance with telecom security standards and customer requirements. You will collaborate with internal and external stakeholders, engage in security testing, and develop tools to automate security monitoring and vulnerability management. To be successful in this role, you should have a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security, along with 10+ years of experience in the Telecommunications and Cellular industry. Expertise in mobile network security principles, knowledge of O-RAN architecture, cloud security, and security frameworks is essential. Proficiency in security testing tools, Linux security, and scripting is also required. Strong communication and collaboration skills are key for interfacing with centralized security teams and development stakeholders. Certifications such as CISSP, CEH, GICSP, or vendor-specific security certifications are a plus. Experience with AI/ML-based threat detection, 3GPP standards, and telco cloud environments will excite us. Join ANDREW, part of the Amphenol family, and be a part of our legacy of over 85 years in wireless innovation. We offer exciting career opportunities, a supportive work environment, and the chance to make a positive impact within a global organization. Visit our website at https://www.andrew.com to learn more about us.,

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

Join us as a "Lending DevOps Efficiency Engineering Lead" at Barclays, where you will play a crucial role in supporting the successful delivery of Location Strategy projects. Your responsibilities will include planning, budgeting, ensuring agreed quality, and adhering to governance standards. As a key member of the team, you will lead the evolution of our digital landscape, driving innovation and excellence to enhance our digital offerings and deliver unparalleled customer experiences. To excel in this role, you should have a minimum of 7 years of project management experience in technology environments with a strong DevOps background. You must possess a solid understanding of the software development lifecycle and DevOps practices and have experience implementing security controls within development processes. Additionally, familiarity with CI/CD pipelines, infrastructure as code, and automation tools is essential. Excellent communication and stakeholder management skills, along with a proven ability to drive organizational change and process improvements, are key requirements. Experience with Agile methodologies and tools is also highly desirable. In addition to the above requirements, the following skills will be considered advantageous: - Possession of PMP, CSM, or other project management certifications - Experience working with Java-based applications and microservices architecture - Knowledge of cloud platforms such as AWS and OpenShift - Understanding of regulatory compliance requirements in technology - Experience with security frameworks - Background in financial services or other regulated industries As the "Lending DevOps Efficiency Engineering Lead," you will be based in Pune and will be responsible for leading and managing engineering teams. Your primary focus will be to provide technical guidance, mentorship, and support to ensure the delivery of high-quality software solutions. By driving technical excellence, fostering innovation, and collaborating with cross-functional teams, you will align technical decisions with business objectives and contribute to the overall success of the projects. Your key accountabilities will include: - Leading engineering teams effectively to achieve project goals and organizational objectives - Overseeing timelines, team allocation, risk management, and task prioritization for successful solution delivery - Mentoring team members, conducting performance reviews, and identifying opportunities for growth - Evaluating and enhancing engineering processes, tools, and methodologies to increase efficiency and optimize team productivity - Collaborating with stakeholders to translate business requirements into technical solutions and ensure a cohesive approach to product development - Enforcing technology standards, facilitating peer reviews, and implementing robust testing practices to deliver high-quality solutions If you are appointed as an Assistant Vice President, you will be expected to advise and influence decision-making, contribute to policy development, and ensure operational effectiveness. As a leader, you will set objectives, coach employees, and drive performance excellence. If you are an individual contributor, you will lead collaborative assignments, guide team members, and identify new directions for projects to meet required outcomes. All colleagues at Barclays are expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship. Additionally, they should embody the Barclays Mindset of Empower, Challenge, and Drive, which serves as the operating manual for the organization's behavior.,

To be successful as a Lending DevOps Efficiency Engineering Lead you should have experience with: 7+ years of project management experience in technology environments with DevOps background. Strong understanding of software development lifecycle and DevOps practices Experience implementing security controls within development processes Knowledge of CI/CD pipelines, infrastructure as code, and automation tools Excellent communication and stakeholder management skills Proven ability to drive organizational change and process improvements Experience with Agile methodologies and tools Additional Skills: PMP, CSM, or other project management certifications Experience with Java-based applications and microservices architecture Knowledge of cloud platforms (AWS, OpenShift) Understanding of regulatory compliance requirements in technology Experience with security frameworks Background in financial services or other regulated industries You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. Purpose of the role To lead and manage engineering teams, providing technical guidance, mentorship, and support to ensure the delivery of high-quality software solutions, driving technical excellence, fostering a culture of innovation, and collaborating with cross-functional teams to align technical decisions with business objectives. Accountabilities Lead engineering teams effectively, fostering a collaborative and high-performance culture to achieve project goals and meet organizational objectives. Oversee timelines, team allocation, risk management and task prioritization to ensure the successful delivery of solutions within scope, time, and budget. Mentor and support team members professional growth, conduct performance reviews, provide actionable feedback, and identify opportunities for improvement. Evaluation and enhancement of engineering processes, tools, and methodologies to increase efficiency, streamline workflows, and optimize team productivity. Collaboration with business partners, product managers, designers, and other stakeholders to translate business requirements into technical solutions and ensure a cohesive approach to product development. Enforcement of technology standards, facilitate peer reviews, and implement robust testing practices to ensure the delivery of high-quality solutions. Assistant Vice President Expectations To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/ business divisions. Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes. Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues. Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda. Take ownership for managing risk and strengthening controls in relation to the work done. Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy. Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc). to solve problems creatively and effectively. Communicate complex information. Complex information could include sensitive information or information that is difficult to communicate because of its content or its audience. Influence or convince stakeholders to achieve outcomes.

As a Director, Data Protection at Cognizant, you will play a crucial role in overseeing the Corporate Security's data protection strategy. Your responsibilities will include ensuring regulatory compliance, training staff on data protection, communicating with regulators, and identifying relevant data processing risks within internal systems. Your expertise in data protection law and practices will be essential in this position, as you navigate Cognizant's infrastructure, technology, and organizational structure. Taking a risk-based approach, you will serve as the primary point of contact for Corporate Security in handling potential complaints, queries, notices, and other notification requirements. General Compliance You will inform and advise Corporate Security on their obligations regarding data protection provisions and provide recommendations on the interpretation and application of relevant data protection rules. Conducting data audits, overseeing compliance tools, and developing due diligence processes for information sharing will be part of your role. Documentation Creating, reviewing, and updating various documentation such as privacy policies, security policies, and incident response processes will be crucial. You will also author technical data protection standards relating to cryptography methods and encryption solutions as needed. Risk Management Maintaining a risk assessment process for personal data, advising on data protection impact assessments, and reporting risks into the Corporate Security Risk Register are key responsibilities. You will also serve as the subject matter expert for data protection efforts across Cognizant's applications, services, and environments. Communication Acting as the point of contact between regulators and facilitating communication with data subjects are important aspects of this role. Handling queries, complaints, and other communications from stakeholders will require your attention and expertise. Requirements To excel in this role, you should have a university degree in computer science or related field, along with certifications in privacy such as CIPP/E, CIPP/US, or CIPM. Your proven expertise in data protection law, strong knowledge of privacy laws and security frameworks, and experience in interpreting regulatory requirements will be valuable assets. Your leadership skills, project management experience, and ability to work with diverse stakeholders will be essential in building and leading a global data protection discipline. Experience in developing legal and technical training, managing compliance tools, and ensuring staff awareness of data protection rights and responsibilities will also be beneficial. Join Cognizant in shaping a secure and compliant data protection strategy that upholds the company's values and commitment to regulatory compliance.,

The Senior Cyber Security Engineer / Cyber Security Engineer position in Bangalore requires 3 to 6 years of experience in the security domain. As a part of your role, you will be responsible for performing Application, API, and Microservices Pentest, Network Pentest (Internal and External), Mobile App Pentest, Mobile Assessments, Threat Modeling, Legal Reviews, Reporting, Proof of Concepts (PoCs) of vulnerabilities, Documentation, coordinating with various stakeholders, conducting R&Ds, and other security analysis. The mandatory requirements for this role include at least 3 years of relevant experience in the security domain, proven expertise in Web Application Penetration testing (Web, Mobile, API/Web Services on JAVA & .Net) through DAST Manual approach, hands-on experience in DAST tools, API (SOAPUI, PostMan), DAST Manual Assessments, Threat Modeling, and Penetration Testing. You should also possess good Network Pentest skills for external and internal networks, and excellent written and verbal communication skills. Preferred skillsets for this position include hands-on experience of DevSecOps, good knowledge of Java, .NET, SQL queries (Oracle, PostgreSQL, etc.), experience in automating security tasks using Python or Java Frameworks, System/Network Exploitation, Red Teaming, understanding of Security Frameworks, and hands-on experience with MS Tools. If you meet the above requirements and have the necessary skillsets, you will be a valuable addition to our team as a Senior Cyber Security Engineer / Cyber Security Engineer.,

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. Position Summary We are seeking a System Test Engineer with expertise in SaaS applications providing cybersecurity solution to join our dynamic team. The ideal candidate will play a critical role in testing, validating, and ensuring the reliability and security of our SaaS-based cyber security platform. This position requires strong analytical skills, hands-on experience with automation, and a deep understanding of cloud environments, networking protocols, firewalls and security frameworks. Key Responsibilities Design, develop, and execute system-level test plans, test cases, and automated test scripts for a SaaS-based cyber security platform. Validate end-to-end functionality, scalability, and performance of security applications integrated with external ITSM systems. Develop and maintain automation frameworks to streamline test execution and enhance test coverage. Conduct security, performance, and regression testing to identify vulnerabilities, bottlenecks, and reliability issues. Test and validate the functionality of agents that connect with the SaaS platform. Work closely with development, product management, and DevOps teams to troubleshoot issues and ensure high-quality product releases. Implement and execute API testing, system integration testing, and user acceptance testing. Participate in test strategy planning and provide feedback for continuous improvement of the test process. Basic Qualifications A bachelors or masters degree in computer science, electronics engineering or a related field. 8-10 years of experience in system testing for SaaS applications and Cyber Security platforms. Strong knowledge of networking protocols (TCP/IP, HTTP/HTTPS, DNS, VPN, IPSec, TLS, etc.). Strong understanding of security concepts such as firewalls, IDS/IPS, zero-trust architecture, and cloud security controls. Hands-on experience with test automation tools (Selenium, Robot Framework, PyTest, etc.). Proficiency in scripting and automation using Python, Bash, or similar languages. Experience working with cloud platforms such as AWS, Azure, or Google Cloud. Familiarity with containerization and orchestration tools like Docker and Kubernetes. Experience with CI/CD pipelines and DevOps processes. Strong troubleshooting and debugging skills in distributed systems and cloud environments. Preferred Qualifications Knowledge of security frameworks such as SOC2, ISO 27001, and compliance standards. Experience with security testing tools such as Burp Suite, Nessus, Wireshark, or Metasploit. Familiarity with Infrastructure as Code (IaC) tools such as Terraform or Ansible. Certifications such as AWS Certified Security - Specialty, CCNA Security, CISSP, or CEH are a plus. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you're passionate about technology and eager to make an impact, we'd love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.,

In security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do. To support this we need to use industry best practices paired with emerging threat information to to promote risk identification, quantification, impact analysis, and modelling to ultimately drive decision making. In this role, you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will not only work within the team but also cross-functionally with various teams across the organisation. The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks. Additionally, the team collaborates with our Organisational Learning and Development team to develop playbooks and facilitate security training across Canonical. The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies. What you will do in this role: Define Canonical's security risk management standards and playbooks Analyse and improve Canonical's security risk practices Evaluate, select and implement new security requirements, tools and practices Grow the presence and thought leadership of Canonical security risk management practice Develop Canonical security risk learning and development materials Work with Security leadership to present information and influence change Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others) Participate in risk management, decision-making, and collaborative discussions Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action Develop templates and materials to help with self-service risk management actions Monitor and identify opportunities to improve the effectiveness of risk management processes Launch campaigns to perform security assessments and help mitigate security risks across the company Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities. What we are looking for An exceptional academic track record Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Drive and a track record of going above-and-beyond expectations Deep personal motivation to be at the forefront of technology security Leadership and management ability Excellent business English writing and presentation skills Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management Expertise in threat modelling and risk management frameworks Broad knowledge of how to operationalize the management of security risk Experience in Secure Development Lifecycle and Security by Design methodology What we offer you We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally. Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events

As an experienced IAM professional, you will be responsible for leading IAM operations, which includes account provisioning, access control, and audits. You will architect and manage IAM systems such as Okta, Active Directory, and G-Suite. Your role will also involve conducting compliance checks to ensure adherence to security frameworks. Additionally, you will guide junior team members and review their IAM work for accuracy. To excel in this role, you should have 7-10 years of experience in IAM and Access Control. You must possess expertise in identity security, regulatory compliance (SOX, GDPR), and auditing. Familiarity with IAM tools like Okta, Active Directory Manager, and Single Sign-On (SSO) systems will be crucial for success in this position.,