14 Security Policies Jobs

Role 1: Snowflake Developer (Coding, Documentation) Locations : Multiple location (Bangalore , Hyderabad , Chennai , kolkata , Mumbai , Pune , Gurugram) Work Mode: Hybrid Interview Mode: Virtual (2 Rounds) Key Skills & Responsibilities Strong hands-on experience with Snowflake database design, coding, and documentation. Expertise in performance tuning for both Oracle and Snowflake. Experience as an Apps DBA, capable of coordinating with application teams. Proficiency in using OEM, Tuning Advisor, and analyzing AWR reports. Strong SQL skills with the ability to guide application teams on improvements. Efficient management of compute and storage in Snowflake architecture. Execute administrative tasks, handle multiple Snowflake accounts, and apply best practices. Implement data governance via column-level security, dynamic masking, and RBAC. Utilize Time Travel, Cloning, replication, and recovery methods. Manage DML/DDL operations, concurrency models, and security policies. Enable secure data sharing internally and externally. Skills: documentation,apps dba,replication,dml/ddl operations,performance tunning,compute management,rbac,security policies,coding,recovery methods,dynamic masking,cloning,oem,storage management,performance tuning,secure data sharing,time travel,tuning advisor,snowflake database design,snowflake,column-level security,data governance,concurrency models,column-level security, dynamic masking, and rbac,oracle,awr reports analysis,sql

Notice Period : Immediate joiners only Profile Type : Stable & long-term Job Description We are looking for an experienced Entra ID Specialist with deep expertise in identity and access management technologies, SSO integrations, and Entra ID configurations. The ideal candidate will have a hands-on background in federation protocols, security policies, and automation. Mandatory Skills : Strong hands-on experience with Microsoft Entra ID including: User provisioning Enterprise app integration SSO, MFA, Conditional Access B2B and B2C configurations Expertise in SSO protocols : SAML, OpenID/OAuth, WS-Fed Experience with SCIM provisioning and JIT configuration via SAML Hands-on with Cross-Tenant Sync and External Identity Management Familiarity with IAM & IGA concepts Scripting and automation using PowerShell , Shell , Java , or Python Roles & Responsibilities : Integrate enterprise applications with Microsoft Entra ID Manage user access to SaaS applications using SAML, WS-FED, OIDC/OAuth Implement Multi-Factor Authentication (MFA) using Microsoft Authenticator Configure passwordless authentication and Temporary Access Pass (TAP) Support Self-Service Password Reset (SSPR) and password protection policies Troubleshoot Sign-in logs , Audit logs , and Conditional Access policies Define and maintain secure access controls based on device, location, and identity Educational Qualification : B.E / B.Tech in Computer Science or related discipline

Your day at NTT DATA The Managed Services Cross Technology Engineer (L3) is a seasoned engineering role, responsible for providing a service to clients by proactively identifying and resolving technical incidents and problems. Through pre-emptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions. The Managed Services Cross Technology Engineer (L3) is responsible for managing tickets of high complexity, conducts advanced and complicated tasks, and provides resolution to a diverse range of complex problems. This position uses considerable judgment and independent analysis within defined policies and practices and applies analytical thinking and deep technical expertise in achieving client outcomes, while coaching and mentoring junior team members across functions. The Managed Services Cross Technology Engineer (L3) focusses across two or more technology domains such as (but not limited to) Cloud, Security, Networking, Applications and / or Collaboration and may also contribute to / support on project work as and when required. What youll be doing Key Responsibilities: Good in-depth troubleshooting skills of complex problems Develop and implement backup and restore policies Good monitoring and remediation skills Automation through scripting skills Collaborate with client Manage a small team of engineers Good documentation skills Server hardware maintenance and upgrades Skills to interpret logs and arrive at the RCA of the problem Experience with Linux servers in virtualized environments Implement security policies and ensure compliance Perform regular security audits and VA assessments/remediation Preferred automation skill using scripting Manage access controls and authentication mechanisms in collaboration with client Academic Qualifications Any Graduate

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

SEP client installation and upgradation Symantec Endpoint Protection Manager Monitor security logs, alerts, and network traffic Resolve user related to AV security standards and regulations anti-malware software

Establishing and implementing SAP security best practices. Designing and implementing security roles/controls for Solution Manager 7.x+. Security compliance and audit readiness. User creation, Deletion, Maintenance, and Reports. Role Creation change and assignment. GRC Administrator. Duties and responsibilities: Developing UI5 user interface in SAP IDM 8.0. Create and implement automated IDM processes to manage user processes based on organizational data. Integrate IDM 8.0 with existing GRC 10.1 implementation. Working technically complex SAP Security issues and configurations. Providing security direction to business units and developers. Supporting and performing SAP security support for upgrades, testing cycles, and new system go-live. Performing daily monitoring and oversight to ensure security compliance and audit readiness. Establishing and implementing SAP security best practices. Perform SAP user administration and role development tasks. Integration and support using the SAP GRC 10.1 platform. Strong understanding of Sarbanes-Oxley (SOX) Compliance- Strategy management related to SAP business processes and Segregation of Duties (SOD). Configuration of NetWeaver Identity Management (IDM) with Novell eDirectory or LDAP with SSO capabilities. GRC for provisioning and de-provisioning to SAP systems. Demonstrable work experience in supporting audits facing off with both internal and external auditors to ensure that Security areas in all in-scope SAP systems are audit compliant. Designing and implementing security roles/controls for Solution Manager 7.x+. In-depth understanding of the Application Life cycle Management in HANA. Setting up security for Fiori Apps, BW, BI, application security, Preparing a document. Experience in IDM (identity management) SOD (segregation of duties) is a must.

India is among the top ten priority markets for General Mills, and hosts our Global Shared Services Centre. This is the Global Shared Services arm of General Mills Inc., which supports its operations worldwide. With over 1,300 employees in Mumbai, the center has capabilities in the areas of Supply Chain, Finance, HR, Digital and Technology, Sales Capabilities, Consumer Insights, ITQ (R&D & Quality), and Enterprise Business Services. Learning and capacity-building is a key ingredient of our success. Position Title D&T Analyst II - Cyber Security, Insider Threat & Awareness Function/Group Digital & Technology Location Powai, Mumbai Shift Timing 11 am - 8 pm Role Reports to D&T Manager - Cyber Security, Insider Threat & Awareness Remote/Hybrid/in-Office Hybrid ABOUT GENERAL MILLS We make foodthe world loves: 100 brands. In 100 countries. Across six continents. With iconic brands like Cheerios, Pillsbury, Betty Crocker, Nature Valley, and Hagen-Dazs, we've been serving up food the world loves for 155 years (and counting). Each of our brands has a unique story to tell. How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of ou r global organization delivering business value, service excellence and growth, while standing for good for our planet and people. With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS). For more details check out We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow. JOB OVERVIEW Function Overview The Digital and Technology team at General Mills stands as the largest and foremost unit, dedicated to exploring the latest trends and innovations in technology while leading the adoption of cutting-edge technologies across the organization. Collaborating closely with global business teams, the focus is on understanding business models and identifying opportunities to leverage technology for increased efficiency and disruption. The team's expertise spans a wide range of areas, including AI/ML, Data Science, IoT, NLP, Cloud, Infrastructure, RPA and Automation, Digital Transformation, Cyber Security, Blockchain, SAP S4 HANA and Enterprise Architecture. The MillsWorks initiative embodies an agile@scale delivery model, where business and technology teams operate cohesively in pods with a unified mission to deliver value for the company. Employees working on significant technology projects are recognized as Digital Transformation change agents. The team places a strong emphasis on service partnerships and employee engagement with a commitment to advancing equity and supporting communities. In fostering an inclusive culture, the team values individuals passionate about learning and growing with technology, exemplified by the Work with Heart philosophy, emphasizing results over facetime. Those intrigued by the prospect of contributing to the digital transformation journey of a Fortune 500 company are encouraged to explore more details about the function through the following Purpose of the role The Security Awareness and Insider Threat Analyst is responsible for developing, implementing, and managing security awareness programs to educate employees on security best practices and protect, detect and respond to risks posed by insider threats. This role combines expertise in threat detection and prevention with a strong focus on cultivating a security-conscious culture within the organization. The analyst will monitor and analyze insider threat activities, respond to incidents, and collaborate with various departments to enhance the organization's overall security posture. KEY ACCOUNTABILITIES . Monitor and analyze user activities for signs of potential insider threats. . Develop and maintain threat detection tools, techniques, and procedures. . Utilize threat intelligence platforms to gather, analyze, and disseminate relevant information. . Perform advanced analysis of insider threat and DLP alerts across various egress channels in on-premise and cloud environments, prioritizing threats using available tools. . Investigate and document event/alert patterns, collaborating with Cyber Defence, Legal, Privacy, and HR teams during incidents as necessary. . Create detailed reports on security incidents, investigations, and mitigation efforts. . Contribute to refining detection tool policies, rules, and operational documents by highlighting areas for improvement. . Lead the simulated phishing program, including metrics and executive summaries. . Coordinate with internal and external partners to develop and update quality training content. . Develop and distribute enterprise-wide communications on information security risks and guidance. . Create marketing materials and content for global Security Awareness even ts, including in-person site events as needed. . Ensure the security awareness program effectively communicates security policies, fostering a global security culture. MINIMUM QUALIFICATIONS Education - Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered) Minimum 4 years of experience in SOC, Incident Response, Insider Threat or Security Awareness. PREFERRED QUALIFICATIONS Excellent written, verbal communication and presentation skills. Ability to create engaging and effective training materials. Strong organizational and project management skills. Ability to work effectively in a team environment and collaborate with various stakeholders. Certifications: The following certificates are preferred but not mandatory, CompTIA Security+ CompTIA Cybersecurity Analyst (CySA+) EC-Council Computer Hacking Forensics Investigator (CHFI) EC-Council Certified Incident Handler (ECIH) SANS GIAC Security Essentials (GSEC) Microsoft Certified: Azure Fundamentals (AZ900) Microsoft Certified: Information Protection and Compliance Administrator Associate (SC400)

Lead and manage a team of SOC analysts, including training, development, and performance evaluation Develop, implement, and maintain security policies and procedures for the SOC Oversee the daily operations of the SOC, including security monitoring, incident response, and threat analysis Manage and optimize SOC tools and technologies (SIEM, IDS/IPS, etc.) Lead incident response efforts, including investigation, containment, eradication, and recovery Interact with the client to understand their infrastructure and implement appropriate technologies to ensure receipt of the log data and then monitor / alert the client for any issue

Key Skills: - Financial Management: Understanding of Workday Financials fundamentals, financial accounting setup, and organizational structures - Reporting: Knowledge of Workday reporting, including standard reports, Express reports, and report writing - Transaction Management: Ability to employ transactions in Workday and manage financial processes - Security and Compliance: Understanding of security policies and business processes - Analytical and Problem-Solving Skills: Ability to analyze financial data, identify issues, and optimize financial operations Job Roles: - Finance Professionals: Enhance skills in Workday Financials to advance careers in finance - Accountants: Manage and optimize financial processes using Workday Finance - Business Analysts: Streamline financial operations and improve efficiency - Workday Consultants: Specialize in financial management and implementation requirement

Job Role: IT Infrastructure Security Engineer . Location: Bangalore. Notice Period: Immediate to 30 days. Responsible for designing, implementing, and maintaining security measures to protect an organizations IT infrastructure. This role involves securing networks, servers, cloud environments, and other critical IT systems against cyber threats. The engineer works closely with IT, security, and compliance teams to ensure a robust security posture and adherence to industry standards. Key Responsibilities Infrastructure Security & Compliance Design and implement security controls to protect IT infrastructure, including servers, networks, databases, and cloud environments. Conduct security assessments, vulnerability scans, and penetration tests to identify weaknesses and recommend mitigation strategies. Ensure compliance with industry standards such as ISO 27001, NIST, CIS, GDPR, HIPAA, PCI-DSS, and SOC 2 . Develop and enforce security policies, procedures, and best practices for IT infrastructure. Monitor system logs, network traffic, and security alerts to detect and respond to threats in real-time. Network & Cloud Security Secure on-premises and cloud environments (AWS, Azure, Google Cloud) using security best practices. Implement firewalls, IDS/IPS, VPNs, and Zero Trust architectures to safeguard enterprise networks. Configure and manage endpoint security solutions, SIEM, EDR, XDR , and other security tools. Implement identity and access management (IAM) solutions, including privileged access management (PAM). Incident Response & Threat Management Investigate and respond to security incidents, breaches, and anomalies in coordination with SOC teams. Develop incident response plans (IRP) and lead forensic analysis for security events. Work closely with security operations teams to automate threat detection and response processes. Security Automation & Infrastructure Hardening Use Infrastructure as Code (IaC) to automate security configurations (e.g., Terraform, Ansible). Implement patch management, vulnerability management, and endpoint security policies . Secure containers and Kubernetes environments in DevOps pipelines. Harden operating systems (Windows, Linux) and cloud environments against cyber threats. Collaboration & Continuous Improvement Provide security training and awareness to IT teams. Collaborate with DevOps, IT, and compliance teams to integrate security in CI/CD pipelines. Stay up to date with emerging cyber threats and recommend new security technologies. Qualifications & Skills Technical Skills Strong knowledge of network security, cloud security, and endpoint security . Experience with firewalls, IDS/IPS, SIEM, EDR/XDR, and encryption . Hands-on experience with AWS Security, Azure Security Center, Google Cloud Security, and IAM solutions . Familiarity with scripting and automation (Python, Bash, PowerShell). Expertise in Active Directory (AD), Zero Trust security, and PKI . Knowledge of compliance frameworks like ISO 27001, NIST, CIS, GDPR, PCI-DSS . Soft Skills Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Ability to work under pressure and manage multiple security tasks. Detail-oriented with a proactive security mindset. Certifications (Preferred but Not Mandatory) CEH (Certified Ethical Hacker) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Certifications CISSP (Certified Information Systems Security Professional) Work Environment & Tools Security tools: Wazuh SIEM, Splunk, Palo Alto, Fortinet, CrowdStrike, SentinelOne, Qualys, Tenable, Nessus Cloud platforms: AWS, Azure, Google Cloud . Operating systems: Windows, Linux, macOS . Automation: Python, Terraform, Ansible, PowerShell.

We are seeking an experienced OpenShift Engineer to design, deploy, and manage containerized applications on Red Hat OpenShift. Key Responsibilities: Deploy,configure,and manage OpenShift clusters in hybrid/multi-cloud environments. Automate deployments using CI/CD pipelines (Jenkins,GitLab CI/CD,ArgoCD). Troubleshoot Kubernetes/OpenShift-related issues and optimize performance. Implement security policies and best practices for containerized workloads. Work with developers to containerize applications and manage microservices. Monitor and manage OpenShift clusters using Prometheus,Grafana,and logging tools. Key Responsibilities: Design, develop, and maintain OpenShift clusters and associated components. Implement Infrastructure as Code (IaC) principles using Terraform, Ansible, or Helm. Automate provisioning, scaling, and security hardening of containerized workloads. Collaborate with DevOps, development, and operations teams to ensure best practices for containerization and microservices architecture. Manage and optimize CI/CD pipelines using tools like Jenkins, GitLab CI/CD, or ArgoCD. Ensure compliance with security and governance policies through automated enforcement. Troubleshoot and resolve OpenShift and Kubernetes-related issues in a timely manner. Document OpenShift deployments, best practices, and automation workflows.

Preferred candidate profile C# developer with ~6+ years of experience; Framework and Core; WCF, Design Patterns, Domain Controller, Certificate handling , PowerShell, Security policies , Trouble Shooting. The resource should have good trouble shooting skills and can understand the legacy code. Good to have skill: domain knowledge ( TPS, Experion ) would be good.

Responsibilities Assist the CISO in all daily tasks, including management of security alerts and incidents, implementation of security strategies, and communication with other teams Ensure compliance with security policies and procedures concerning the Group's standards by conducting checks on identified scopes with the CISO Participate in the assessment of risks and vulnerabilities of information systems, propose measures to mitigate them, and ensure follow-up Organize training and awareness sessions on security to promote a security culture at SIPL, with a strong focus on Safran Digit Skills and Qualifications Education: Degree in computer science or a related field. A security certification (CISSP, CISM, CEH) is a plus. Experience: Minimum of 3 years of experience in the field of information systems security. Technical Knowledge: Mastery of security concepts and tools in the main areas of information systems. Analytical Skills: Ability to analyze complex issues and propose appropriate solutions. Mastery of organizational principles and a risk-based approach. Communication: Excellent written and oral communication skills, with the ability to explain technical concepts to non-technicians. Teamwork: Ability to work collaboratively with different departments and coordinate security efforts within the organization. Proactivity and Autonomy: Proactive attitude, ability to anticipate, take initiatives, and manage tasks independently while meeting set objectives. Working Conditions Full-time position, primarily based at Safran Digit in Mumbai. Scope of action involves travel within mainland India (Hyderabad and New Delhi), and more rarely internationally (France). Availability outside working hours in case of a major security incident. Dynamic work environment with continuous professional development opportunities, including training to obtain certifications.

Position: Infosec Analyst Audit & Compliance Experience: 3 to 10 years Location: Pune Key Responsibility Areas (KRA): Regulatory Compliance & Governance: Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, HIPAA, and enforce security policies. Audit & Risk Management: Lead internal/external audits, manage compliance assessments, and drive risk mitigation. Incident Response & Compliance Monitoring: Work with Security Operations to monitor incidents, ensure compliance, and support investigations. Security Awareness & Training: Develop and implement training programs to strengthen cybersecurity culture. Vendor & Third-Party Security: Assess vendor security risks, ensure contract compliance, and enforce security standards. Business Continuity & Disaster Recovery (BCDR): Support security-related aspects of BCDR, ensuring compliance with recovery objectives. Critical Coordination & Availability: Be available during US business hours for audits, compliance discussions, and security escalations. Roles & Responsibilities: Lead security audits, compliance initiatives, and regulatory assessments. Maintain security policies, documentation, and reporting for compliance readiness. Serve as the primary contact for auditors, legal teams, and regulatory bodies. Oversee remediation efforts for vulnerabilities and drive timely risk mitigation. Monitor security controls, drive continuous improvement, and align compliance with business objectives. Support security incidents and investigations related to compliance risks. Ensure availability for critical discussions, escalations, and audits during US hours.