35 Soc 2 Jobs

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos , our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to , our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at and on , , , and . Inviting applications for the role of Manager- Information Security In this role we are looking for someone who has relevant years of relevant work experience in Information Security, Audit & assurance role with expertise in ITGC, network security and Application Security controls Responsibilities Experience in facilitating external & internal audits from inception to completion. Experience in drafting comprehensive risk-based control framework aligned to SOC 1, SOC 2 standard. Solutioning skills to resolve complicated IT, F&A and & application security issues. Working experience as an engagement lead for SOC 1 and SOC 2 audits at a Big 4/reputed IT organization Exposure to leadership connects on compliance posture, getting management commitment. Design and lead an internal monthly compliance monitoring framework with minimum manual touchpoints. Prepare & present an effective compliance dashboard for internal leaders and external stakeholders. Qualifications we seek in you! Minimum Qualifications Strong domain knowledge in ITGC testing, Application controls testing, SOC 1, SOC 2 reports, SaaS/PaaS/IaaS, Interface controls, Application Pre-Implementation and post Implementation reviews, Software Compliance reviews, IT & Network Security, Controls, Risk Frameworks, File Integrity Monitoring solutions, Cloud Security, Cyber security. Good performance rating in the current organization (verifiable) Any one audit certification: CISA/CISM/CRISC/CISSP Preferred Qualifications/ Skills Analytical skills, excellent problem-solving skills, ability to work within deadlines, excellent interpersonal and communication skills. Why join Genpact Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation Make an impact - Drive change for global enterprises and solve business challenges that matter Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color , religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Cloud Expertise: Google Cloud Platform (GCP) Mandatory, AWS Experience Required Key Responsibilities - Provision, manage, and support GCP sandbox environments for testing and development. - Ensure sandbox governance, security, and compliance with Citi policies. - Engage with Google Cloud & AWS support teams to troubleshoot and resolve issues. - Ensure sandbox isolation from production workloads and enforce resource lifecycle management (deletion/suspension of unused resources). - Onboard Citi teams and developers to new or existing AWS/GCP accounts. - Manage user access for single/multiple cloud accounts, ensuring least privilege access. - Assign and audit IAM roles and permissions for security and compliance. - Remove user access to specific accounts as needed. - Configure real-time alerts for sandbox activities and send to Citi Sandbox Email DL IDs. - Set up budget alerts (soft/hard limits) to prevent overspending. - Monitor security incidents, unauthorized access attempts, and anomalies. - Implement cost tracking mechanisms and automate resource cleanup to prevent cost overruns. - Implement GCP/AWS cost control measures (budgets, quotas, auto-scaling). - Track spending patterns and optimize resource allocation. - Ensure compliance with financial industry regulations (SOC 2, ISO 27001, GDPR). - Conduct periodic security and cost audits. - Automate cloud operations using Terraform, CloudFormation, or Deployment Manager. - Use Python/Bash scripting for process automation and cost/resource optimization.

Job Summary: We are looking for an experienced IT Audit Specialist with a proven track record in Big 4 consulting firms (Deloitte, PwC, EY, or KPMG). The ideal candidate must hold a valid CISA or CISSP certification and demonstrate deep expertise in IT general controls (ITGC), risk management, cybersecurity, and compliance. This role is focused solely on IT audits and advisory, not statutory or financial audits. Key Responsibilities: Lead and perform IT audits, including ITGC testing, automated controls reviews, and application audits across various environments. Evaluate cybersecurity controls, risk mitigation practices, and IT governance processes. Conduct assessments for SOX IT compliance, SOC 1/SOC 2, GDPR, and other regulatory frameworks. Work closely with internal stakeholders and client teams to identify control weaknesses and recommend remediation strategies. Participate in risk assessments, control design evaluations, and implementation of industry best practices. Document findings, prepare reports, and present results to senior leadership or client executives. Stay updated on emerging IT risks, technologies, and industry regulations to enhance audit effectiveness. Required Qualifications: 6+ years of IT audit experience with exclusive background in Big 4 firms (Deloitte, PwC, EY, KPMG). Professional certification: CISA (required); CISSP or other security certifications are a plus. Strong knowledge of ITGCs, application controls, and security frameworks (COBIT, NIST, ISO 27001). Experience in ERP systems audits (e.g., SAP, Oracle) and cloud environment assessments (AWS, Azure, GCP). Strong analytical, documentation, and communication skills. Ability to manage multiple projects and meet tight deadlines in a client-facing environment. Preferred Skills: Experience with SOC 1/SOC 2 reporting, vulnerability assessments, or data privacy audits. Familiarity with tools like Archer, ServiceNow GRC, or audit analytics platforms. Exposure to IT risk advisory or cybersecurity transformation projects.

Must have experience in dealing with NBFC/FinTech specific regulatory audit - ISO, RBI, SOC 2, PCI.AWS based application deployment, DevOps/DevSecops, technology stack and information security solutions Required Candidate profile Help develop practice for Risk Advisory, Transformation and Assurance under the Practice Leader. Provide consulting advisory to various customers around GRC advisory space Represent

Opportunity for a remote role. Experienced in GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 compliance. Led implementation and maintenance of compliance programs including TPRA. Skilled in IT audit planning, ISO 27001 audits, and reporting.

Lead and support IT compliance audits and assessments aligned with ISO 27001 and SOC 2 standards.Understanding of regulatory compliance standards, such as GDPR, HIPAA,PCI-DSS,or ISO27001.Understanding of cloud platforms (AWS, Azure, or Google Cloud)

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

Role Overview We are looking for experienced DevOps Engineers (8+ years) with a strong background in cloud infrastructure, automation, and CI/CD processes. The ideal candidate will have hands-on experience in building, deploying, and maintaining cloud solutions using Infrastructure-as-Code (IaC) best practices. The role requires expertise in containerization, cloud security, networking, and monitoring tools to optimize and scale enterprise-level applications. Key Responsibilities Design, implement, and manage cloud infrastructure solutions on AWS, Azure, or GCP. Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or similar tools. Implement and manage CI/CD pipelines using tools like GitHub Actions, Jenkins, GitLab CI/CD, BitBucket Pipelines, or AWS CodePipeline. Manage and orchestrate containers using Kubernetes, OpenShift, AWS EKS, AWS ECS, and Docker. Work on cloud migrations, helping organizations transition from on-premises data centers to cloud-based infrastructure. Ensure system security and compliance with industry standards such as SOC 2, PCI, HIPAA, GDPR, and HITRUST. Set up and optimize monitoring, logging, and alerting using tools like Datadog, Dynatrace, AWS CloudWatch, Prometheus, ELK, or Splunk. Automate deployment, configuration, and management of cloud-native applications using Ansible, Chef, Puppet, or similar configuration management tools. Troubleshoot complex networking, Linux/Windows server issues, and cloud-related performance bottlenecks. Collaborate with development, security, and operations teams to streamline the DevSecOps process. Must-Have Skills 3+ years of experience in DevOps, cloud infrastructure, or platform engineering. Expertise in at least one major cloud provider: AWS, Azure, or GCP. Strong experience with Kubernetes, ECS, OpenShift, and container orchestration technologies. Hands-on experience in Infrastructure-as-Code (IaC) using Terraform, AWS CloudFormation, or similar tools. Proficiency in scripting/programming languages like Python, Bash, or PowerShell for automation. Strong knowledge of CI/CD tools such as Jenkins, GitHub Actions, GitLab CI/CD, or BitBucket Pipelines. Experience with Linux operating systems (RHEL, SUSE, Ubuntu, Amazon Linux) and Windows Server administration. Expertise in networking (VPCs, Subnets, Load Balancing, Security Groups, Firewalls). Experience in log management and monitoring tools like Datadog, CloudWatch, Prometheus, ELK, Dynatrace. Strong communication skills to work with cross-functional teams and external customers. Knowledge of Cloud Security best practices, including IAM, WAF, GuardDuty, CVE scanning, vulnerability management. Good-to-Have Skills Knowledge of cloud-native security solutions (AWS Security Hub, Azure Security Center, Google Security Command Center). Experience in compliance frameworks (SOC 2, PCI, HIPAA, GDPR, HITRUST). Exposure to Windows Server administration alongside Linux environments. Familiarity with centralized logging solutions (Splunk, Fluentd, AWS OpenSearch). GitOps experience with tools like ArgoCD or Flux. Background in penetration testing, intrusion detection, and vulnerability scanning. Experience in cost optimization strategies for cloud infrastructure. Passion for mentoring teams and sharing DevOps best practices.

Roles and Responsibilities Greetings from GRM Technologies!!! Providing support in IT and Cyber Risk Advisory services offered by GRM Technologies to its clients in the following domains- Information regulatory compliance (ISO 27001, PCIDSS, RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, GDPR) Information risk management Information security and information assurance Information technology controls for financial and other systems Identifying processes and technologies to maintain and enhance the security architecture Disaster recovery and business continuity management Information privacy Have a fair understanding of Business Continuity Planning and DR Drills Should have conducted Information Life Cycle management reviews in the past Conducting Infrastructure Vulnerability Assessment and Penetration Testing Conducting Web and Mobile Application Security Assessment Conducting Secure Code Review Conducting Architecture Review Should have minimum 2-5 yrs. of experience into Cyber Security, including IT Risk, Cyber Risk & Compliance, IT Audit, Vendor Audit, VAPT, Application Security, Fraud Risk & Security. Knowledge of information security standards, principles and practices required Perform risk assessment, controls and documentation with expected standards (information technology/ business process) Conduct Infrastructure Vulnerability Assessment and Penetration Testing Conduct Web Application Security Assessment Conduct Mobile Application Security Assessment Conduct Source Code Review Perform SOX compliance audits, SOC 1 and SOC 2 audits, as well as testing and reporting Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2) Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.) Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable Ability to adapt to new scope areas and technologies Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more Ability to manage client communication and escalation Ability to make all attempts to guide the peers and self to improve client satisfaction scores Participate in proposal preparation Understanding of risk Appreciation for technological innovation Strong organization skills Curiosity and eagerness to learn Initiative to seek out opportunities and add value Tolerance for ambiguity and shifting priorities; appreciation of change. Should have certification on CCNA / CCNP / ITIL Exposure into ISO 27001 is mandate

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

Information Security Assistant Manager Location: Remote. Apply at: ravi.kumar1@akmglobal.in | +91-7838872468 Seeking a highly skilled and experienced Information Security Assistant Manager to join our team. This role requires proficient experience in ISO 27001 and SOC 2 implementation and compliance , along with a strong understanding of global security standards. If you are passionate about information security and looking to advance your career in a dynamic, professional environment, we encourage you to apply. Total Experience: Relevant Experience in ISO 27001 Implementation: Relevant Experience in SOC 2: Current CTC: Expected CTC: Notice Period: Key Responsibilities Collaborate with the CISO to design, implement, and enhance the organizations cybersecurity framework. Maintain, update, and ensure adherence to information security policies in alignment with ISMS standards. Ensure compliance with ISO 27001, SOC 2, HIPAA, and related security and privacy regulations. Serve as the primary point of contact for internal and external audits related to information security. Work closely with technical teams and external clients to uphold robust security practices in all products and services. Develop and maintain comprehensive security documentation and reports. Monitor emerging threats, legal and regulatory changes, and adapt security practices accordingly. Lead and support company-wide security training, awareness initiatives, and best practice promotion. Play an active role in the end-to-end implementation and management of ISO 27001 controls and frameworks. Required Qualifications & Skills Hands-on experience in ISO 27001 implementation (mandatory). Strong familiarity with SOC 2 controls and reporting frameworks (mandatory). Working knowledge of HIPAA, GDPR (EU & UK), and U.S. data privacy laws. Prior experience in managing audits and ensuring regulatory compliance. Excellent written and verbal communication skills, with the ability to convey complex security concepts to diverse audiences. Ability to manage multiple projects and priorities under pressure. Proven leadership in executing information security projects. Experience working with international clients or in multicultural environments. Fluency in English (spoken and written) is essential.

The position will be primarily responsible for implementation and / or assessment of ISO 27001:2022, 27002, SOC 2 standard for clients. The position will work independently or with senior consultants for the implementation and management of information security compliance and/or other best practices. Key Performance Indicators Experience in ISO 27001/27002 controls verification and compliance: Assist Clients to get ISO 27001 certification by identification and implementation of appropriate controls in the Audit scope. Conduct Risk assessment of activities and coordinate with stakeholders till closure signoff / risk acceptance. Define, Develop and review information security policies, procedures, guidelines, forms and templates as per best practice Create and review baseline standards for OS, Database, webservers and applications and recommend improvements Support post implementation and continuous audits for ISO 27001:2013 and ensure compliance. Create organizational information security awareness program and conduct awareness. Assist and recommend measures to ensure compliance with Security standards (ISO, NIST, CIS, PCI DSS etc) or any best practices. Skills: Information Technology and/or Cybersecurity skills: Information Technology and/or Cybersecurity skills a solid IT foundation, ability to communicate technical information verbally and through written documentation, Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred Presales skills: Excellent communication, problem-solving, client-facing, ability to work as a team Competence: ISO 27001 / Cybersecurity Certifications. Willingness to obtain the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designations.

Information Security Engineer Experience: 2 - 6 Years Exp Salary : Competitive Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Onsite (Mumbai) Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, AWS, GCP, Azure, public cloud IDfy (One of Uplers' Clients) is Looking for: Infosec Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Who are we? Trust isnt a given, it needs to be built. And in a world where fraud is evolving faster than ever, trust must be safeguarded at every step. At IDfy, we make trust scalable. As an Integrated Identity Platform, we help businesses verify identities, detect fraud, and stay compliantensuring every interaction starts with confidence. Our clients include HDFC Bank, Zomato, Amazon, PhonePe, Paytm, HUL and many others. With more than 13+ years of experience and 2 million verifications per day, we are pioneers in this industry. We do this through three interconnected platforms: Onboarding Platform: Our IDfy360 and Video Solutions make KYC and identity verification seamless, turning compliance into a frictionless experience. Fraud & Risk Management Platform: We stay ahead with CrimeCheck, RiskAI, and our Transaction Intelligence Platform identifying synthetic identities, financial risks, and bad actors before they cause damage. Privacy & Data Governance Platform: With PRIVY, businesses can navigate evolving data protection laws with ease, ensuring security and transparency at every step. Infosec Engineer As an Information Security Engineer at IDfy, youll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, youll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if youve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Heres what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team Whats it like working at IDfy? We build products that detect and prevent fraud. With billions of transactions flowing through our pipes, InfoSec is not just important, its critical. Youll have the space to take ownership, challenge the status quo, and build security systems that scale with our growth. And yes, we love memes, chai, and debating compliance checklists over lunch. Thanks to our problem-centric approach, one in which we find the right technology to solve a problem rather than the other way around, you will always be working on the latest technologies. We work hard and party hard. There are weekly sessions on emerging technologies. Work weeks are usually capped off with board games, poker, karaoke, and other fun activities. How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: IDfy is an Integrated Identity Platform offering products and solutions for KYC, KYB, Background Verifications, Risk Assessment, and Digital Onboarding. We establish trust while delivering a frictionless experience for you, your employees, customers and partners. About Uplers: Our goal is to make hiring and getting hired reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant product and engineering job opportunities and progress in their career. (Note: There are many more opportunities apart from this on the portal.) So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Infosec Engineer Experience: 2 - 6 Years Exp Salary : Competitive Preferred Notice Period : Within 30 Days Shift : 10:00AM to 7:00PM IST Opportunity Type: Onsite (Mumbai) Placement Type: Permanent (*Note: This is a requirement for one of Uplers' Clients) Must have skills required : ISO 27001, SOC 2, AWS, GCP, Azure, public cloud IDfy (One of Uplers' Clients) is Looking for: Infosec Engineer who is passionate about their work, eager to learn and grow, and who is committed to delivering exceptional results. If you are a team player, with a positive attitude and a desire to make a difference, then we want to hear from you. Role Overview Description Who are we? Trust isnt a given, it needs to be built. And in a world where fraud is evolving faster than ever, trust must be safeguarded at every step. At IDfy, we make trust scalable. As an Integrated Identity Platform, we help businesses verify identities, detect fraud, and stay compliantensuring every interaction starts with confidence. Our clients include HDFC Bank, Zomato, Amazon, PhonePe, Paytm, HUL and many others. With more than 13+ years of experience and 2 million verifications per day, we are pioneers in this industry. We do this through three interconnected platforms: Onboarding Platform: Our IDfy360 and Video Solutions make KYC and identity verification seamless, turning compliance into a frictionless experience. Fraud & Risk Management Platform: We stay ahead with CrimeCheck, RiskAI, and our Transaction Intelligence Platform identifying synthetic identities, financial risks, and bad actors before they cause damage. Privacy & Data Governance Platform: With PRIVY, businesses can navigate evolving data protection laws with ease, ensuring security and transparency at every step. Infosec Engineer As an Information Security Engineer at IDfy, youll support the InfoSec team in ensuring that our systems, policies, and processes meet global compliance standards. From supporting audits to reviewing documentation and responding to customer requests, youll get hands-on experience in what it takes to keep a fast-paced tech company secure. This is the perfect role if youve dabbled in audits, are curious about security frameworks, and want to grow into a well-rounded InfoSec professional. We are the match if you... Have been part of audits (ISO 27001, SOC 2, Customer TPRA) either conducting or surviving them for 2-4 years Have good understanding of ISO 27001, SOC 2, or other security frameworks Experienced in handling ISMS management end to end independently/ as a part of a team Are organized, detail-oriented, and a bit obsessed with checklists Know your way around cloud basics (GCP preferred, others fine too) Can document policies and processes clearly Want to learn how security works in a product and SaaS environment Are eager to work with a team that takes compliance seriously (but not too seriously) Are open to earning certifications down the line (CISA, ISO 27001 LA, etc.) Heres what your day would look like... Assist in maintaining our ISMS for ISO 27001 and SOC 2 including policy review/updates, creating SOPs and executing ISMS activities Support internal and external audit prep and documentation Track and respond to client security questionnaires Face / assist customer third-party risk assessments Collaborate with legal, engineering, and product teams to ensure compliance Assist in monitoring compliance metrics and identifying improvement areas Learn, grow, and eventually take on more ownership within the InfoSec team Whats it like working at IDfy? We build products that detect and prevent fraud. With billions of transactions flowing through our pipes, InfoSec is not just important, its critical. Youll have the space to take ownership, challenge the status quo, and build security systems that scale with our growth. And yes, we love memes, chai, and debating compliance checklists over lunch. Thanks to our problem-centric approach, one in which we find the right technology to solve a problem rather than the other way around, you will always be working on the latest technologies. We work hard and party hard. There are weekly sessions on emerging technologies. Work weeks are usually capped off with board games, poker, karaoke, and other fun activities. How to apply for this opportunity: Easy 3-Step Process: 1. Click On Apply! And Register or log in on our portal 2. Upload updated Resume & Complete the Screening Form 3. Increase your chances to get shortlisted & meet the client for the Interview! About Our Client: IDfy is an Integrated Identity Platform offering products and solutions for KYC, KYB, Background Verifications, Risk Assessment, and Digital Onboarding. We establish trust while delivering a frictionless experience for you, your employees, customers and partners. About Uplers: Our goal is to make hiring and getting hired reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant product and engineering job opportunities and progress in their career. (Note: There are many more opportunities apart from this on the portal.) So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Introduction We are looking for a detail-oriented Security Services Specialist with a strong focus on compliance, audits, and business continuity/disaster recovery (BCDR). This role is responsible for supporting internal and external security audits and maintaining continuous regulatory compliance. The ideal candidate will have experience aligning security and compliance programs with frameworks such as SOC 2, ISO 27001, and NIST, while also supporting the development and testing of BCDR plans. You will work closely with internal stakeholders and external auditors to ensure our security practices meet applicable requirements and support business goals. Your role and responsibilities Audit Management: Coordinate and support internal and external audits, including evidence collection, control testing, and remediation tracking. Serve as the secondary point of contact for auditors and third-party assessors. Maintain audit logs, findings, and corrective action plans. Compliance Oversight: Monitor and ensure compliance with industry regulations and internal security policies. Map controls and processes to multiple compliance frameworks (e.g., NIST, ISO, SOC 2, HIPAA). Track evolving compliance obligations and help update policies accordingly. Access Management: Support access management processes Coordinate and drive periodic user access reviews. Business Continuity & Disaster Recovery (BCDR) Collaborate with IT, operations, and business units to develop and maintain BCDR plans. Coordinate and conduct periodic BCDR tests, document results, and track corrective actions. Evaluate critical business processes to identify single points of failure and propose continuity strategies. Ensure BCDR plans align with compliance requirements and organizational risk appetite. Maintain an inventory of critical assets and dependencies required for continuity and recovery. Policy Development & Enforcement: Assist in developing, updating, and enforcing information security policies, procedures, and standards. Ensure policies align with compliance frameworks and are effectively communicated across the organization. Documentation & Reporting: Maintain detailed and organized documentation of security controls, evidence, and compliance artifacts. Create reports and dashboards for leadership on compliance status and audit readiness. Other assignments as required to support the security, compliance, and resilience goals of the organization. Required education Bachelors Degree Preferred education Bachelors Degree Required technical and professional expertise Bachelor degree in Cybersecurity, Information Systems, Risk Management, or related field. 3+ years of experience in information security, with a focus on compliance and audits. Hands-on experience supporting one or more compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, NIST). Strong understanding of security controls and risk management practices. Strong understanding of network, system, and application security principles. Strong knowledge of risk management principles and audit processes. Excellent analytical, problem-solving, and communication skills. Preferred technical and professional experience Strong attention to detail and organizational skills. Excellent written and verbal communication. Ability to manage multiple audits and compliance initiatives simultaneously. Comfortable working with technical and non-technical teams.

Professionally handle communications with internal and external stakeholders on compliance issues. Maintain up-to-date knowledge of IDfys products, environment, systems, and architecture. Educate control owners on compliance workflows and processes. Maintain IDfys security control framework and continuous control monitoring activities. Gather and report on established metrics within the security compliance programs. Conduct security control tests of design and tests of operating effectiveness activities. Identify observations and manage remediation tasks through to closure while adhering to strict deadlines. Support internal and external auditors or advisors as needed. Demonstrated experience with security control frameworks, e.g. SOC 2, ISO, etc. Execute end-to-end compliance initiatives in accordance with the compliance roadmap. Design high-quality test plans and direct security control test activities. Continuously improve IDfys security control framework Direct external audits. Build and maintain security controls that map to IDfy s security compliance requirements and provide implementation recommendations

In This Role, You Will: Support the sales process by participating in customer-initiated security due diligence and/or vendor security audits and helping to respond to security questionnaires and documentation requests from customers Participate in internal security assessments and security reviews Work with stakeholders to address and mitigate any open findings, and prepare customer communications against them, as required Support development of and monitor progress on security risk treatment plans by risk owners; support regular risk and progress reporting to leadership stakeholders Support development of technical solutions and processes to automate or streamline repeatable security risk assessment, audit, customer questionnaire response activities and workflows Assist with maintenance of information security program documentation consisting of information security policies, standards, and guidelines, and coordinating management ratification of policies and standards at regular intervals Participate in improving the overall Security culture across Cvent; contribute to employee security awareness campaigns and educational activities to address areas of potential risk and/or gaps in compliance Collaborate with internal stakeholders to maintain an up-to-date knowledge base of all Cvent's product functionalities, along with their respective security and compliance posture Measure, track and report KPIs to senior management Heres What You Need: 4-8 years of demonstrable experience in customer assurance, and good interpersonal communication skills with experience and confidence in collaborating with internal and external partners and stakeholders to develop productive relationships and achieve positive security risk management outcomes Ability to learn quickly with a willingness to take ownership for new projects and learning new technologies and methodologies Good understanding of industry standards for compliance such as ISO 27001:2013, PCI DSS, and SSAE 18 SOC 1 / SOC 2 attestation standards Basic understanding of risk assessment methodologies and best practices Ability and willingness to produce and maintain documentation and reports Proficiency with productivity and collaboration tools, such as Microsoft Office, Slack, Box, and Zoom Excellent presentation and written communications skills and a team-focused attitude Must be organized, detail-oriented, and possess the ability to multi-task in a dynamic, fast-changing, entrepreneurial environment

ou are an experienced and dynamic information security risk management leader able to support and manage the day-to-day operations of Cvent's regional Security Risk and Compliance team based in Gurgaon, India. In this role, you will be responsible for leading people and processes focused on internal technology and third-party security risk management as well as leading audit and compliance activities with numerous security standards and frameworks. In This Role, You Will: Team Leadership and Management Lead the regional Security Risk & Compliance team with an emphasis on developing sustainable, scalable programs and processes, efficiently and effectively allocating resources and responsibilities, coaching and developing staff, and driving results through overall performance management In consultation and partnership with global Information Security leadership, plan, design, and execute regional programs, projects, and processes related to the Security Risk & Compliance function, ensuring alignment and effectiveness with local and global business, technology, and security goals Serve as primary regional leadership representative for the Security Risk & Compliance function, engaging regularly with regional leadership stakeholders to align business and technology practices with company security strategy, policies and standards Actively promote and drive secure and compliant technology risk management practices and support achievement of strategic security objectives and key results Foster a high-performing team culture of ownership, collaboration, and continuous learning and improvement Security Risk Management & Compliance Collaborate with global Information Security leadership and functional peers to develop, maintain, communicate, and implement information security policies, standards, and procedures Lead and manage regional security risk assessments of internal technology projects as well as third-party solutions and vendors; collaborate with regional leadership and relevant stakeholders to prioritize, plan, resource, and implement risk treatment plans Lead regional certification audit activities scoped to a variety of security standards and regulatory frameworks relevant to Cvent's global SaaS operations, including but not limited to ISO 27001, ISO 27701, SOC 2, and PCI-DSS Support global information security metrics reporting and governance processes, including developing processes, tools, and reports that transform data into insights and information to drive achievement of security risk management objectives and key results Innovation and Continuous Improvement: Stay abreast of emerging security risks, compliance frameworks and regulatory requirements threats, technologies, compliance frameworks, and best practices, particularly those relevant to the global SaaS industry Foster and promote development of innovative security processes and solutions to enhance Cvent's security and compliance posture Continuously assess and improve the effectiveness of the Cvent India R&C Security team as well as the respective security programs, initiatives, and day-to-day activities Here's What You Need: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field; Master's degree preferred Relevant industry certifications, such as CISSP, CISA, CISM, or CRISC Experience: 10+ years of experience in information security, with at least 6 years in an information security leadership role Demonstrable experience with various information security domains including, but not limited to, information security auditing and compliance, information security risk management, third-party technology risk management, technology vulnerability management, and cloud security Proven track record of implementing security risk management standards, frameworks, and methodologies, including regulatory security requirements related to global data privacy and protection laws relevant to cloud service providers Strong technical knowledge of cybersecurity and technology risk management principles, best practices, and solutions Soft Skills: Exceptional leadership and management abilities; proven ability to effectively allocate and delegate responsibility for, oversee, and drive successful execution of programs, projects, and tasks Strong, persuasive communications skills; ability to coach and develop staff, influence stakeholders, and drive positive change across an organization at all levels Excellent stakeholder management and negotiation skills; ability to effectively articulate complex cybersecurity risk management and compliance concepts to both technical and non-technical audiences to build consensus and achieve cross-functional alignment on security risk management and compliance as well as security assurance priorities Strong business acumen with the ability to align security initiatives with business objectives Ability to navigate and adapt to ambiguity as well as be personally resilient in a fast-paced, dynamic, multi-national company

Responsibilities: * Design, implement, and maintain secure solutions on AWS cloud platform using IAM and security architecture principles.

Job Description: Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Knowledge of security measures and auditing practices within various operating systems, databases and applications. Experience in assessing risks across a variety of business processes. Experience of working on Financial Services sector clients. Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients. Hands on experience of working on IT General Controls, IT Application controls testing, IT Internal Audits, IT Risk Assessments, Third Party Risk Management. Knowledge of regulations impacting the privacy, integrity and availability of customer PII. Exposure of having led IT Audit engagements Exposure of working on Identity Access Management aspects like user management, authentication and authorization. Has team leading experience and has been a performance manager in current or last role Technical skills: Prior experience in evaluating the design and operating effectiveness of technology controls over varied IT platforms including ERP suites, Windows, Unix/Linux, iSeries, Oracle database, DB2 and SQL.

The Role: Assistant Manager, Vendor Risk Continuous Monitoring Program We are looking for a proactive and experienced Lead who would lead Vendor Risk Continuous Monitoring & Affiliate program w ithin Vendor Risk Management (VRM) program. This role will be responsible for overseeing and managing the vendor risk monitoring program and the Team , managing affiliate risk assessments , and driving key governance initiatives such as Open Issue Governance , Risk Acceptance , and Adverse Event Management . The ideal candidate will have extensive experience in third-party risk management, strong leadership skills, and a deep understanding of industry regulations, risk frameworks, and governance processes. The Team: Vendor Risk Management is a critical function that organizations globally are increasingly focusing on. Our team ensures thorough reviews of each vendor engaged globally, supporting the business in making risk-informed and data-driven decisions. We collaborate closely with Business Units and Risk Domain Subject Matter Experts (SMEs), such as Cyber Risk, to conduct assessments and recertifications in compliance with regulatory requirements. When issues are identified, VRM team is responsible for ensuring risk mitigation and providing feedback to leadership before engaging with the vendor. Responsibilities and Impact: Working in Vendor Risk Management Team provides the opportunity to continuously improve processes in response to the evolving requirements of various regulators. This dynamic environment offers ample opportunities to expand your knowledge and expertise. In addition to conducting risk assessments, the vendor risk monitoring program , managing affiliate risk assessments , and driving key governance initiatives, you will have the chance to contribute to various projects, enabling you to showcase and further develop your skills and experience. Key responsibilities: Conduct comprehensive risk assessments of third-party vendors, ensuring alignment with organizational risk tolerance and standards. Evaluate financial, operational, cyber, compliance and privacy risks associated with each vendor relationship. Manage the continuous monitoring of vendor and affiliate risks, ensuring timely identification and assessment of any emerging risks. Oversee and manage the affiliate risk assessment program, ensuring that risks related to third-party affiliates are identified, evaluated, and mitigated. Manage open issues identified during Vendor and Affiliate assessments. Ensure that open issues are tracked, managed, and resolved within agreed timelines, and provide regular updates to leadership on the status of these issues. Manage the process for evaluating and documenting risk acceptance for vendors. Ensure that all risk acceptance decisions are properly documented, justified, and aligned with the organizations risk appetite and governance policies. Manage the identification, reporting, and resolution of adverse events related to vendor. Work with relevant teams to assess the impact of adverse events, ensure timely remediation, and minimize any negative consequences to the organization. Prepare and present detailed reports and dashboards on vendor and affiliate risk monitoring, open issue management, risk acceptance, and adverse events to senior leadership Work with vendors and internal teams to develop risk mitigation plans and track remediation efforts for any identified issues or non-compliance. Collaborate with Cyber Risk/Information Security, Business Continuity, Procurement, Compliance and other Domain SMEs to ensure correct risk level is documented in the Vendor Risk Assessment results and track the progress. Lead and support enhancement projects within Vendor Risk Management to meet various business and regulatory requirements. Identify opportunities to streamline risk assessment processes and improve the overall effectiveness of the Vendor Risk Management program. Assist the team members in balancing the load and managing Ad-hoc projects. What Were Looking For: Basic Required Qualifications: Professional with Vendor Risk Management background, having good experience in conducting vendor risk assessments, or related fields (e.g., compliance, audit, or risk management, GRC) with at least 6-10 years of experience after Degree/Masters Should have experience in understanding and managing the risk for IT and Cloud based vendors. Strong knowledge of risk management frameworks, compliance regulations (e.g., GDPR, ISO 27001, SOC 2), and cybersecurity principles. Experience with vendor management tools, risk monitoring platforms, and relevant reporting systems. Should have understanding on the roles and responsibilities of different risk functions like Third Party Risk Management, QA Function, IT Risk, Operational Risk, Financial Risk, Internal Control, Internal audit, Privacy and Compliance etc. Should have good understanding in conducting financial, compliance, and privacy assessments. Excellent leadership, communication, and collaboration skills, with the ability to engage with stakeholders at all levels. Amenable for 2pm-11pm India Time Additional Preferred Qualifications: This position is required to work in UK Shift; flexibility is a must, especially when it comes to vendor and internal meetings held during US business hours. Strong organizational skills with the ability to multitask and prioritize while maintaining close attention to detail. Ability to work in a fast-paced, evolving environment while maintaining attention to detail. Ability to build strategic partnerships with internal stakeholders. Must be a critical thinker with strong qualitative skills. Information Security/Risk Management certification would be an advantage.

Position : Principal Architect (Only Immediate Joiner) Experience: Ten plus years experience in software development with at least the last few years in a leadership role with progressively increasing responsibilities Location : Bangalore Mode of work : Hybrid Education : BS (or higher, MS / PhD) degree in Computer Science / related field, or equivalent technical experience. Job Type : On Role (Full Time) Salary : Negotiable Job Description Purpose As a Principal Architect you will be key member of platform engineering team focused on building core applications, help the organization meet the technical challenges of building applications to support a rapidly expanding business. You will also work with a globally distributed team of engineers to design and build cutting edge solutions that directly improve the healthcare industry. Youll contribute to our fast-paced, collaborative environment and bring your expertise to continue delivering innovative technology solutions. Duties and Responsibilities 1. Function as a key member of the platform engineering team, leading platform engineering development initiatives for internally developed applications 2. Provide decisive and effective technical leadership for all development efforts 3. Manage, mentor, and advise the platform engineering team. 4. Lead and contribute to the creation of a self-service platforms for software development, infrastructure, and data analytics. 5. Collaborate with engineers, product, and business leaders to ensure platforms are integrated with other systems and technologies. 6. Minimize schedule and technical risk by foreseeing and addressing obstacles proactively and aggressively 7. Participate in development process by identifying potential weak points. Lead solutions development using technical judgment, input from experts and the involvement of other systems development partners as appropriate 8. In cooperation with product management, prioritize and manage all engineering efforts related to Applications products 9. Clearly and consistently communicate product vision to the team. Guide the team to achieve this vision Qualifications To perform this job successfully, an individual must be able to perform each duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities perform the duties. Education (Degrees, Certificates, Licenses, Etc.) BS (or higher, MS / PhD) degree in Computer Science / related field, or equivalent technical experience. Experience 1. Ten plus years experience in software development with at least the last few years in a leadership role with progressively increasing responsibilities 2. Extensive experience in the following areas a. C#, .Net b. Designing and building cloud-native solutions (Azure, AWS, Google Cloud Platform) c. Infrastructure as Code tools (Terraform, Pulumi, cloud-specific IaC tools) d. Configuration management tools (Ansible, Chef, Salt Stack) e. Containerization and orchestration technologies (Docker, Kubernetes) f. Native and third-party Databricks integrations (Delta Live Tables, Auto Loader, Databricks Workflows / Apache Airflow, Unity Catalog) 3. Extensive experience in Azure 4. Experience designing and implementing data security and governance platform adhering to compliance standards (HIPPA, SOC 2) preferred Specific Job Knowledge, Skill and Ability 1. Demonstrated success in effectively communicating at all levels of an organization 2. Deep understanding and knowledge on developing products using Microsoft Technologies 3. Ability to lead through influence rather than direct authority 4. Demonstrated successful time management and organization skills 5. Ability to manage and work with a culturally diverse population 6. Ability to work well and productively, always projecting a positive outlook in a fast-paced, deadline-driven environment 7. Ability to anticipate roadblocks, diagnose problems and generate effective solutions 8. Knows how to organize a software development team to maximize quality and output 9. Will promote and encourage opportunities for personal and professional growth in employees 10. Understands how to use metrics to drive process improvements. Interested candidates kindly share your CV and below details to usha.sundar@adecco.com 1) Present CTC (Fixed + VP) - 2) Expected CTC - 3) No. of years experience - 4) Notice Period - 5) Offer-in hand - 6) Reason of Change - 7) Present Location -

Position : Staff Data Engineer (Only Immediate Joiner) Experience: 8+ years data engineering experience Location : Bangalore Mode of work : Hybrid Education : BS (or higher, MS / PhD) degree in Computer Science / related field, or equivalent technical experience. Job Type : On Role (Full Time) Salary : Negotiable Purpose As a Staff Data Engineer, you will work with a globally distributed team of engineers to design and build cutting edge solutions that directly improve the healthcare industry. Youll contribute to our fast-paced, collaborative environment and bring your expertise to continue delivering innovative technology solutions, while mentoring others. Duties and Responsibilities 1. Lead and contribute to the creation of a self-service data platform for reporting and analytics 2. Design and build data solutions using Databricks, SQL, Python, Spark, and Delta Lake in the Azure ecosystem (Blob Storage, Data Factory, Event Hubs) 3. Ensure best practices for ETL / ELT processes (data quality management, data processing, data partitioning, maintainability and reusability) 4. Collaborate with engineers, product, and business leaders to ensure data platform is integrated with other systems and technologies (Tableau, Power BI, APIs, custom applications) 5. Establish CI/CD processes, test frameworks, infrastructure-as-code tools, and monitoring/alerting (Git, Terraform, Azure DevOps / GitHub Actions / Jenkins, Azure Monitor / Datadog) 6. Adhere to the Code of Conduct and be familiar with all compliance policies and procedures stored in LogixGarden relevant to this position Qualifications To perform this job successfully, an individual must be able to perform each duty satisfactorily. The requirements listed below are representative of the knowledge, skills, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities perform the duties. Experience 1. Experience with native and third-party Databricks integrations (Delta Live Tables, Auto Loader, Databricks Workflows / Apache Airflow, Unity Catalog) 2. 8+ years data engineering experience 3. 3+ years in a senior, staff or principal engineer role 4. Experience designing scalable data pipelines 5. Experience leading projects within a team and across teams 6. Azure experience preferred 7. Azure Databricks implementation experience preferred 8. Experience designing and implementing data security and governance platform adhering to compliance standards (HIPPA, SOC 2) preferred Specific Job Knowledge, Skill and Ability 1. Strong programming skills in pySpark/Scala 2. Strong Dataframe programming skills, such as Spark, Pandas, NumPy 3. Passion for mentoring and guiding others 4. Strong written and verbal communication skills 5. Expert knowledge in architecting, designing and implementing data solutions to serve the needs of our business processes and software products 6. Ability to keep security, maintainability, and scalability in mind with the solutions built 7. Possess excellent interpersonal communication skills and an aptitude for continued learning Interested candidates kindly share your CV and below details to usha.sundar@adecco.com 1) Present CTC (Fixed + VP) - 2) Expected CTC - 3) No. of years experience - 4) Notice Period - 5) Offer-in hand - 6) Reason of Change - 7) Present Location -

Job Overview: We are seeking an experienced Project Manager to oversee the seamless coordination of project tasks and deliverables between onshore and offshore teams, ensuring efficient and timely execution. The ideal candidate will have strong technical expertise, specifically in the cybersecurity domain , and will be capable of effectively communicating with both senior leadership and technical teams. You will be responsible for managing resources, mitigating risks, and ensuring smooth transitions throughout the project lifecycle. Key Responsibilities: Project Coordination: Oversee the handoff of project initiatives between onshore and offshore teams to ensure smooth transitions and consistent execution of project tasks and deliverables. Resource Management: Allocate and manage technical resources effectively, ensuring the right people are in the right roles to meet project milestones and delivery expectations. Stakeholder Communication: Serve as the primary point of contact for technical team leads and senior leadership. Provide regular updates on project status, risks, challenges, and mitigation strategies. Technical Acumen (Cybersecurity): Maintain a strong technical understanding of ongoing initiatives, enabling you to engage in meaningful discussions with customers and stakeholders about the projects technical details and deliverables. Risk Management: Proactively identify risks and issues within the project, working closely with teams to develop and implement contingency plans to address them before they affect the project timeline. Performance Monitoring: Regularly monitor and evaluate the performance of both onshore and offshore teams, offering constructive feedback, coaching, and support to ensure optimal team productivity and quality. Documentation: Maintain comprehensive project documentation, including status reports, resource allocation plans, risk assessments, and project timelines to ensure transparency and alignment with project goals. Required Skills & Qualifications: Experience: 5+ years of experience in cybersecurity with a proven understanding of security initiatives, challenges, and best practices. Experience managing technical resources in both onshore and offshore teams. Proven ability to manage and coordinate projects in a distributed environment with a focus on delivering results on time. Educational Background: Bachelors degree in Computer Science , Information Technology , or a related field, OR equivalent combination of education, training, and work experience. Technical Expertise: Strong cybersecurity knowledge , with experience in the implementation and management of security measures across a variety of platforms. Familiarity with project management methodologies , particularly in a distributed team setting. Proficiency with Microsoft Azure DevOps (ADO) and other project management tools for resource allocation, tracking, and project monitoring. Communication Skills: Exceptional communication skills , with the ability to effectively interact with senior leadership, technical teams, and stakeholders. Strong interpersonal skills and the ability to work well with diverse teams across geographies and time zones. Project Management: Strong organizational skills and demonstrated ability to manage multiple projects simultaneously while balancing competing priorities. Experience in managing projects through all phases, from initiation to delivery, with a clear focus on timeliness, quality, and risk mitigation . Problem-Solving & Attention to Detail: Excellent problem-solving capabilities with a detail-oriented approach to managing complex projects and tasks. Ability to quickly assess issues and provide practical solutions to keep projects on track. Adaptability: Ability to thrive in a fast-paced, dynamic environment , managing shifting priorities and challenges effectively. Cybersecurity Certifications: Certifications such as CISSP , CISM , CompTIA Security+ , or equivalent are a plus.

Summary As a Cloud Security Engineer at Gainwell, you can contribute your skills as we harness the power of technology to help our clients improve the health and well-being of the members they serve a communitys most vulnerable. Connect your passion with purpose, teaming with people who thrive on finding innovative solutions to some of healthcares biggest challenges. Here are the details on this position. Your role in our mission Knowledge and experience with deploying and managing cloud solutions in AWS/Azure. Strong understanding of cloud security principles, best practices, and compliance requirements (e.g., GDPR, HIPAA, SOC 2, etc.). Design, implement, and maintain security controls and configurations for cloud-based infrastructure. Configure AWS CloudTrail to enable logging and monitoring of API activity in AWS, providing visibility into user and resource activity and aiding in incident response and forensic investigations. Manage AWS Identity and Access Management (IAM) policies to enforce least privilege access, regularly review and audit permissions, and ensure adherence to security best practices an Proficient in designing and supporting cloud environments, including IaaS and PaaS. Troubleshooting and supporting cloud infrastructure in AWS/Azure. Proficiency in scripting and automation tools (e.g., Python, PowerShell, Terraform, etc.). Coordinate with Infrastructure partners on test data backup and recovery tools. Design, implement, and maintain security controls and configurations for cloud-based infrastructure. Basic Qualification 6 or more years of technical experience in product design and support working with client enterprise products, services and requirements, with health and human services experience preferred Knowledge of technology architecture, the product development life cycle, cloud technologies, software as a service, and product and platform configurations Strong skills using and manipulating relational databases, event subscription-based communication and software development skills between modules Willingness to lead and take ownership over assigned work and to mentor more junior colleagues in-role Ability to anticipate problems, resolve ambiguous issues and take decisive action What you should expect in this role Opportunities to travel through your work (0-10%) Other Qualifications Knowledge and experience with deploying and managing cloud solutions in AWS/Azure. Strong understanding of cloud security principles, best practices, and compliance requirements (e.g., GDPR, HIPAA, SOC 2, etc.). Proficient in designing and supporting cloud environments, including IaaS and PaaS.Implement patching automation solutions to ensure timely and consistent patching of cloud resources, minimizing the risk of exploitation due to unpatched vulnerabilities. Configure and manage AWS Security Hub to centrally manage security and compliance checks across AWS accounts, automate security findings, and prioritize remediation actions. Utilize AWS Macie to automatically discover, classify, and protect sensitive data stored in AWS, ensuring compliance with regulatory requirements and minimizing the risk of data breaches. Configure AWS CloudTrail to enable logging and monitoring of API activity in AWS, providing visibility into user and resource activity and aiding in incident response and forensic investigations. Manage AWS Identity and Access Management (IAM) policies to enforce least privilege access, regularly review and audit permissions, and ensure adherence to security best practices and compliance requirements.