93 Soc2 Jobs - Page 3

As a Sr. Software Reliability Engineer at Autodesk, you will have the exciting opportunity to join our platform team in Pune, India, focusing on our Cloud services. You will be a key contributor to Autodesk Platform Services (APS), a cloud service platform that facilitates custom and pre-built applications, integrations, and innovative solutions. APS offers APIs and web services to leverage our customers" Design and Make data, connecting custom workflows and end-to-end solutions. This role allows you to work directly on the APIs and services that impact millions of Autodesk product users. Reporting to the Sr. Manager of Engineering, you will play a significant role in ensuring the smooth operation of Autodesk Platform APIs, which serve as the foundation for next-generation design apps. In this hybrid position, you will be part of an Agile product team dedicated to developing top-tier cloud software applications and services. Collaboration will be a key aspect of your role as you work with local and remote colleagues from diverse backgrounds such as business, engineering, operations, and support. Within this dynamic environment, you will have the opportunity to work alongside highly motivated and skilled software engineers. As a member of the team, you will engage in continuous learning, teaching, and problem-solving to deliver innovative solutions to complex engineering challenges. Your responsibilities will include making critical decisions, addressing challenging issues, and enhancing the platform's reliability, resiliency, and scalability. Your role will involve configuring and enhancing cloud infrastructure to ensure service availability, resiliency, performance, and cost efficiency as load times increase over time. You will also be responsible for maintaining system updates for security compliance, driving service level objectives (SLOs), participating in technical discussions and decision-making, building tools for operational efficiency, troubleshooting technical issues, and contributing to on-call rotations for timely service recovery. To qualify for this position, you should hold a Bachelor's Degree in a related field such as Computer Science, possess at least 6 years of software engineering experience with a minimum of 3 years as a Site Reliability Engineer, demonstrate familiarity with Elasticsearch/OpenSearch, AWS deployment, Continuous Delivery methodologies, resiliency patterns, and cloud security. Proficiency in using observability tools like Grafana, Open Telemetry, or Prometheus, and experience with security compliance standards such as SOC2 are also required. The ideal candidate for this role is a team player with a strong focus on delivering comprehensive solutions. You should have a passion for continual learning, be adept at presenting software demos, and be capable of addressing questions regarding project progress effectively. Join us at Autodesk, where we empower innovators to turn their ideas into reality, shaping a better world for all. Our inclusive culture guides our interactions with each other, our customers, and partners, defining our positive impact on the world. If you are ready to embrace new challenges and contribute to meaningful work, we invite you to be an integral part of our team. Autodesk offers a competitive compensation package, including base salaries, annual cash bonuses, commissions for sales roles, stock grants, and comprehensive benefits. We are committed to fostering a culture of diversity and belonging, ensuring that everyone has the opportunity to thrive and succeed.,

Must have Skills - 7+ years software development experience with emphasis on architecture 2+ years as Product Manager or Product Owner SaaS company experience Customer engagement experience (internal & external) SDLC familiarity Encryption and data protection experience Web product security expertise Ability to manage security-related features Strong stakeholder communication skills Experience with security frameworks (OWASP, NIST) Cross-functional team leadership API security knowledge . Good to Have Skills Knowledge of compliance standards (SOC2, ISO 27001, GDPR) Experience with threat modeling Background in cybersecurity or InfoSec Cloud security experience (AWS, Azure, GCP) Agile/Scrum methodologies Technical writing skills Security certifications (CISSP, CISM, etc.) Shifts in which the candidate will work - Primary: India time zone Secondary: Must be flexible to align with Israel time zone as needed Note : Role requires coordination between India and Israel time zones for stakeholder alignment and collaboration . Years of Experience - 9+ years total (7+ years development/architecture + 2+ years Product Management) .

Job Description Job title: Senior Software Technologist - Security u00A0 Your role: u2022 Utilizes specialized knowledge to manage and address a diverse range of security issues and projects within the team, applying in-depth expertise to identify, analyze, and resolve complex security challenges, ensuring effective solutions and enhanced protection for the organization. u2022 Works under limited supervision and broad guidelines, using independent judgment to make decisions on significant compliance matters and navigate complex situations effectively. u2022 Examines potential security breaches by assessing the nature and scope of the threat, coordinate an effective response to mitigate immediate impacts, and recommend comprehensive corrective actions to address identified vulnerabilities. u2022 Identifies key performance indicators (KPIs) for information security, providing detailed reports and analysis to assess the effectiveness of security measures, and ensure alignment with organizational security objectives. u2022 Tracks service levels related to information security, providing detailed analyses and reports on security service performance, incidents, and issues to ensure optimal security operations and compliance with established standards. u2022 Monitors the health and performance of security services, investigating incidents and driving their resolution, coordinating with vendors and other stakeholders to ensure effective service execution and mitigate security issues. u2022 Assists in the evaluation of both new and existing applications by participating in security reviews, ensuring that they meet established security standards and identifying potential vulnerabilities that need to be addressed. u2022 Reviews security policies, procedures, and related documentation to ensure effectiveness, incorporate best practices, address emerging threats, and align with organizational needs and compliance requirements, maintaining a robust and adaptive security framework. u2022 Develops effective relationships with internal teams and external partners to collaboratively resolve security-related issues, refine procedures, and enhance security outcomes in alignment with organizational goals. You're the right fit if: Bachelor's / Master's Degree in Computer Science, Information Technology, Cybersecurity or equivalent. Minimum 8-10 years of experience in areas such as Security Architecture, Network Security, Cybersecurity Technology, Information Security or equivalent Experience in cloud and/or application security Possess strong knowledge of cloud architectures and security best practices Hands-on experience with Infrastructure as Code tools, particularly Terraform Show proficiency in secure coding practices and OWASP Top 10 Have at least one hands on experience participating in security compliance (industry regulation, ISO27001, SOC2) R elevant cloud security certifications (e.g., CCSP, AWS Security) E xperience with healthcare industry security requirements Expertise in cloud-native security tools Strong open source culture, and u201Cautomation firstu201D mindset. Autonomous, rigorous, team-oriented, and driven by meaningful projects. How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the companyu2019s facilities. Field roles are most effectively done outside of the companyu2019s main facilities, generally at the customersu2019 or suppliersu2019 locations. Indicate if this role is an office/field/onsite role. About Philips We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others. u2022 Learn more about . u2022 Discover . u2022 Learn more about . If youu2019re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care .

Experience Implementation of ISO 27001, GRC ITGC & IT Regulatory compliance Knowledge in ISMS, ITGC Knowledge about regulators RBI, IRDA, SEBI Fresher 2023 /2024 in B. Tech or Cybersecurity

Innovation is and will always be the core of SAP Fioneer, and it is the promise of why we were spun out of SAP: agility, innovation, and delivery. SAP Fioneer builds on a heritage of outstanding technology and a deep understanding of corporate and consumer demands. At the heart of it all it is simple: We bring financial services to the next level with innovative software solutions and platforms. We are helping companies in the financial services industry to achieve speed, scalability, and cost-efficiency through digital business innovation, cloud technology, and solutions that cover banking and insurance processes end-to-end. A global company, with rapid growth, innovative people, and a lean organization makes SAP Fioneer a place where you accelerate your future! About role: We are committed to safeguarding our digital assets and ensuring the highest level of security for our clients. As we continue to grow, we are seeking an experienced Senior Cyber Security Engineer to join our dynamic team. The ideal candidate will bring extensive expertise in managing and securing complex environments, with a focus on O365 Security Tools, zScaler, MS Sentinel, SIEM, and Azure Security. This role requires a comprehensive skill set in incident response, vulnerability management, data protection, and cloud security, enabling us to securely empower our development and product teams. The successful candidate will have a proven track record in implementing and overseeing security solutions that protect organizational assets and improve security posture. Responsibilities: Security Infrastructure: - Design, implement, and manage security solutions leveraging O365 Security Tools, zScaler, MS Sentinel, and SIEM in support of the Security Architecture of Fioneer. - Develop and maintain comprehensive security strategies for cloud and on-premises environments. Data Protection and Leakage Prevention: - Establish the DLP and DRM program at Fioneer beyond just the deployment of the technology, but also drive data protection processes into the business and the organization. - Implement and manage data protection and leakage prevention controls. - Develop and enforce policies to safeguard sensitive information and prevent data breaches. Insider Risk Management: - Implement and manage insider risk management programs. - Monitor and analyze user activities to identify and mitigate insider threats. Security Frameworks: - Ensure compliance with security frameworks such as SOC2 and ISO27001. - Contribute to the continuous improvement of security policies and procedures. Azure Security: - Provide expertise in Azure Security, including Infrastructure as Code (IaC), Privileged Identity Management (PIM), Identity and Access Management (IAM), and Kubernetes security. - Collaborate with cloud teams to ensure secure cloud environments. Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - Proven experience as a Cyber Security Engineer with expertise in O365 Security Tools, zScaler, MS Sentinel, SIEM, incident response, vulnerability management, and data protection. - Proven experience in creating business user focused communication guides to implement Data Protection Technologies. - In-depth knowledge of security frameworks, particularly SOC2 and ISO27001. - Extensive experience in Azure Security, including Infrastructure as Code, PIM, IAM, and Kubernetes security. - Certifications such as CISSP, CISM, or relevant Azure certifications are highly desirable. Requirements: - Minimum of 5 years of experience in security engineering or operations in an enterprise environment. - First-hand experience with programming languages required, development experience in any cloud environment is a plus. - Excellent communication and people-focused skills. - Eager to learn and improve your cloud application security skills. - Ideally, initial professional experience of DevSecOps in the cloud, secure cloud configuration, secure cloud operations, vulnerability management. - Fluent in English and open to other cultures and ideas. - A sense of humor. Benefits: You will have the opportunity to collaborate with some of the brightest minds in the industry on an incredibly ambitious project to shape the ever-evolving financial sector. This is an environment where you can have it all - the agility, enthusiasm and dynamism of a start-up, combined with the established expertise, solid market presence, and extensive customer network of a more established organization. At SAP Fioneer, you will benefit from a flexible work environment that encourages creativity and encourages you to think outside the box, bring new ideas to the table, and challenge the status quo. You will become part of a diverse and global team that we are proud of and are constantly growing and reinventing. As an employee, you will have the chance to chart your own career path and take advantage of competitive compensation packages and progression opportunities based on merit. We offer a comprehensive benefits package that includes occupational pension provisions, support for health and wellbeing, various mobility options like bike leasing and transportation allowances, as well as additional perks such as celebration rewards, meal programs, jubilee recognition, and relocation reimbursement.,

As a Senior Security Risk Analyst at Snowflake, you will play a crucial role in managing and enhancing the existing program for assessing the risk associated with third-party tools and services utilized by Snowflake. Your responsibilities will include overseeing the intake process, collaborating with stakeholders to gather necessary information, comprehensively understanding the use case for each tool or service, and reviewing documentation to ensure compliance with security controls. Your role will involve identifying and mitigating third-party security risks to safeguard Snowflake's assets. Key Responsibilities: - Conduct ongoing security risk assessments for third-party vendors to identify and evaluate potential risks, providing detailed evaluations and actionable recommendations based on security best practices. - Support and monitor remediation efforts for identified gaps, conducting audits to validate closure. - Review evidence provided by vendors to align their security controls with Snowflake's data protection requirements. - Assess and manage security findings from various vendor security monitoring systems. - Develop and enhance security documentation and collaborate cross-functionally to achieve team objectives. - Adopt a risk-based approach to review and negotiate security agreements, measure program effectiveness, and ensure SLAs are met. - Establish viewpoints, negotiate effectively with stakeholders, and drive desired outcomes. Qualifications of an Ideal Senior Security Risk Analyst: - 6+ years of experience in security compliance, with at least 3 years focusing on third-party security risk. - Strong motivation to excel in fast-paced environments. - Proficiency in various security best practices and technologies, including risk management, data protection, encryption, access management, and security governance. - Ability to work across different time zones and exceptional communication skills for presenting technical documents and reports. - Deep understanding of industry regulations and standards such as PCI-DSS, HIPAA, SOC, GDPR, and ISO. - Exceptional organizational skills, analytical ability, and deadline management. - Technical competence to explain complex security concepts to stakeholders with varying cybersecurity expertise. - Self-motivated problem solver with the capacity to work both independently and collaboratively. - Strategic thinking, attention to detail, and a strong commitment to accuracy and accountability. - Proficiency in leading meetings with internal and external stakeholders to achieve desired outcomes. - High ethical standards demonstrated through successful background checks and references. Preferred Experience: - Familiarity with JIRA, Confluence, and ServiceNow. - Experience in reviewing and negotiating security agreements. - Security certifications such as CISSP, CCSP, or CISA. - Cloud platform experience with AWS, Azure, Google Cloud, or similar providers. Snowflake is an innovative and fast-growing company, and we are seeking individuals who align with our values, challenge conventions, and drive innovation while contributing to their own and Snowflake's future success. To explore opportunities for impact and growth, please refer to the job posting on the Snowflake Careers Site for details on salary and benefits in the United States: careers.snowflake.com.,

Role Overview We are seeking a highly experienced CloudOps & InfoSecurity Lead/Manager to take ownership of our cloud infrastructure, security posture, and compliance initiatives. This role will be responsible for overseeing mission-critical CloudOps functions on AWS, leading InfoSec initiatives including VAPT, DR drills, and ISO27001/SOC 2 compliance, and ensuring smooth and secure technology operations across the organization. The role also involves liaising with Vendors to manage on prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc, This is a hands-on leadership role that requires deep expertise in AWS infrastructure, DevOps pipelines, security frameworks, and experience collaborating with engineering, operations, and compliance teams. Key Responsibilities Cloud Operations (AWS) Manage and maintain core AWS services including: EKS (Kubernetes), EC2, RDS, S3, CloudWatch, Glue, Kinesis Own and optimize DevOps pipelines built on GitLab CI/CD. Implement cost-optimized, secure, and highly available cloud architectures. Ensure system monitoring, alerting, scaling, and backup strategies are effective and well-documented. Manage Disaster Recovery (DR) environments and conduct periodic DR drills. Information Security & Compliance Lead Vulnerability Assessment & Penetration Testing (VAPT) cycles and remediation efforts. Drive and maintain ISO27001 and SOC2 compliance: Work with external auditors and internal teams to ensure readiness. Own documentation, policy updates, and evidence collection. Implement and monitor security controls, incident management protocols, and regular access audits. Prepare and share weekly/monthly infosec and infra reports with leadership. Platform & SaaS Administration Oversee GCP Workspace (formerly G Suite) including Gmail, Drive, user provisioning, storage planning, and backup policies. Ensure data retention and security across productivity tools. Team & Vendor Collaboration Work with external vendors (e.g., for security testing, DR hosting, cloud services), Infra services Collaborate with engineering and QA teams for security reviews and infrastructure needs. Support procurement and vendor evaluation for infra and security tooling. Manage Vendors who manage on-prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc and governance aspects related to regular reporting, auditing etc of IT infrastructure. Required Skills & Experience 8-10 years of experience in cloud infrastructure and information security domains. Proven expertise in AWS services like EKS, EC2, S3, CloudWatch, RDS, Kinesis, Glue, etc. Hands-on experience with DevOps pipelines (GitLab preferred). Strong understanding of infosec frameworks , compliance processes, and experience managing ISO27001 / SOC2 audits. Experience conducting and managing VAPT assessments and DR drills . Familiarity with Google Workspace (GCP) administration for email, storage, and access management. Strong communication and reporting skills with experience preparing stakeholder-ready documents. Experience managing or working with cross-functional teams and external vendors. Good to Have Certifications such as AWS Certified Solutions Architect , CISSP , CISM , or ISO27001 Lead Auditor . Exposure to container security , SAST/DAST tools , IAM best practices , and cloud cost optimization . Experience in a regulated domain such as Fintech/NBFC is a plus.

As a Senior Security Risk Analyst at Snowflake, you will be an integral part of the Global Security Compliance & Risk team. Your primary responsibility will be managing and enhancing the existing program that evaluates the risk associated with third-party tools and services used by Snowflake. This includes overseeing the intake process, collaborating with stakeholders to gather necessary information, analyzing the use case for each tool/service, and reviewing documentation to ensure compliance with security controls. Your role will be crucial in identifying and mitigating third-party security risks to safeguard Snowflake's assets. In this role, you will independently conduct ongoing security risk assessments for third-party vendors, providing in-depth evaluations and actionable recommendations aligned with security and compliance best practices. You will also be involved in monitoring and supporting remediation efforts for identified security gaps, ensuring closure through thorough audits. Additionally, you will assess security findings from various monitoring systems, compare vendor security controls with Snowflake data protection requirements, and enhance security documentation. Ideal candidates for this position will have at least 6 years of experience in security compliance roles, including a minimum of 3 years focusing on third-party security risks. You should possess a strong understanding of security best practices across various domains such as application security, risk management, encryption, identity and access management, and network security. Proficiency in industry regulations and standards like PCI-DSS, HIPAA, GDPR, as well as experience with frameworks like SOC1, SOC2, and ISO, will be advantageous. Moreover, you should demonstrate exceptional communication skills, both written and verbal, and the ability to work effectively across different time zones. Your role will involve collaborating with cross-functional teams to achieve security objectives, negotiating security agreements, and measuring program effectiveness against SLAs. Strong organizational skills, technical competence, and the ability to lead meetings with stakeholders from diverse backgrounds are essential for success in this role. Bonus points will be awarded for experience with tools like JIRA, Confluence, and ServiceNow, as well as security certifications such as CISSP, CCSP, or CISA. Previous exposure to major cloud providers like AWS, Azure, or Google Cloud will also be advantageous. If you are a motivated individual who thrives in a fast-paced environment, possesses a strong ethical foundation, and is committed to enhancing security practices, Snowflake offers an exciting opportunity to contribute to our growth and innovation. Join us in building a secure future for Snowflake while challenging conventional thinking and driving impactful change.,

A Senior Compliance Executive in a technology department plays a crucial role in ensuring that the organization adheres to various legal, regulatory, and industry-specific standards related to Information Technology and data management such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001. 1. Regulatory Compliance Monitoring: o Ensure the technology department complies with relevant laws and regulations, such as GDPR, ISO 27001, ISO 27701, SoC2 Type 2, ISO 9001 and other data protection or cybersecurity laws. o Stay updated on new or changing regulations that impact the tech landscape. 2. Policy Development & Enforcement: o Develop and implement internal policies and procedures to ensure compliance with external regulations and internal standards. o Regularly review and update policies to ensure they remain aligned with changing regulations and industry best practices. 3. Risk Management: o Assess risks related to technology operations, particularly data privacy and cybersecurity risks. o Ensure that the tech department implements appropriate security measures to mitigate potential threats and risks. o Conduct regular audits and reviews of IT systems to ensure they meet compliance standards. 4. Training & Awareness: o Educate and train technology teams and other employees on compliance-related matters, such as data security, privacy policies, and risk mitigation strategies. o Promote awareness of compliance issues, helping staff understand their responsibilities in maintaining compliance. 5. Audit & Reporting: o Prepare reports for management, regulators, or auditors, demonstrating compliance with relevant regulations and policies. o Coordinate internal and external audits related to technology compliance. o Implement corrective actions where necessary to address non-compliance findings. 6. Data Privacy Management: o Oversee data protection strategies and ensure proper handling of sensitive information, including encryption, access control, and data retention policies. o Manage consent collection and user privacy preferences in accordance with privacy regulations. 7. Incident Management: o Oversee the handling of data breaches or other incidents that might affect compliance, ensuring timely reporting and response in accordance with regulatory requirements. o Coordinate with relevant authorities if there is a need to disclose any breaches or security incidents.

We are seeking a forward-thinking AI Architect to design, lead, and scale enterprise-grade AI systems and solutions across domains. This role demands deep expertise in machine learning, generative AI, data engineering, cloud-native architecture, and orchestration frameworks. You will collaborate with cross-functional teams to translate business requirements into intelligent, production-ready AI solutions. Key Responsibilities: Architecture & Strategy Design end-to-end AI architectures that include data pipelines, model development, MLOps, and inference serving. Create scalable, reusable, and modular AI components for different use cases (vision, NLP, time series, etc.). Drive architecture decisions across AI solutions, including multi-modal models, LLMs, and agentic workflows. Ensure interoperability of AI systems across cloud (AWS/GCP/Azure), edge, and hybrid environments. Technical Leadership Guide teams in selecting appropriate models (traditional ML, deep learning, transformers, etc.) and technologies. Lead architectural reviews and ensure compliance with security, performance, and governance policies. Mentor engineering and data science teams in best practices for AI/ML, GenAI, and MLOps. Model Lifecycle & Engineering Oversee implementation of model lifecycle using CI/CD for ML (MLOps) and/or LLMOps workflows. Define architecture for Retrieval Augmented Generation (RAG), vector databases, embeddings, prompt engineering, etc. Design pipelines for fine-tuning, evaluation, monitoring, and retraining of models. Data & Infrastructure Collaborate with data engineers to ensure data quality, feature pipelines, and scalable data stores. Architect systems for synthetic data generation, augmentation, and real-time streaming inputs. Define solutions leveraging data lakes, data warehouses, and graph databases. Client Engagement / Product Integration Interface with business/product stakeholders to align AI strategy with KPIs. Collaborate with DevOps teams to integrate models into products via APIs/microservices. Required Skills & Experience: Core Skills Strong foundation in AI/ML/DL (Scikit-learn, TensorFlow, PyTorch, Transformers, Langchain, etc.) Advanced knowledge of Generative AI (LLMs, diffusion models, multimodal models, etc.) Proficiency in cloud-native architectures (AWS/GCP/Azure) and containerization (Docker, Kubernetes) Experience with orchestration frameworks (Airflow, Ray, LangGraph, or similar) Familiarity with vector databases (Weaviate, Pinecone, FAISS), LLMOps platforms, and RAG design Architecture & Programming Solid experience in architectural patterns (microservices, event-driven, serverless) Proficient in Python and optionally Java/Go Knowledge of APIs (REST, GraphQL), streaming (Kafka), and observability tooling (Prometheus, ELK, Grafana) Tools & Platforms ML lifecycle tools: MLflow, Kubeflow, Vertex AI, Sagemaker, Hugging Face, etc. Prompt orchestration tools: LangChain, CrewAI, Semantic Kernel, DSPy (nice to have) Knowledge of security, privacy, and compliance (GDPR, SOC2, HIPAA, etc.)

Role- ITGC -Senior Location - Gurgaon, Kochi, Kolkata, Noida, Bengaluru, Chennai, Pune Exp- 3-6 Years To qualify for the role, you must have Preferably B.E/B.Tech (Computers, Electronics, Data Analytics), BCA/MCA, B.Sc/M.Sc. (computers major), MBA, CA. Must Have 3-6 years of hands-on internal/external IT Audits Atleast One - IT General Controls, IT Automated Controls, and Service Organization Controls Reporting (SOCR - SSAE 16 / ISAE 3402) SOC 1, 2, & 3 Reporting Able to perform independent security configuration review of common operating systems and databases - Windows, Unix, DB2, AS400, SAP R3ECC/HANA, Mainframe, SQL, Oracle. Knowledge of documentation and data analysis tools like Word, Excel, Access, Strong English verbal and written communication skills. Nice to have CISA, CISM, CRISC, ISO27001, Data privacy certifications IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX Data analytics/automation tool SQL, Monarch, BluePrism, Alteryx, PowerBI German/Dutch/French language is an added advantage.

We are seeking an experienced Cloud Validation Testing Engineer to ensure the reliability, performance, and security of cloud-based applications and infrastructure. The ideal candidate should have strong expertise in cloud platforms (AWS, Azure, GCP), automation testing, performance validation, and security compliance. This role involves validating cloud-based solutions, conducting functional and non-functional testing, and ensuring adherence to cloud best practices. Key Responsibilities: Develop and execute Cloud Validation Test Plans to ensure the functionality, scalability, and security of cloud-based applications. Perform functional, performance, security, and compliance testing of cloud solutions. Automate cloud testing processes using tools like Selenium, JMeter, Postman, Robot Framework, and Terraform. Validate cloud infrastructure, networking, and data pipelines across AWS, Azure, or GCP. Conduct API testing for cloud services using Postman, REST Assured, or similar tools. Ensure adherence to cloud compliance standards (ISO, SOC2, HIPAA, PCI-DSS, etc.). Perform load, stress, and scalability testing using JMeter, Gatling, or K6. Implement CI/CD testing automation within DevOps pipelines using Jenkins, GitHub Actions, or Azure DevOps. Identify and troubleshoot cloud performance bottlenecks, latency issues, and service failures. Work closely with developers, cloud architects, and security teams to improve system reliability. Validate disaster recovery, backup, and failover mechanisms for cloud environments. Required Skills & Qualifications: 6+ years of experience in software testing and cloud validation. Strong expertise in AWS, Azure, or GCP cloud platforms. Hands-on experience with automation frameworks like Selenium, Robot Framework, or Cypress. Proficiency in Python, Java, or PowerShell for test automation. Experience with cloud monitoring tools (CloudWatch, Azure Monitor, Google Stackdriver). Knowledge of Kubernetes, Docker, and microservices testing. Strong understanding of API testing, performance testing, and cloud security validation. Experience working in Agile and DevOps environments.

Education: Bachelors in information systems, Accounting or a related field. Experience: 1-4 years of IT Audit experience, with a strong focus on ITGC. Proficiency inn auditing frameworks and standards, including SOX, COSO, COBIT, or ISO 27001.

We are looking for an experienced Senior Compliance Analyst with expertise in SOC 2, ISO 27001, PCI DSS, and GDPR regulations. The ideal candidate will have a deep understanding of global security and privacy standards and will play a pivotal role in assessing, implementing, and maintaining the organizations compliance posture. Key responsibilities:- Ensure compliance with all applicable regulatory requirements, including SOC2, ISO 27001, PCI DSS, GDPR rules and guidelines. Develop and implement compliance policies, procedures, and programs. Conduct regular compliance reviews and audits to identify areas of improvement. Collaborate with other departments to ensure effective implementation of compliance measures. Work with external vendors to ensure compliance adherence Maintain up-to date compliance records and provide them to Sales, Marketing, Internal and External Customers on a need-to-know basis Provide training and education on compliance matters to staff and stakeholders. Monitor market trends and regulatory developments to stay informed of potential risks or issues. Job Requirements:- Strong knowledge of audit and regulatory compliance to ensure the security, privacy, and reliability of SaaS services in a global market. Familiarity with ISO 27001, PCI DSS, GDPR rules and guidelines. Ability to work collaboratively with cross-functional teams. Strong analytical skills and attention to detail. Bachelor's degree in a related field preferred but not required. Experience in Leading Software Project Teams desired but not mandatory.

Lead governance, risk, and compliance initiatives across cyber domains. Develop risk frameworks, align with global regulations, and interface with leadership and auditors. Required Candidate profile Strategic cyber risk leader with experience in GRC, regulatory compliance, and cyber risk frameworks. Ability to drive governance programs and manage stakeholder communication

Lead GRC , risk assessment, and implementation. Strong in ISO 27001, PCI, PSS, SOC 2, IRDAI. Ensure compliance, audits, awareness. Design InfoSec strategies aligned with ISO, NIST, RBI, SEBI to enhance cybersecurity and meet regulations.

IT Audit planning & management, ISO27001 audits & implementation, corrective actions & follow-up, ITGC, Cyber Security, SOC 2. Experience in IT regulatory compliance (RBI, IRDA, SEBI), IT risk & controls review, app & infra security.

Role Summary We're seeking an experienced Cloud Security Engineer with strong expertise in Azure and GCP platforms. In this role, you'll work at the intersection of cybersecurity and cloud engineering, focusing on implementing security recommendations from Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) solutions. Key Responsibilities Analyze and prioritize security findings from CSPM and CNAPP tools across Azure, GCP and AWS environments Coordinate and execute remediation activities with cloud engineering teams to address identified vulnerabilities Lead the deployment, configuration, and maintenance of CSPM and CNAPP solutions Develop and implement security automation to streamline remediation processes Create and maintain cloud security documentation, including policies, procedures, and architectural diagrams Participate in security incident response for cloud-related events Provide cloud security expertise during new service deployments and architecture reviews Stay current with evolving cloud security best practices, threats, and compliance requirements Qualifications 4+ years of experience in cloud security across Azure and GCP platforms Demonstrable experience with CSPM and CNAPP tools and methodologies Strong understanding of cloud-native security controls, including IAM, encryption, network security, and logging/monitoring Proficiency in security automation using tools like Terraform, Azure ARM templates, or GCP Deployment Manager Experience with Kubernetes and other containerisation technologies Experience with cloud security frameworks and compliance standards (e.g., CIS, NIST, SOC2) Strong knowledge of DevSecOps principles and practices Excellent communication skills to effectively coordinate with various technical teams Preferred Skills Relevant security certifications (e.g., CCSP, Azure Security Engineer, GCP Professional Cloud Security Engineer) Experience with container security and Kubernetes environments Familiarity with cloud security APIs and CLI tools Background in security architecture or engineering Experience with cloud infrastructure as code (IaC) security scanning

JOB SUMMARY Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associates career development. Additionally, senior associates daily activities are closely supervised by the management teams of their assigned projects. Senior associates may supervise associates and/or senior associates when serving as a member of a project management team. There is no typical day for our SOC teams. While our lead focus is on SOC examinations, our clients also rely on us to perform multiple types of attestations similar to SOC across a variety of network, application, or cloud environments. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skill set while keeping up with the latest technologies. Our teams are mostly remote (yet extremely collaborative) and work together to utilize their unique backgrounds and experience to provide the high level of quality service that our clients have come to expect. In addition to the hands-on knowledge youll develop with each project, client also promotes a continuous learning environment. Team members are encouraged to attend at least one training event every year to build upon their skills and acquire new certifications. A Senior Associate will hold the following roles and responsibilities as part of their role: • Demonstrate proficiency in client's Methodology • Guide associates and peers • Obtain certifications (ISO LA, CISA, CISSP, AWS CCP, etc.) • Successfully run a project from fieldwork through completion • Understand and demonstrate ability to speak to client's service lines at a high level and their leaders • Demonstrate proficiency of SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria • Demonstrate understanding of Principal Service Commitments and System Requirements and how they impact scope of a SOC 2 • Know all four report opinion outcomes and ability to draft modified opinions • Demonstrate ability to identify if exception(s) would potentially yield a qualified opinion • Demonstrate self-organization, consistently and proactively look ahead to future projects, and prepare accordingly • Client's Methodology o Read STMV quarterly, and demonstrate ability to apply concepts (sampling methodology, TA language structure, exception wording, etc.) o Review and demonstrate ability to apply concepts of AS 2.0 Reference Guide o Review and demonstrate ability to apply concepts of EWP WP Guidance” • Obtain CCSK and begin pursuing second certification (ISO 27001 LA, CISA, AWS CCP) • Understand and demonstrate ability to articulate differences between SOC 1 and SOC 2 • Participate on project as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc. • Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories • Ability to articulate qualified vs unqualified opinion; know all four types of opinions • Learn client's services and service line leaders • Adhere to and complete all matters included in the Associate Score Card • Accurately manage and report time worked to each project / initiative Essential Functions: • Complying with client's code of ethics and professional conduct, methodologies, policies, and procedures • Adhering to the professional and regulatory standards relevant to assigned service line specialization(s) • Promoting client's company culture and exemplifying client's values • Establishing high quality relationships and rapport with client personnel • Managing client expectations to ensure expectations are exceeded • Completing assigned duties in a timely manner and with a high attention to detail • Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project • Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks • Escalating issues internally in a proper and timely manner • Using discretion and decorum in the timing, form, and content of all client communications • Booking travel reservations in a timely manner and in accordance with client's travel and expense policies and procedures • Performing the essential functions of other service delivery positions when qualified and called upon to do so • Attending project kick-off and closing meetings • Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable • Drafting project deliverables • Serving as a contact for clients' basic questions regarding an engagement • Participating in recruiting and candidate interview activities • Training project team members • Acclimating newer team members to client • Contributing to client's practice development efforts • Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s) • Contributing to client's thought leadership (e.g., articles, webinars, public speaking, etc.) Knowledge, Skills, and Abilities: • Working knowledge of client's services, methodology, and relevant professional standards • Requisite knowledge of applicable technology and security domains • High level of attention to detail and quality of work product • Client service oriented • Excellent time management, organizational, and verbal and written communication skills • Ability to work on-site or remotely as a valuable contributor to a collaborative team • Capable of simultaneously managing assigned tasks for multiple projects • Proficient using Microsoft Word, Excel, and PowerPoint, as well as client's service delivery applications • Full understanding and application of ethics, independence and client's values Education, Work Experience and Certifications • Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified • 2+ years of related professional services experience in information security auditing, assessment, consulting or compliance, focused on ITGC or SOC controls • Ability to work well independently, within a team and with clients as well as travel ~40-50% (MTh) • Maintains (preferred) or working towards obtaining least one certification relevant to client's services (i.e. CPA, CCSK or CISA)

What You'll Do Were hiring a Site Reliability Engineer to help build and maintain the backbone of Avalaras SaaS platforms. As part of our global Reliability Engineering team, youll play a key role in ensuring the performance, availability, and observability of critical systems used by millions of users. This role combines hands-on infrastructure expertise with modern SRE practices and the opportunity to contribute to the evolution of AI-powered operations. Youll work closely with engineering and operations teams across regions to drive automation, improve incident response, and proactively detect issues using data and machine learning. What Your Responsibilities Will Be Own the reliability and performance of production systems across multiple environments and multiple clouds (AWS, GCP, OCI). Use AI/ML-driven tools and automation to improve observability and incident response. Collaborate with development teams on CI/CD pipelines, infrastructure deployments, and secure practices. Perform root cause analysis, drive postmortems, and reduce recurring incidents. Contribute to compliance and security initiatives (SOX, SOC2, ISO 27001, access and controls). Participate in a global on-call rotation and knowledge-sharing culture. What You'll Need to be Successful 5+ years in SRE, DevOps, or infrastructure engineering roles. Expertise with AWS (GCP or OCI is a plus), AWS Certified Solutions Architect Associate or equivalent Strong scripting/programming skills (Python, Go, Bash, or similar) Experience with infrastructure as code (Terraform, CloudFormation, Pulumi). Proficiency in Linux environments, containers (Docker/Kubernetes), and CI/CD workflows. Strong written and verbal communications skills to support world wide collaboration.

Position - Test Engineer - Security Testing (IPv6, MPLS, IP protocol, and telecom lab setup/testing on routers/switches), EMC, Telecom, Radio, Safety protocols testing Your Impact We are seeking a Compliance Engineer - Cybersecurity focus. As a technical specialist, you will collaborate with business units, local sales, and cross-functional teams to ensure Cisco products meet compliance requirements and achieve necessary regulatory approvals. Maintain up-to-date internal documentation and compliance databases, and manage all documentation related to product testing and certification. Provide support for lab tests and resolve compliance-related issues, while staying informed about security requirements and regulations in various countries, and communicate updates to internal teams. Potentially support cybersecurity certificate documentation for other APJC countries, and contribute to technology compliance activities under the guidance of the compliance leader. Conduct information security assessments covering domains such as product security, network, and application security. Address inquiries related to Cisco products, regulations, and compliance, leveraging experience with Cisco products, lab setups, and instruments to troubleshoot and manage lab tests, particularly focusing on telecom and security, ensuring products pass tests and secure regulatory approvals. Minimum Qualifications: Bachelor's or Master's degree in Electrical Engineering or Computer Science with skills in computer programming and cybersecurity protocols. Minimum of 6 years of related cybersecurity compliance experience. Knowledge of compliance frameworks such as SOC2, ISO27001, and Common Criteria. Experience with Cisco technology and equipment; CCNA/CCNP/CCIE preferred. Familiarity with common IT systems, IPv6, MPLS, IP protocol, and telecom lab setup/testing on routers/switches. Preferred Qualifications: Strong interpersonal, verbal, and written communication skills. Team player with strong organizational and planning skills. Ability to connect and communicate with both business and IT technical staff. Ability to multi-task, focus, and tackle problems analytically. Project management skills.

Job Requirements Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management Contribute to IT Audit knowledge base and internal practice development initiatives Supervise and provide performance management for IT audit staff working on assigned engagements Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals Provide oversight and leadership to team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars Mandatory technical & functional skills Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs Experience with IT Risk Management and three lines of defense frameworks CISA, PMP, CISSP or CRISC certification is preferred Key behavioral attributes/requirements Ability to work well independently as well as part of a team Driven and enthusiastic with a can-do attitude and a strong sense of ownership to get the job done in a pragmatic fashion

Your role and responsibilities Lead the design, development, and deployment of scalable, secure backend systems using Java, J2EE, and GoLang. Architect and implement robust RESTful APIs and microservices aligned with enterprise cloud-native standards. Collaborate closely with DevOps, QA, and frontend teams to deliver end-to-end product functionality. Set coding standards, influence architectural direction, and drive adoption of best practices across backend systems. Own performance tuning, monitoring, and high availability for backend services using tools like Prometheus, ELK, and Grafana. Implement security, compliance, and privacy by design principles in backend systems. Lead incident response and resolution of complex production issues across multi-cloud environments (e.g., AWS, Azure, OCP). Mentor and guide junior developers and contribute to team-wide knowledge sharing and skill development. Actively participate in Agile ceremonies and contribute to continuous delivery and process improvement. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 11+ years of backend software development experience focused on scalable, secure, cloud-native enterprise systems. Deep expertise in Java, J2EE, and GoLang for building distributed backend systems. Advanced experience in architecting and implementing RESTful APIs, service meshes, and inter-service communication. Expert in Postgres or equivalent RDBMS data modeling, indexing, and performance optimization at scale. Proven track record with microservices architecture, including Docker, Kubernetes, and service deployment patterns. Expert-level familiarity with backend-focused CI/CD tooling (Jenkins, GitLab CI/CD, ArgoCD) and IaC tools (Terraform, CloudFormation). Strong knowledge of monitoring/logging tools such as Prometheus, Grafana, ELK, and Splunk, focusing on backend telemetry and observability. Experience deploying applications on cloud platforms: AWS (EKS, ECS, Lambda, CloudFormation), Azure, or GCP. Familiarity with DevSecOps, secure coding practices, and compliance-aware architecture for regulated environments. Proficient in integration, load, and unit testing using JMeter, RestAssured, JUnit, etc. Leadership in backend architecture, performance tuning, platform modernization, and mentoring of technical teams. Effective cross-functional collaboration skills in multi-team, multi-region environments. Preferred technical and professional experience Deep understanding of backend architecture patterns including microservices, event-driven architecture, and domain-driven design. Experience implementing security and privacy by design principles in cloud-native backend systems. Hands-on expertise with cryptographic protocols and standards such as TLS, FIPS, and experience integrating with Java security frameworks (e.g., JCE, Spring Security). Strong grasp of secure coding practices, with experience identifying and mitigating OWASP Top 10 vulnerabilities. Exposure to designing and developing shared platform services or backend frameworks reused across products or tenants (e.g., in multi-tenant SaaS environments). Familiarity with API security patterns, including OAuth2, JWT, API gateways (e.g., Kong, Apigee). Prior experience working on compliance-oriented systems (e.g., SOC2, HIPAA, FedRAMP) or architecting for high-assurance environments. Proficiency with Shell scripting, Python, or Node.js for infrastructure automation or backend utilities.

Lead and support IT compliance audits and assessments aligned with ISO 27001 and SOC 2 standards.Understanding of regulatory compliance standards, such as GDPR, HIPAA,PCI-DSS,or ISO27001.Understanding of cloud platforms (AWS, Azure, or Google Cloud)

Looking for a candidate with 5+ years of experience in IT Audit, Risk Management, and Compliance within Banking/NBFCs. Must have expertise in COBIT, NIST, RBI guidelines, ISO standards, IT systems and risk assessments. CISA certification is must.