5 Sscp Jobs

You will be joining NTT DATA as an Information Security-Management - Security Analysis Specialist Advisor in Noida, Uttar Pradesh (IN-UP), India (IN). In this role, you will be responsible for ensuring the seamless delivery of all information security services to the customer. Your key duties will include delivering information security services in compliance with contracts and standards, assisting clients in defining and implementing security policies, strategies, and procedures, and participating in strategic design processes to align security with business requirements. Additionally, you will support the implementation of security governance frameworks, collaborate with clients to review and monitor adherence to security policies and standards, and facilitate audits to ensure compliance. Your role will also involve performing risk reviews, developing risk treatment plans, and incorporating threat intelligence into risk management strategies. You will be expected to drive remediation efforts related to information security, identify weaknesses in current operations, and ensure information security operations meet standards. To qualify for this role, you should have at least 6 years of relevant experience, knowledge of standards/regulations impacting information security, and experience with internal and external audits. Preferred qualifications include certifications such as CISSP, SSCP, CISM, or CEH, customer relationship management experience, and knowledge of systems and network administration. NTT DATA is a trusted global innovator of business and technology services, serving 75% of the Fortune Global 100. As a Global Top Employer, NTT DATA is committed to helping clients innovate, optimize, and transform for long-term success. With experts in more than 50 countries and a robust partner ecosystem, NTT DATA offers services in consulting, data and artificial intelligence, industry solutions, and digital infrastructure. As a part of the NTT Group, NTT DATA invests in R&D to support organizations and society in moving confidently into the digital future. Visit us at us.nttdata.com.,

Staff Cybersecurity Engineering As a Staff cybersecurity engineer with Convera, we are looking for the primary administrator of an automated GRC platform to support the Convera cybersecurity program and all the IT stakeholders. You will also support efforts using this system for responding to regulator questions, independent audit, and customer assurance. You will be responsible for: Represent the Convera cybersecurity team in the India region with respect to compliance and cybersecurity activities. * Ensure controls are followed continually and without material audit findings or qualifications. Respond and assist with urgent new cybersecurity requirements, security incidents, outages, and customer grievances. Participate and report on multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise. Develop and manage project plans and budget/resource estimates as needed. Participate in Vendor / Supply Chain Risk Management to ensure availability * Perform vendor due diligence Cyber risk reviews to ensure supply chain compliance Assist in Vendor Onboarding/Contract Negotiations related to cybersecurity Perform cyber resiliency assessments to detect and identify weaknesses in the security posture of the organization's resiliency and recovery strategies Assist with vendor due diligence risk reviews and questionnaires to ensure supply chain compliance. Assist in working with Convera vendors, contactors, and third parties to confirm compliance to Convera policies, service level agreements, and acceptable usage policies. Find, report, and help remediate cybersecurity risks and compliance gaps to Convera and Convera-contracted services by working with IT teams, business teams, and other stakeholders. * Oversee regular vulnerability assessments, internal technical reviews, and penetration testing of cloud environments and applications Partner with IT teams to develop and implement remediation strategies for identified security issues Develop metrics and reports to track vulnerability management program effectiveness Evaluate and recommend security tools and technologies Provide security guidance to technical teams Facilitate, coordinate, and obtain vulnerability reporting requirements from multiple stakeholders. Assist on Risk Assessments * Document, analyze, and report control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Partner with IT teams to develop and implement remediation strategies for identified security issues Assist in investigating internal and external information security risk and exceptions assessments Partner with SecOps & Enterprise Tech on new business solutions & architecture Help assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks. Inform the proper stakeholders of important concerns and hazards. Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements. Operate with a high degree of independence regarding cybersecurity project and program activities. * Manage multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise. Respond and assist with urgent new requirements, security incidents, outages, and customer grievances. Develop and manage project plans and budget/resource estimates as needed. Assist in security incident response and forensic investigations when needed Assist in internal and external audit efforts. Support new security and privacy compliance changes from all over the world. About You CompTIA Security+, (ISC)2 SSCP, GSEC, AWS Certified Cloud Practitioner, Azure Security Engineer Associate, Certificate of Cloud Security Knowledge or other industry recognized technical, or security certification(s). CISSP, CISA, CISM, or other industry recognized security certification(s) are preferred. Hands on experience with vulnerability scanning tools and penetration testing methodologies Skilled at analyzing complex problems, impact analysis, and enabling informed decision making. Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation. Up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape. Expertise in planning and delivering a wide range of projects including embedding risk and governance frameworks, introducing new policies and processes, and implementing IT systems. Successful at stakeholder engagement and experienced at operating at both strategic and tactical levels. Can quickly identify key operational risks, material impacts, risk indicators and controls within the business area. Experience with working on IT systems in a global 24x7 operation with varying levels of uptime and security requirements. Have a strongly motivated to work independently, desire to learn and grow in a fast-paced, complex environment. Develop and manage project plans and budget/resource estimates as needed. A fast learner, able to manage details and complex needs. Are up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape. Have strong and honest communication skills as well as confident communicating verbally and in writing. Have a basic understanding of the finance industry, risk management, and cloud technology. Familiar working with industry-standard regulatory requirements (SOC1/2, PCI, GDPR, etc.) and technical standards (CIS, NIST, STIG, etc.) Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation and confident in communicating verbally and in writing with respect to local cultures and languages. About Convera Our teams care deeply about the value we bring to our customers which makes Convera a rewarding place to work. This is an exciting time for our organization as we build our team with growth-minded, results-oriented people who are looking to move fast in an innovative environment. As a truly global company with employees in over 20 countries, we are passionate about diversity; we seek and celebrate people from different backgrounds, lifestyles, and unique points of view. We want to work with the best people and ensure we foster a culture of inclusion and belonging. We offer an abundance of competitive perks and benefits including: Competitive salary Opportunity to earn an annual bonus. Great career growth and development opportunities in a global organization A flexible approach to work #LI-KP1,

What you will do Let s do this. Let s change the world. In this vital role the Specialist Data Security Engineer covering Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) technologies. This role will report to the Manager, Data Security. This position will provide essential services that enable us to better pursue our mission. Specialist Data Security Engineers operate, manage, and improve Amgen s DLP and Cloud Access Security Broker (CASB) solutions. In our Data Security team, they will identify emerging risks related to changes in cloud technologies, advise management, and develop technical remediations to address those risks. Specialists lead the development of processes and procedures for multiple solutions which enable business units to remediate identify cloud data exposures. They run multiple projects simultaneously to implement and improve the cloud data security protection and use advanced analytics to demonstrate success. This engineer will play a key role in educating and evangelizing to technologists and business leaders the security strategies that both protect and enable business processes related to cloud data handling. Roles & Responsibilities: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of data for all Amgen global operations. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for data protection. Authors procedures and guidelines and advises on policies related to data protection requirements and remediation or investigation of violations. Develops and conducts training on data protection technologies for operations staff. Educates business leadership about data risk. Advises other technology groups on data protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Data Security to liaise to legal and human resources leadership on violation remediations. Collaborates with cloud strategy leaders and business unit leadership to ensure that cloud data protection is incorporated by design into new business projects. Collaborates with Cloud Security Engineers to integrate cloud data protection technology into the operations of traditional Data Loss Prevention operations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree and 4 to 6 years of experience OR Bachelor s degree and 6 to 8 years of experience OR Diploma and 10 to 12 years of experience. Functional Skills: Must-Have Skills Familiarity with one or more security frameworks, especially in regulated environments. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Demonstrated competence maintaining applications on Windows and Linux based operating systems, and basic understanding of one or more programming or scripting languages. Demonstrated proficiency with one or more Cloud Access Security Platforms (Elastica, Netskope, SkyHigh, etc) Track record of project management leadership, preferably using Agile methodology. Deep knowledge of the principles of Data Protection, including availability, integrity, and confidentiality of data. Good-to-Have Skills: Proficiency with communications focused on both the development of written technical processes and the ability to convey complex ideas clearly in front of an audience. Experience with data analytics focused on building executive reports Reputation of successfully navigating large enterprise environments, understanding both ITIL driven processes and business relationship building Ability to self-direct work on multiple priorities with little to no oversight, based on critical initiatives. Professional Certifications (please mention if the certification is preferred or required for the role): Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Cloud security certifications Relevant vendor-specific certifications Soft Skills: Established analytical and gap/fit assessment skills. Ability to work effectively with global, virtual teams High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals Effective presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

What you will do Let s do this. Let s change the world. In this vital role the Senior Associate Data Security Engineer role will cover Data Loss Prevention (DLP) and Data Security Posture Management (DSPM) technologies. This role will report to the Manager, Data Security. This position will provide essential services that enable us to better pursue our mission. Sr. Associate Data Security Engineers operate, manage, and improve Amgen s DLP and DSPM solutions. In our Data Security team, they will operate data protection security technologies in a rapidly changing global security sector. They will work with other engineers and business units to help craft, build, coordinate, configure, and implement critical preventive and detective security controls related to the protection of Amgen data. This engineer will play a key role in designing, deploying, and maintaining solutions to build our rapidly growing operations. Roles & Responsibilities: Maintain the service delivery and working order of Amgen data security solutions across Amgen s global enterprise Execute Amgen service management processes such as Incident Management, change processes, and service improvements for Amgen s data security technologies Assist in the design and improvement of Amgen s data security technologies and solutions. Build scripts for the configuration and the testing of the solution Manage and perform analysis of escalated DLP events, engage with the business, fulfill legal hold requests, and provide executive reporting Work with business domain specialists to collect, analyze, build, tune and automate DLP policy sets Analyze events and logs for suspicious activity and opportunities to improve posture, processes, procedures, and protections. Consult to the Incident Response team on investigations Develop automation solutions in increase response times and reduce risk of identified incidents Participate in regular meetings and conference calls with the client, IT, business partners and vendors to help ensure technical coverage for new or existing projects across the business Functional Skills: Must-Have Skills: Knowledge of Cloud Access Security Platforms (Elastica, Netskope, SkyHigh, etc) Understanding of cloud and SAAS environments (AWS, O365, Box, Salesforce, etc) Solid experience with potential to grow knowledge in Linux/Windows OS and other infrastructure systems Experience with DLP and data protection technologies for a large global enterprise Demonstrated understanding on how emerging security technologies and data flows interoperate across complex, multi-cloud systems. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master s degree and 1 to 3 years of experience OR Bachelor s degree and 3 to 5 years of experience OR Diploma and 7 to 9 years of experience. Preferred Qualifications: Good-to-Have Skills: Comfort with scripting (PowerShell, Python, etc) and expression development (SQL, Regex) Ability to develop documentation for Infrastructure Security implementations Basic experience with ITIL processes such as Incident, Problem, and configuration management Experience in complex enterprise environments with competing business priorities Professional Certifications (please mention if the certification is preferred or mandatory for the role): Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Relevant vendor-specific certifications Soft Skills: Established analytical and gap/fit assessment skills. Ability to work effectively with global, virtual teams High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals Effective presentation and public speaking skills. What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Key Responsibilities: Conduct threat modeling, code reviews, and security assessments of applications and products. Perform vulnerability analysis and collaborate with development teams to remediate issues. Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines. Develop and enforce security policies, guidelines, and standards. Conduct risk assessments for new features, technologies, and vendors. Stay updated on emerging threats, vulnerabilities, and industry best practices. Support incident response efforts and post-mortem analysis when required. Required Skills & Qualifications: 48 years of experience in cybersecurity or product/application security. Strong understanding of OWASP Top 10, secure coding principles, and SDLC. Hands-on experience with static and dynamic analysis tools (e.g., Checkmarx, Veracode, Burp Suite). Familiarity with cloud platforms (AWS, Azure, or GCP) and securing cloud-native applications. Experience with scripting (Python, Bash, etc.) for automation and tooling. Good understanding of authentication/authorization protocols (OAuth, SAML, etc.). Bachelor’s degree in Computer Science, Information Security, or related field. Nice-to-Have (Preferred): Certifications like CEH, OSCP, CISSP, or AWS Security Specialty. Experience with containers and Kubernetes security. Knowledge of threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK). Exposure to DevSecOps practices.