9 Bcms Jobs

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Fortinet Firewall. Experience5-8 Years.

– SENIOR VICE PRESIDENT/ VICE PRESIDENT – IT/IS/TECHNOLOGY COMPLIANCE JOB TITLE Senior Vice President/ Vice President – IT/IS/Technology Compliance – M8/M7 DEPARTMENT Compliance REPORTING TO President & Chief Compliance Officer JOB PURPOSE Compliance Risk Assessment & Assurance MAJOR ACTIVITIES Ensuring compliance and governance is met with regulatory requirements and drive IT compliance agenda Assess the compliance risk and technical security controls for on-prem and cloud-based solutions and identify the associated cyber/information security risks and compliance requirements Recommend measures/controls to mitigate the information security risk and compliance to regulatory/statutory requirements Conducting a continuous assessment of current Technology and Security practices and systems in identifying continuous improvement areas Driving change projects and building new IT Compliance capabilities Managing numerous information sources and providing data analysis reports to senior management Supporting the CCO report to the Board and being an active member of the senior management team Flexible and adaptable capable of changing direction where required and showing flexibility to meet new demands Coordinating the Regulatory IT audits from a compliance perspective Building and maintaining relationship with regulators RELEVANTEXPERIENCE Should have Core IT Audit / IT Security Audit/ Technology and Infrastructure experience.Experience about banking regulations in these areas would be an advantage Familiarity with regulators and regulations Digital leadership skills capable of empowering and leading an IT enable team members to meet business and IT security goals A Chartered Accountant with relevant experience. Someone with Engineering and Technology/IT Services background will be an added advantage. Should have experience across(a) Internal Audit, (b) CISO, (c) IT Security, (d) Cyber Security (e) Banking Compliance Should have strong people and external stakeholder management skills. He/she should be a good coach and mentor to team members. Creative thinking able to look at alternatives and should be solution oriented Should have the ability to multitask and adhere to timelines. Should also bring good energy levels for change management and focus on new initiatives. PERSONAL CHARACTERISTICS & BEHAVIOURS Good oral and written communication skills Strong analytical and creative problem-solving skills Eye for detail and a quick learner Catching up with the Technology evolution – Categorization, Bucketing, Automation and Digitalization, from a Technology perspective

Dear All, We are presently looking for Auditor/Lead Auditor - IT for Hyderabad location. EXPERIENCE :- Min. 6-8 years out of which min. 2-4 years in the relevant scheme/industry sector. QUALIFICATION :- Graduate (Degree/Diploma) in Engineering (e.g. Electronics, IT, etc), Technology (e.g. Software, Hardware, Artificial Intelligence, etc) or equivalent. Minimum ISO 9001 LA training/qualification is required JOB RESPONSIBILITY :- Preparation of Audit Plan as per schedule Auditing as per applicable accreditation rules, scheme-owner requirements & KPIs (where applicable) and TUV India/TNCERT procedures (as relevant) Timely Audit Reporting, including closure of nonconformities within defined time frames Ensure audit workflow completion (incl. OPE workflow) within the specified timelines and within the Excellence tool. Address technical review comments on priority to facilitate efficient & timely certificate issuance to the clients. Attend Exchange of Experience/Calibration meet and ensure CPD compliance as required by the respective schemes, including ensuring the timely renewal of qualifications Develop and enhance competence over a period in various sectors. Support in Key Account Management for the clients assigned for value added services Support to Marketing team by generating business leads for new certifications, second party, training & sustainability schemes. Support on collections by coordinating with client representative. ATTRIBUTES :- Knowledge of Applicable regulatory framework and Statutory compliances. Good written and spoken English (knowledge of local language is advantageous). Excellent communication and presentation skills Flair for Client Relationship Management Good Listening ability Good Analytical skills Good Team Player If interested please share your updated profile on smayuri@tuv-nord.com.

Job Information Job Opening ID ZR_1945_JOB Date Opened 15/05/2023 Industry Technology Job Type Work Experience Fresher Job Title IS Group Convenor City Kochi Province Kerala Country India Postal Code 682037 Number of Positions 2 Convene the IS group meeting on a frequent basis Maintain minutes for all the IS group meetings and ensure the closure of action items Initiate and monitor the internal security audits on defined frequencies Analyze and verify findings and action plans of internal audit Present the findings and trend to top management Verify and analyze the information security incidents along with respective team and take appropriate action. Identify, measure, and analyze information security objectives of all the departments and projects Ensure information security risk assessment and action plan initiation are conducted on a regular basis for all the departments and projects. The critical information security risks and the status to be updated to top management Analyze and approve special permissions which are requested by the employees Ensure the regular reviewing of ISMS documents and make sure that the approved changes are updated in document. Monitor IT related events regularly and ensure that appropriate actions are taken. Ensure the network issues and glitches in the system are addressed on time by IT Monitor the Information security performance and execute the action plans where ever necessary and ensure that the proposed actions are taken care. Ensure the ISMS Awareness among employees are developed. Develop information security policy and get it approved by top management Develop a Business Continuity Plan along with the team members and get it approved by top management Frequently test the BCP and ensure appropriate actions are taken Ensure appropriate external Information Security communications are conducted by relevant team. Ensure applicable acts and policies of the organization are identified, detailed and appropriate actions taken to implement the same Ensure all department related security activities are taken care and support in case of any issues/ clarifications. check(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#2B39C2;border-color:#2B39C2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> I'm interested

Key Responsibilities: Conduct ISMS (ISO 27001) follow-up audits to verify compliance and track remediation efforts. Perform Gap Assessments against ISO 27001 and other security standards to identify control deficiencies. Lead or support BCMS (ISO 22301) audits and assessments, providing clear insights and recommendations. Prepare and deliver professionally written reports with actionable findings and clear summaries. Collaborate with internal teams and stakeholders to communicate risks, gaps, and proposed improvements. Support the design and enhancement of security governance processes as required. Requirements Qualifications: Minimum 5 years of experience in Information Security, GRC, or Risk & Compliance roles. Proven expertise in ISO 27001, including implementation, audits, and compliance reporting. Good knowledge of ISO 22301 and BCMS frameworks. Familiarity with other standards such as NIST CSF, ISO 27005, or local regulatory frameworks is a plus. Strong analytical and documentation skills, with the ability to write professional audit/assessment reports. Excellent communication and stakeholder engagement skills. Relevant certifications such as ISO 27001 Lead Auditor, ISO 22301 Lead Auditor, CISA, or CISM are highly desirable.

Information Security Manager: Job Title: Information Security Manager Work from Office Location: Bangalore/Chennai/Hyderabad Experience:9 + years No.of Positions: #womenhiring #womenintech #womendiversity this role is exclusive for female candidates. Required Skills: Hands-on experience with security technologies Experience in Information security and business continuity internal audits Strong Knowledge in risk management, ISO 27001, ISO 22301 PCI DSS, HIPAA, GDPR, SOC 2 Knowledgeable in security concepts, techniques, tools, methods, and practices Good technical in cyber security products Individually to perform the technical audits Roles and Responsibilities: Minimum 8 years of experience in managing security audits, such as, ISO 27001, HIPAA, SOC 1, SOC2, PCIDSS Including preparing control owners for audits, interpreting control requirements, reviewing control evidence for appropriateness, testing control effectiveness, presenting control evidence to external auditors, and audit planning with external auditors In-depth knowledge of security controls, interpreting control requirements for SOC 2, ISO, HIPAA, PCIDSS audits, reviewing control evidence for completeness an accuracy, and ensuring evidence provided to auditors satisfies control requirements. Ability to of plan and lead meetings with control owners and external auditors. Ability to clearly define control requirements to control owners or explaining control evidence to external auditors. Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness, following up on audit requests, and helping to establish a continuous monitoring function. Assist in testing and verification of all controls and formulating reports documenting findings. Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies, standards, and procedures. Work closely with internal business teams to assist in the identification and assessment of potential security risks, and establish risk owners, ratings, and management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS, HIPAA, GDPR Analyse the potential impact of new threats and communicate risks to relevant business units Manage security operations, analyze security exceptions, gather necessary background information, document exceptions and ensurethat the risk is recognized and managed with compensating controls Provide orientation to Business Units on Risk Assessment, Business Continuity Plan and Business Impact Analysis Facilitate in preparation of a Business continuity plan for each project and functions Conduct internal ISMS and BCMS audits and identify potential gaps in the system Prepare detailed and summary reports of assessments, and remediation plans as needed and advise internal stakeholders Report the audit findings on the potential weakness in the system and areas of improvement

Role & responsibilities General description of the role: Minimum 8 years of experience in managing security audits, such as, ISO 27001, HIPAA, SOC 1, SOC2, PCIDSS Including preparing control owners for audits, interpreting control requirements, reviewing control evidence for appropriateness, testing control effectiveness, presenting control evidence to external auditors, and audit planning with external auditors In-depth knowledge of security controls, interpreting control requirements for SOC 2, ISO, or HIPAA, PCIDSS audits, reviewing control evidence for completeness an accuracy, and ensuring evidence provided to auditors satisfies control requirements. Ability to of plan and lead meetings with control owners and external auditors. Ability to clearly define control requirements to control owners or explaining control evidence to external auditors. Supports the Security Audit function by reviewing evidence submissions for accuracy and completeness, following up on audit requests, and helping to establish a continuous monitoring function. Assist in testing and verification of all controls and formulating reports documenting findings. Recommends and assists in the definition and implementation of security controls in accordance with enterprise policies, standards, and procedures. Work closely with internal business teams to assist in the identification and assessment of potential security risks, and establish risk owners, ratings, and management action plans. Ensure continuity of compliance with ISO27001 and ISO 22301, PCI DSS, HIPAA, GDPR Analyse potential impact of new threats and communicates risks to relevant business units Manage security operations, analyse security exceptions, gather necessary background information, document exceptions and ensure that the risk is recognized and managed with compensating controls Provide orientation to Business Units on Risk Assessment, Business Continuity Plan and Business Impact Analysis Facilitate in preparation of Business continuity plan for each project and functions Conduct internal ISMS and BCMS audits and identify potential gaps in the system Prepare detailed and summary reports of assessments, remediation plans as needed and advise internal stakeholders Report the audit findings on the potential weakness in the system and areas of improvement Preferred candidate profile Top 5 Skill Set Hands-on experience with security technologies Experience in Information security and business continuity internal audits Strong Knowledge in risk management, ISO 27001, ISO 22301 PCI DSS, HIPAA, GDPR, SOC 2 Knowledgeable in security concepts, techniques, tools, methods, and practices Good technical in cyber security products Individually to perform the technical audits

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. As an IT Security Risk Manager, you would support information security policies, standards, and procedures to secure and protect data. Work directly with user departments to implement procedures and systems for the protection, conservation, and accountability of proprietary, personal, or privileged electronic data. Primary Responsibilities Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyse business requirements and ensure that solutions meet established security policies and controls Maintain metrics and report them. Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Bachelor's degree or higher level of education 4+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Proven auditing skills and the ability to manage risk assessments / projects independently Proven excellent communication skills both verbal and written Proven good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission.

Purpose of the position To conduct on-site assessments against the requirements of relevant standards or specifications To provide expertise, produce surveillance and initial assessment reports and make recommendations for certification decisions. To promote the BSI product offering and solutions to our clients with the view of improving their business performance, managing risk and Making excellence a habit Key responsibilities & accountabilities Undertake management system assessments in accordance with BSI requirements. Prepare assessment reports and deliver findings to clients to ensure client understanding of the assessment decision and clear direction to particular items of corrective action where appropriate. Recommend the issue, re-issue or withdrawal of certificates, and report recommendations in accordance with BSI policy, procedures and prescribed time frame. Lead assessment teams as required ensuring that team members are adequately briefed so that quality of service is maintained and that effective working relationships are sustained both with Clients and within the team Establish and develop an effective partnership, which secures the commercial relationship and encourages opportunities for business development and increased client satisfaction with clients in your portfolio. Provide accurate and prompt information to support services, working closely with them to ensure that client records are up to date and complete and that all other internal information requirements are met. Plan/schedule workloads to make best use of own time and maximise revenue-earning activity. Coach colleagues as appropriate especially where those members are inexperienced assessors or unfamiliar with clients' business/technology and assist in the induction and coaching of new colleagues as requested. Maintain and develop assessment skills and technical and management system standards knowledge. Provide technical support to clients through business development, sales and customer service staff Act as a brand Ambassador for BSI. This means acting ethically, following company rules and promoting BSI services to clients so they are able to optimize business performance and Make Excellence a Habit. Candidate specifications Bachelor degree or above in Engeneering . Must be a Lead Auditor certified in 27001 Added advantage to have experince and certified for BCMS, SOC, PCI-DSS Minimum 4 years working experience in IT, with 2 years work experience in IT. Commercial understanding of compliance industry, minimum 2 years quality system management Knowledge of business processes and application of quality management standards Good verbal and written communication skills and an eye for detail Be self-motivated, flexible, and have excellent time management/planning skills Can work under pressure Willing to travel on business intensively An enthusiastic and committed team player Good public speaking and business development skill will be considered advantageous