Get alerts for new jobs matching your selected skills, preferred locations, and experience range. Manage Job Alerts
5.0 - 10.0 years
7 - 11 Lacs
Prayagraj, Varanasi, Ghaziabad
Work from Office
Be part of the solution at Technip Energies and embark on a one-of-a-kind journey. You will be helping to develop cutting-edge solutions to solve real-world energy problems. We are currently seeking Cybersecurity Risk Analyst to join our team based in Noida. The IT Risk Analyst reports directly to the IT Risk Manager and is in charge for Risk identification, assessment, mitigation and follow-up processes for both IT and OT environments. About us: Technip Energies is a global technology and engineering powerhouse. With leadership positions in LNG, hydrogen, ethylene, sustainable chemistry, and CO2 management, we are contributing to the development of critical markets such as energy, energy derivatives, decarbonization, and circularity. Our complementary business segments, Technology, Products and Services (TPS) and Project Delivery, turn innovation into scalable and industrial reality. Through collaboration and excellence in execution, our 17,000+ employees across 34 countries are fully committed to bridging prosperity with sustainability for a world designed to last. Global Business Services India At Technip Energies, we are continually looking for ways to become more efficient, and ways to improve our quality, customer focus and cost competitiveness. The Global Business Services (GBS) organization is key to executing this strategy, by standardizing our processes and centralizing our services. Our Vision : A customer-focused, cost-efficient, innovative, and high performing organization that drives functional excellence. GBS provide streamlined and consistent services to our internal customers in the domain of Finance and Accounting, Human Resources, Business Functional Support, Procurement and Legal. Our services fit our global organization and allow us to focus on business strategy and priorities. GBS also maintains continuous improvement plans to enhance our customer-oriented service culture. Responsibilities: Responsible for Digiteam and cybersecurity risk identification, assessment, mitigation and follow-up Maintains the documentation relating to risk management processes. Responsible for maintaining a Risk Register at group level Responsible for risk management Indicators (KRI) calculation and communication relating to the whole cybersecurity department. Collaborate with Security Operations Center (SOC) teams to analyze incident trends and integrate findings into risk assessments. Support the development and implementation of risk treatment plans, including technical controls and compensating measures About you At least 5 years of experience in IT Risk Management Certifications (preferred but not mandatory): ITIL, CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), ISO 27005 Risk Manager Certification or equivalent on filed experience. Hands-on experience conducting cybersecurity risk assessments in hybrid environments (on-premises and cloud). Experience working with DevSecOps teams to integrate risk management into CI/CD pipelines. Familiarity with incident response processes and post-incident risk re-evaluation. Technical Skills Strong understanding of cyber threat intelligence and its application in risk management. Familiarity with GRC platforms (e.g., SureCloud, ServiceNow GRC) for risk tracking and reporting. Experience with vulnerability management tools (e.g., Tenable, Qualys, Rapid7) and interpreting scan results. Knowledge of cloud security frameworks (e.g., CSA CCM, Azure Security Benchmark, AWS Well-Architected Framework). Understanding secure architecture principles and ability to review system designs for risk exposure. Familiarity with compliance frameworks such as GDPR, SOX, and industry-specific standards (e.g., IEC 62443 for OT). Familiarity with ISO2700x, NIST, CIS frameworks. Your career with us: Working at Technip Energies is an inspiring journey, filled with groundbreaking projects and dynamic collaborations. Surrounded by diverse and talented individuals, you will feel welcomed, respected, and engaged. Enjoy a safe, caring environment where you can spark new ideas, reimagine the future, and lead change. As your career grows, you will benefit from learning opportunities at T.EN University, such as The Future Ready Program, and from the support of your manager through check-in moments like the Mid-Year Development Review, fostering continuous growth and development What s next Once receiving your application, our Talent Acquisition professionals will screen and match your profile against the role requirements. We ask for your patience as the team completes the volume of applications with reasonable timeframe. Check your application progress periodically via personal account from created candidate profile during your application. We invite you to get to know more about our company by visiting and follow us on LinkedIn , Instagram , Facebook , X and YouTube for company updates. #LI-AP1
Posted 1 week ago
5.0 - 10.0 years
15 - 17 Lacs
Mumbai
Work from Office
Bachelors or Masters degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. . Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.
Posted 1 week ago
0.0 - 2.0 years
10 - 14 Lacs
Bengaluru
Work from Office
BE/B.Tech/Post-Grad/ Graduate or Postgraduate in any other discipline 0-2 years of relevant experience. Candidates should be okay to work in rotational shifts. Good to have - Certifications - CSA (Certified SoC Analyst), CISM and CCSP, Certifications from Microsoft Azure Suite Candidates having SOC experience would be preferred Well versed in Microsoft productivity tools such as Word, PowerPoint and Excel An understanding of concepts of analytics and should be able to generate trends, drill downs, and various graphical representations Windows / Azure / AWS infrastructure knowledge will have added advantage Experience in Windows security tools like Defender for office, Defender for identity, Sentinel and other Microsoft security tools will have added advantage Excellent written and oral communication skills . Actively monitoring, analysing & escalating SIEM alerts based on correlation rules, Email protection alerts & malware analysis, Provide inputs for proactive content fine tuning & use case enablement, Active threat hunting on network flow, user behaviour & threat intelligence, Phishing email analysis for MFs, Raising incidents in Pastebin inte Should be familiar with Domain Knowledge (Cyber Security), Threat Hunting, SIEM- Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting, Windows Active Directory, Operating systems and servers. Ability to Triage and assignment Incident Handling. Ability to Follow Playbooks instructions- Incident Response Playbooks Ability to Comprehend Logs (HTTP, SMTP, Network) (Under guidance) Understand and imbibe current SOC process Perform quality assessment on SOC operations being performed as per existing process Record and deviations identified into tracking tool(s)/spreadsheets Perform follow-ups with respective error owners to mitigate process deviations Identify process deviations, Summarize and generate trends, patterns into process deviations / errors observed. Perform RCA into observed errors / trends and generate recommendations for process improvement Generate personnel specific recommendations for performance enhancement Contribute in overseeing quality assessment process for multiple SOC verticals In-line alignment with SOC operations for quick-detection / prevention of process deviations Support as QA touchpoint in critical cyber incidents to enhance quality of service Assessment of investigation report with assertions, evidences and recommended actions Communicate effectively and collaborate with teams in different geographie
Posted 1 week ago
5.0 - 12.0 years
11 - 13 Lacs
Bengaluru
Work from Office
: Experience range: 5- 12 years Cyber Security Expert Primary Mandate You will consult and support the Life Science Sector Cyber Security team operations across the entire Life Science organization / locations to protect the confidentiality, integrity, and availability of the IT assets, software-based products, applications and web sites. Your main task is ensuring that cyber security policies, standards, controls, and regulatory requirements are properly understood, planned and implemented. Scope Implement and maintain technical and non-technical cyber security controls of the IT assets, software-based products, applications and web sites Technical controls include baseline security configuration for operating systems (e. g. , OS hardening), network segmentation, DMZ systems hardening, identity and access management (IAM), etc. Non-technical controls include working with corporate teams to embed controls in technology Procurement and working with the business application owners to ensure security process are properly applied throughout the entire application management life cycle. Participate in application-, infrastructure-, and business projects to provide security-planning advice. Together with the IT Solution Architects plan, deliver and document security architecture for various security solutions and projects. Participate in a Cyber Security Incidence Response Team (CSIRT) to cover information security incidents on a sector wide level. Development of cybersecurity awareness and training curriculum. Ensure security training and awareness programs are defined and executed. Contribute to internal projects in response to external compliance requirements, such as NIS2. Qualifications Extensive industry experience, technical knowledge and proven information security competency through professional designation / certifications, such as CISSP, IISP, CRISC, CCSP, CISA or CISM. Ability to analyze security issues, manage conflicting priorities, and recommend a course of action with both technical and business perspective. Strong analytical and interpersonal communication skills, including the ability to communicate effectively and build consensus across organizational lines. Ability to collaborate with diverse team consisting of developers, architects, project managers, etc. Experience with security risk management frameworks based on industry standard (e. g. , ISO27005, NIS2, BSI) and regulations (e. g. , GDPR). Proven ability to manage and collaborate on large/complex projects. Strong documentation skills. Fluent in English.
Posted 1 week ago
3.0 - 8.0 years
0 - 3 Lacs
Thane, Navi Mumbai, Mumbai (All Areas)
Work from Office
>> Job DesCRIPTION Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Deliver complex Infrastructure programmes with multiple business and technical risks that will impact the success of key business priorities Create and track a plan to deliver programme goals, including the technical implementation plan, ensuring colleagues and stakeholders are kept up-to-date Manage risks and Issues on the programme demonstrating tactics to resolve or mitigate Understand trade-offs in hardware and infrastructure delivery using experience and influencing skills to drive consensus with the Engineering and Product teams to obtain the best value and deliver brilliant technical solutions Able to foresee potential risks and issues, establish a process, facilitate discussion and manage escalations Able to understand a technical architecture to be able to foresee the impact on dependencies, delivery timelines and implementation plans Have good knowledge of engineering best practices and practical infrastructure implementations to appreciate delivery challenges Collaborate with the Product and Engineering teams to define annual budgetary requirements Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 5+ years of hands-on experience in Project/Program Management. Understand the key principles of ITSM and How this drive effective change into BAU Have experience of building credible relationships and influencing senior management Strong Project, Stakeholder & Programme management skills Good reporting skills for programs and financial forecasting Adept communication & influencing skills and adoptability to changes - Expert delivery experience with the following tools: - Jira - Confluence - Miro - Microsoft Project - MS Excel Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Strong communication and stakeholder & conflict management skills. Strong analytical and problem-solving skills, with the ability to think critically and strategically. >> SELECTION PROCESS Candidates should expect 2-3 rounds of personal or telephonic interviews to assess fitment and communication skills. >> CRITERIA Education 60% above throughout academics One 3 years (at least) regular course is must either Diploma or Graduation Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent Minimum 3 years of hands-on experience in conducting cyber risk assessments. Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA / PCI DSS (At least one) CCNA / CCNP or equivalent (optional) Relevant certifications in OT security (GICSP, ISA/IEC-62443 or equivalent)
Posted 1 week ago
10.0 - 15.0 years
0 Lacs
karnataka
On-site
As a Cloud Ops professional at Tally, you will be part of a team dedicated to delivering top-notch connected services in public clouds for Tally's customers. Your mission will be to ensure unmatched reliability, strong security, and optimal cost efficiency. You will have the opportunity to design, implement, and operationalize solutions using cutting-edge cloud native technologies to provide a seamless experience for our customers. Your responsibilities will include overseeing Risk Management & Governance for Tally's suite of cloud-based connected services, implementing secure access at every level, and ensuring compliance with regulatory requirements. You will focus on Cloud Security Oversight, primarily in the AWS environment, while also considering multi-cloud environments. Your role will involve managing regulatory and compliance issues and providing governance and reporting on cloud operations. To excel in this role, you should bring experience in risk management, governance, or compliance roles within fintech, banking, or cloud-centric organizations, particularly in product or fully hosted service-based settings. You should have expertise in AWS security tools, architectures, and best practices, along with a deep understanding of Indian financial sector regulations such as RBI, SEBI, and the IT Act. Possessing relevant certifications like CISSP, CISM, AWS Certified Security Specialty, CRISC, or CISA would be advantageous. You will be expected to demonstrate a thorough understanding of cloud-native security principles, AWS best practices, risk frameworks (NIST, ISO, COBIT), and regulatory mandates. Your role will involve bridging business requirements with technical security implementations, requiring strong communication, stakeholder management, analytical thinking, and a proactive problem-solving approach. Join us at Tally, where we value honesty, integrity, a people-first culture, excellence, and impactful innovation. Be a part of our journey to simplify the lives of millions of small and medium businesses globally through technology and innovation.,
Posted 1 week ago
4.0 - 8.0 years
0 Lacs
maharashtra
On-site
You will be responsible for conducting third-party/supplier security risk assessments, interpreting security assurance reports including SOC2 and pen test reports, and reviewing security requirements in contracts. Additionally, you will need to understand outsourced solutions and associated information classification, assess supplier security controls based on ISO27001/2 standards, and identify and document security risks. You will be expected to suggest recommendations to address identified security risks, potentially perform information classification such as AIC assessment, and hold security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. If you have at least 4 years of experience in Information Security, possess the necessary certifications, and can work in Mumbai (Andheri East) with a notice period of immediate to 30 days, we encourage you to share your updated resume to manasa.chilla@visionyle.com.,
Posted 1 week ago
5.0 - 9.0 years
0 Lacs
delhi
On-site
The role of a Splunk Security Solution Architect is to serve as a subject matter expert for Splunk Security products and provide expertise on the broader security landscape. Your primary responsibility will be to support Splunk account teams, including sales and pre-sales resources, in developing tailored security solutions for customers. As the "eyes and ears" for the field, you will offer expert guidance and recommendations to help customers enhance the security and resiliency of their organizations. Your key responsibilities will include establishing and maintaining strong relationships with clients and partners, collaborating closely with account teams to align with sales strategies, and conducting demonstrations of Splunk's security products and services to customers. Additionally, you will be required to respond to functional and technical aspects of RFIs/RFPs, provide hands-on leadership in resolving technical issues, and demonstrate a strong ability to collaborate effectively. To excel in this role, you should possess a Splunk Certified Administrator certification or have sufficient knowledge to administer Splunk Enterprise and solutions. You must have at least 5 years of experience as a successful pre-sales engineer, systems integrator, or similar role within the cybersecurity domain. Familiarity with cyber threats, incident response practices, SIEM, automation tools, endpoint technology, threat intelligence, and enterprise hardware and software technologies is essential. Experience with operating systems, networking technology, enterprise software, cloud platforms, scripting languages, and industry certifications such as SANS GIAC, CISSP, CISM, etc., will be advantageous. Furthermore, you should demonstrate strong interpersonal skills, effective communication abilities across different audience types, and a self-motivated attitude with an insatiable curiosity for technological possibilities. A positive and fun-loving demeanor, along with a desire to work with a dynamic team, is key for success in this role. Please note that we are committed to providing guidance on technology, supporting your soft skills development, and educating you on processes. Your passion for technology, motivation, and enthusiasm for working in a collaborative team environment will be highly valued in this position.,
Posted 1 week ago
7.0 - 11.0 years
0 Lacs
karnataka
On-site
As the IT Auditor at Navi, you will be responsible for overseeing Navis strategic Risk-based IT Audit Plan and managing the Group IT Audit Function in alignment with Navis Internal Audit Charter and industry standards set by ISACA, ISO, COBIT, IIA, and other relevant professional bodies. Your role will involve directing IT audit operations and strategies at the group level, auditing information systems, platforms, and operating procedures of Navi to ensure the effectiveness of the organizations risk management and internal controls. Your major responsibilities will include developing and implementing risk-based annual IT audit plans, evaluating IT infrastructure, identifying areas of risk or non-compliance, and ensuring proper resourcing for plan implementation. You will also be responsible for updating audit tools, informing senior management of significant risks, providing feedback on IT & data risks, maintaining relationships with key stakeholders, overseeing Internal Audits participation in business initiatives, and serving as a thought leader in IT risk management and internal control best practices. In addition, you will continuously inspect and assess various elements of the companys information systems, identify IT risk exposure, recommend remediation strategies, review security measures, coordinate with external auditors and regulators, track issues and actions management process, and provide early warning signals in IT areas for potential fraud scenarios. You will also be responsible for issuing clear and concise IT Audit reports, delivering MIS and reports to assist the Function Head, and making presentations to the audit committee and management independently. The ideal candidate for this role should possess IT audits related qualifications such as CISSP, CISA, CISM, GIAC, PPM, PMP, DISA, or equivalent, along with 7 or more years of experience in IT audits preferably with 2-3 years in a team management role. Strong knowledge of IT security and infrastructure, experience in agile product management environments, and 3 to 5 years of Fintech or NBFC industry experience are preferred qualifications for this role.,
Posted 1 week ago
5.0 - 9.0 years
0 Lacs
delhi
On-site
As a global leader in cybersecurity, you will play a crucial role in protecting the people, processes, and technologies that drive modern organizations. CrowdStrike, with its advanced AI-native platform, has been redefining modern security since 2011 with the mission to stop breaches. Our diverse range of customers across various industries rely on CrowdStrike to keep their businesses running smoothly and their communities safe. CrowdStrike is a mission-driven company that values inclusivity, flexibility, and autonomy. We empower our employees to take ownership of their careers and provide an environment where innovation, customer commitment, and community engagement are highly encouraged. If you possess limitless passion, a strong focus on innovation, and a dedication to our customers and community, we welcome you to join our team and be part of a mission that truly matters. As the Sales Engineering leader, your primary responsibility will be to manage the technical sales support for our products and services. You will lead a team in promoting CrowdStrike's security platform to potential customers, partners, and the industry at large. The ideal candidate should demonstrate exceptional energy, drive, and a keen interest in expanding business across a portfolio of accounts. Candidates with existing security contacts are particularly encouraged to apply. Your role will involve ensuring effective technical sales coverage for the regional account base, collaborating with various internal teams for strategic and tactical planning, and driving customer and partner meetings through solution selling and problem resolution. Additionally, you will be responsible for coaching and developing the Sales Engineers" skill sets, providing technical training, and managing a team of SE Managers. This position requires strong leadership skills, pre-sales technical experience, and the ability to engage with stakeholders at all levels within a territory. Your day-to-day responsibilities will involve market analysis, competitive monitoring, and supporting sales teams and partners with pre-sales technical activities. You must be willing to travel for client meetings when necessary and possess excellent communication and presentation skills to interact with external audiences, including senior executives. To excel in this role, you should have a background in IT security, experience in working with channel partners, and a strong technical knowledge of networking and security solutions. Relevant certifications such as CISSP, CISM, Security+, or CEH are a plus. Your ability to understand and articulate both the business benefits and technical advantages of our products will be crucial in this position. At CrowdStrike, we offer a remote-friendly and flexible work culture, competitive compensation and equity awards, comprehensive wellness programs, paid parental and adoption leaves, professional development opportunities, and a vibrant office culture with world-class amenities. We are committed to creating a diverse, equitable, and inclusive workplace where everyone is valued and empowered to succeed. By embracing the diversity of our employees, we foster innovation and deliver the best outcomes for our customers and communities. Join us in shaping the future of cybersecurity.,
Posted 1 week ago
1.0 - 5.0 years
0 Lacs
karnataka
On-site
As an Internal Auditor at Justdial Ltd in Bangalore, you will be responsible for projects in IT Advisory focusing on the assessment and evaluation of IT systems, along with the mitigation of IT-related business risks. Your role will involve IS audit, ITGC reviews, internal audit engagements, IT infrastructure review, and risk advisory, including supporting IT audit activities. Your responsibilities will include coordinating and managing statutory external audits for SOX (ITGC), providing management reports by collecting and analyzing audit information, conducting ISMS security awareness training programs within the organization, and supporting the Information Security Manager in managing and mitigating risk assessments. You will also be involved in implementing ISO 27001 controls across the organization, conducting risk assessments and gap analyses for ISO 27001/IT General Control, and performing internal audits for various business functions. Additionally, you will conduct data center audits as per ISO 27001 standards, develop and review information security policies and procedures, handle end-to-end ITGC statutory audit requirements, assist in the implementation of ISO 27001:2013 and managing the ISMS, and consult the organization on business continuity for critical functions. You will also be involved in implementing and consulting on PCI DSS SAQ A-EP certification. The ideal candidate for this role should have a bachelor's degree in engineering or BSc-IT, experience in performing IT audits of banking/financial sector applications, and knowledge of IT regulations, standards, and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ISO 27001). Technical knowledge of IT audit tools, experience in carrying out OS/DB/Network reviews, exposure to risk management and governance frameworks/systems, and proficiency in project management, communication, and presentation skills are essential. Being a team player with strong self-directed work habits, initiative, drive, creativity, maturity, self-assurance, and professionalism is crucial for success in this role. Preferred certifications include CISA, CISSP, ISO 27001 Lead Auditor/Implementer, and CISM. Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools is also required.,
Posted 1 week ago
4.0 - 6.0 years
12 - 16 Lacs
Bengaluru
Work from Office
Role & RESPONSIBILTY Conduct threat modeling and risk assessments to evaluate potential security risks associated with the organization. Provide guidance on risk remediation strategies and the implementation of countermeasures to address identified security risks. Ensure GDPR & PCI-DSS compliance across all areas of the organization. Work with the development team to ensure compliance with SDLC lifecycle and secure coding practices. Lead encryption efforts and disable deprecated protocols to maintain data security while in transit or at rest. Incorporate NIST framework into the organization's security practices and stay up-to-date with the latest controls. Review penetration testing reports, static and dynamic application security testing results, SaaS platforms, Azure Defender reports, and third-party application integration risks to identify vulnerabilities and evaluate overall security posture. Provide expertise in security and network architecture and design. Create comprehensive data flow diagrams to identify potential threats and identify areas for improvement. Evaluate cloud security posture and provide recommendations to enhance overall security. Continuously identify potential flaws in the entire architecture and implement security controls and practices to prevent future breaches. REQUIREMENTS: Bachelor's degree in Computer Science, Information Technology, or related fields 8+ years of experience in information security or related fields Strong understanding of GDPR & PCI-DSS requirements Experience with threat modeling, risk assessment, and remediation Familiarity with secure application development principles and secure coding practices Experience with identity and access management (IAM) solutions and authentication protocols such as SAML, OAuth, and OpenID Connect Understanding of network security protocols such as TCP/IP, DNSSEC, SSL/TLS, IPSec, and firewalls Experience in encryption technologies and protocols for data security Knowledgeable in NIST framework controls Strong analytical and problem-solving skills Expertise in security architecture and network design Proficiency with creating detailed data flow diagrams Familiarity with cloud security trends and best practices Experience with DevOps and CI/CD pipelines and creating a DevSecOps culture Excellent communication and interpersonal skills Professional Certifications: CISSP, CCSP, CCSK, CEH
Posted 1 week ago
5.0 - 8.0 years
12 - 20 Lacs
Bengaluru
Work from Office
ROLE & RESPONSIBILTY: Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation. Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments. Risk Consulting IT Advisory Cyber Security: Cyber Risk Assessments The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. 2020 KPMG, an Indian Registered Partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International. REQUIREMENTS: Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields. A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments.•Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices.•Proficiency in using various security assessment and techniques. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Conceptual knowledge of OT Security/ISA 62443 standard is preferable. >>CRITERIA oEducation 60% above throughout academicsoOne 3 years (at least) regular course is must either Diploma or GraduationoCourse: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalentoCertification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/20000 LI/LA (At least one)oCCNA (Mandatory), CCNP or equivalent(optional).
Posted 1 week ago
6.0 - 10.0 years
8 - 12 Lacs
Noida
Work from Office
Join our Team About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Why join Ericsson What happens once you apply Primary country and city: India (IN) || Noida Req ID: 769907
Posted 1 week ago
6.0 - 10.0 years
9 - 13 Lacs
Noida
Work from Office
About this opportunity! At Ericsson, we are committed to maintaining robust and compliant internal control systems in accordance with the Sarbanes-Oxley Act (SOX). With our expanding global footprint and increasing reliance on technology for financial operations, we are strengthening our SOX Information Systems (IS) controls to ensure consistent and reliable financial reporting. We are now hiring a Security Implementation Lead to focus primarily on SOX IS control audits, working closely with our IT, internal audit, compliance, and business teams. The role is critical in ensuring our IT general controls and application-level controls support accurate financial reporting, align with regulatory expectations, and are prepared for evolving audit demands. This opportunity is a broader effort to enhance IT risk management maturity across the enterprise. What you will do! Test and evaluate the design and operating effectiveness of SOX IS (Information system) controls Review application controls for key financial systems (e.g., SAP) Maintain and update test control documentation (e.g., narratives, flows, control matrices). Plan scope of audit and audit schedules. Prepare audit test scripts to support findings. Report deficiencies or exceptions to management and assist with remediation tracking. Develop report for management Coordinate with internal and external auditors. Work closely with IT teams, business units, and SOX/Compliance functions. Recommend improvements to control design or processes. Contribute to automation and optimization of controls testing. Analytical and detail-oriented. Strong communication and documentation skills. The skills you bring! Strong knowledge of SAP systems, SOX, ITGC and COBIT. Experience of audit tools like GRC Understanding of DevSecOps, Software engineering and Agile ways of working Knowledge of Ericsson Information Security Management System. Ericsson Information Security Assessments and Audits. Ericsson IT processes General cyber / information security concepts, CIA, Threats and Vulnerabilities. Cloud Security. Ericsson Information Security Risk Management Instruction. Ericsson Information Security Requirements. Ericsson Information Security Measurements. Third Party Security Management. Security Governance and Compliance. Certifications: SAP, COBIT, SOX, CISSP, CEH, IT4IT, CISA, CISM, CLOUD SECURITY understanding Primary country and city: India (IN) || Noida Req ID: 769907
Posted 1 week ago
5.0 - 8.0 years
8 - 11 Lacs
Bengaluru
Work from Office
We are looking for a hands-on professional to manage SatSure s IT operations and drive compliance, risk, and information security initiatives. This role will ensure that our IT systems and practices effectively support the company s growth while maintaining security, compliance, and reliability. You will work closely with engineering, business, and legal teams to implement best practices and enable smooth, secure operations. About SatSure SatSure is a deep tech, Decision Intelligence company working at the intersection of agriculture, infrastructure, and climate action. We transform satellite data into actionable insights, enabling faster, smarter, and more responsible decisions especially for underserved regions of the world. Key Responsibilities: IT & Infrastructure Manage daily IT operations, including networks, endpoints, cloud resources, and collaboration tools. Ensure the reliability, security, and cost-effectiveness of cloud and internal IT infrastructure. Implement and maintain IT governance, access control, and operational procedures. Compliance & Risk Develop and enforce policies to meet regulatory, contractual, and internal compliance requirements. Support internal and external audits (e.g., ISO 27001, SOC 2) and help maintain certifications. Monitor, assess, and mitigate IT and cyber risks. Information Security Oversee day-to-day security practices, including vulnerability checks, incident response, and data privacy. Create awareness programs to promote good security practices across teams. Collaboration & Leadership Work with delivery, legal, and client teams to ensure compliance requirements are addressed in operations and contracts. Mentor junior team members, and help build a culture of accountability and continuous improvement. Qualifications 5 8 years of experience in IT operations, with some experience in compliance, risk, or information security. Bachelor s degree in Computer Science, Information Systems, or a related field. Certifications like CISM, CISSP, or ISO 27001 LA are an advantage but not required. Must Have Skills Strong working knowledge of cloud platforms (AWS, GCP, or Azure) and enterprise IT systems. Familiarity with standards like ISO 27001, GDPR, SOC 2, and ITIL. Ability to communicate risks and requirements clearly across teams. Experience supporting audits, managing vendors, and working with legal or client teams is a plus. Perks & Benefits Health insurance for you and your family, including unlimited online doctor consultations. Access to mental health support for you and your dependents. Learning & development allowance. Comprehensive leave policy (including paid, casual, marriage, and bereavement leaves). Biannual performance appraisals.
Posted 1 week ago
5.0 - 8.0 years
14 - 18 Lacs
Bengaluru
Work from Office
We are looking for a hands-on professional to manage SatSure s IT operations and drive compliance, risk, and information security initiatives. This role will ensure that our IT systems and practices effectively support the company s growth while maintaining security, compliance, and reliability. You will work closely with engineering, business, and legal teams to implement best practices and enable smooth, secure operations. About SatSure SatSure is a deep tech, Decision Intelligence company working at the intersection of agriculture, infrastructure, and climate action. We transform satellite data into actionable insights, enabling faster, smarter, and more responsible decisions especially for underserved regions of the world. Key Responsibilities: IT Infrastructure Manage daily IT operations, including networks, endpoints, cloud resources, and collaboration tools. Ensure the reliability, security, and cost-effectiveness of cloud and internal IT infrastructure. Implement and maintain IT governance, access control, and operational procedures. Compliance Risk Develop and enforce policies to meet regulatory, contractual, and internal compliance requirements. Support internal and external audits (e.g., ISO 27001, SOC 2) and help maintain certifications. Monitor, assess, and mitigate IT and cyber risks. Information Security Oversee day-to-day security practices, including vulnerability checks, incident response, and data privacy. Create awareness programs to promote good security practices across teams. Collaboration Leadership Work with delivery, legal, and client teams to ensure compliance requirements are addressed in operations and contracts. Mentor junior team members, and help build a culture of accountability and continuous improvement. Qualifications 5 8 years of experience in IT operations, with some experience in compliance, risk, or information security. Bachelor s degree in Computer Science, Information Systems, or a related field. Certifications like CISM, CISSP, or ISO 27001 LA are an advantage but not required. Must Have Skills Strong working knowledge of cloud platforms (AWS, GCP, or Azure) and enterprise IT systems. Familiarity with standards like ISO 27001, GDPR, SOC 2, and ITIL. Ability to communicate risks and requirements clearly across teams. Experience supporting audits, managing vendors, and working with legal or client teams is a plus. Perks Benefits Health insurance for you and your family, including unlimited online doctor consultations. Access to mental health support for you and your dependents. Learning development allowance. Comprehensive leave policy (including paid, casual, marriage, and bereavement leaves). Biannual performance appraisals.
Posted 1 week ago
8.0 - 12.0 years
20 - 30 Lacs
Bengaluru
Work from Office
Hiring a Senior Cybersecurity GRC Consultant, you will play a pivotal role in helping organizations manage and improve their Governance, Risk, and Compliance (GRC) frameworks. You will be responsible for setting up and leading assessments, implementing strategies, and advising clients on how to mitigate cybersecurity risks and achieve compliance with industry standards and regulatory requirements. 8+ Years of Experience in cybersecurity, risk management, and governance, with a proven track record of leading GRC initiatives. Educational Background: Bachelors or Masters degree in Information Technology, Cybersecurity, Computer Science, Business Administration, or a related field. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, or similar. Must have experience in customer facing projects (onsite / offsite); Should be able to lead the junior team members. In-depth Knowledge of Cybersecurity Frameworks: Expertise in implementing and advising on security frameworks such as Unified Cybersecurity Framework, NIST/RBI/IRDAI/SEBI Cybersecurity Frameworks, ISO 27001/2, CIS Controls etc. Project Management: Proven ability to manage and lead multiple GRC projects simultaneously, with strong organizational and time-management skills. Client-Focused: Demonstrated ability to build and maintain relationships with clients, providing expert advice and ensuring customer satisfaction. Cloud Security: Knowledge of cloud environments (AWS, Azure, Google Cloud) and their associated risks and compliance requirements. Penetration Testing & Vulnerability Management: Familiarity with vulnerability assessment, penetration testing, and ethical hacking practices. Incident Management: Experience in developing or improving incident response plans, business continuity plans, and disaster recovery strategies.
Posted 1 week ago
5.0 - 10.0 years
25 - 35 Lacs
Bengaluru
Hybrid
We are hiring for- Role: Technical product Manager Experience: 5-10 Years Location: Bangalore Work Mode: Hybrid Key Responsibilities Product Roadmap & Execution: Lead the product vision and execution for AI features in our GRC suite, bringing insight into leveraging AI for threat detection, vulnerability management, and risk quantification. Cross-functional Collaboration: Partner with engineering, data science, design, and QA teams to ensure the delivery of secure, scalable, and cyber risk-aligned product capabilities. User Research: Conduct deep-dive interviews and research with cyber stakeholders to pinpoint pain points, regulatory requirements, and opportunities for improvement across threat and control landscapes. Requirements Management: Translate complex business and user needs into clear product requirements, user stories, and acceptance criteria informed by real-world risk scenarios and industry standards. Prioritization & Backlog Management: Prioritize product enhancements to maximize value for cyber risk professionals, strengthen risk posture, and aid in incident response and resilience. Client Feedback Loop: Work with sales and customer success teams to integrate actionable client feedback into the product lifecycle, focusing on user experience for cyber risk stakeholders. Metrics & Analysis: Monitor adoption and effectiveness of AI-powered features, using product data to inform ongoing risk mitigation and reporting enhancements. Product Evangelism: Advocate for the product through presentations, documentation, and customer engagements, articulating its value for cyber risk and security teams. Subject Matter Expertise: Contribute your deep expertise in cyber risk management, threat modeling, NIST CSF, ISO 27005, and regulatory frameworks such as GDPR, PCI DSS, and DORA. Skills and Experience Experience : 510 years in Cyber Risk, Compliance, or Security Risk Management roles, preferably within high-impact or regulated environments. Domain Expertise : Advanced understanding of cyber risk methodologies—threat identification, impact analysis, vulnerability management, and risk treatment. Technical Acumen : Familiarity with AI/ML applications in cybersecurity (e.g., anomaly detection, behavioral analytics, automated risk prioritization). Product Mindset : Experience with design thinking and product development lifecycle (PDLC). Compliance Frameworks : Working knowledge of data protection laws and cybersecurity standards (e.g., NIST, ISO 27001, SOC 2). Certifications : Professional credentials such as CISSP, CRISC, CISM, or CEH. Security Product Development: Proven experience in security product creation or as a subject matter expert in GRC initiatives. Education Bachelor's or Master's degree in Cybersecurity, Information Technology, Risk Management, or related discipline. -- Muugddha Vanjarii 7822804824 mugdha.vanjari@sunbrilotechnologies.com
Posted 1 week ago
3.0 - 6.0 years
5 - 8 Lacs
Pune
Work from Office
Brief overview of the business areas Global Cybersecurity is responsible for enabling businesses and functions to manage their information, technology and cybersecurity risks by ensuring these are well-understood, and that controls used the manage such events are defined, assessed and implemented appropriately. Cybersecurity deliver this via objective, independent, professional and specialized subject matter experts. The role forms part of the 1LoD in relation to risk management framework. The Cybersecurity Assessment and Testing (CSAT) function, part of Global Cybersecurity, is accountable for Vulnerability Management, Secure Development, Threat and Controls Assessment (threat modelling) and Third Party Security Assessment. The function drives the identification, capture, assessment, testing and ultimately the remediation of security defects, gaps and vulnerabilities across HSBC s estate in concert with business and technology teams on premise, within the Cloud and resulting from 3 rd party engagements. What you will be doing; The Threat and Controls Assessment Senior Consultant role will work as part of a global team to perform Threat Modelling on HSBC services. This role will report into the Threats and Controls Assessment Regional Lead, closely collaborating with peers across Penetration Testing; Secure Development, Third Party Security Assessment and Cybersecurity business and regional leads, enabling effective end-to-end vulnerability identification. Key Responsibilities: Independently identify and assess the potential security threats and vulnerabilities in systems, applications, and networks. Work on complex architecture, systems, network to identify the potential security gaps and help HSBC bank to achieve expected security posture of the systems. Perform effective threat and control assessments of services within our internal, external and cloud estate. Liaise with Developers, Architects and other Technical Leads to understand the end to end service and identify where there are any control gaps. Understand the Business requirements, evaluate potential products / solutions and provide technical recommendations. Be "hands on" with technology and contribute to the design, development and the support of projects with security recommendations. Identify threats across the IT estate; including applications, databases, network and other infrastructure components. Engage with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues. Work as Technical Lead and take ownership to improve the processes, procedures and h elp team to improve technically. Stay up to date with industry new trends and best practices. What you will bring to the role; To be successful in this role you should have proven experience within the Technology sector with knowledge of the following skills: Mindset An inquisitive approach, always asking how to achieve goals in a smarter and more effective way Positive and professional attitude, team player, flexible and adaptable, embraces change Good Risk and Controls understanding Knowledge and exposure of Risk and Control Management Ability to understand and assess both threats, controls and vulnerabilities, articulating these to both technical and business stakeholders Desirable to have one or more industry-recognised cybersecurity-related certifications including CISSP, CRISC, CISM or Cloud Security Certifications Requirements Strong Technical background In-depth understanding of security concepts and principles Proven experience with threat modelling and strong technical understanding and experience of assessing vulnerabilities and identifying weaknesses in diverse enterprise IT assets Strong understanding of applications design and architecture Knowledge and experience with network, host and application security practices Good working knowledge of one or more of the Cloud Service Providers AWS, GCP or Azure Strong understanding of Software Development Life Cycle (SDLC) with a focus on security Experience in continuous improvement and process optimisation. Understanding of emerging technologies and corresponding security threats Strong stakeholder management and communications skills Experience of working in international and diverse environments Experience in engaging with business, technology, regional and regulatory stakeholders Ability to communicate to key stakeholders effectively translating technical gaps into business risk Ability to complete tasks independently to a high quality standard Self-motivated individual with strong analytical and problem solving skills Experience within fast-moving, complex and demanding corporate environments and able to provide appropriate direction to the team whilst dealing with ambiguity and change Interpersonal Skills Influential, credible and persuasive, active listener, embraces HSBC Values, shows good judgement and demonstrates high level of communication skills in order to achieve effective stakeholder management
Posted 1 week ago
3.0 - 8.0 years
5 - 10 Lacs
Chennai
Work from Office
You re at the right place if you wish to make a difference and see the impact. Work with us to unleash your true potential while being yourself. Associate Governance Risk & Compliance Responsibilities Perform information security audits and consulting as per the regulatory requirement and security standards Develop and participate in implementation of client initiatives focused on the reduction of technology risk, governance and compliance to policies and external regulatory compliance Developing IT security policies, procedures and guidelines controls to manage risks. Knowledge of vulnerability management. A good understanding of IT data centre operations and a variety of technology platforms Qualifications 1-3 years experience in Compliance, Security, or related industry; Ideally should have a CISSP, CISA or CISM qualification; Knowledge and understanding of HIPAA, GDPR, PCI DSS, SOC 2, ISO27001 and ISO 22301 is preferred.
Posted 1 week ago
5.0 - 10.0 years
7 - 12 Lacs
Bengaluru
Work from Office
Description & Requirements About the Role Responsible for managing the Digital Cyber Security Engineering activities related to any kind of application security and secure software development activities, incorporating best practices across the entire company. This includes the evaluation of new security technologies, maintenance and configuration of the existing security tool landscape related to software development and application security. Identified risks are tracked for remediation and regularly reported to senior leadership for visibility. You are also a focal point for not just the IT but also the different business departments to serve as subject matter expert related to information security topics and provide tailored solutions towards the business needs. What You Will Do Support the security of software development activities across the company Assess and improve the security of applications used in or created by Harman Continuously improve and optimize Cyber Security environment related to software development and application security, including Cloud environments Manage and maintain the present Security Stack related to application security and software development Evaluate risks and appropriate processes and technology to mitigate these risks Perform risk assessments of individual projects as well as holistic companywide assessments What You Need Bachelor degree or higher, or equivalent qualification Several years (5+ years would be ideal) of experience on Cyber Security in a global footprint Solid experience in Secure Software Development Lifecycle (SSDLC) and Continuous Integration / Continuous Delivery (CI/CD) pipelines Expertise in various security technologies and product-suites (Azure, AWS, Atlassian tool suite or comparable) Ability to effectively communicate in English, including reading, writing and speaking Ability to prioritize and execute tasks in a structured and analytical way Very good communication in a team environment Project Management Experience What is Nice to Have CISSP certified Other Certifications around Information Security (e.g. CISM, CCSP, ISO27001 LI, OSCP ) Experience with OWASP top 10, dynamic and static code analysis What Makes You Eligible Be willing to travel up to 5%, domestic only OR domestic and international travel This role is eligible to work remotely 80% with occasional trips into the office location. What We Offer Flexible work environment, allowing for full-time remote work globally for positions that can be performed outside a HARMAN or customer location Access to employee discounts on world-class Harman and Samsung products (JBL, HARMAN Kardon, AKG, etc.) Extensive training opportunities through our own HARMAN University Competitive wellness benefits Tuition Reimbursement Access to HARMAN Campus Fitness Center and Cafeteria An inclusive and diverse work environment that fosters and encourages professional and personal development You Belong Here HARMAN is committed to making every employee feel welcomed, valued, and empowered. No matter what role you play, we encourage you to share your ideas, voice your distinct perspective, and bring your whole self with you all within a support-minded culture that celebrates what makes each of us unique. We also recognize that learning is a lifelong pursuit and want you to flourish. We proudly offer added opportunities for training, development, and continuing education, further empowering you to live the career you want. About HARMAN: Where Innovation Unleashes Next-Level Technology Ever since the 1920s, we ve been amplifying the sense of sound. Today, that legacy endures, with integrated technology platforms that make the world smarter, safer, and more connected. Across automotive, lifestyle, and digital transformation solutions, we create innovative technologies that turn ordinary moments into extraordinary experiences. Our renowned automotive and lifestyle solutions can be found everywhere, from the music we play in our cars and homes to venues that feature today s most sought-after performers, while our digital transformation solutions serve humanity by addressing the world s ever-evolving needs and demands. Marketing our award-winning portfolio under 16 iconic brands, such as JBL, Mark Levinson, and Revel, we set ourselves apart by exceeding the highest engineering and design standards for our customers, our partners and each other. If you re ready to innovate and do work that makes a lasting impact, join our talent community today! HARMAN is proud to be an Equal Opportunity employer. HARMAN strives to hire the best qualified candidates and is committed to building a workforce representative of the diverse marketplaces and communities of our global colleagues and customers. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.HARMAN attracts, hires, and develops employees based on merit, qualifications and job-related performance.( www.harman.com )
Posted 1 week ago
8.0 - 13.0 years
25 - 30 Lacs
Bengaluru
Work from Office
Description & Requirements About the Role As a Principal Engineer, IT & Cloud Security, you will bring specialized depth and breadth of expertise in Cloud Security and Risk Governance, leading strategic security initiatives and ensuring the implementation of best practices across the organization. This role requires a strong analytical mindset, the ability to lead complex projects, and a deep understanding of enterprise security frameworks. You will independently drive security improvements, providing strategic recommendations to address both internal and external business challenges. As a thought leader in security, you will collaborate with cross-functional teams to strengthen the company s security posture, influencing technology, processes, and risk management. Additionally, you will be facilitating technical discussions with external vendors, ensuring accountability for performance, and optimizing security tools across the organization. Your insights will directly impact security strategy, operational excellence, and risk mitigation at a global scale. Your Team This position reports to the Director, Digital Security Engineering and is technically guiding a Cloud Security Analyst position. You also lead cross-functional teams on security initiatives and projects with moderate resource requirements, risk, and complexity. What You Will Do Drive the companys Cloud Security strategy, ensuring continuous improvement and optimization in alignment with industry best practices. Own and enhance the risk governance framework for Cloud Security, defining KPIs and reporting metrics for executive leadership. Independently assess, analyze, and mitigate complex security risks, influencing corporate-wide security decisions. Lead security-related projects with cross-functional teams, ensuring effective collaboration and risk mitigation. Manage and evaluate external security vendors, ensuring appropriate licensing, service quality and accountability. Provide strategic guidance to business and IT teams, interpreting business challenges and identifying innovative solutions. Communicate complex security concepts to stakeholders, negotiating adoption of best practices across departments. Ensure effective operation and maintenance of security tools, continuously identifying opportunities for improvement. What You Need Bachelor s degree or equivalent qualification. 8+ years of experience in Cyber Security, preferably in a global organization. Deep expertise in Risk Governance and Cloud Security, including AWS, Azure, or GCP. Strong knowledge of Endpoint Security, Application Security, and Network Security. CISSP certification required. Experience managing external security vendors and ensuring performance accountability. Ability to interpret complex security risks, provide strategic recommendations, and influence leadership decisions. Strong project leadership experience, with the ability to lead cross-functional teams on security initiatives. Excellent communication and negotiation skills, with the ability to explain complex security challenges to both technical and non-technical stakeholders. Structured and analytical approach to problem-solving, with strong prioritization skills. What is Nice to Have Additional security certifications (e.g., CISM, CCSP, ISO 27001 LI, OSCP). Hands-on expertise with Cisco and CrowdStrike security solutions. Experience in enterprise security architecture and cloud-native security solutions. What Makes You Eligible Be willing to travel up to 5%, domestic only OR domestic and international travel What We Offer Flexible work environment, allowing for full-time remote work globally for positions that can be performed outside a HARMAN or customer location Access to employee discounts on world-class Harman and Samsung products (JBL, HARMAN Kardon, AKG, etc.) Extensive training opportunities through our own HARMAN University Competitive wellness benefits Tuition Reimbursement Access to HARMAN Campus Fitness Center and Cafeteria An inclusive and diverse work environment that fosters and encourages professional and personal development You Belong Here HARMAN is committed to making every employee feel welcomed, valued, and empowered. No matter what role you play, we encourage you to share your ideas, voice your distinct perspective, and bring your whole self with you all within a support-minded culture that celebrates what makes each of us unique. We also recognize that learning is a lifelong pursuit and want you to flourish. We proudly offer added opportunities for training, development, and continuing education, further empowering you to live the career you want. About HARMAN: Where Innovation Unleashes Next-Level Technology Ever since the 1920s, we ve been amplifying the sense of sound. Today, that legacy endures, with integrated technology platforms that make the world smarter, safer, and more connected. Across automotive, lifestyle, and digital transformation solutions, we create innovative technologies that turn ordinary moments into extraordinary experiences. Our renowned automotive and lifestyle solutions can be found everywhere, from the music we play in our cars and homes to venues that feature today s most sought-after performers, while our digital transformation solutions serve humanity by addressing the world s ever-evolving needs and demands. Marketing our award-winning portfolio under 16 iconic brands, such as JBL, Mark Levinson, and Revel, we set ourselves apart by exceeding the highest engineering and design standards for our customers, our partners and each other. If you re ready to innovate and do work that makes a lasting impact, join our talent community today! HARMAN is proud to be an Equal Opportunity employer. HARMAN strives to hire the best qualified candidates and is committed to building a workforce representative of the diverse marketplaces and communities of our global colleagues and customers. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.HARMAN attracts, hires, and develops employees based on merit, qualifications and job-related performance.( www.harman.com )
Posted 1 week ago
8.0 - 13.0 years
25 - 30 Lacs
Mumbai
Work from Office
Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job Summary As a Vice President within the Testing CoE team, you will be responsible in risk identification, control evaluation, and security governancein advising on complex situations and enhancing the firm s risk posture. Job responsibilities Lead and manage control evaluations and end-to-end substantive testing activities, including planning, fieldwork and reporting. Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the Commercial and Investment Banking (CIB). Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 8+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, helpful capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications preferred. A background in auditing and the ability to understand of internal controls is beneficial. Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint. Knowledge of data analytical tools such as Tableau, Altryx or Pythyon Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm s risk posture. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job Summary As a Vice President within the Testing CoE team, you will be responsible in risk identification, control evaluation, and security governancein advising on complex situations and enhancing the firm s risk posture. Job responsibilities Lead and manage control evaluations and end-to-end substantive testing activities, including planning, fieldwork and reporting. Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls within the Commercial and Investment Banking (CIB). Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 8+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, helpful capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications preferred. A background in auditing and the ability to understand of internal controls is beneficial. Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint. Knowledge of data analytical tools such as Tableau, Altryx or Pythyon
Posted 1 week ago
6.0 - 10.0 years
0 Lacs
noida, uttar pradesh
On-site
You will be joining NTT DATA as an Information Security-Management - Security Analysis Specialist Advisor in Noida, Uttar Pradesh (IN-UP), India (IN). In this role, you will be responsible for ensuring the seamless delivery of all information security services to the customer. Your key duties will include delivering information security services in compliance with contracts and standards, assisting clients in defining and implementing security policies, strategies, and procedures, and participating in strategic design processes to align security with business requirements. Additionally, you will support the implementation of security governance frameworks, collaborate with clients to review and monitor adherence to security policies and standards, and facilitate audits to ensure compliance. Your role will also involve performing risk reviews, developing risk treatment plans, and incorporating threat intelligence into risk management strategies. You will be expected to drive remediation efforts related to information security, identify weaknesses in current operations, and ensure information security operations meet standards. To qualify for this role, you should have at least 6 years of relevant experience, knowledge of standards/regulations impacting information security, and experience with internal and external audits. Preferred qualifications include certifications such as CISSP, SSCP, CISM, or CEH, customer relationship management experience, and knowledge of systems and network administration. NTT DATA is a trusted global innovator of business and technology services, serving 75% of the Fortune Global 100. As a Global Top Employer, NTT DATA is committed to helping clients innovate, optimize, and transform for long-term success. With experts in more than 50 countries and a robust partner ecosystem, NTT DATA offers services in consulting, data and artificial intelligence, industry solutions, and digital infrastructure. As a part of the NTT Group, NTT DATA invests in R&D to support organizations and society in moving confidently into the digital future. Visit us at us.nttdata.com.,
Posted 1 week ago
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Accenture
32455 Jobs | Dublin
Wipro
16590 Jobs | Bengaluru
EY
11025 Jobs | London
Accenture in India
10991 Jobs | Dublin 2
Amazon
8878 Jobs | Seattle,WA
Uplers
8715 Jobs | Ahmedabad
IBM
8204 Jobs | Armonk
Oracle
7750 Jobs | Redwood City
Capgemini
6181 Jobs | Paris,France
Muthoot FinCorp (MFL)
6170 Jobs | New Delhi