620 Cism Jobs - Page 5

We are currently looking for an ambitious and dynamic IT SOX/Internal Auditor to join our Global SOX Team based in Bangalore. The main purpose of the role is to assess the adequacy of IT controls design and complete the test of effectiveness covering all aspects of Visa s in-scope key financial systems and applications. It is expected that this position will include responsibility for the understanding of complex IT areas in accordance with plan. The Analyst should expect to assume supporting role in the completion of the SOX 404 testing stage for several IT controls under the direction of managers. Skills Strong problem-solving skills, with demonstrated ability to identify and resolve issues and risks, including root cause analysis. Ability to anticipate and identify opportunities to establish standards and controls, as well as develop and recommend solutions. Effective communication, interpersonal and influencing skills and ability to drive effective change at all levels of the organization. Detailed, conscientious and highly responsible team player. Responsibilities Review and assess adequacy of walkthrough documentation, perform test of effectiveness through review of supporting documents, meeting control owners and report control issues identified. Attend and support IT controls meetings with control owners, external auditors and SOX team members. Document test results in Visa s work papers template ready for review by SOX team members and external auditors. Interacts with management to assess control exceptions. Keep control owners and SOX team informed of exceptions and assist the IT teams with the development of Management Action Plans to mitigate issues, and evaluate adequacy of managements actions. Possess good written and oral communication skills, demonstrate these skills during meeting with control owners and IT teams. To be a key member of the SOX team and contribute to the planning and execution of the annual SOX program for IT controls. Provide best practice expertise to management and the SOX team on the COSO and IT SOX internal control frameworks. Handling day-to-day relationships with the external auditors on control matters and related issues. Professional 3 - 5 years of experience in SOX, internal audit, or risk with focus on IT controls (ITGC/ITAC) Experience in financial services or payments industry preferred . Big 4 experience preferred Qualification

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Program Project Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure cloud environment that supports the organization's growth and innovation. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on cloud security practices.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Program Project Management.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management in cloud environments.- Ability to develop and implement security policies and procedures.- Familiarity with compliance standards relevant to cloud security. Additional Information:- The candidate should have minimum 5 years of experience in Program Project Management.- This position is based in Mumbai.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education" Summary :As a Security Lead, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- The candidate will be responsible for implementation of Saviynt IGA architecture- The role also involves troubleshooting and resolving issues within the team and collaborating with Saviynt support to ensure seamless operations and system efficiency. Ensuring quality and efficiency throughout the project lifecycle is key.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams. Professional & Technical Skills: - Must Have Skills: Proficiency in Saviynt IGA.- Strong knowledge of Saviynt IGA architecture, with hands-on experience in application onboarding, connector configurations, and workflow implementation. Solid experience in design discussions, creating design documents, and performing unit testing- Ability to troubleshoot and resolve technical issues within the team and in collaboration with Saviynt support.- Proficiency in Segregation of Duties (SOD), certifications, and custom JARs. Familiarity with identity governance processes, role management, and security protocols is essential. Experience in troubleshooting and optimizing complex systems is a must.- Detail-oriented, strong problem-solving abilities, excellent collaboration and communication skills, proactive, and able to work effectively in team-oriented environments. Focused on delivering projects on time and to specification. Additional Information:- The candidate should have a minimum of 4 years of experience in Saviynt IGA. Overall IT work experience should be 5 years or above- A 15 years full time education is required.- Bachelors degree in Computer Science, Information Technology, or a related field. Certifications are a plus." Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Delivery Excellence Good to have skills : NAMinimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Should be able to manage the delivery for the large client with multiple skills and different verticals. Should be able to lead large number of teams.As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitate the transition to cloud security-managed operations, ensuring that all security measures align with organizational objectives and compliance standards. You will engage in discussions to refine security strategies and provide guidance on best practices, contributing to a secure and efficient cloud environment. Roles & Responsibilities:- Expected to be a Subject Matter Expert with deep knowledge and experience.- Should have influencing and advisory skills.- Engage with multiple teams and responsible for team decisions.- Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems.- Facilitate workshops and training sessions to enhance team understanding of cloud security practices.- Continuously assess and improve the cloud security framework to adapt to evolving threats and business needs. Professional & Technical Skills: - Must To Have Skills: Proficiency in Delivery Excellence.- Strong understanding of cloud security principles and frameworks.- Experience with risk assessment and management in cloud environments.- Ability to design and implement security controls tailored to cloud architectures.- Familiarity with compliance standards and regulations related to cloud security. Additional Information:- The candidate should have minimum 18 years of experience in Delivery Excellence.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

- - - - - - The key objective of this role is to ensure that processes- across IT operate securely. The remit extends across all aspects of IT- security (i.e. policies and procedures, authorization and administration of- accesses, networks and firewalls, servers and workstations, operation- systems, databases and applications), wherever applicable and covers all IT- teams and usage of the IT platform by other departments. Another key- objective is to ensure that IT maintains an appropriate level of security in- compliance with company policy and requirements from regulatory & market- authorities and in accordance with recommendations from General Inspection,- Compliance, Internal Audit and External Auditors. This role also contributes- to the design, testing and roll-out of security controls such as access- management, exception management, data leakage prevention, etc. in accordance- with established regional processes - - - - - - Responsibilities - - - - - - Direct Responsibilities - - 1. IT Risk Management - - - Inform- APAC IT Security Risk Management team about any new projects or major change- within India for further risk assessment. - - - Ensure- risk assessment on the in-scope projects, third-party vendors and the deviation- of policies & best practice is properly conducted. Ensure the- recommendation issued for projects and security exceptions / risk acceptances- are properly followed up. - - - To- translate policy statements into local guidelines and procedures in order to- produce enforceable actions - - - To- enforce an efficient user account management process in order to authorize- and control users accesses and habitations to IT Systems - - - To- monitor and ensure immediate and accurate reporting of any SIPL IT Security- related incident (intrusion, virus, etc.) to the regional & global IT- Security and Incident Management processes. - - - To- be part of the network rules review and recertification process, by reviewing- and approving all network access requests (including firewall, proxy and SMTP- requests), and perform periodical review. - - - To- work in partnership with the Business Lines, Organization & Methods,- Information Systems, and others to draw up measures for implementing the Company's- Information Systems Security Directives. Especially to participate to all- projects in order to ensure respect of good IT Security practices - - - To- occasionally participate in regional security risk assessment activity of- business line applications - - - To- work with different stakeholders and assist India CIO to implement the IT- risk management framework - - - To- conduct necessary security controls, reviews, assessment to ensure the best- security practice is in place . - - 2. IT Security Control Design, Testing and Implementation - - - To- gather control requirements based on regulatory guidelines and business needs - - - To- assist in the design of local and business-specific security controls - - - To- contribute to the processing of day-to-day security events, leading or- supporting security investigations and escalation to relevant stakeholders- (Business, Compliance, Legal, HR, IT) - - - To- maintain exception management workflows and to track local exceptions and- their recertification - - - To produce- periodic KPI and KRI dashboards and distribute them to local management - - 3. Coordination & Cooperation - - - To- actively coordinate and cooperate with other IT and APAC Security teams to- ensure best IT Security practices, deliveries and a smooth interaction - - - To- work closely with IT Infrastructure & Production team, as well as- Business Lines IT teams for closure of non-compliant issues found within- scope of responsibilityTo assist the production & follow up of Security- Dashboard by APAC SecurityTo maintain an IT Security Awareness training- program towards all local employees - - - To assist SIPL COO/CIO for the production of required- and requested reporting to the local regulatory & market authorities - - - To- answer requests raised by Internal Audit and Risk and to promptly close- findings and recommendations - - 4. Team management - - - As- team head to supervise and lead the SIPL information security team: - - - Ensure the team's mandated learnings- (eLearning, classroom training) are completed before due date - - - Ensure block leave and carryover leave are managed- per policy - - - Ensure timesheets are recorded in Clarity - - - Identify development and training plan for the team - - - Create succession plan and backup plan for the team - - - When necessary, manage low performers with- development plans and keep track of the progress (if applicable) - - 5. Permanent Control Aspects - - - Direct- contribution to BNPP operational permanent control framework. - - - Responsible- for the implementation of operational permanent control policies and- procedures in day-to-day business activities, such as Control Plan - - - Responsible- for ensuring team members (if applicable) to comply with regulatory- requirements and internal guidelines. - - - Responsible- for reporting all incidents according to the Incident Management System - - - Responsible- for ensuring job descriptions are written, distributed and updated - - - Ensure- audit recommendations are resolved within the specific timeline. - - Contributing Responsibilities - - 1. Cooperation - - - To improve IT quality and process generally - - 2 . Compliance- & Control - - - Comply- with the BNPP IT Security policies - - - Comply- with the BNPP standards of Code of Conduct - - - Comply- with regulatory requirements and internal guidelines. - - - Ensuring- appropriate escalation to management and/or Permanent Control (or Compliance- as appropriate) as soon as an issue is identified - - - Minimizing- operational failure, including but not exclusively, the risk of fraud, by- helping to devise, and by implementing, sufficient regular controls - - 3 . Committees - - - Participate and- contribute to different committees related to the job scope, including but- not limited to IT management, IT risk management (TRM), country supplier risk- management, data governance, data protection, local outsourcing management,- etc. - - - - - - - Technical & Behavioral Competencies - - - - - - - To be- knowledgeable of IT Security concepts. - - - To know IT- Security regional roadmap. - - - To maintain- a good knowledge of the technologies, systems, integration and workflows of- the IT Security program. - - - To know the- organization of global IT Security, as well as regional Security, who to- action depending on the matter and to maintain good relationships with IT- Security managers. - - - To know- program management methodology. - - - To know how- to define an action plan and to follow up on progress. - - - To be- organized and meticulous. - - - To know how- to communicate clear instructions and follow up while delegating- appropriately. - Negotiation skills. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Specific Qualifications (if required) - - - - - - - - - Securities practitioner- qualification is a must; - - - Strong local regulatory- experience on SEBI is required - - - Bachelors degree in- Computer Science, Information Security or equivalent experience - - - Holder of information security and risk- management (e.g. CISM, CISSP, etc.) preferred - - - - - - Skills Referential - - - - - - Behavioural Skills : (Please- select up to 4 skills) - - - - - - Ability- to collaborate / Teamwork - - - - - - - Communication skills - oral &- written - - - - - - - Decision Making - - - - - - - Personal Impact / Ability to- influence - - - - - - - Transversal- Skills: (Please select up to 5- skills) - - - - - - - - - Ability- to understand, explain and support change - - - - - - - Ability- to manage a project - - - - - - - Ability- to develop and adapt a process - - - - - - - Ability- to inspire others & generate people's commitment - - - - - - - Ability- to manage / facilitate a meeting, seminar, committee, training - - - - - - - Education- Level: - - - - - - - - - - - Bachelor Degree or equivalent (3 years) - - - - - - Experience- Level - - - At- least 7 years - - - - - - - Other/Specific Qualifications (if- required) - - - - - - - - - - - - - - - - - - - - - -

About The Role Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : NAMinimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities:- Expected to be a SME with deep knowledge and experience.- Should have influencing and Advisory skills.- Engage with multiple teams and responsible for team decisions.- Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems.- Lead the planning, execution, and monitoring of Security Services projects.- Collaborate with cross-functional teams to ensure project success.- Provide guidance and mentorship to junior team members.- Develop and implement strategies to enhance Security Delivery Governance. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in risk management and mitigation strategies.- Knowledge of security technologies and tools.- Good To Have Skills: Security certifications such as CISSP or CISM. Additional Information:- The candidate should have a minimum of 18 years of experience in Security Delivery Governance.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical & Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications (if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certification: in IT Audit - CISA (Certified Information System Audit) required other IT certification: Cybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential Behavioural Skills : Communication skills - oral & written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical Ability Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to anticipate business / strategic evolution Education Level: Master Degree or equivalent Experience Level At least 10 years

This role will be responsible for supporting the Third-Party Technology Risk Management team in identifying and evaluating potential/ recognized risks related to Information Security, Business Continuity and Physical Security. The 3rd Party Security Risk Assessor, reporting to the Manager, Third Party Risk Management team that performs security assessments of vendors, service providers and 3rd party companies that manage systems or information for BNP Paribas Responsibilities Direct Responsibilities As a Third-Party Technology Risk Assessor, you will perform third-party information and cyber security assessment to identify, monitor, remediate, and manage third party risks across the third-party lifecycle. Risk Assessor role requires good risk experience technology expertise (areas of information and cyber security, business continuity, incident management, compliance, and human resource security) in accurately scoring the inherent risk profile of 3rd parties, making sure the risk assessments are completed on time with quality. In addition, the role requires the ability to prioritize and drive workload. Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of: ISO 27001, SIG (Shared Assessments), TruSight, SOC / equivalent reports, as well as knowledge of controls related to Privacy, Compliance, Business Resiliency, Cyber and other risk domains. Work with Line of business partners, by navigating them through the different stages of the risk assessment life cycle and making sure that they are being compliant to the organization requirements. Communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams as applicable. Monitor and track the identified findings as part of the assessment lifecycle. Contributing Responsibilities Actively participate in identifying process gap and should be ready to own and update/ document relevant TPTRM policies and procedures Support Internal and external TPTRM audit requirements Compile and generate Weekly/Monthly/Quarterly dashboard on KPI Technical Behavioral Competencies Ideally in financial services with minimum of 5+ years of experience in TPRM or Risk management background. Bachelor's degree with professional certification in Information, Cyber, Network and Cloud Security. Experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc. Experience in one or more risk disciplines an advantage i.e., Information Security, Business Continuity, Data Privacy etc. Experience in Governance, Risk Compliance (GRC) tools an advantage. Experience in providing stakeholders with specialist risk knowledge and monitoring its execution. Strong self-motivated multi-tasker who can prioritize competing tasks and stakeholders. Ability to work independently in a fast adapting and agile work environment. Proactive and deliverable focused, with a dedication to delivering against hard deadlines. Excellent analysis skills with keen eye for detail. Strong capabilities in Microsoft Excel, PowerPoint, and Word. Familiarity with vendor management, procurement, and contract negotiation. Ability to communicate effectively with both technical and non-technical stakeholders. Strong analytical and problem-solving skills. Specific Qualifications (if required) Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral written Attention to detail / rigor Creativity Innovation / Problem solving Transversal Skills: Ability to develop and adapt a process Ability to understand, explain and support change Ability to develop others improve their skills Education Level: Bachelor Degree or equivalent Experience Level At least 5 years

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Risk and Audit Operations, Governance Risk & Compliance (GRC) Platform OperationsMinimum 5 year(s) of experience is required Educational Qualification : Bachelors degree in computer science, IT, information systems management or equivalent area Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Additionally, you will assess the effectiveness of existing security protocols and recommend enhancements to improve overall security posture. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Good To Have Skills: Experience with Security Risk and Audit Operations, Governance Risk & Compliance (GRC) Platform Operations.- Strong understanding of cloud security frameworks and architecture.- Experience in risk assessment and management methodologies.- Familiarity with compliance standards and regulations related to security. Additional Information:- The candidate should have minimum 5 years of experience in Integrated Security Risk Management.- This position is based at our Bengaluru office.- A Bachelors degree in computer science, IT, information systems management or equivalent area is required. Qualification Bachelors degree in computer science, IT, information systems management or equivalent area

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Showcasing creativity and expertise in cloud security solutions. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Lead security governance initiatives and ensure compliance with industry standards.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of security architecture design.- Experience with data security and compliance regulations.- Knowledge of cloud security best practices.- Hands-on experience in implementing security controls and measures.- Familiarity with security assessment tools and methodologies. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Coimbatore office.- A 15 years full-time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Coimbatore office- A 15 years full-time education is required Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security architecture design discussions- Develop security architecture solutions- Conduct security assessments and provide recommendations Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design- Strong understanding of cloud security principles- Experience with security tools and technologies- Knowledge of security compliance standards- Hands-on experience in implementing security controls Additional Information:- The candidate should have a minimum of 7.5 years of experience in Security Architecture Design- This position is based at our Noida office- A 15 years full time education is required Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Strong understanding of cloud security principles and frameworks.- Experience with identity and access management solutions.- Knowledge of regulatory compliance requirements related to cloud security.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 12 years of experience in SailPoint IdentityIQ.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Company: Reputed NBFC. Role: Cyber Defense Governance. Location: Mumbai. Responsibilities: Develop and maintain cyber defense governance frameworks. Design and manage cybersecurity KPIs and KRIs. Establish standardized incident reporting protocols, ensuring compliance with regulatory requirements. Act as the primary liaison between cybersecurity teams, risk management, compliance, and executive leadership Please share your resume on pranaya@rightmatch.co.in

Key Role Deliverables: Facilitating ISO and SOC 2 corporate-wide examinations Assisting special compliance and audit related projects as assigned Assisting internal VAPT audits and sharing the reports with the management Planning and conducting testing to confirm continuous efficiency and effectiveness of information system controls Understanding the business and IT infrastructure including applications and servers through interactions and walkthrough Managing and measuring the IT Security Framework and developing and maintaining a technology risk assessment program for business applications and processes Collecting information and reviewing information systems policies, standards and procedures to verify that they address the organization's internal and external requirements and to identify information systems control deficiencies Performing a root cause analysis of the various risks/ incidents identified and development of solutions to mitigate the risks and the flow of data and information and performing a threat and risk analysis of each process Assisting with development and implementation of corporate compliance procedures and controls Keeping the department updated with the latest technological changes and cybersecurity advancements Reviewing of Business Impact Analysis, Risk Assessment, Current State Network assessment and Recovery Strategy Analysis Prerequisites: Attention to detail Good understanding of IT and network security Experience of working in cyber security risk management preferred Excellent time management skills preferred Ability to work well under pressure with tight deadlines while delivering high quality and output Experience 0-2 years Education BE/ B.Tech or equivalent specialization in IT are preferred One or more of the following information security certifications or advanced degree in information security/cybersecurity: CISSP/SSCP/CISM/CRSC/CISA/HISP or equivalent CEH V11 or other equivalent Ethical Hacker degree is preferable

Staff Cybersecurity Engineering As a Staff cybersecurity engineer with Convera, we are looking for the primary administrator of an automated GRC platform to support the Convera cybersecurity program and all the IT stakeholders. You will also support efforts using this system for responding to regulator questions, independent audit, and customer assurance. You will be responsible for: Represent the Convera cybersecurity team in the India region with respect to compliance and cybersecurity activities. * Ensure controls are followed continually and without material audit findings or qualifications. Respond and assist with urgent new cybersecurity requirements, security incidents, outages, and customer grievances. Participate and report on multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise. Develop and manage project plans and budget/resource estimates as needed. Participate in Vendor / Supply Chain Risk Management to ensure availability * Perform vendor due diligence Cyber risk reviews to ensure supply chain compliance Assist in Vendor Onboarding/Contract Negotiations related to cybersecurity Perform cyber resiliency assessments to detect and identify weaknesses in the security posture of the organization's resiliency and recovery strategies Assist with vendor due diligence risk reviews and questionnaires to ensure supply chain compliance. Assist in working with Convera vendors, contactors, and third parties to confirm compliance to Convera policies, service level agreements, and acceptable usage policies. Find, report, and help remediate cybersecurity risks and compliance gaps to Convera and Convera-contracted services by working with IT teams, business teams, and other stakeholders. * Oversee regular vulnerability assessments, internal technical reviews, and penetration testing of cloud environments and applications Partner with IT teams to develop and implement remediation strategies for identified security issues Develop metrics and reports to track vulnerability management program effectiveness Evaluate and recommend security tools and technologies Provide security guidance to technical teams Facilitate, coordinate, and obtain vulnerability reporting requirements from multiple stakeholders. Assist on Risk Assessments * Document, analyze, and report control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Partner with IT teams to develop and implement remediation strategies for identified security issues Assist in investigating internal and external information security risk and exceptions assessments Partner with SecOps & Enterprise Tech on new business solutions & architecture Help assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks. Inform the proper stakeholders of important concerns and hazards. Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements. Operate with a high degree of independence regarding cybersecurity project and program activities. * Manage multi-regional projects to identify and track appropriate corrective measures to resolve issues as they arise. Respond and assist with urgent new requirements, security incidents, outages, and customer grievances. Develop and manage project plans and budget/resource estimates as needed. Assist in security incident response and forensic investigations when needed Assist in internal and external audit efforts. Support new security and privacy compliance changes from all over the world. About You CompTIA Security+, (ISC)2 SSCP, GSEC, AWS Certified Cloud Practitioner, Azure Security Engineer Associate, Certificate of Cloud Security Knowledge or other industry recognized technical, or security certification(s). CISSP, CISA, CISM, or other industry recognized security certification(s) are preferred. Hands on experience with vulnerability scanning tools and penetration testing methodologies Skilled at analyzing complex problems, impact analysis, and enabling informed decision making. Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation. Up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape. Expertise in planning and delivering a wide range of projects including embedding risk and governance frameworks, introducing new policies and processes, and implementing IT systems. Successful at stakeholder engagement and experienced at operating at both strategic and tactical levels. Can quickly identify key operational risks, material impacts, risk indicators and controls within the business area. Experience with working on IT systems in a global 24x7 operation with varying levels of uptime and security requirements. Have a strongly motivated to work independently, desire to learn and grow in a fast-paced, complex environment. Develop and manage project plans and budget/resource estimates as needed. A fast learner, able to manage details and complex needs. Are up to date with technology and compliance risks facing dynamic organizations, with an excellent understanding of the regulatory environment and the challenges to meet a rapidly evolving landscape. Have strong and honest communication skills as well as confident communicating verbally and in writing. Have a basic understanding of the finance industry, risk management, and cloud technology. Familiar working with industry-standard regulatory requirements (SOC1/2, PCI, GDPR, etc.) and technical standards (CIS, NIST, STIG, etc.) Excellent interpersonal, communication, and presentation skills, including a strong customer service orientation and confident in communicating verbally and in writing with respect to local cultures and languages. About Convera Our teams care deeply about the value we bring to our customers which makes Convera a rewarding place to work. This is an exciting time for our organization as we build our team with growth-minded, results-oriented people who are looking to move fast in an innovative environment. As a truly global company with employees in over 20 countries, we are passionate about diversity; we seek and celebrate people from different backgrounds, lifestyles, and unique points of view. We want to work with the best people and ensure we foster a culture of inclusion and belonging. We offer an abundance of competitive perks and benefits including: Competitive salary Opportunity to earn an annual bonus. Great career growth and development opportunities in a global organization A flexible approach to work #LI-KP1,

Job Title: Solution Architect Cybersecurity Job Location: Hyderabad Day Shift & 5 days a week Experience: 4+ Years Relevant Experience: 2+ Years Certification: CISSP, CISM, CEH, or equivalent Job Summary: We are looking for a seasoned Cybersecurity Solution Architect to join our team. The ideal candidate will have a deep understanding of cybersecurity principles, extensive experience in designing secure IT infrastructure solutions, and a proven track record in driving security initiatives. This role will involve collaborating with clients to understand their security needs and architecting solutions that align with their business goals. Key Responsibilities: Design and implement comprehensive cybersecurity solutions for IT infrastructure. Conduct security assessments and gap analysis to identify vulnerabilities and recommend remediation strategies. Develop and maintain security architecture artifacts (models, templates, standards, and procedures). Collaborate with cross-functional teams to ensure seamless integration of security solutions. Stay updated on the latest cybersecurity threats, technologies, and regulatory requirements. Provide technical leadership and guidance to clients and internal teams. Support pre-sales activities by providing technical expertise and designing security solutions for proposals. Conduct risk assessments and develop risk management strategies. Ensure compliance with industry standards and best practices (e.g., ISO 27001, NIST). Mentor and train junior staff on cybersecurity practices and principles. Qualifications: Bachelors degree in computer science, Information Technology, or a related field. Masters degree preferred. Minimum of 5 years of experience in cybersecurity, with at least 3 years in a solution architect role. Professional certifications such as CISSP, CISM, CEH, or equivalent. Strong knowledge of cybersecurity frameworks, protocols, and best practices. Experience with security technologies such as firewalls, IDS/IPS, SIEM, DLP, and endpoint protection. Familiarity with cloud security (AWS, Azure, GCP) and hybrid cloud environments. Excellent problem-solving skills and the ability to think strategically. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Preferred Skills: Experience in IT infrastructure design and implementation. Knowledge of software development and secure coding practices. Understanding of regulatory requirements and industry standards. Experience with network security and architecture. Why Join Us: Be part of a dynamic and innovative team. Opportunity to work on cutting-edge cybersecurity projects. Competitive salary and benefits package. Professional growth and development opportunities www.locuz.com | www.cymune.com Best Regards, Talent Acquisition Team Sales & Consulting Email shiva.vobaigari@locuz.com,

Godrej Infotech Ltd / OPERATIONS & TECHNOLOGY GROUP Careers With Godrej Job Summary OPERATIONS & TECHNOLOGY GROUP About the Business & Position Overview Compliance Manager Job Profile Key Responsibilities Risk Management Governance Framework Development Compliance Management Audit Coordination Policy Development Job Description Implement security controls, risk assessment framework, and program that align to best practices and regulatory requirements. - Assist with implementation of ISMS across the organization entities - Good understanding of the security technologies such as DLP, NGAV, EDR, CASB, PIM/PAM, Firewall, Proxy, Email ATP, WAF etc. - Well versed with well-known security frameworks such as ISO 27001:2022 / NIST CSF / PCI DSS / ISO 22301. - Ensure key information security risks and issues are identified, addressed and resolved in a timely manner. - Assess efficacy of security controls, document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities. - Ensure third party security assessments - Assist with Third Party Risk Management framework including policy updates, procedures, due diligence questionnaires and the monitoring of third parties- adherence to information security and data privacy obligations. - Develop relevant metrics, analyse data, identify trends and help drive improvements to the control environment - Remains current on best practices and technological advancements - Drive security awareness program across the organisation Qualification Details Essential Qualification: - Graduate in any discipline (Preferably in IT / Computer Science)- Excellent interpersonal skills, comfortable working at all levels within an organization and in a widevariety of situations.- Relevant industry certification such as ISO 27001 Lead Auditor/ ISO 27001 Lead Implementor / CISM etc. (at least one) is highly desirable.- Broad level of knowledge of security and risk issues and techniques across platforms.- Excellent knowledge of methodologies, processes and tools associated with supporting this functioneffectively. Preferred Qualification: same as above Experience Details Essential Experience: Must have GRC experience for at least 6-8 years.Experience of leading an ISMS as part of an ISO27001 certified program.

Grade H - Office/ CoreResponsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Entity: Technology IT&S Group Job Description: You will work with In this Information Security role, you will be embedded within the technology team supporting bp s Mobility and Convenience (M&C) global business, focusing on PCI compliance requirements for the Americas. Let me tell you about the role As a key part of the Digital Delivery team supporting the M&C retail business, you will be responsible for ensuring that existing Americas payment solutions operate securely and in accordance with US PCI requirements and that any new IT solutions are secured and compliant by design. What you will deliver You will: Provide guidance to delivery team on specifics of PCI requirements, as relevant to the Channel of trade and local legislation. Support delivery teams to design enhancements to existing payment systems and services to maintain an appropriate level of security and compliance. Support delivery teams to design, build and operate new innovative IT solutions that incorporate appropriate levels of security and meet compliance requirements. Provide advice on appropriate PCI testing programs. Work with an appointed QSA & central Digital Security team to co-ordinate relevant input into the yearly audit process. Ensure PCI compliance issues are understood and have agreed remediation plans. Report on PCI compliance activity and status to broader Security & Compliance teams. Conduct PCI Awareness training sessions and champion PCI as an enabler to safe, secure, and compliant payment channels across bp s customer offers. Identify and manage any new emerging requirements. Highlight and deliver continuous improvement initiatives, with a focus on how we can use AI and automation to improve effectiveness and efficiency of controls What you will need to be successful (experience and qualifications) Education You ll have a tertiary level education and/or equivalent relevant work experience. Experience Similar experience supporting global IT teams to understand, implement and maintain relevant security controls to meet PCI compliance. Ideally gained within a large-scale global organization supporting retail businesses Deep understanding of global PCI requirements and practical experience of implementing security controls to achieve them. Have delivered compliance, audit or testing programs previously. Experience forming effective and collaborative partnerships with other digital teams & stakeholders Desirable qualifications and experience You are a Certified Information Security Manager (CISM) with 8+ years of Security Experience. Either a Payment Card Industry Professional (PCIP) or Payment Card Industry Internal Security Assessor (PCI ISA). Have excellent stakeholder and problem management skills. Travel Requirement Up to 10% travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism

: Job TitleNFRM Information Security & Technology Risk Specialist LocationMumbai, India Corporate TitleAssociate Role Description An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this role is within the Mumbai team (currently 1 person) which is being built out to support the global team. Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other team members the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai and USA. What well offer you 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Accident and Term life Insurance Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Non-Financial Risk Management (NFRM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LOD Risk and Control Assessments (including results of 1LOD control testing/assurance). Perform 2LOD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC/MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience University degree (Computer Science, Business Administration or equivalent). Majors in Information Security and / or Risk Management are a plus. Experience (5+ years) in Information Security or Information Technology with experience in the Finance industry and/or a major Technology or Consultancy company preferred. Experience in IT Risk Frameworks such COBIT 2019 is ideal 3+ yrs Understanding and experience of technology from either a support, development or business analysis perspective Some level of technical understanding and training either as a data analyst, developer, business analyst or project manager are a plus. Knowledge of Information Security and Technology industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines ISO / 27000 Series, COBIT 2019, DORA) are a plus. Experience of technology coding e.g python, java is a plus Understanding of IT controlsSDLC, managing technology obsolescence, disaster recovery is a plus Knowledge of Digital transformation, Private and Public Cloud, AI tooling a plus Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, ITIL, ISO27001 Lead Auditor or similar are a plus. Experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Strong communication skills (English required). How well support you

As the world works and lives faster, FIS is leading the way. Our fintech solutions touch nearly every market, company and person on the planet. Our colleagues are empowered to learn, grow, and make an impact-in their careers and communities. Our teams are inclusive and diverse, working and celebrating together. If you want to grow personally and professionally, we d like to know: Are you FIS? About the role: The Staff is an entry level or lightly experienced auditor focused on testing audit project related controls. As trusted advisors to management, FIS Internal Audit provides independent audits of operational, financial, IT, and regulatory compliance processes in the fast-paced fintech industry. Collectively, we are a team of inclusive, diverse, and performance driven self-starters. To support our associates, we provide a clear career path and reward performance by promoting from within. We offer a mentorship program, internal training, plus a budget for external training, hundreds of free online classes, and certification opportunities. What you will be doing: Support the audit teams during financial, operational, regulatory, and/or Sarbanes-Oxley (SOX) audit projects. Support special investigations where requested. Evaluate and validate financial, operational, and regulatory processes, risks, and controls at the audit engagement level. Execute work programs and document workpapers and other audit materials that meet all relevant professional practice and FIS Internal Audit methodology requirements Contribute to well-written and meaningful reports summarizing audit results. Actively seek out performance feedback and coaching and take ownership of personal professional development plan. What you will need: Earned a bachelor s degree in accounting, finance, technology, or other related discipline. Hold a professional certification (e.g. CIA, CISA, CPA, CFE, CISM, CISSP), or have the desire and determination to pursue such. Industry or professional services firm experience a plus. Ability and willingness to travel (up to 5%, depending on location). Excellent communication skills (oral and written). What we offer you: At FIS, you can learn, grow and make an impact in your career. This role exposes you to a variety of lines of business and corporate functions at FIS. As you grow your network at FIS, you will have ample opportunity for upward movement within the department or laterally in other areas of the enterprise. In addition, you receive exceptional benefits including: Flexible and creative work environment with a hybrid working arrangement Diverse and collaborative atmosphere Professional and personal development resources Opportunities to give back Work - life balance Competitive salary and benefits Bonus if you have: Experience in highly regulated environments Professional services experience acquired from a Big 4 environment or highly regarded consulting firm

Job Summary Network Security Architect Responsibilities Key Responsibilities Review and approve firewall requests in line with risk appetite Review and analyse firewall rules to ensure they are effective and in line with security best practices Ensure all firewall rules are recertified by owners in the specified timeframe Where no owner is made available ensure an owner is found and that necessary information is updated Perform firewall ruleset review Validate the rule compliance report of the firewalls generated from the automated firewall review solution and share with the respective stakeholders Perform ACL ruleset management add update remove optimize to remove defunct duplicate rules Follow the change management process for creationmodificationremoval of rules with necessary approvals Clearly document all changes to firewall rules including the reason for the change the details of the change the requestor and the date and time of the change Periodically reviewing existing firewall rules to ensure they are still necessary and appropriate Remove outdated or redundant rules Regularly assess rule effectiveness Adjust rules based on issues identified Experience Qualifications Should have 16 to 20 years of experience in setup configuration and ongoing management of firewall devices like Palo Alto F5 Zscaler Cisco ISE Azure DDoS Strong in Network Architecture and has to design and develop the architecture framework Should have experience in preparing HLD and LLD documents Should have experience in managing endtoend delivery Should have excellent communication skills Strong leadership and team management skills Ability to work collaboratively with crossfunctional teams Good to have CISSP Certified Ethical Hacker CEH CISM certifications

Vulnerability Management - Job Title Vulnerability Management x 1 Role Description Responsible for facilitating end to end vulnerability management responsibilities with internal employees and AT&Ts external auditing firms for Service Provider PCI, SOC, and ISO 27001 audits. Key Role and Responsibilities: 1. Schedule and ensure weekly scans are conducted, results are provided to the appropriate Remediation Owners and applicable Critical, High, and medium security risk vulnerabilities are addressed in a timely manner. 2. Schedule and facilitate meetings with internal employees to obtain, review, and analyze device inventory for assets supporting AT&T services in scope for a PCI, SOC, or ISO 27001 audits. 3. Schedule and facilitate meetings with internal employees covering vulnerability scan results providing Remediation Owners with information to help address in scope vulnerabilities to be compliant with PCI and ASPR requirements. 4. Schedule and provide training for internal employees covering vulnerability scanning and remediation for the latest PCI and ASPR requirements. 5. Perform security analysis, drive technical security assessments, and monitor and report on remediation progress. 6. Provide guidance to remediation teams to ensure compliance with regulatory, contractual, and legal requirements. 7. Perform scanning reconciliations to quickly identify in scope devices that were not properly scanned. 8. Follow-up with appropriate representatives to gain an understanding why in scope devices were not scanned and schedule rescans to ensure scanning of all in scope devices. 9. Assist with and perform penetration and segmentation testing for AT&T services. 10. Meet with external auditors as needed to review required audit evidence. 11. Contribute to the overall success of the team by identifying and documenting process improvements and creating and maintaining process documentation. Required Skills 1. Advance project management, time management, Microsoft PowerPoint, Excel, Outlook, and Word skills are required. 2. Advanced verbal and written skills are required. 3. ServiceNow experience using the vulnerability response module. Desired Skills 1. Bachelors degree in Computer Science with an emphasis in information systems is preferred. 2. Minimum of 5 years of experience in IT Operations, external PCI DSS audits, and 3 years of IT Security is preferred. 3. The following certifications are an asset, CISSP, CISM, CCSK, CCSP, PMP, and CISA. Service supported Vulnerability Management Location- Bangalore/Hyderabad Yrs of Exp-5+Yrs

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills and Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Enterprise Security Engineer (P3) About the Role: Aviatrix, the leader in multi-cloud network security, is seeking a highly motivated and skilled Enterprise Security Engineer (P3) to join our Security team. This mid-to-senior-level role is critical for enhancing the security posture of our enterprise systems and ensuring a robust defense against evolving threats. As a key team member, you will drive security initiatives, collaborate with our Detection and Response team, and address complex challenges in a fast-paced, innovative environment. This position requires a self-starter with a strong foundation in enterprise and cloud security, coupled with a track record of learning and adapting to emerging security trends. Responsibilities: Cloud & Infrastructure Security: Architect, deploy, and maintain security measures across our multi-cloud environments (AWS, Azure, GCP), including infrastructure hardening, configuration reviews, and continuous monitoring. Application & AI Security Review: Conduct security assessments of business-critical applications and AI/ML deployments perform threat modeling, secure code reviews, dependency scanning, and penetration tests to identify and remediate vulnerabilities. Platform & Tool Management: Design, configure, and manage core security platforms (SSO, IAM, MDM, SIEM, EDR/NDR, email security) to enforce policies consistently across both applications and infrastructure. Network Defense & Threat Detection: Evaluate, integrate, and optimize network security technologies (firewalls, IDS/IPS, VPNs) to strengthen protections against ransomware, DDoS, insider threats, and data leakage. Incident Response & SOC Partnership: Collaborate with the SOC to triage, investigate, and remediate incidents affecting applications or infrastructure, driving rapid response and post-incident learning. Requirements: Demonstrated experience conducting in-depth cloud infrastructure security reviews assessing configurations, network architectures, and control implementations to identify and remediate risks. Hands-on experience architecting and securing cloud application deployed in AWS, with familliarty of other CSPs such as Azure and OCI, knowledge of each platform s native security services and best practices. Demonstrated application and AI security background: threat modeling, secure code reviews, dependency scanning, and penetration testing of business-critical applications. Solid understanding of network defense and threat detection technologies firewalls, IDS/IPS, VPNs and proven track record mitigating ransomware, DDoS, insider threats, and data loss. Familiarity with infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines to drive automated, secure deployments. Experience partnering with SOC teams on incident response, investigation workflows, and post-incident lessons learned. Excellent communicator and mentor, capable of sharing best practices, coaching junior engineers, and driving cross-functional security awareness. Relevant certifications are highly desirable, such as CISSP, CISM, CCSP, AWS Certified Security - Specialty, Azure Security Engineer Associate, or equivalent. BENEFITS US : We cover 100% of employee premiums and 88% of dependent(s) premiums for medical, dental and vision coverage, 401(k) match, short and long-term disability, life/AD&D insurance, $1,000/year education reimbursement, and a flexible vacation policy. Outside the US: We offer a comprehensive benefits package which, (subject to regional variations) could include pension, private medical for you and dependents, generous holiday allowance, life assurance, long-term disability, annual wellbeing stipend Your total compensation package will be based on job-related knowledge, education, certifications and location, per our aligned ranges. About Aviatrix Aviatrix is the cloud network security company trusted by more than 500 of the world s leading enterprises. As cloud infrastructures become more complex and costly, the Aviatrix Cloud Network Security platform gives companies back the power, control, security, and simplicity they need to modernize their cloud strategies. Aviatrix is the only secure networking solution built specifically for the cloud, that ensures companies are ready for AI and what s next. Combined with the Aviatrix Certified Engineer (ACE) Program , the industry s leading secure multicloud networking certification, Aviatrix unifies cloud, networking, and security teams and unlocks greater potential across any cloud. WE WANT TO INCLUDE YOU We embrace the fact that not everyone s journey took the same route or started at the same place. If your experience doesn t quite meet the requirements but the opportunity excites you and you believe you could be great, don t let that hold you back from applying. Tell us what you CAN bring and what makes you special. Aviatrix is a community where everyones career can grow and we want to help you achieve your goals and be your best YOU, however that looks. If youre seeking an opportunity where you can be excited to start work every morning with enthusiastic people, make a real difference and be part of something amazing then let s talk. We want to get to know you and how we could grow together. Aviatrix, Inc. is an equal opportunity employer and does not make hiring decisions based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. CPRA - California Applicant Privacy Notice