626 Cism Jobs - Page 7

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security strategies.- Conduct security assessments and audits.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services.Cloud Security, SOC , SIEM, SOAR , MxDR, Sentinel , Team management , Financial Planning & Tracking, SDM Role with strong communications with Clinet & Onshore , Good to have skills :Strong Communications , Transition , Helping with the Delivery Solutioning for Delivery Reviews , Understanding on implementation on MxDR, SOC, MDE, SOAR- Strong understanding of cloud security principles.- Experience in designing and implementing security solutions.- Knowledge of security compliance standards.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 12 years of experience in Managed Cloud Security Services.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Integrated Security Risk Management Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively implemented and maintained. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security protocols.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Integrated Security Risk Management.- Good To Have Skills: Experience with Security Architecture Design.- Strong understanding of cloud security principles and practices.- Experience in risk assessment and management methodologies.- Familiarity with compliance standards and regulations related to security. Additional Information:- The candidate should have minimum 5 years of experience in Integrated Security Risk Management.- This position is based at our Coimbatore office.- A 15 years full time education is required. Qualification 15 years full time education

CISA, CISM, CISSP SAP GRC Expert SAP GRC 10.1 and 12 SAP IDM MSMP and BRF+ workflow SOD Analysis Required Candidate profile Experience of SAP GRC 10.1 & 12 SAP modules (e.g., FICO, MM, SD) (R/3/ECC, BW4HANA, S4HANA)

Senior SAP Basis Consultant, SAP BTP and Integration Suite SAP SYBASE SAP Basis activities like system installations, configurations, upgrades, migrations, and performance tuning. Required Candidate profile Immediate or Serving Notice Period CISA, CISM and CISSP SAP systems - Linux / HANA and SAP ASE (Sybase) SAP BTP and Integration Suite

Job Description: You are Responsible for Below are the roles and responsibilities of the candidate Assists the senior management in defining the control objectives and monitoring compliance efforts. Manage organization's compliance with the Sarbanes Oxley Act. Develops processes to ensure compliance with all SOX requirements. Designs and administers internal controls over financial reporting relating to the IT automated controls. Reports test results to the top management. Review test findings within the Internal/External Audit Team, facilitate the remediation of control gaps, and escalate possible critical issues to the senior management. Serve as a liaison between internal and external auditors. Stays abreast of changes in SOX regulations to ensure timely compliance. Identify areas of potential improvement for key processes and procedures and supports the management of the related processes and procedures. Responsible for maintaining and updating all aspects of the internal SOX compliance. Responsible for working with different business owners on implementation, execution and compliance with entity level controls. Evaluates the review and analyzes data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Develop and conduct SOX compliance training for employees. To succeed in this role you should have the following Applicants should be a University Degree holder (preferably Master degree), CPA or Chartered Accountant (or equivalent), Certified Information Systems Auditor (CISA) with 5+ years of experience in Finance / Internal/ IT Controls/Audit and relevant business area. Knowledge of SOX and IT controls. Big 4 public accounting experience with Fortune 500 clients. Extensive knowledge of the internal control framework (specifically COSO) and a solid understanding of the concepts of control design and operational efficiency. Strong knowledge of SOX requirements and ability to assist with documentation of ITGC and financial process controls to support operational as well as SOX compliance audits, including performing walkthroughs and developing process flow charts. Strong risk management experience, including: performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Experience working in a dynamic IT environment similar to a high tech start-up. Experience of solving multiple and complex challenges. Exposure in audit planning and execution, controls operation, and handling audit queries with external/internal auditors. Strong governance, risk and assurance management background which encompass knowledge of corporate governance, control framework and risk. Aptitude for leading teams; influencing and galvanizing others to follow you toward a solution. Ability to guide and train team members. Strong interpersonal written and oral communication skills. Solid organizational skills along with an aptitude for information technology. Excellent analytical skills Understanding of business drivers and related risk and ability to interpret the relevant management information is appreciated. Good communication and Analytical skills Having risk and controls mindset Ability to challenge and open to different views and opinions. Self-starter and ability to manage diverse cultural/ethnic sensitivities. Ability to deal effectively with complexity and having focus on details. Ability to prioritize and ensure delivery of priorities. Quick learner and resilient Mandatory Skills :Team Coordination, Leadership, sox, Itgc, IT Audit, IT Governance, Information Technology Desirable Skills : IT Risk Management, Cobit, Cisa, Cism, Cissp, team leading, Risk Compliance, Information Security, IT Risk

We are seeking an experienced Information Security Officer to lead and manage our organization s information security and data compliance functions. The Individual will be central in ensuring data integrity, regulatory compliance, and enterprise-wide security across all business functions. Key Responsibilities: 1. Regulatory & Technical Expertise Maintain a deep understanding of key regulations: DPDP Act, IT Act, SEBI, KRA, IRDAI and ISO 27001. Oversee data classification and handling protocols for sensitive information (e. g. , KYC, Aadhaar, financial records) Evaluate third-party risk and data flow responsibilities (data controllers/processors). Monitor internal systems for vulnerabilities and drive breach incident response processes. Stay current with evolving legal and cybersecurity threats impacting the organization. 2. Security Architecture & Enforcement Design and implement access controls, credential management and 2FA protocols. Enforce device and network security: MDM solutions, VPN-only access, USB and domain restrictions. Ensure full auditing capability (Authentication, Authorization, Accounting) to detect anomalies and trace incidents. 3. Governance & Accountability Set and enforce data security and compliance policies across all departments. Act as the final authority on security decisions, especially during escalations and breaches. Conduct regular employee training, certification, and ensure adherence to a security code of conduct Qualifications & Skills: 8-12 years of experience in cybersecurity, information security, or compliance roles. Proven knowledge of data privacy laws and enterprise-grade security standards. Strong understanding of infrastructure security, access management, and audit systems. Excellent communication skills to influence cross-functional teams and leadership. Ability to lead with authority while balancing business and regulatory needs. Preferred Certifications: CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or equivalent.

If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of DBS Senior Control Tester. In this role, you will: Carrying out thorough preparation, driving and participating in execution of a wide range of Technology control testing activities Timely delivery of control testing and being transparent and accurate in the completion of testing deliverables Applying judgment in relation to the identification and publication of control testing findings through identifying the key risks and issues Embedding quality into the control testing deliverables and ensuring compliance with the CCO Control Testing Methodology Providing expertise and guidance on control testing across CCO and applying critical judgment and decision making in relation to the identification and publication of control testing findings through identifying the key risks and issues Maintaining working relationships with key stakeholders including keeping abreast of key business, regulatory and industry developments and any changes to procedures and practices Supporting the preparation of testing reports to inform key stakeholders of the outcome of testing and review work. Track and follow-up actions identified as a result of testing and review work and escalating when necessary. Understand, follow and demonstrate compliance with all relevant internal and external rules, regulations and procedures that apply to the conduct of the business in which the jobholder is involved, specifically Internal Controls and any supporting policies and procedures. Requirements To be successful in this role, you should meet the following requirements: Minimum 3 - 5 years of relevant experience in IT controls testing in Financial Service industry / Process assessment experience. ITGC, SOX, NON-SOX, Internal Control, Automated control Testing (BACs) The successful candidate will also meet the following requirements: SOC IT Risk qualifications (CRISC, CISM, CISA, CISSP or equivalent) are desirable. Demonstrable knowledge in Technology control testing and risk management, internal control, or internal audit preferably within a financial / banking services operations environment Self-starter and effective collaborator

WHO ARE WE? We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always buzzing with energy! CloudSEK , one of India s most trusted Cyber security product companies, is on a mission to build the world s fastest and most reliable AI technology that identifies and resolves digital threats in real-time. The central proposition is leveraging Artificial Intelligence and Machine Learning to create a quick and reliable analysis and alert system that provides rapid detection across multiple internet sources, precise threat analysis, and prompt resolution with minimal human intervention. Founded in 2015, headquartered at Singapore, we are proud to say that we ve grown at a frenetic pace and have been able to achieve some accolades along the way, including: CloudSEK s Product Suite: CloudSEK XVigil constantly maps a customer s digital assets, identifies threats and enriches them with cyber intelligence, and then provides workflows to manage and remediate all identified threats including takedown support. A powerful Attack Surface Monitoring tool that gives visibility and intelligence on customers attack surfaces. CloudSEKs BeVigil uses a combination of Mobile, Web, Network and Encryption Scanners to map and protect known and unknown assets. CloudSEK s Contextual AI SVigil identifies software supply chain risks by monitoring Software, Cloud Services, and third-party dependencies. Key Milestones: 2016 : Launched our first product. 2018 : Secured Pre-series A funding. 2019 : Expanded operations to India, Southeast Asia, and the Americas. 2020 : Won the NASSCOM-DSCI Excellence Award for Security Product Company of the Year. 2021 : Raised $7M in Series A funding led by MassMutual Ventures. Awards & Recognition : Won NetApp Excellerators "Best Growth Strategy Award," CloudSEK XVigil joined NVIDIA Inception Program, and won the NASSCOM Emerge 50 Cybersecurity Award. 2025 : Secured $19 million in funding led by Tenacity Ventures, Commvault. Position Overview: We are seeking a highly skilled and strategic Leader to lead our cyber threat intelligence delivery teams (Onboarding, Co-managed Service, Product Support and Take Down). This role will be pivotal in enhancing our existing services to deliver a world class experience to our customers. Key Responsibilities: Leadership & Strategy: Lead the Cyber Threat Intelligence service delivery teams, fostering a culture of customer delight. Restructure/expand the team and implement standard processes to support CloudSEKs rapid global growth. Customer onboarding Collaborate with internal teams to develop and own the customer onboarding process, including RACI. Manage the customer onboarding project delivery Maintain high-quality onboarding to establish great customer experience and demonstrate best value of the product and services. Threat Intelligence Operations: Oversee the collection, analysis, and dissemination of threat intelligence to customers. Establish processes for continuous monitoring and assessment of cyber threats, in collaboration with the threat research team. Enable/Support Customer Success Managers to be able to demonstrate valuable outcomes to the customers Ensure effective communication and collaboration with internal teams and external partners. Technical Operations: Establish an Incident and Problem Management process Proactively identify any technical issues, data discrepancies on the platform and run through the Incident Management process. Deliver key operational metrics for analysis and decision making Continuously identify areas of process improvement and take appropriate actions Engineering & Tools Development: Work closely with product engineering and threat research teams to enhance detection and response capabilities. Collaboration & Stakeholder Engagement: Build and maintain relationships with key customer stakeholders (CSMs, Product Engineering, Threat Research, Leadership). Collaborate with law enforcement and intelligence agencies to share information and best practices. Team Development: Mentor and develop team members, promoting professional growth and technical expertise. Foster a collaborative and dynamic team environment. Qualifications: 10+ years of experience in cybersecurity, with a focus on threat intelligence, analysis, and operations. Proven experience in a leadership role, with a track record of managing high-performing teams. Strong communication and interpersonal skills, with the ability to convey complex information to a variety of audiences. Deep understanding of cyber threat landscape, attack vectors, and mitigation strategies. Strong technical background with familiarity in security technologies (SIEM, EDR, threat intelligence platforms). Relevant certifications (CISSP, CISM, GIAC, etc.) are a plus. Benefits of Joining CloudSEK We provide an environment where you can develop and enhance your skills while delivering meaningful work that matters. You ll be rewarded a competitive salary as well as a full spectrum of generous perks and incentives which include: Flexible working hours. Food, unlimited snacks and drinks are all available while at office. And, the finest part is yet to come! Every now and then we ensure to unwind and have a good time together, which involves games, fun, and soulful music. Feel free to show off your artistic side here!

The Global Security Engineer will be responsible for the architecture and engineering aspects of security tools to ensure client systems are in compliance with applicable security policies, regulations and industry standards. This role requires collaboration with Information Technology, Internal Audit, Security and other internal functional groups to ensure that the execution elements of Global Security meet the needs of the Foundever Group, the regional leadership, and its clients. Primary Job Responsibilities Contribute to the Security Engineering Roadmap in order to drive state of the art technical security solutions across the enterprise Partner with multiple platform and application owners to review and approve solutions and develop best practices and standards that can be leveraged company-wide Work closely with the managers and the global director of Security Engineering on the development of functional goals and objectives Support other areas on global security around investigations, risk assessments, and new projects as required Support the approval process for requirements from internal and external clients. Skills & Qualifications Four-year computer science, engineering, business degree or related degree and/or equivalent field experience Fluent in English, a second language would be an advantage 1-3 years of increasingly diverse or complex experience in the field of Technology or Cyber Security within a global environment Experience working in an ITIL environment Knowledge of network technologies, architecture, and security Project management skills to organize, drive, and execute initiatives Demonstrated ability to drive security conversations based on factual data Demonstrated experience working in a complex global environment and being a security change agent in order to drive improved security controls and operations Preferred Qualifications Special Certifications: CISSP, CISM, CEH Prior call center experience is highly advantageous given the specialized security environment that will be managed About Foundever Foundever is a global leader in the customer experience (CX) industry. With 170,000 associates across the globe, we are the team behind the best experiences for over 750 of the world s leading and digital-first brands. Our innovative CX solutions, technology, and expertise are designed to support operational needs for our clients and deliver a seamless experience to customers in the moments that matter. #LI-MAM #LI-Remote .

Job Title Vulnerability Management x 1 Role Description Responsible for facilitating end to end vulnerability management responsibilities with internal employees and AT&Ts external auditing firms for Service Provider PCI, SOC, and ISO 27001 audits. Key Role and Responsibilities: 1. Schedule and ensure weekly scans are conducted, results are provided to the appropriate Remediation Owners and applicable Critical, High, and medium security risk vulnerabilities are addressed in a timely manner. 2. Schedule and facilitate meetings with internal employees to obtain, review, and analyze device inventory for assets supporting AT&T services in scope for a PCI, SOC, or ISO 27001 audits. 3. Schedule and facilitate meetings with internal employees covering vulnerability scan results providing Remediation Owners with information to help address in scope vulnerabilities to be compliant with PCI and ASPR requirements. 4. Schedule and provide training for internal employees covering vulnerability scanning and remediation for the latest PCI and ASPR requirements. 5. Perform security analysis, drive technical security assessments, and monitor and report on remediation progress. 6. Provide guidance to remediation teams to ensure compliance with regulatory, contractual, and legal requirements. 7. Perform scanning reconciliations to quickly identify in scope devices that were not properly scanned. 8. Follow-up with appropriate representatives to gain an understanding why in scope devices were not scanned and schedule rescans to ensure scanning of all in scope devices. 9. Assist with and perform penetration and segmentation testing for AT&T services. 10. Meet with external auditors as needed to review required audit evidence. 11. Contribute to the overall success of the team by identifying and documenting process improvements and creating and maintaining process documentation. Required Skills 1. Advance project management, time management, Microsoft PowerPoint, Excel, Outlook, and Word skills are required. 2. Advanced verbal and written skills are required. 3. ServiceNow experience using the vulnerability response module. Desired Skills 1. Bachelors degree in Computer Science with an emphasis in information systems is preferred. 2. Minimum of 5 years of experience in IT Operations, external PCI DSS audits, and 3 years of IT Security is preferred. 3. The following certifications are an asset, CISSP, CISM, CCSK, CCSP, PMP, and CISA. Service supported Vulnerability Management Approx. vendor billing rate* (INR /Day) 7600 INR per day.

Job Description: Work with the company s external auditor in leading walkthroughs, test of design and operational effectiveness of IT general controls; Coordinate and perform SOX program testing/auditing of IT General Controls with control owners and management; Evaluate IT General Control deficiencies for impact and perform risk assessments and root cause analysis to determine appropriate management actions. Monitor management s associated remediation efforts to closure, including review of supporting evidence; Create and maintain supporting documentation for SOX compliance testing; Engage and deliver appropriate workpapers timely to external auditors; Engag e , develop relationships and maintain open communication with a wide variety of cross functional internal resources and management as appropriate; Assess new products, systems, databases or changes to existing processes to identify and evaluate financial risks; Recommend process efficiencies to drive effective SOX IT compliance; Assist second line of defense organizations in ensuring that approved IT General controls are embedded in current processes; Support development and delivery of training programs to educate development teams and other stakeholders on compliance requirements, best practices, and policies; Foster a culture of compliance awareness and accountability within the organization. Qualifications: CISA, CISSP, CISM, ISO 27001, and other security certifications preferred; 5 years relevant experience; Graduate Degree in Computer Science, Information Technology, or any other related discipline or commensurate work experience or demonstrated competence; Strong IT SOX & audit experience, particularly IT controls; Demonstrated understanding of information management systems and infrastructure including IT processes, tools, controls; Technical acumen and the ability to understand and interpret technical specifications; Ability to meet stringent deadlines in a fast-paced environment, deliver quality product and work well in a dynamic team environment; Exceptional written and verbal skills.

Open Source COE Security Architect This role has been designed as Onsite with an expectation that you will primarily work from an HPE partner/customer office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: HPE Operations is our innovative IT services organization. It provides the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. Our teams collaborate to transform insight into innovation. In today’s fast paced, hybrid IT world, being at business speed means overcoming IT complexity to match the speed of actions to the speed of opportunities. Deploy the right technology to respond quickly to market possibilities. Join us and redefine what’s next for you. What you will do: Expert in IT/Cyber Security field. Should be CISSP/CISM/CCSP and CCSK and ISO27001 Certification are desired. Should have good knowledge of security assessment against different global Frameworks like NIST, MITRE and cloud security alliance etc. Should have good understanding of Compliance and regulatory requirements. Working with information security and DevSecOps teams in a CI/CD environment as well as comprehensive understanding of cloud security systems. Programming experience in C/C++, Python, JavaScript, Bash & PowerShell Scripting is desired. Hands-on expertise, Linux, Kernel, threads, processes, API etc. is desired. Provide Security Vision & Strategy to the Organization, strategic direction, development, and implementation of information security programs and projects to address risks relevant to the attainment of organizational strategic security goals based on open source tool/framework. Experience in advising leadership team regarding evolving of open source Security Technology landscape, product issues, security mitigations for identified risks and possible improvements Expertise in providing executive roadmaps for continual improvement in teams, technology, and processes, process across various security & DevSecOps teams based on open source tool/framework. Experienced in Information Security Risk Management, gap analysis, Audits. Hands-on Experience in formulating Cyber Security Policies, design and implementation of Security Technologies, DevSecOps. Working Knowledge in implementation of Cyber Security Solution in Open Source, Open Stack environment. Ability to provide strategies to increase the ability to withstand cyber-attacks, as measured by annual sophisticated attack simulations. Experience in upgrading, troubleshooting and tuning of Cyber Security Solutions. Thorough understanding and good knowledge of latest Cyber Security technologies, security Architectures, vulnerabilities, security threats. Ability to setup PoC for latest open source security solutions. Good understanding of Open-Source Technologies, Cloud security technologies. What you need to bring: BE/B.Tech with 10+ years of experience in the IT industry and 6+ years of experience in Information Security / Cyber Security field. Expert-level knowledge in the IT/Cyber Security field, with a thorough understanding of the latest security technologies, architectures, vulnerabilities, and threats. Desired certifications include CISSP, CISM, CCSP, CCSK, or ISO 27001. Strong knowledge of global security assessment frameworks like NIST, MITRE, and the Cloud Security Alliance (CSA). A deep understanding of compliance and various industry regulatory requirements. Proven experience in developing security vision, strategy, and executive roadmaps for an organization based on open-source tools. Hands-on experience in Information Security Risk Management, conducting gap analysis, managing audits, and formulating Cyber Security Policies. Comprehensive understanding of cloud security systems and working with DevSecOps teams in a CI/CD environment. Working knowledge of implementing, upgrading, troubleshooting, and tuning Cyber Security Solutions, particularly in Open Source and OpenStack environments. Desired programming and scripting experience in C/C++, Python, JavaScript, Bash, and PowerShell. Hands-on expertise with the Linux operating system, including its Kernel, threads, processes, and APIs. Experience advising leadership teams regarding the evolving security landscape, product issues, and risk mitigation strategies. Ability to provide strategies to withstand sophisticated cyber-attacks and experience with annual attack simulations. Proven ability to set up Proof of Concepts (PoCs) for new and emerging open-source security solutions. Additional Skills: Accountability, Accountability, Active Learning (Inactive), Active Listening, Bias, Business Growth, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Customer Relationship Management (CRM), Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more} What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #operations Job: Services Job Level: TCP_04 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

The Supplier Assurance Services (SAS) team performs comprehensive risk assessments of suppliers within JPMC s Corporate Third Party Oversight (CTPO) program. SAS also supports JPMC s Cybersecurity and Technology functions by designing and implementing controls and processes to further enhance the security posture of JPMC s supply chain. SAS is part of Global Supplier Services (GSS), reporting directly to JPMC s Global Head of Corporate Third Party Oversight. Job Summary As an Associate, Supplier Cybersecurity Controls within the Supplier Assurance Services you will perform technology and cybersecurity control assessments of supplier environments. These assessments review infrastructure, application stacks and other technologies to ensure compliance with JPMC Corporate Policies & Standards. You will validate those technical risks are managed by JPMC Issue Owners and security controls are fully implemented. You will partner with JPMC s Global Cybersecurity and Technology team and JPMC s Lines of Business (LOBs) to focus on the latest cyber risks identified in the industry. As a SAS team member, you will assess action plans and risk acceptances across business lines where technology standards compliance cannot be achieved. This includes Identifying opportunities to improve third party risk posture, developing creative solutions for mitigating risks. Liaising with JPMC and supplier s senior managers to communicate and influence best risk practices. Driving compliance to adhere to best risk management practices throughout the organizations. Job responsibilities Manage all aspects of the control assessment of suppliers including assessing completed questionnaires and supporting field work materials to ensure they are complete and meet JPMC expectations. Lead the onsite / virtual assessment, providing the overall technology and cybersecurity risk and controls expertise. Identify and document control breaks and vulnerabilities within suppliers IT environments and work with the LOB Delivery Manager and Information Security Manager to resolve through action plans or seek risk acceptance approvals. Identify opportunities for process improvements to deliver increased operational efficiency and opportunities for improving supplier posture including expanded monitoring, key risk indicator tracking, etc. Support internal education and best practices sharing with peers and colleagues, as well as third party education & awareness Escalate issues associated with suppliers as needed. Required qualifications, capabilities, and skills 5+ years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network, Security, Cyber Resiliency and Third Party Outsourcing Risk Management within a large enterprise level environment. Understanding of industry risk frameworks (ISO27001, NIST Cybersecurity Framework, etc.) Strong written and verbal presentation skills at the senior management level Experience debating issues with senior decision makers and pushing back when necessary Preferred qualifications, capabilities, and skills CISSP, CISA, CISM, CCSP or CRISC certification The Supplier Assurance Services (SAS) team performs comprehensive risk assessments of suppliers within JPMC s Corporate Third Party Oversight (CTPO) program. SAS also supports JPMC s Cybersecurity and Technology functions by designing and implementing controls and processes to further enhance the security posture of JPMC s supply chain. SAS is part of Global Supplier Services (GSS), reporting directly to JPMC s Global Head of Corporate Third Party Oversight. Job Summary As an Associate, Supplier Cybersecurity Controls within the Supplier Assurance Services you will perform technology and cybersecurity control assessments of supplier environments. These assessments review infrastructure, application stacks and other technologies to ensure compliance with JPMC Corporate Policies & Standards. You will validate those technical risks are managed by JPMC Issue Owners and security controls are fully implemented. You will partner with JPMC s Global Cybersecurity and Technology team and JPMC s Lines of Business (LOBs) to focus on the latest cyber risks identified in the industry. As a SAS team member, you will assess action plans and risk acceptances across business lines where technology standards compliance cannot be achieved. This includes Identifying opportunities to improve third party risk posture, developing creative solutions for mitigating risks. Liaising with JPMC and supplier s senior managers to communicate and influence best risk practices. Driving compliance to adhere to best risk management practices throughout the organizations. Job responsibilities Manage all aspects of the control assessment of suppliers including assessing completed questionnaires and supporting field work materials to ensure they are complete and meet JPMC expectations. Lead the onsite / virtual assessment, providing the overall technology and cybersecurity risk and controls expertise. Identify and document control breaks and vulnerabilities within suppliers IT environments and work with the LOB Delivery Manager and Information Security Manager to resolve through action plans or seek risk acceptance approvals. Identify opportunities for process improvements to deliver increased operational efficiency and opportunities for improving supplier posture including expanded monitoring, key risk indicator tracking, etc. Support internal education and best practices sharing with peers and colleagues, as well as third party education & awareness Escalate issues associated with suppliers as needed. Required qualifications, capabilities, and skills 5+ years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network, Security, Cyber Resiliency and Third Party Outsourcing Risk Management within a large enterprise level environment. Understanding of industry risk frameworks (ISO27001, NIST Cybersecurity Framework, etc.) Strong written and verbal presentation skills at the senior management level Experience debating issues with senior decision makers and pushing back when necessary Preferred qualifications, capabilities, and skills CISSP, CISA, CISM, CCSP or CRISC certification

If you are a strategic thinker passionate about driving solutions and mitigating risk; you have found the right team. The Testing CoE (Center of Excellence) team is responsible for ensuring a strong and consistent control environment across the firm. This role is a great opportunity to be working with a large Controls Testing team and help establish a newly formed organization which provides the potential hire a good starting point within the firm. Job Summary As a Risk and Controls Testing Associate within the Testing Center of Excellence, you will be responsible for the execution of independent risk-based, point-in-time evaluations of the control design adequacy and execution effectiveness, to mitigate compliance, conduct and operational risks. The role requires overseeing the performance of complex evaluations of business processes through a comparison of actual processes against expected practices (policies, standards, procedures, laws, rules and regulations). Testing activities often include sophisticated data analytics on large datasets and regular engagement with senior stakeholders across the firm. This is an exciting opportunity to work on key risk initiatives as they become the focus of the firm and across the financial services industry. You will excel at creative thinking and problem solving; be self-motivated, confident and ready to work in a fast-paced, energetic environment. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job responsibilities Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 3+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, within the financial services industry. Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications A background in auditing and the ability to understand of internal controls Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint. If you are a strategic thinker passionate about driving solutions and mitigating risk; you have found the right team. The Testing CoE (Center of Excellence) team is responsible for ensuring a strong and consistent control environment across the firm. This role is a great opportunity to be working with a large Controls Testing team and help establish a newly formed organization which provides the potential hire a good starting point within the firm. Job Summary As a Risk and Controls Testing Associate within the Testing Center of Excellence, you will be responsible for the execution of independent risk-based, point-in-time evaluations of the control design adequacy and execution effectiveness, to mitigate compliance, conduct and operational risks. The role requires overseeing the performance of complex evaluations of business processes through a comparison of actual processes against expected practices (policies, standards, procedures, laws, rules and regulations). Testing activities often include sophisticated data analytics on large datasets and regular engagement with senior stakeholders across the firm. This is an exciting opportunity to work on key risk initiatives as they become the focus of the firm and across the financial services industry. You will excel at creative thinking and problem solving; be self-motivated, confident and ready to work in a fast-paced, energetic environment. Through collaboration and analytical skills, you will contribute to the Testing CoE s overall success and strengthen the firm s compliance with regulatory obligations and industry standards. Job responsibilities Lead comprehensive control evaluations and substantive testing to independently assess the design and effectiveness of controls Ensure compliance with internal policies, procedures, and external laws, rules, and regulations, while identifying necessary remediation actions. This includes developing and executing testing procedures, meticulously documenting results, drawing informed conclusions, making actionable recommendations, and distributing detailed compliance testing review reports. Foster collaboration with Compliance and Operational Risk Officers on various engagements. This includes developing detailed test scripts, facilitating issue discussions, participating in business meetings, and drafting comprehensive final reports to ensure alignment and clarity. Utilize advanced critical thinking skills to apply substantive testing techniques, thoroughly evaluating the effectiveness of high-risk business processes and identifying potential areas for improvement. Proactively assess and monitor risks, ensuring adherence to firm standards, regulatory requirements, and industry best practices. Implement strategies to mitigate identified risks effectively. Collaborate with cross-functional teams and stakeholders to support the design and effectiveness of controls. Drive initiatives that enhance the business control environment through recommended updates to the Compliance and Operational Risk Evaluation (CORE) application. Develop and execute robust control test scripts aimed at identifying control weaknesses, determining root causes, and recommending practical solutions to enhance operational efficiency and control effectiveness. Document test steps and results in a comprehensive and organized manner, ensuring sufficient support and justification for testing conclusions. Maintain a high standard of documentation to facilitate transparency and accountability. Lead meetings with business owners at various management levels, delivering testing results and supporting sustainable control enhancements. Identify and capitalize on opportunities to strengthen controls and improve operational efficiency. Required qualifications, capabilities, and skills 3+ years of experience or equivalent expertise in risk management, assessment, control evaluations, or a related field, within the financial services industry. Possess a strong understanding of industry standards and regulatory requirements. Demonstrated ability to analyze complex issues, develop and implement effective risk mitigation strategies, and communicate insights and recommendations clearly to senior stakeholders. Proficient knowledge of risk management frameworks, regulations, and industry best practices. Ability to stay updated with evolving regulatory landscapes and adapt strategies accordingly. Exceptional ability to develop and communicate well-founded recommendations based on regulatory guidance and standards, ensuring alignment with organizational goals and compliance requirements. Highly organized and detail-oriented, with a proven track record of managing multiple priorities and delivering results in a fast-paced environment. Strong analytical and communication skills, with the ability to convey complex information in a clear and concise manner to diverse audiences. Preferred qualifications, capabilities, and skills CISM, CRISC, CISSP, CISA, CCEP, CRCM, CRCMP, GRCP, or other industry-recognized risk and risk certifications A background in auditing and the ability to understand of internal controls Proficiency in MS (Microsoft Suite) Office - Microsoft Word, Excel, Access, and PowerPoint.

The key job responsibilities include the following: Security monitoring Sentinel One Incidence response Security analytics Proactive threat hunting Threat Intelligence platform - consisting of Indicators of Compromise (IOC) and other threat intel (vulnerabilities strategic tactical etc.) User & entity behavioral Anomaly detection Vulnerability scanning and threat detection. Monitoring contemporary threats and plans to respond to those. Assessment for the Application security /Monitoring and post assessment if feasible Service provider to perform application security monitoring. Preferable (Nice to have) skill Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications. The Key Skills Required. Hands-on experience with security technologies, such as firewalls, IDS/IPS, SIEM, EDR, antivirus, and vulnerability scanning tools. Must have 2 to 5 years of experience with Sentinel One. Threat Modelling, Firm IT security mind-set. Advanced knowledge about Windows Server, Windows Clients, Linux Server. In-depth understanding of different types of security vulnerabilities (e.g. SQL injection, XSS, buffer overflow). Understanding of attack vectors, Familiarity with different network topologies and protocols such as TCP/IP, DNS, HTTP(S), SMTP, VLANs, VPNs, and routing/switching. Firm knowledge of technical details of SMTP / e-mail in general and therefore to analyse e-mail headers in order to determine additional data such as real origin etc. Expert regarding the operation of Outlook & Exchange from a user s perspective Firm grasp of phishing techniques and e-mail based attack patterns Commitment to continuous learning. Familiarity with security-related regulations, such as GDPR, HIPAA, and PCI-DSS. Excellent verbal, written, and interpersonal communication skills, especially ability to break down complex technical information to non-technical stakeholders and articulate the impact of security design flaws, attack surfaces and vulnerabilities.

Role Name: Sr. Project Manager Job Description : Airtel Business is looking for Sr. Project Manager (Project Director), for managing the Cybersecurity & Managed Security Services to keep our fast-growing MSS portfolio on track. Location : Gurgaon Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of Information security professionals responsible for managing Own 812 concurrent security projects, covering SIEM, SOAR, XDR, firewall management, and cloud security. This position is to be part of a global team, reporting to the Program Head. Be the face of delivery for CXOstranslate tech into business impact, run QBRs, and make renewals feel obvious. Keep us audit-ready (ISO 27001, PCI-DSS, RBI, IRDAI, GDPR, etc.) and drive root-cause fixes. Champion automation and shift-left security, bagging at least two efficiency wins every quarter. Responsibilities: An information security director is responsible for leading and overseeing the information security function. They are entrusted with protecting the confidentiality, integrity, and availability of the Customer information assets. The information security director develops and implements comprehensive strategies, policies, and procedures to identify and mitigate risks, ensure compliance with industry regulations, and respond effectively to security incidents. They work closely with stakeholders across the organization to promote a culture of security and to align information security practices with Client business objectives. Security operations director is responsible for managing the day-to-day activities of the security operations center (SOC) or incident response team. He/She oversee the monitoring of security events, investigations of security incidents, and coordination of incident response efforts. He/She work closely with other Bank teams to ensure timely detection, response, and resolution of security issues. In addition to strategic planning and risk management, the information security director plays a vital role in establishing governance frameworks and ensuring regulatory compliance. Some Common duties and responsibilities include: Strategic Planning: Develop and implement the organization's information security strategy, aligning it with business objectives and risk tolerance. Identify and prioritize security initiatives, establish security goals, and create a roadmap for their implementation. Risk Management: Conduct regular risk assessments to identify and evaluate potential security threats and vulnerabilities. Develop and implement risk mitigation strategies, including security controls, policies, and procedures. Monitor and manage security risks through ongoing assessments and the implementation of appropriate safeguards. Stakeholder Management – Sync with Sales, Pre-Sales, Finance, HR, and tech partners so everyone’s rowing in the same direction. Policy and Procedure Development: Establish and enforce information security policies, standards, guidelines, and procedures. Ensure that they align with industry best practices and regulatory requirements. Communicate and educate employees on security policies, promoting a culture of security awareness and compliance. Compliance and Regulatory Requirements: Stay abreast of relevant laws, regulations, and industry standards pertaining to information security. Ensure that the organization's security practices and controls are in compliance with applicable requirements. Liaise with regulatory bodies, auditors, and stakeholders to address compliance issues and maintain regulatory alignment. Incident Response and Management: Develop and maintain an incident response plan to address and manage security incidents effectively. Establish protocols for detecting, responding to, and recovering from security breaches or other security-related incidents. Coordinate with relevant teams to investigate incidents, implement remediation measures, and report on the outcomes. Security Awareness and Training: Develop and deliver security awareness and training programs for employees at all levels of the organization. Ensure that employees understand their role in maintaining information security and are equipped with the knowledge to identify and respond to security risks. Vendor Management: Assess and manage the security risks associated with third-party vendors and suppliers. Establish security requirements and standards for vendor contracts, conduct security assessments of vendors, and monitor ongoing compliance. Security Governance: Establish and maintain security governance frameworks and structures to ensure effective oversight and accountability. Participate in security committees and provide regular updates to executive leadership and the board of directors on the organization's security posture, risks, and compliance status. Security Incident Reporting and Communication: Develop and implement processes for reporting and communicating security incidents to appropriate stakeholders, including executives, legal counsel, and regulatory bodies. Ensure that incident reports are timely, accurate, and comprehensive. Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and technologies in the information security field. Continuously evaluate and enhance the organization's security posture, controls, and processes through regular reviews, audits, and testing. Travel – Up to 10 % across India Technical Skills: 15+ years in IT services with 8+ steering large, multi-tower security or ITOM programs; PMP or Agile cert helps. Strong knowledge in network & Information security Fundamentals. Deep, hands-on exposure to SIEM, SOAR, EDR/XDR, firewall and IPS/IDS stacks. Solid experience with AWS, Azure, or GCP controls, logging, and compliance tooling. Experience in handling large team of Information Security Professionals (>25 nos.) OT/ICS security, GenAI in SOC workflows, or experience with Scaled Agile frameworks. Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Comfortable running ITIL-aligned ops, SLAs, and continual-service-improvement cycles. Good extensive Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS, SOX, CMMi etc.) Mandatory Security Certification (either of CISA, CISM, CISSP, CIPP/R etc.)

Technical Trainers IT Service Desk Support Bangalore & Mysore Required Experience - More than 4 Years Experience and out of which 2 years in giving Trainings - Microsoft, Azure, ServiceNow, Office365, Service Desk Job description Design and deliver technical training programs for Service Desk/Tech Support teams ITIL CERTIFIED TRAINER -- PREFERNCE Conduct training needs analysis in coordination with operations and quality teams Develop training materials, presentations, and knowledge base articles Required Candidate profile Deliver classroom, virtual, & on-the-job training sessions Evaluate training effectiveness implement improvements Support learning initiatives Stay up-to-date with ITIL frameworks &industry practices CALL OR DM - SD TRAINER SIYA ---- 7565006262 DIVYA -- 9821182650 RIYA -- 9628373761 Regards KVC CONSULTANTS LTD NO PLACEMENT CHARGES

Design and deliver technical and soft skill training programs for Service Desk/Tech Support teams Conduct training needs analysis in coordination with operations and quality teams Develop training materials, presentations, and knowledge base articles Required Candidate profile Deliver classroom, virtual, & on-the-job training sessions Evaluate training effectiveness implement improvements Support learning initiatives Stay up-to-date with ITIL frameworks &industry practices Perks and benefits Perks and Benefits

Job Title Sr. Information Security Manager Job Description #L1PHILIN Senior Information Security Manager Job Location: Bangalore The Integrated Supply Chain (ISC) Information Security Manager will be responsible for developing, implementing and monitoring a strategic and comprehensive IT security plans across multiple geographies and driving security in manufacturing sites, Distribution Centers, and warehouses across Philips. Your role: Develop and implement robust OT (Operational Technology), Cloud, Network, IoT (Internet of Things) security strategies on ISC (Integrated Supply Chain) manufacturing process aligned with industry standards, such as establishing security architecture compliance with regulations (e.g., HIPAA, FDA) and deploy technologies like firewalls and OT IDS (Operational Tech. Intrusion Detection System) solutions for system segmentation and protection. Leverage experience with OT technologies (e.g., Nozomi Guardian, Armis, Claroty) and perform vulnerability assessments by applying frameworks like MITRE ATT&CK and STRIDE for threat modeling and attack simulations, driving solutions to address security threats. Identify, assess, and mitigate: Operational Tachnology (OT) Cloud, Network, IoT (Internet of Things) risk and/or threats on Integraged Supply Chain (ISC) manufacturing security through cross-functional collaboration, develop incident response plans, lead investigations, and implement corrective actions to address root causes of security breaches. Secure supply chain systems by collaborating with vendors, conducting assessments, and enforcing compliance with security standards. Build a culture of security through targeted training programs and stakeholder education. Youre the right fit if: You have 10+ years of experience with Bachelors OR 3+ years of experience with Masters in areas such as Security Architecture, Network Security, Cybersecurity Technology, Information Security or equivalent You possess a Bachelors or Masters Degree in Computer Science, Information Technology, Cybersecurity or equivalent. You are knowledge on MITRE Framework, IEC 62443/NIST 800:23. Preferred to have a CISSP, CISM, CISA, CIPP certification. Your skills include thorough understanding of Security Management and Governance principles, along being able to deliver cross-cultural etiquette, customer-centric and collaborative mindset. You must be able to successfully perform the following minimum Physical, Cognitive and Environmental job requirements with or without accommodation for this position. How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company s facilities. Field roles are most effectively done outside of the company s main facilities, generally at the customers or suppliers locations. This is an in-office role. About Philips We are a health technology company. We built our entire company around the belief that every human matters, and we wont stop until everybody, everywhere, has access to the quality of healthcare that we all deserve. Do the work of your life to help improve the lives of others. Learn more about our business . Discover our rich and exciting history. Learn more about our purpose. Learn more about our culture. Our commitment to inclusion and diversity At Philips, we provide equal opportunities to all our employees and to all eligible applicants for employment in our company, irrespective of age, color, disability, nationality, race, religion, gender, sexual orientation (LGBTQ +), and all aspects that make individuals unique. Encouraging diversity and fostering inclusion are key to our mission of improving the lives of 2.5 billion people a year by 2030 through meaningful innovation. We have fair, transparent, and clear employee policies which promote diversity and equality, in accordance with currently applicable law. For, we believe that life is better when #youareyou. Why should you join Philips? Working at Philips is more than a job. It s a calling to create a healthier society through meaningful work, focused on improving 2.5 billion lives a year by delivering innovative solutions across the health continuum. Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways. Learn more by watching this video. To find out more about what it s like working for Philips at a personal level, visit the Working at Philips page on our career website, where you can read stories from our employee blog. Once there,you can also learn about our recruitment process, or find answers to some of the frequently asked questions. If you re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here .

The Security Operation Specialist has the end-to-end responsibility for the physical and logical security of the Network/Services, OSS/SQM, and Infrastructure in accordance with the security policy technically manage and operate components of security services provided to end users of Nokia customers, within service levels agreed with those customers. You have: 10+ years of extensive relevant experience and a graduate / postgraduate equivalent degree. Exposure to telecom technologies Security analytics and working knowledge of SOC technologies like SIEM, SOAR, etc. Scripting capabilities Industry certifications like CISSP/CEH/CISM/CISA It would be nice if you also had: Understanding of hacking techniques Understanding of 3GPP security requirements, ITU-T x.805, ISO27001, NIST, Mitre attack framework Build and maintain a library of threat hunting or analytics use cases for non-signature-based threat detection Build and maintain a library of pre-developed connectors to integrate leading SIEMs with diverse network elements Build and maintain a customizable library of remediation workflows or cyber playbooks Use cases should cover the entire kill chain, starting from reconnaissance, weaponization, delivery, exploitation, installation, C2, exfiltration, remediation, etc. Provide SME support to the delivery organization Testing and PoC of use cases in a lab environment Support in building use case demos. Work with different product lines to validate and test the feasibility of security use cases Build risk-driven cyber attack scenarios by clearly identifying threats, vulnerabilities, business impact, likelihood, approach, use case, scenarios, rules, remediation workflows, or a cyber playbook.

Design and implement controls and mitigation plans, and lead aspects of their implementation Facilitate reporting on findings, mitigation plans, and controls performance Work with senior management to create their compliance strategy and improve their controls portfolio Identify areas of improvement in facilitating audits with customers to refine the process and respond to customer inquiries promptly Formalise and lead improvements of GRC function operations - processes, metrics, reporting, and analytics Provide regular status updates ensuring everyone is aware of progress and road-blockers Work with product and functional teams to understand and respond to their compliance and assurance needs and concerns Manage compliance related programs including the performance of gap assessments for new compliance frameworks Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation Seek opportunities to improve processes and collaboration to increase team output and team health Perform regular risk assessments for your business function Prepare annual audit plans, develop audit direction, and align with stakeholders on audit timetables Develop timeline for internal readiness assessment activities and obtain alignment from all stakeholders Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of the readiness testing process Develop controls and mitigation plans, and lead aspects of their implementation Work with senior management to improve their controls portfolio Provide regular status updates ensuring everyone is aware of progress and road-blockers Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation Seek opportunities to improve processes and collaboration to increase team output and team health Qualifications Your background Minimum 8+ years of management experience in IT audit, compliance, or a related field Experience with SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements Familiarity with compliance frameworks and standards such as NIST 800-53 Experience with the software development business for cloud service providers Experience with Technology Risk Management, Compliance and Information Security Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects Experience with translating compliance requirements to engineering and product teams Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement Familiarity with Jira and Confluence Relevant certifications such as CISM, CISA, CISSP, or ISO 27001 Lead Auditor are highly desirable

Job Title Sr. Information Security Manager Job Description Job title: Sr. Information Security Manager Your role: As a Senior Information Security Manager, you will be responsible for developing, implementing and monitoring a strategic, comprehensive IT security program while ensuring compliance with regulatory requirements, and mitigating risks to the organizations information assets. Information Security Manager will provide the vision and leadership necessary to manage the risk to the platform assigned and will ensure business alignment, effective governance, system and infrastructure availability, integrity and confidentiality. Youre the right fit if: Bachelor s or Master s degree in Information Technology and or commensurate experience in delivering security solutions. Overall Enterprise IT Security experience of 15+ yrs or more. Security Certifications such as CISSP, CISM, CISA, CIPP etc. are preferred. Should have a senior level in the domain of Security & operations management Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, lack of criminal convictions etc.), willing to undergo vetting and/or personality assessments to verify this if necessary Typically a background in technical security roles or operations, with a clear and abiding interest in security How we work together We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company s facilities. Field roles are most effectively done outside of the company s main facilities, generally at the customers or suppliers locations. This role is an office role. If you re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here .

Working at Atlassian Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company. ","responsibilities":" This position will report to the Head of Compliance Risk for the India team and join our growing team within Governance, Risk and Compliance. The team is responsible for compliance, enterprise risk management and business resilience. The Product Compliance team coordinates and guides efforts related to Atlassian cloud compliance (SOC 2, ISO 27001/27018, HIPAA, PCI and C5) and sits within the Trust organisation. You will collaborate with technical leads and subject matter experts to analyse processes, business models, and controls to discover and translate risks, and provide mitigating recommendations to the leadership team. You will drive continuous process improvement, and collaborate with business and technology teams, both internally and externally to implement new solutions. What youll do Design and implement controls and mitigation plans, and lead aspects of their implementation Facilitate reporting on findings, mitigation plans, and controls performance Work with senior management to create their compliance strategy and improve their controls portfolio Identify areas of improvement in facilitating audits with customers to refine the process and respond to customer inquiries promptly Formalise and lead improvements of GRC function operations - processes, metrics, reporting, and analytics Provide regular status updates ensuring everyone is aware of progress and road-blockers Work with product and functional teams to understand and respond to their compliance and assurance needs and concerns Manage compliance related programs including the performance of gap assessments for new compliance frameworks Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation Seek opportunities to improve processes and collaboration to increase team output and team health Perform regular risk assessments for your business function Prepare annual audit plans, develop audit direction, and align with stakeholders on audit timetables Develop timeline for internal readiness assessment activities and obtain alignment from all stakeholders Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of the readiness testing process Develop controls and mitigation plans, and lead aspects of their implementation Work with senior management to improve their controls portfolio Provide regular status updates ensuring everyone is aware of progress and road-blockers Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation Seek opportunities to improve processes and collaboration to increase team output and team health ","qualifications":" Your background Minimum 8+ years of management experience in IT audit, compliance, or a related field Experience with SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements Familiarity with compliance frameworks and standards such as NIST 800-53 Experience with the software development business for cloud service providers Experience with Technology Risk Management, Compliance and Information Security Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects Experience with translating compliance requirements to engineering and product teams Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement Familiarity with Jira and Confluence Relevant certifications such as CISM, CISA, CISSP, or ISO 27001 Lead Auditor are highly desirable Benefits & Perks Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit

Redefine the future of customer experiences. One conversation at a time. We re changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans. Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service , our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication. If you re ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you re in the right place. Build Amazing - Deliver Amazing - Live Amazing - Be Amazing The AI Data Protection and Compliance Engineer will design, implement and manage AI-specific data protection strategies by defining the security architecture and applying security best practices, policies and controls in collaboration with data scientists, developers and security staff. As part of the AI data protection strategy, the engineer will lead efforts to safeguard sensitive data across AI models, agents, and user interfaces by implementing robust classification, segregation, and access control mechanisms. The engineer will tune DLP policies for AI environments, ensuring proper governance and security of both inputs and outputs, including LLM and ML training data. The engineer will be responsible for deploying and managing protective tools across cloud platforms such as AWS, Azure, and GCP to mitigate advanced threats like model poisoning and data exfiltration. The engineer will support audits, monitor evolving AI risks, and help maintain a secure operational environment in line with regulatory and contractual obligations. Key Responsibilities As part of the data protection strategy, the engineer will: Implement data classification, segregation, access controls, and other appropriate controls to the inputs and outputs and models throughout the application, including AI models, agents, UI s and LLM and ML training and tuning data. Develop and tune DLP policies specifically for AI environments to ensure all sensitive data is accurately tracked, managed, and protected. Establish access controls, limitations and guardrails on usage and prompts for AI inputs and API s and ensure proper access controls on API s and processing pipelines, and segregation of data. Ensure that the appropriate data protection tools are deployed and operating in cloud environments, including AWS, Azure and GCP to protect AI systems against potential threats such as those in the OWASP AI Top Ten, including supply chain and model poisoning threats and attempts to access, modify, and exfiltrate confidential information. Assess and improve AI data protection controls to meet evolving technology and business requirements. Support audit and compliance processes by providing necessary documentation and metrics related to AI data protection practices. Work with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle to meet customer, regulatory, and contractual obligations. Maintain current knowledge of AI risks, threats, and AI testing tools and techniques. Perform other duties to support the technical and operational security of the organization as required. Qualifications Bachelor s degree in an IT related field or equivalent experience and 3-5 years of experience in working in data protection or developing solutions incorporating ML/LLM solutions. Desired certifications - one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+. Strong knowledge of data protection principles, particularly in AI and generative AI systems, including DLP and data classification. Understanding of Application Security and Data Security for applications and AI, such as the OWASP Top 10 and the OWASP Top 10 for Generative AI. Proficiency in and strong working knowledge of AI technologies and models such as Llama and ChatGPT. Experience and understanding of threats and risks related to web applications and API s, particularly with AI based applications. Experience deploying AI models and solutions in production environments. Experience with cloud technologies, such as AWS, Azure, GCP, Docker, Kubernetes, and infrastructure as code, such as Terraform. General knowledge of security implications of threats and vulnerabilities related to networks, servers, operating systems, applications, and databases. Flexibility to work off-hours to support global project teams and maintenance windows. Competencies Exceptional analytical skills, with the ability to communicate complex ideas clearly and effectively to varied audiences. Strong problem-solving skills and attention to detail. Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes tasks and projects in an efficient and productive manner. Ability to form productive relationships across the organization to accomplish information security objectives. Ability and willingness to learn all aspects of the information security field. Professional verbal and written communication skills in English. Expresses ideas using clear, effective and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat. Nextiva DNA (Core Competencies) Nextiva s most successful team members share common traits and behaviors: Drives Results: Action-oriented with a passion for solving problems. They bring clarity and simplicity to ambiguous situations, challenge the status quo, and ask what can be done differently. They lead and drive change, celebrating success to build more success. Critical Thinker: Understands the "why" and identifies key drivers, learning from the past. They are fact-based and data-driven, forward-thinking , and see problems a few steps ahead. They provide options, recommendations, and actions, understanding risks and dependencies. Right Attitude : They are team-oriented, collaborative, competitive, and hate losing. They are resilient, able to bounce back from setbacks, zoom in and out, and get in the trenches to help solve important problems. They cultivate a culture of service, learning, support, and respect, caring for customers and teams. Total Rewards Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office. Our compensation packages are tailored to each role and candidates qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses. Medical - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity. Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means. Coverage Type - Employee Only Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000 Free Cover Limit - 1.5 Crore Work-Life Balance - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays Financial Security - Provident Fund & Gratuity Wellness - Employee Assistance Program and comprehensive wellness initiatives Growth - Access to ongoing learning and development opportunities and career advancement At Nextiva, were committed to supporting our employees health, well-being, and professional growth. Join us and build a rewarding career! Established in 2008 and headquartered in Scottsdale, Arizona, Nextiva secured $200M from Goldman Sachs in late 2021, valuing the company at $2.7B.To check out what s going on at Nextiva, check us out on Instagram , Instagram (MX) , YouTube , LinkedIn , and the Nextiva blog . #LI-RQ1 #LI-HYBRID

In this role, you will: Participate in less complex development and design of methodologies and standards for review activities companywide in alignment with the risk management framework Ensure effective and appropriate testing, validation, and documentation of review activities for risk programs, risks, and controls according to standards and other applicable policies within Independent Testing Support and implement less complex initiatives with low to moderate risk and exercise independent judgment to guide risk reporting, escalation, and resolution Present recommendations for resolving more complex situations and exercise independent judgment while developing expertise in risk management framework and the risk and control environment Collaborate and consult with colleagues, internal partners and management Required Qualifications: 2+ years of Independent Testing experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education Desired Qualifications: Good experience in IT Risk, IT Control Testing, IT Audit Certified Information Security Auditor (CISA) Certified Information Security Manager (CISM Job Expectations: Shift Timing: 1.30 PM - 10.30 PM