626 Cism Jobs - Page 9

About This Opportunity We are seeking a team member in our IT Security Third Party Security Risk Management team to enhance our BA, MA, and Group Functions adherence to internal IT Security regulations more efficiently. This individual contributor role will articulate ISMS controls and compliance through the "10 Commandments" and dashboards. The role involves conducting assurance reviews and, when necessary, implementing ISMS compliance across Ericsson s global IT environment. We are looking for a highly skilled security professional with an audit background. The ideal candidate will foster a collaborative and professional atmosphere while maintaining high standards. What You Will Do Understand the end-to-end third-party risk management lifecycle. Develop, manage and improve third-party risk management monitoring and reporting process that tracks third-party risks. Contribute to the development of policies focused on the security of third-party business processes. Develop and maintain supplier risk and control monitoring plans, performing monitoring activities and analyzing evidence to ensure controls are effective. Assist in the development and execution of category/supplier strategies. Collaborate with stakeholders to address supply chain security. Supervise and conduct supplier security audits in alignment with company security policies and industry standards. Perform on-site assessments of vendors to identify opportunities for improvement. Utilize analytics to compile and synthesize data, making informed recommendations to assess and mitigate risk exposure, guiding business decisions. Establish and deliver metrics in a robust, validated, consistent, and repeatable process. Ensure data accuracy and integrity through established processes and controls. Build relationships and influence the behavior of internal teams and external parties. Complete monitoring and control tasks triggered by supplier tier and third-party interaction models. Collaborate with business stakeholders to achieve year-over-year cost savings with managed third-party relationships. Partner with stakeholders on IT Security contract negotiations for all managed third-party relationships. You Will Bring Minimum of seven years of experience in developing and maintaining global vendor risk management programs. Preferred certifications: CISSP, CISM, CISA, or CRISC. Strong understanding of information technology and security solutions. Monitor and ensure successful delivery against third-party contractual obligations. Assist in the development and monitoring of SLAs or key performance indicators for third-party relationships. Primary country and city: India (IN) || Gurgaon Req ID: 768956

. Job Title Cyber Risk Mgmt - Advisor I What does a successful Cyber Risk Management Advisor do at Fiserv: Identifying information security and emerging technological requirements and effective risk mitigation actions. Manage key accounts/customers from a Cybersecurity service perspective. Successfully leading and supporting the delivery of Cybersecurity projects and services for our customers by working directly with key business stakeholders and technology SMEs. What will you do: Provide Cybersecurity support for network security products and services (new deployments, hardware refresh/upgrades, migrations, and feature implementation). Support the implementation of security concerns with new and emerging technologies with particular focus on SaaS, PaaS and IaaS specifically the major Cloud providers. Support and guide other teams in the organization on Cybersecurity best practices, security vulnerabilities and implementation/enforcement of the compensating controls. Assist with creating security designs and configure security controls within the Cybersecurity portfolio. Support activities to ensure that risk and controls are in compliance with regulatory requirements and remain in line with company risk appetite. Use metrics to track security risks and awareness. Ensure compliance and governance for data security. Possess expert knowledge in Cybersecurity in the financial services industry to provide guidance on business operations, policies and practices. Involved in or respond to information security incidents as needed. What will you need to know: 15 or more years of cybersecurity and technology risk experience in a large MNC. Minimum of 10 years of experience in Cybersecurity Program Management & Governance, including technical background (networks, servers, encryption, application security, infosec tool, etc). Possesses progressive experience in leading multiple projects in a complex international financial services organization, preferably Financial Technology. Excellent written and verbal communication skills with the ability to negotiate and influence multiple stakeholders, driving positive changes through awareness, understanding, acceptance and commitment to relevant information security topics. Excellent customer management skills with min 8 years of experience with managing large enterprise customers preferably from financial services industry. Relevant professional certification, such as CISSP, CEH, CRISC, CGEIT. What would be great to have: A minimum of 10 years of hands-on experience with multiple security disciplines preferred. Preferred industry certifications are: CISM, CISSP. We welcome and encourage diversity in our workforce. Fiserv is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protector veteran. Explore the possibilities of a career with Fiserv and Find your Forward with us ! Thank you for considering employment with Fiserv. Please: Apply using your legal name Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable). Our commitment to Diversity and Inclusion: Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law. Note to agencies: Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions. Warning about fake job posts: Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address. Share this Job Email LinkedIn X Facebook

Qualification: Bachelors degree in computer Science or IT higher-level qualification Perform 3rd-party audits and trainings according to ISO/IEC 27001, ISO 9001 & other IT specific standards/ frameworks Provide timely and accurate reviews of client’s corrective action and closure. Minimum 5+ years’ Experience in IT /Management system Implementation / certification and Minimum 2 years of profound experience in the field of information security. Great attitude, Analytical skills and communication skills. Preferred: IRCA Certified, ITIL Certified, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks. Able to travel for business purpose(70-80%).

Qualification: Bachelors degree in computer Science or IT higher-level qualification Perform 3rd-party audits and trainings according to ISO/IEC 27001, ISO 9001 & other IT specific standards/ frameworks Provide timely and accurate reviews of client’s corrective action and closure. Minimum 5+ years’ Experience in IT /Management system Implementation / certification and Minimum 2 years of profound experience in the field of information security. Great attitude, Analytical skills and communication skills. Preferred: IRCA Certified, ITIL Certified, CISA, CISM, CISSP, MCSE, MCSA and/or MBA Good understanding of relevant regulations and industry standards (e.g. ITIL Framework, FFIEC, SOX, COSO, COBIT, ITIL, ISO27001, PCI, HIPAA, HiTrust and GLBA), best practices and methodologies and the ability to apply these requirements to organizational internal control frameworks. Able to travel for business purpose(70-80%).

We are seeking an experienced and highly motivated Cybersecurity GRC Manager to lead and manage the organizations governance, risk, and compliance (GRC) initiatives The ideal candidate will be responsible for designing, implementing, and maintaining robust cybersecurity frameworks to ensure compliance with regulatory requirements, industry standards, and organizational policies This role is critical in driving our security strategy, managing risks, and fostering a culture of security awareness across the organization Key Responsibilities: GovernanceDevelop and implement the organizations cybersecurity governance framework, policies, and procedures Align cybersecurity initiatives with business objectives, regulatory requirements, and industry best practices (eg, ISO 27001, NIST, GDPR, etc) Collaborate with cross-functional teams to ensure security requirements are integrated into business processes and IT systems Risk ManagementIdentify, assess, and prioritize cybersecurity risks across the organization Develop and maintain a risk management program, including risk registers, mitigation plans, and periodic assessments Monitor emerging threats and vulnerabilities, and provide guidance on appropriate risk responses ComplianceEnsure compliance with applicable laws, regulations, and standards (eg, SOX, HIPAA, PCI DSS) Conduct internal audits and readiness assessments for external audits and certifications Manage third-party vendor risk assessments and ensure security compliance across the supply chain Incident Management and ReportingOversee security incident response plans and testing Report on cybersecurity risks, incidents, and compliance metrics to executive leadership and stakeholders Coordinate with legal and regulatory bodies during audits or in response to security incidents Training and AwarenessDevelop and deliver cybersecurity training and awareness programs for employees at all levels Foster a culture of security awareness and accountability within the organization Education and Certifications bachelors degree in Cybersecurity, Information Technology, Business, or a related field Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor preferred Experience 7+ years of experience in cybersecurity, governance, risk, or compliance roles Proven experience with GRC tools, frameworks, and standards (eg, NIST CSF, COBIT, ISO 27001) Demonstrated success in managing complex risk and compliance projects SkillsStrong understanding of regulatory requirements and risk management methodologies Excellent communication and stakeholder management skills Analytical and detail-oriented with the ability to make data-driven decisions Experience in third-party vendor risk management and security audits What We Offer: Competitive salary and benefits package Opportunity to work with cutting-edge technologies in a dynamic and collaborative environment Professional development and certification opportunities

Not Applicable Specialism Risk Management Level Associate & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats s Experience in conducting IT risk assessments. Sound understanding of ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Knowledge on application infrastructure architecture. Knowledge on SaaS application architecture. Knowledge on database and middleware communication. Knowledge on API security. Good communication skills. Good team player. Good presentation skills and senior stakeholder management. Certifications CISA, CISSP, CCNP, CCSP, CISM, CRISC etc. Mandatory Skill Sets IT Risk, ISO 27001, NIST, PCI, Data Privacy, and Cloud Security. Preferred Skill Sets Stakeholder Management, Team Management Years of Experience 3+ Years Educational Qualification BE, B.Tech, M.Tech, MCA, MBA graduates. Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills ISO Certification, NIST Standards Accepting Feedback, Accepting Feedback, Active Listening, Cloud Security, Communication, Conducting Research, Cyber Defense, Cyber Threat Intelligence, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Malware Analysis, Malware Detection Tools, Malware Intelligence Gathering, Malware Research, Malware Reverse Engineering, Malware Sandboxing {+ 11 more} Travel Requirements Government Clearance Required?

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Solution Architecture Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where you will review and integrate all application requirements, focusing on security aspects. Your typical day will involve collaborating with various teams to ensure that security requirements are seamlessly integrated into the application architecture, providing critical input into final decisions regarding application security, and ensuring that the technical architecture aligns with security protocols and standards. You will play a vital role in safeguarding applications by ensuring that security is a fundamental component of the development process. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on application security best practices.- Conduct regular assessments of application security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Solution Architecture.- Strong understanding of application security frameworks and methodologies.- Experience with threat modeling and risk assessment techniques.- Familiarity with secure coding practices and application security testing tools.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 7.5 years of experience in Solution Architecture.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Who we are: R1 is a leading provider of technology-driven solutions that help hospitals and health systems to manage their financial systems and improve patients experience. We are the one company that combines the deep expertise of a global workforce of revenue cycle professionals with the industry's most advanced technology platform, encompassing sophisticated analytics, Al, intelligent automation and workflow orchestration. R1 is a place where we think boldly to create opportunities for everyone to innovate and grow. A place where we partner with purpose through transparency and inclusion. We are a global community of engineers, front-line associates, healthcare operators, and RCM experts that work together to go beyond for all those we serve. Because we know that all this adds up to something more, a place where we're all together better. R1 India is proud to be recognized amongst Top 25 Best Companies to Work For 2024, by the Great Place to Work Institute. This is our second consecutive recognition on this prestigious Best Workplaces list, building on the Top 50 recognition we achieved in 2023. Our focus on employee wellbeing and inclusion and diversity is demonstrated through prestigious recognitions with R1 India being ranked amongst Best in Healthcare, Top 100 Best Companies for Women by Avtar & Seramount, and amongst Top 10 Best Workplaces in Health & Wellness. We are committed to transform the healthcare industry with our innovative revenue cycle management services. Our goal is to make healthcare work better for all by enabling efficiency for healthcare systems, hospitals, and physician practices. With over 30,000 employees globally, we are about 16,000+ strong in India with presence in Delhi NCR, Hyderabad, Bangalore, and Chennai. Our inclusive culture ensures that every employee feels valued, respected, and appreciated with a robust set of employee benefits and engagement activities. Program Leader We are looking for a Program Leader, IT Security within Identity and Access Management. The Program Manager will use their hands-on technical skills, strong leadership ability and eagerness to design solutions to complex problems as a leader within a larger global team. The Program Manager must be comfortable with communicating to stakeholders, performing security assessments, and prioritizing security risks, as well as creating/presenting high quality deliverables. The position will have a team of direct reports and align under the Director of IAM, Client Identity and Access. Responsibilities Operate as a People Leader responsible for a team of 30+ global resources, including 2 supervisors Build, lead, and execute IAM strategies to enhance the productivity of R1 operational workforce while also enhancing security posturing. Act as a leader with extensive subject matter expertise to shape the Client Identity and Access team. Work collaboratively with peers and stakeholders to influence technical and business projects to enhance IAM strategies. This included but is not limited to transitional work, integrations, and stead state organization initiatives. This role will identify and execute on strategies core to internal business processes as well as partnering with external providers and business partners to securely enable R1 user access. Complete unbiases analysis of technology options and develop a practice to determine, approve and manager preferred technologies; maintain a list of approved technologies; create communication strategies that will guide the organization to standard technologies or create new standards as development needs arise. Communicate access management security goals and new programs effectively with other department managers within the organization. Ensure fulfillment of legal and contractual IT security, compliance, and privacy mandates. Partner with internal cross-function teams and external customers on technology improvement opportunities. Skills and Experience: 10 years of experience, or combined 5 years in Senior Management and 5 years in IAM or adjacent IT Security framework(s) Experience with inventory management, ticketing workflows, and production and quality oversight Excellent interpersonal and communication skills to work with all levels of management, employees, peers, and vendors Excellent analytical and problem-solving skills to solve/manage complex technical problems Ability to maintain enterprise relationships with internal, external stakeholders, and teams Experience in developing and running multiyear, complex technology initiatives and teams Tenacity, grit, and ability to perform under pressure to achieve deliverables Education Bachelors Degree in Computer Science, Information Technology, Information Security, Healthcare Science, or Business Management Preferred - Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or similar industry recognized certification. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust and secure cloud environment that supports business operations effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Evaluate and recommend new security technologies and practices to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with identity and access management solutions.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 7.5 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training and knowledge sharing sessions to enhance team capabilities.- Monitor and assess the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management methodologies.- Familiarity with compliance standards and regulations related to cloud security.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in designing and implementing security solutions for cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in ForgeRock Access Management- This position is based at our Hyderabad office- A 15 years full time education is required Qualification 15 years full time education

We have a team of security compliance leaders overseeing solutions for this complex environment, collaborating with security architects and Cloud DevOps teams internally and around IBM. The security compliance leader’s role is to determine the secure operation of the all computer systems, servers, and network connections in accordance with our policies, procedures, and compliance requirements. A security compliance leader in our team will participate in some or all of the following: Providing subject matter expertise in the creation, implementation, and maintenance of appropriate enterprise programs, policies, and procedures to be compliant with all applicable regulations including ISO, SOC, HIPAA, PCI, FedRAMP/FISMA Having the ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Interpreting standards, requirements, and their application to the enterprise Cloud environment in the most reasonable and cost-effective manner Developing, implementing, maintaining, and overseeing enforcement of security policies Collaborating with security architects and technical security teams to define and implement security processes and procedures based on industry-standard best practices and compliance requirements. Defining the requirements and validating the procedures and audit testing methodology Conducting regularly scheduled audits on systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. Working with the DevOps teams to prepare ongoing client reporting, information for prospective clients, and marketing materials Providing training to teams as needed Assisting team members and internal clients in addressing highly complex security issues applicable to enterprise environment Required education Bachelor's Degree Required technical and professional expertise Required Skills Minimum of 12 years of relevant compliance experience and cybersecurity knowledge Compliance leaders do not require dev experience, but it is an advantage. 10+ years of security compliance audit experience is a must Ability to utilize working knowledge of information security best practices such asNIST 800 series, ISO 27000 series, GDPR, etc Experience with compliance programs such as SOC2, FFIEC or FedRAMP/ FISMA, HIPAA, GDPR, or PCI Experience in risk assessment processes, policy development, proposals, work statements, product evaluations, and delivery of technology Ability to understand enterprise business computing operations/requirements, and in particular, Cloud Ability to stand firm on issues yet be flexible and creative when working with customers to find effective solutions Ability to understand and interpret laws and regulatory requirements related to information protection, and develop and implement appropriate processes to achieve and maintain compliance and reduce risk Preferred technical and professional experience Preferred Skills Working in a change-controlled production environment. Diagnosing the root cause of problems and propose solutionsExamples would be failed patches, tooling issues, false positives on system tests, authentication problems. Expertise in system configuration, especially privilege control (for example sudoer configuration), and system level firewall (iptables) An understanding of basic networking conceptsipsec tunnels, firewalls, routers, public and private addressing. Project Management knowledge and experience a strong plus container based architectures and implementations such as kubernetes, docker, etc. Education qualification. Computer science BSc or equivalent Security/privacy specific training such as ISO 27001 LA CISA, CISM, CISSP etc

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a CSPM WIZ Administrator and analyst, you will be responsible for overseeing the security posture of cloud environments, ensuring compliance with industry standards, and implementing best practices to mitigate risks. Your role will involve configuring and managing CSPM tools, conducting regular assessments, and collaborating with cross-functional teams to enhance cloud security. Roles & Responsibilities:-CSPM WIZ Tool Management:Configure, deploy, and maintain CSPM solutions to monitor and secure cloud resources.-Security Assessments:Conduct regular security posture assessments to identify vulnerabilities and misconfigurations.-Compliance Monitoring:Ensure adherence to compliance frameworks such as ISO 27001, NIST, and GDPR.-Incident Response:Collaborate with security teams to respond to and remediate security incidents.-Automation:Implement automation scripts to streamline security processes and reduce manual efforts.-Documentation:Maintain detailed records of security configurations, assessments, and incidents. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to design and implement security controls tailored to cloud architectures. Additional Information:- The candidate should have minimum 5 years of experience in Managed Cloud Security Services.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Identity and Access Management (IAM) Operations, Microsoft Active Directory Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :The IAM Operations Senior Analyst is responsible for managing and supporting enterprise Identity and Access Management solutions, with a specific focus on Active Directory (AD) and Lightweight Directory Access Protocol (LDAP). This role includes provisioning and de-provisioning access, troubleshooting access-related issues, maintaining directory services, and ensuring compliance with security policies and standards.Key Responsibilities:- Administer and manage user access and entitlements across Active Directory (AD), LDAP, and integrated systems.- Support daily operations of IAM processes, including onboarding/offboarding, access reviews, group management, and directory synchronization.- Implement changes and troubleshoot issues in directory services (AD/LDAP), including replication, GPOs, and OU management.- Assist with the integration of applications with AD/LDAP for authentication and authorization.- Monitor access requests, incidents, and changes through ITSM tools (e.g., ServiceNow).- Perform regular audits and ensure compliance with internal controls, policies, and regulatory standards.- Participate in the improvement and automation of IAM processes using tools like PowerShell, Identity Governance platforms (e.g., SailPoint, Saviynt), or custom scripts.- Work closely with Security, HR, and Application teams to align IAM functions with business needs.- Create and maintain documentation for processes, policies, and system configurations.- Assist in IAM-related projects and initiatives as needed. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity and Access Management (IAM) Operations.- Strong understanding of security frameworks and compliance standards.- Experience with identity governance and administration tools.- Knowledge of risk management principles and practices.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 3 years of experience in Identity and Access Management (IAM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Data Encryption Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while maintaining a focus on best practices and compliance standards. Roles & Responsibilities:-Certificate Lifecycle Management-Oversee the issuance, renewal, and revocation of digital certificates.-Implement and maintain processes for managing certificate requests, approvals, and deployments.-Monitor certificate expiration dates and ensure timely renewal to prevent service disruptions.-Maintain an accurate inventory of all certificates deployed across systems and applications.-Certificate Infrastructure Management-Configure and maintain certificate authorities (CAs) and registration authorities (RAs) to support secure certificate issuance and management.-Monitor the health and performance of certificate infrastructure components.-Troubleshoot issues related to certificate provisioning, validation, and revocation.-Documentation and Reporting-Maintain comprehensive documentation of certificate management processes, procedures, and configurations.-Generate regular reports on certificate usage, expiration status, and compliance metrics for stakeholders. Professional & Technical Skills: -Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. -Document the implementation of the cloud security controls and transition to cloud security-managed operations. -Must have skills :Public Key Infrastructure, Venafi- Good to have skills :Data Encryption, Sectigo Additional Information:- The candidate should have minimum 2 years of experience in Data Encryption.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security architecture and controls.- Conduct regular assessments and audits to ensure compliance with security policies and standards. Professional & Technical Skills: -Proven experience with SailPoint IdentityIQ, including administration, configuration, and support about 6-10 years of experience-Identify, troubleshoot, and resolve technical issues within the SailPoint environment, including application connectors, user provisioning, and access management.-Manage incidents and problems related to SailPoint, following ITIL-based processes and escalating issues when necessary-Configure and maintain SailPoint systems, including user lifecycle events, roles, policies, and workflows.-managing the day-to-day operations of SailPoint IdentityIQ, including lifecycle management, access requests, certifications, and role management Additional Information:- The candidate should have minimum 5 years of experience in SailPoint IdentityIQ.- This position is based at our Bengaluru office.- A 15 years full time education is required. -Willing to work in 16*5 US Support hours Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security challenges. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security practices into the cloud architecture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).- Strong understanding of cloud security principles and best practices.- Experience with security incident response and management.- Familiarity with regulatory compliance frameworks relevant to cloud security.- Ability to analyze security logs and events for potential threats. Additional Information:- The candidate should have minimum 3 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity and Access Management (IAM) Operations Good to have skills : Microsoft Active DirectoryMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Monitor and evaluate the effectiveness of security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Identity and Access Management (IAM) Operations.- Good To Have Skills: Experience with Microsoft Active Directory.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security frameworks for cloud environments.- Familiarity with compliance standards and regulations related to cloud security. Additional Information:- The candidate should have minimum 7.5 years of experience in Identity and Access Management (IAM) Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, designing robust security solutions, and documenting the implementation of cloud security controls. You will also oversee the transition to cloud security-managed operations, ensuring that all processes align with organizational standards and best practices. Engaging in continuous improvement initiatives and staying updated with the latest security trends will be essential to your role, as you work to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security architecture to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure security measures are integrated into all cloud-based projects. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or CIS.- Familiarity with identity and access management solutions.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 3 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust and secure cloud environment that supports business operations effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Monitor and evaluate the effectiveness of implemented security measures, making adjustments as necessary. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks and compliance standards.- Ability to analyze and mitigate security risks in cloud environments.- Familiarity with incident response and disaster recovery planning. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

We are looking for a highly skilled and motivated Thales HSM Specialist with strong Microsoft Azure expertise, especially in cryptography and payment systems. The ideal candidate should possess deep understanding of Thales Hardware Security Modules (HSMs), cryptographic key lifecycle management, and practical experience with Azure Payment HSM offering. Key Responsibilities: Manage and configure Thales HSM devices, including key generation, import/export, and secure application integration. Design and implement secure payment operations leveraging HSMs in compliance with PCI-DSS and industry standards. Work with Azure services to support HSM integration, including Azure Key Vault and Azure Payment HSM. Troubleshoot and optimize cryptographic services for performance, compliance, and security. Collaborate with cloud architects and security teams to enforce cryptographic policies and secure key usage. Support and enhance security for payment processing systems involving encryption/decryption, tokenization, and secure key injection. Document key management practices, HSM configurations, and support operations runbooks. Required Skills & Experience : Strong hands-on experience with Thales payShield or Luna HSMs. In-depth knowledge of cryptographic algorithms, PKI, and key management practices. Hands-on experience with Azure Payment HSM or Azure Key Vault Managed HSM. Knowledge of payment systems, EMV, HSM-based PIN processing, and secure remote key loading. Familiarity with PCI DSS and other regulatory compliance frameworks. Solid understanding of Microsoft Azure ecosystem, including networking, security, and identity management. Experience in scripting or automation for HSM operations (PowerShell, Bash, etc.) Preferred Qualifications: Azure certifications such as Azure Security Engineer Associate or Azure Solutions Architect. Certifications in cryptography or security (e.g., CISSP, CISM, Certified Encryption Specialist). Prior experience with cloud-native payment applications or fintech environments.

Period :Immediate. Type Contract Description Minimum of 5 years of technical cyber Security Consultant experience and IT audit/compliance . Experience integrating Cyber Security technologies with existing technologies Proficient understanding of experience with audit, regulatory requirements, and standards (SOC2, ISO, HITRUST), and other related standards and certification processes. Must be passionate about contributing to an organization focused on continuously improving consumer experiences Willing to work in Eastern Time/Humana business hours .Preferred Qualifications Knowledge of key compliance and IT frameworks . such asSSAE16 SOC2, HITRUST, SOX, etc. CISA, CISSP, HCISPP, CCSP, CISM, CTPRP or similar certification

At Nouryon, our global team of Changemakers takes positive action every day, to reach higher goals collectively and individually. We create innovative and sustainable solutions for our customers to answer societys needs – today and in the future. Purpose/Key Objectives of the Job: The purpose of this role is to lead Nouryon’s Governance, Risk, and Compliance (GRC) program. Enhance short/long-term GRC program strategy to align with regulatory and business needs. Lead GRC in cross-functional projects and initiatives. Apply advanced GRC knowledge/experience to mature and improve processes, controls library, and metrics reporting. Manage and review team members day to day work product. About The Job (Job Responsibilities): Track and support compliance with various findings. Build, track and support a cyber security risk program. Build, track and support a cyber security compliance program. Develop, track and support metrics and reports on KPIs, SLAs and other internal metrics. Develop policy, processes, procedures and guidelines. Build, track and support compliance to various frameworks such as ISO 27001, NIST CSF/800-53, etc. Responsible for Penetration Testing program. Track and help improve the GRC program maturity. Provide other support to the Office of the CISO. We believe you bring (Education & Experience) Former leader role in GRC with knowledge of regulatory and industry requirements and standards. 10+ years’ experience working in an enterprise environment. Experience with multiple GRC tools such as Archer, ServiceNow GRC, etc. Preferred one or more of: CISSP, CRISC, CISA, CISM. Must have experience conducting/implementing/managing risk/compliance management frameworks. Must possess strong written and verbal communication skills. Proficiency with all Microsoft (MS) Office programs is necessary, including familiarity with SharePoint. Conducting and/or coordinating information security risk assessments for technology and security frameworks. Facilitating multiple stakeholders to agree on appropriate security solutions and verifying that security risks are mitigated appropriately. Verifying that required security controls are built into new products Performing deep dives on Information security-related processes and systems. Identifying system limitations that could lead to regulatory risks in new products and services and provide guidance for resolution and risk mitigation. Staying abreast of innovative business and technology trends in Information Security, risk, and controls and advising leadership on technology initiatives. Carrying out risk assessments and gap analysis of multi-networks and cloud environments using compliance standards and frameworks such as CSF and NIST. Creating, managing, and enforcing compliance requirements for business process and information systems and assisting in the development of Authority wide cybersecurity compliance program. Designing and/or implementing Information Security solutions in an enterprise environment. Leading initiatives for re-architecting and reengineering of security controls to enhance the security posture of the Authority. Strong knowledge of Vulnerability Management Remediation. Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon.com/careers/how-we-hire/ We look forward to receiving your application! We kindly ask our internal candidates to apply with your Nouryon email via Success Factors. We’re looking for tomorrow’s Changemakers, today. If you’re looking for your next career move, apply today and join Nouryon’s worldwide team of Changemakers in providing essential solutions that our customers use to manufacture everyday products such as personal care, cleaning, paints and coatings, agriculture and food, pharmaceuticals, and building products. Our employees are driven by the wish to make an impact and actively drive positive change. If that describes you, we will gladly make way for your ambitions. From day one we support you with your personal growth, through challenging positions and comprehensive learning and development opportunities, in a dynamic, international, diverse, and proactive working environment. Visit our website and follow us on LinkedIn . #WeAreNouryon #Changemakers

As an associate in RSMs growing Technology Risk Consulting, you will have the opportunity to develop into a seasoned consultant through a high degree of client and industry exposure, career development and mentorship opportunities, and a diverse and inclusive culture. The fast-paced and dynamic environment in which we operate will provide you with daily challenges and exciting opportunities. In the Technology Risk Consulting Practice, our consultants help our clients with design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies by identifying and prioritizing risk and transform their technology risk management and assurance capabilities to be aligned to the key risks and strategies of their organization. Responsibilities include Develop an understanding of the RSM Technology Risk Consulting approach, methodology and tools Develop an understanding of the Industry leading frameworks and methodologies for Sarbanes-Oxley, COBIT, NIST and ITIL Demonstrate understanding of business processes, internal control risk management, IT controls, and related regulatory and compliance standards Perform technology risk assessments and reviewing, documenting, evaluating controls design and operating effectiveness, IT internal audit consulting activities (internal audits over ERP systems, IT security, and other IT systems), perform external audit assurance activities, and perform service organization control services activities related to SSAE18 SOC 1 and SOC 2 reporting services Performing risk analysis by reviewing the information security policy documents against industry standards/ regulatory requirements and drafting risk reports, which summarize the information security assessment including any risks to the organization Execute components of IT audits under offshore delivery model in an effective and efficient manner Use problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise our clients Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, supervisors, and senior management in the U.S. on a daily basis Manage multiple concurrent engagements and ensure service excellence through prompt responses to internal and external clients Provide timely, high quality client service that meets or exceeds client expectations including coordinating the development and execution of the consulting work plan and client deliverables Understand RSM US and RSM Delivery Center's LOBs and work as a team in providing an integrated service delivery Ensure professional development through ongoing education Open to work on other solution sets considering business requirements. Qualifications: B.Tech/MCA/MBA with ISO 27001 Lead Auditor and up to 2 years of relevant experience in Information Security Controls, SSAE 18, SOC reports, IT Audits, IT General Controls, and IT Application Controls. Candidate should have intermediate knowledge of financials, operations and technology and its related risks Candidate should have good knowledge for SOC 1, SOC 2, IT General Controls, IT Application Controls, Information security and risk management frameworks/ standards (ISO 27001, NIST, COBIT, ITIL etc.) Qualified to pursue a job-relevant certification (CIA, CISA, CISM, CRISC, CISSP) Strong Data Analytical skills including advanced Excel skills (Vlookups, pivot tables, and basic formulas), Word and PowerPoint MS Visio skills to develop process and data flow diagrams Strong multi-tasking and project management skills Excellent verbal and written communication (English) as the position requires frequent communications with RSM International clients

Qualification- BE / B Tech/M.Tech / MCA Experience Atleast 10 years of experience with minimum 07 years of experience in IT Security; Hands-on experience in design & architecture of application security using J2EE security frameworks such as Spring Security or equivalent open source security frameworks, with relevant experience in global projects or in software product company; Knowledge of HSM architecture including application integration, deployment, performance optimization and tuning; Excellent understanding of best-in-class cryptographic algorithms; Sound knowledge of IT and security processes and best practices (e.g. ITIL, ISO 27001); Knowledge of ethical hacking Ability to spot risk, threat and vulnerability Experience in penetration testing. Experience in SOC Operational/ Management AND Installation. Should be familiar with both the commercially available intrusion prevention & detection software and the open-source versions Certifications like TIA Security, CISSP, CCSP or equivalent certifications Job Profile- Will be responsible for ensuring that Aadhaar applications are secure and the integrity of application components is preserved; Administer all security incidents handling and participate in all mitigation processes and perform various security audits and analyze various system logs and prepare required various events. Coordinate with various departments to evaluate all products and recommend appropriate products to enhance network securities and perform tests on architecture. Analyze all engineering processes and provide support to all firewalls and network for operating systems and scan all network devices and assist in vulnerability mitigation process. Prepare and maintain all documents for all processes and manage all security technologies for information networks and prepare all training materials for site personnel to increase security performance and perform various tests on all security products and systems. Design and enforce all security standards and procedures in systems and design all security policies and guidelines for all system security processes. Provide support to all customers and identify and resolve all issues and provide efficient training to new employees to understand all security procedures and maintain protection for all information systems. Assist all project teams and business units and provide consultation to all security processes and resolve all security issues effectively. Looking for vulnerabilities and risks in hardware and software Constantly monitoring for attacks and intrusions To Manage / monitor the Production Assets Security and those IT policy equipment are involved in DC Operation used by Operations Team Resource. Hardening of the Asset as per UIDAI security guidelines. FW port/VPN A/C/e-mail, Port opening request, E-mail A/C Creation, VPN A/C Creation & Other user credentials. Will oversee the design and development of application security architecture, auditing all modules and components and identify the security requirements to be implemented for each module and component; Prepare and maintain live document on Secure Coding standards and help in knowledge transfer of secure coding standards to Developers and Development Leads; Will design the security considerations for deployment; Support the product management and development teams in developing the application security-related component of Design documents and day to day requirements. Prepare, Review & Approve Product Design documents for all security-related changes to applications.