626 Cissp Jobs - Page 13

We are seeking a highly motivated and detail-oriented IT Compliance Analyst to join our Risk & Compliance team. The ideal candidate will be responsible for performing comprehensive IT compliance assessments, testing IT general controls and IT Automated controls and ensuring the organization adheres to internal policies and external regulatory requirements, including Sarbanes-Oxley (SOX). This role plays a critical part in maintaining a strong internal control environment and driving process improvement across the organization. Key Responsibilities Assist in planning and scoping IT compliance and internal control assessments. Identify risk areas and develop internal control testing programs. Perform end-to-end IT compliance assessments, including evaluating effectiveness of risk and control frameworks. Test IT General Controls (ITGCs) across domains like change management, logical access, SDLC and IT operations. Assess IT Automated Controls across business functions such as payroll, inventory, and revenue. Document control walkthroughs using narratives and flowcharts. Develop, maintain, and present compliance workpapers and reports highlighting control deficiencies and recommendations. Collaborate with management to communicate findings and ensure timely remediation of audit issues. Support external audit activities by coordinating information requests and walkthroughs. Stay up to date with regulatory and industry developments in IT compliance and risk management. Engage in continuous improvement efforts to enhance the efficiency and effectiveness of compliance processes. Qualifications Bachelors degree in Information Technology, Computer Science etc. Professional certification (or working towards) such asCISA, CRISC, CISSP, or CISMpreferred. 7 -10 years of experience in IT audit, compliance, or risk management; minimum 3-5 years in a Big 4 or similar professional services firm preferred . Strong understanding of IT infrastructure, applications, and enterprise systems. Knowledge of Sarbanes-Oxley (SOX), ITGCs, automated controls, and internal control principles. Experience with audit and compliance tools (e.g., eAudit, Auditboard, or equivalent). Ability to understand cross-functional business processes and their integration with IT systems. Strong interpersonal, communication, and report-writing skills. Able to work independently and collaboratively under tight deadlines. Demonstrated sound judgment, critical thinking, and attention to detail.

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Threat Modelling: Conduct threat modelling sessions to identify potential security risks to applications, networks, and infrastructure. Utilize various threat modelling frameworks (e.g., STRIDE, PASTA) to evaluate the risk associated with business processes and IT systems. Vulnerability Assessment & Penetration Testing: Perform regular vulnerability assessments and penetration testing on applications, systems, and networks to identify weaknesses and misconfigurations. Security Risk Analysis: Analyse vulnerabilities identified in VAPT engagements and prioritize them based on risk to the business. Provide recommendations for remediation and mitigation. Incident Response: Assist in responding to security incidents by analysing threat patterns, supporting forensic investigations, and recommending preventative measures. Collaboration with Teams: Work closely with developers, DevOps, and other stakeholders to design and implement secure development practices and advise on secure code development practices. Reporting: Document findings from threat modelling, vulnerability assessments, and penetration tests, and present them to management and other key stakeholders. Security Awareness: Promote awareness of cybersecurity risks within the organization and provide guidance on secure coding and risk mitigation strategies. Required Skills and Qualifications: Strong knowledge of Threat Modelling methodologies and tools (e.g., Microsoft Threat Modelling Tool, OWASP Threat Dragon). Hands-on experience in performing Vulnerability Assessment and Penetration Testing (VAPT) using tools like Nmap, Burp Suite, OWASP ZAP, Nessus, and Metasploit. Solid understanding of common vulnerabilities (e.g., SQL injection, Cross-Site Scripting, Buffer overflows) and security protocols (e.g., TLS/SSL, OAuth, OpenID). Familiarity with network security (firewalls, IDS/IPS, VPNs, etc.) and web application security. Experience in performing risk analysis, writing security reports, and presenting findings to both technical and non-technical audiences. Knowledge of OWASP Top 10, CVE, and vulnerability databases. Proficiency in one or more programming languages (e.g., Python, Java, C, or scripting languages) is a plus. Understanding of security frameworks and compliance requirements (e.g., NIST, ISO 27001, GDPR, SOC 2) is desirable. Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) is a plus. Strong problem-solving skills and the ability to work independently and in a team. Prior experience in BFSI would be preferred. Preferred Qualifications: Certification: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar penetration testing certifications. Certified Information Systems Security Professional (CISSP) or similar information security certifications. Previous experience in threat hunting, incident response, or application security. Understanding of security in Agile/Scrum development processes. Location and way of working Base location: Pune Professional is required to work from office. How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution.

Location: Thane What does a successful Internal Audit- IT professional do at FISERV? Efficiently conduct the audit projects as per The Institute of Internal Auditors standards and in accordance with Fiserv global Internal Audit framework and methodologies. What will you do: Should be able to direct/execute audit project independently (covering planning, fieldwork and reporting stages of audits) Lead a variety of moderately complex to complex IT focused audits including IT governance, service and project delivery, audits of IT technical domains such as networks, infrastructure, and applications. Audit Co-ordination & Facilitation - Meetings with key personnel of various work areas Planning, conducting walkthroughs, drafting process understanding and relevant controls. Preparing planning memos, risk assessment matrix, risk assessment control matrix (RACM) and Internal controls Documenting and Reviewing Test of Designs and Test of Effectiveness controls. Perform analytical procedures/analysis to test the effectiveness of controls. Document audit procedures and cross reference working papers. Create management representation letter comments and recommendations and draft audit reports for management review. Expected to assign variety of audits including operational, compliance or IT focused under a variety of financial or info-security/cyber security regulations in the US and other international locations in APAC, EMEA, LATAM, etc., Validations of audit issues. Conducting special reviews. What will you need to know: Desired qualification: Computer Services engineering/ BSc/MSc-IT / BCA/MCA degree [with an emphasis in information technology or equivalent degree] Experience: at least 6 to 8 years of IT Audit experience in assessing technology/IT controls and have experience in Internal Audit, Compliance & Risk Advisory services preferably in Banking and Financial services domain. Experience in auditing IT Internal controls, IT risk mitigation and technology related processes reviews. Good experience in IT General controls (ITGC) reviews, Cyber security controls, Infrastructure audits, application security audits, Network security control risk reviews. Good client interfacing skills, drafting skills, communication, and interpersonal skills. Computer proficiency, specifically Microsoft Office products (Word, Excel, PowerPoint, etc.) What would be great to have: Desired certifications: CISA / CISSP / CISM / CCNA certified professionals

Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff. Required education Bachelor's Degree Required technical and professional expertise Analysing cyber-IOCs, APTs, MITRE ATT&CK TTPs, attack vectors, adversary TTPs, and cyber threat intelligence topics and translating these into actionable intelligence Develop, maintain, and update a repository of cyber threat information that is used in conducting risk assessments and reports on cyber risk trends. Conducts research and evaluates intelligence data, with emphasis on TTP's. Good Experience in Development and documenting of threat Intelligence procedures into playbooks. Experience on Threat Research Reports for Strategic, Tactical, and Operational intelligence Focusing on intent, objectives, and activity of cyber threat actors and then acting accordingly. Perform ad-hoc intelligence gathering using OSINT tools and techniques Preferred technical and professional experience Able to apply creative and critical thinking when approaching issues and in resolving them. Able to communicate effectively with technical, operational, and senior client staff.

Job Title: Information Security Project Manager Location : Guwahati (Assam) Department : Information Security Team : Security Business Services Reports To : Security Business Services CISO Job Summary: The Information Security Project Manager will oversee and manage security-related projects to ensure that they are completed on time, within scope, and within budget. This role requires a strong understanding of information security principles and practices, combined with exceptional project management skills. You will coordinate with cross-functional teams, manage project risks, and ensure that security initiatives align with organizational goals and compliance requirements. Key Responsibilities: Project Planning and Management: Develop and execute comprehensive project plans to ensure timely and successful completion of information security initiatives. Stakeholder Coordination: Collaborate with key stakeholders to align project goals with organizational objectives and ensure smooth communication throughout the project lifecycle. Risk Management: Identify, assess, and mitigate potential risks to the project, ensuring compliance with security protocols and minimizing vulnerabilities. Budget Management: Oversee project budgets, ensuring resources are allocated effectively and financial constraints are adhered to while maintaining project scope and quality. Team Leadership: Lead cross-functional teams, fostering collaboration, accountability, and performance to meet project objectives and deadlines. Compliance and Quality Assurance: Ensure adherence to industry standards, regulatory requirements, and best practices to maintain high levels of security and quality assurance. Reporting and Documentation: Prepare regular status reports and maintain detailed documentation on project progress, risks, and outcomes for stakeholder review. Change Management: Manage and facilitate changes within the project scope, ensuring minimal disruption and alignment with evolving security needs. Continuous Improvement: Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of project execution. Vendor Management: Manage relationships with external vendors, ensuring they meet contractual obligations and deliver secure, high-quality solutions. Prepare executive-level presentations for leadership, highlighting key updates and progress. Share weekly status reports with stakeholders, summarizing project activities and timelines. Create and manage a comprehensive project delivery plan to address cybersecurity requirements, ensuring alignment with national security priorities. Partner with the Internal Centre of Excellence (COE) Security Leaders and Technical Leads to plan, monitor, and control project execution. Provide regular updates to client stakeholders on project status, key security metrics, and SLA performance, fostering transparency and collaboration. Collaborate with client stakeholders to ensure cybersecurity initiatives align with government and organizational objectives. Qualifications: Education: Bachelors degree in Information Security, Computer Science, Business Administration, or a related field. Relevant certifications such as PMP (Project Management Professional), CISM (Certified Information Security Manager), or CISSP (Certified Information Systems Security Professional) are preferred. Experience: 5+ years of experience in project management, with a focus on information security or IT projects. Demonstrated experience managing complex projects with cross-functional teams. Technical Knowledge: Strong understanding of information security principles, practices, and technologies. Familiarity with security frameworks, standards, and compliance requirements (e.g., HIPAA, PCI-DSS). Project Management Skills: Proven ability to manage projects effectively, including planning, execution, risk management, and reporting. Experience with project management tools and methodologies. Leadership Skills: Excellent leadership and team management abilities, with experience leading diverse teams and managing stakeholder relationships. Communication Skills: Strong written and verbal communication skills, with the ability to present complex information clearly and effectively to both technical and non-technical audiences. Problem-Solving: Excellent analytical and problem-solving skills, with the ability to address issues proactively and make informed decisions. If you are interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID: Ashwini.chakor@ril.com

Role & responsibilities Key Responsibilities: Plan, execute, and document internal audits for ISO/IEC 27001:2022 and SOC 2 controls across the organization. Conduct risk assessments to identify control weaknesses and areas for improvement. Evaluate effectiveness of existing information security policies, procedures, and controls. Collaborate with process owners to ensure timely implementation of corrective actions. Maintain audit schedules and manage audit evidence for internal and external assessments. Liaise with external auditors for ISO and SOC 2 certification processes. Assist in development, review, and continuous improvement of ISMS and security policies. Maintain up-to-date knowledge of compliance requirements, regulatory changes, and industry trends. Train internal teams on ISO/SOC2 awareness and audit preparedness. Report audit findings and compliance status to senior management with actionable recommendations. Required Qualifications: Bachelors degree in Information Security, Computer Science, Auditing, or related field. At least 2–5 years of experience in auditing information security management systems. Proven experience in conducting internal audits for ISO/IEC 27001:2022 and SOC 2 frameworks. Certifications such as ISO 27001 Lead Auditor is mandatory. PIMS/CISA/BCMS or other relevant Certifications will be a plus Solid understanding of information security principles, risk management, and data privacy. Preferred Skills: Excellent analytical, problem-solving, and documentation skills. Strong interpersonal and communication skills, with the ability to interact with technical and non-technical stakeholders. Self-driven with the ability to manage multiple priorities under minimal supervision Work Environment: May require occasional travel for site audits or assessments. Flexible hours during audit cycles may be required.

Proactively lead and support incident response team during an incident. Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations Hands-on basic experience with configurations and management of SIEM tools(Qradar)including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST. Proven Experience on any of the Security information and event management (SIEM) tools using Qradar Data-driven threat hunting using SIEM, EDR and XDR tools Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR Identify quick defence techniques till permanent resolution. Recognize successful intrusions and compromises through review and analysis of relevant event detail information. Review incidents escalated by Level 1 analysts. Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts. Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate. Identify the gaps in security environment & suggest the gap closure Drive & Support Change Management Performs and reviews tasks as identified in a daily task list. Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc. Willing to work in 24x7 rotational shift model including night shift. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 5+ Years Hands-on experience required in Qradar SIEM and SOAR. Desired experience in Threat hunting, Threat intelligence. Worked on tools belongs to Qradar, UEBA, UAX. Bachelor’s degree in engineering/information security, or a related field. Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent. Proven experience to work in a SOC environment. Preferred technical and professional experience Proven experience in managing and responding to complex security incidents. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work in a fast-paced, dynamic environment. Deep technical knowledge of security technologies and advanced threat landscapes.

Company Description Tesco Bengaluru: We are a multi-disciplinary team creating a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility, providing cutting-edge technological solutions and empowering our colleagues to do ever more for our customers. With cross-functional expertise in Global Business Services and Retail Technology & Engineering, a wide network of teams and strong governance we reduce complexity thereby offering high quality services for our customers. Tesco Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 4,40,000 colleagues. Tesco Technology consists of people from a number of different backgrounds, but having a common purpose to serve our shoppers a little better every day with our retail technological solutions. We shared a common interest in harnessing innovations in technology to enhance their shopping experience at Tesco stores. Whether making products, software or systems, our teams focuses on various aspects from taking strategic ownership of the architecture to delivering technological solutions such as design, testing, deployment, infrastructure, operation and security of the systems to ensure agile, smooth and safe operations. These help us to deliver the maximum business impact. Teams refine their internal processes to best fit their own needs, working to build core capabilities in application and services. We collaborate globally across teams to build end-to-end customer-facing solutions, as well as to share knowledge, experience, tools and techniques. At Tesco, inclusion means that Everyone?s Welcome. Everyone is treated fairly and with respect; by valuing individuality and uniqueness we create a sense of belonging. Diversity and inclusion have always been at the heart of Tesco. It is embedded in our values: we treat people how they want to be treated. We always want our colleagues to feel they can be themselves at work and we are committed to helping them be at their best. Across the Tesco group we are building an inclusive workplace, a place to actively celebrate the cultures, personalities and preferences of our colleagues ? who in turn help to build the success of our business and reflect the diversity of the communities we serve. Job Description - Carry out Cyber Risk and Assurance initiatives independently while ensuring quality and timely delivery. - Perform control testing using security frameworks to determine effectiveness of the control and provide recommendations. - Review adequacy of evidence provided by Technology teams as part of control assurance activities. - Define processes to collaborate with Security and Technology teams for remediation of identified system-level control gaps and work closely with them to ensure implementation cyber security safeguards to improve security posture across the organisation. - Identify; evaluate and monitor technology risks as part of Cyber Risk and Assurance programmes. - Review security exceptions raised by Technology teams to manage the risks associated. - Drive reporting across different Cyber Risk and Assurance initiatives; including reporting to Security Leadership and Cyber/Technology governance committees. - Identify; drive and implement opportunities for process improvement across various initiatives within the Cyber Risk and Assurance team. - Build strong relationships with the stakeholders and lead internal meetings with Technology and Business Process teams. Qualifications - 7 to 10 years cyber security experience - IT audit and/or IT risk management - Experience of assessing security controls across a variety of technologies and products; recommending improvements where necessary - Hands on Experience with different security frameworks and standards such as ISO 27001; NIST; CIS; PCI; (e.g. controls testing; gap assessments) - Critical thinking with strong attention to detail and good organisational skills - Strong written; verbal communication and presentation skills; working with all levels of seniority and disciplines within the organisation - Able to build solid working relationships with internal and external stakeholders - At least one professional qualification such as CISA; CISM; CRISC CISSP or equivalent Additional information Important Notice: On behalf of Tesco Bengaluru, we must caution all job seekers and educational institutions that Tesco Bengaluru does not authorise any third parties to release employment offers or conduct recruitment drives via a third party. Hence, beware of inauthentic and fraudulent job offers or recruitment drives from any individuals or websites purporting to represent Tesco. Further, Tesco Bengaluru does not charge any fee or other emoluments for any reason (including without limitation, visa fees) or seek compensation from educational institutions to participate in recruitment events. Accordingly, please check the authenticity of any such offers before acting on them and where acted upon, you do so at your own risk. Tesco Bengaluru shall neither be responsible for honouring or making good the promises made by fraudulent third parties, nor for any monetary or any other loss incurred by the aggrieved individual or educational institution. In the event that you come across any fraudulent activities in the name of Tesco Bengaluru, please feel free report the incident at recruitment_compliance_india@tesco.com Role & responsibilities Preferred candidate profile

Role & responsibilities DLP Operations: Manage day-to-day operations of the DLP solution, including monitoring, incident response, and resolution. Policy and Procedure Development: Develop and configure DLP policies to safeguard sensitive information, in line with regulatory requirements and internal policies. Monitoring Compliance: Ensure compliance with data protection laws and organizational policies, and monitor data movement to prevent unauthorized data access or sharing. Privacy Impact Assessment (PIA) & Risk Management: Conduct PIAs to identify privacy risks and ensure the organizations data handling complies with regulations. Data Protection Training & Awareness: Assist in the development and delivery of data protection awareness training programs to educate staff on DLP policies and best practices. Vendor & Third-Party Risk Management: Evaluate risks associated with third-party service providers and ensure they comply with DLP policies and practices. Data Governance & Data Stewardship: Support the organizations data governance framework by ensuring effective use, management, and protection of sensitive data. Incident Investigation & Resolution: Conduct investigations into DLP incidents and resolve issues related to data breaches or violations, ensuring proper reporting and remediation. Data Subject Requests (DSR) Management: Assist in managing data subject requests (DSR), ensuring that data handling and deletion requests comply with privacy laws. Maintain excellent working relationships with business teams, Business Heads encouraging a positive culture of compliance and ethical behaviour by working with the business to achieve a shared vision and strategy. Develop and maintain a knowledge base for privacy and data protection laws as applicable to Protiviti India Member Firm Provide guidance to delivery and support functions on processing of personal data. Maintain data flow maps for the process where personal data is processed. Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required. Keep track of changes in the relevant legislations related to Privacy and the Data Protection Acts, interpret, convert these requirements into controls and provide guidance to all stakeholders Preferred candidate profile Bachelor's or master's degree in computer science, information systems or relevant field. Around 2-3 years' experience in managing privacy and data protection program for a company or providing privacy and data protection consulting services. Around 6-8 years of overall experience in the area of privacy and Information Security. Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate privacy, security and risk-related concepts to technical and nontechnical audiences. Knowledge and understanding of relevant legal and regulatory requirements, such as IT Act 2000, GDPR, BS10012, Data Protection Act of India and other Data Protection standards Knowledge of DADP act and country wise data protection act across Middle East Countries Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives Project management skills: scheduling and resource management Professional privacy engagement certification, such as a Certified Information Privacy Professional (CIPP) or other similar credentials in Data Privacy, is desired Strong understanding of data protection laws, regulatory compliance, and risk management. Ability to handle sensitive information with discretion and professionalism

Key Responsibilities: Develop, deploy, and maintain security controls and tools across enterprise environments. Monitor security systems for threats and vulnerabilities, and respond to security incidents. Conduct security risk assessments and recommend mitigation strategies. Implement and manage firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint security solutions. Collaborate with IT teams to integrate security best practices into infrastructure and application development. Develop and maintain security policies, standards, and procedures in alignment with regulatory requirements. Perform vulnerability scanning, penetration testing, and remediation tracking. Analyze security logs and alerts to identify potential threats or breaches. Provide security awareness training and support to employees. Stay updated on the latest security threats, trends, and technologies. Participate in security audits and compliance assessments. Document security architecture, configurations, and incident reports. Required Skills and Qualifications: 5-10 years of experience in IT security or cybersecurity roles. Strong knowledge of network and system security principles. Hands-on experience with firewalls, IDS/IPS, VPNs, endpoint protection, and SIEM tools. Proficiency in security frameworks and standards such as ISO 27001, NIST, CIS Controls. Experience with vulnerability management and penetration testing tools. Familiarity with cloud security concepts and tools (AWS, Azure, Google Cloud). Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Relevant security certifications such as CISSP, CISM, CEH, or CompTIA Security+ are preferred.

Number of Openings 3 ECMS ID in sourcing stage TS-ID-15358 Assignment Duration 6 Months Total Yrs. of Experience 12+ years Relevant Yrs. of experience 10 +years Detailed JD (Roles and Responsibilities) Crypto Mainframe Engineer Position Overview We are seeking an experienced Crypto Mainframe Engineer to join our team. The ideal candidate will have a minimum of 10 years of experience working in financial institutions and a strong background in using KeyFactor PrimeKey. This is a unique opportunity to work on cutting-edge encryption technologies and ensure the security of our financial systems Key Responsibilities Design, implement, and maintain cryptographic systems on mainframe platforms. Utilize KeyFactor PrimeKey to manage and deploy cryptographic keys and certificates. Ensure the security and integrity of financial data through the application of advanced encryption techniques. Collaborate with cross-functional teams to integrate cryptographic solutions into existing systems Monitor and respond to security incidents related to cryptographic systems. Keep abreast of the latest developments in cryptography and implement best practices Provide technical guidance and mentorship to junior engineers and staff Qualifications Bachelors degree in Computer Science, Information Security, or a related field Minimum of 10 years of experience working in financial institutions Extensive experience with KeyFactor PrimeKey for key and certificate management Strong understanding of cryptographic algorithms and protocols Knowledge of mainframe systems and their security features Experience with incident response and security monitoring Excellent problem-solving and analytical skills Strong communication and teamwork skills. Preferred Skills Masters degree in a relevant field Experience with EKMF and other mainframe cryptography Certifications in cryptography or information security (e.g., CISSP, CISM) Experience with other cryptographic tools and technologies Knowledge of regulatory requirements in the financial sector. Domain Crypto Mainframe Engineer Max Vendor Rate in Per Day (Currency in relevance to work location) 12000 INR Work Location given in ECMS ID Bangalore/Pune WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) As per Infosys Policy Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO NO

Ericsson is seeking an experienced GRC Specialist with 8 to 15 years of expertise in Governance, Risk, and Compliance to join our team in Noida or Bangalore. The ideal candidate will have a strong background in managing risk frameworks, compliance programs, and governance processes within large enterprises, preferably in telecom or IT sectors. Key Responsibilities: Develop, implement, and maintain governance, risk, and compliance frameworks aligned with global standards and Ericsson policies. Perform comprehensive risk assessments and compliance audits to identify gaps and recommend remediation actions. Ensure adherence to regulatory requirements such as ISO 27001, GDPR, NIST, COBIT, and ITIL. Manage and monitor compliance controls and policies to mitigate organizational risks. Collaborate with internal stakeholders and external auditors to facilitate audit readiness and compliance reporting. Drive continuous improvement initiatives for GRC processes and tools. Support incident response and business continuity planning from a GRC perspective. Lead awareness programs and training sessions on governance, risk, and compliance topics. Utilize and optimize GRC platforms (e.g., RSA Archer, MetricStream, ServiceNow GRC) for automated risk management and reporting. Required Skills and Qualifications: Bachelors or Masters degree in Information Technology, Cybersecurity, Business Administration, or related field. 8 to 15 years of experience in Governance, Risk, and Compliance roles. In-depth knowledge of GRC frameworks and standards (ISO 27001, NIST, COBIT, GDPR, ITIL). Practical experience with GRC tools and platforms. Strong understanding of cybersecurity risk management and control frameworks. Excellent analytical, organizational, and communication skills. Ability to work collaboratively across teams and influence senior stakeholders. Relevant certifications such as CISA, CISM, CRISC, CISSP, or similar preferred. Connect with me over LinkedIn at : https://www.linkedin.com/in/nitin-tushir-abc0048/

Preferred Qualifications Strong knowledge and experience working with Splunk, QRadar, SumoLogic or similar security information event management systems (SIEM) required Experience with query and scripting languages Experience with AWS security tools such as Guardduty, Inspector and Security Hub Experience with Crowdstrike Falcon or similar endpoint security suite required. BA/BS or higher in Cyber Security, Computer Science, Information Technology, Management of Information Systems, or a related field Excellent written and verbal communication skills Extremely organized and able to manage multiple, time-sensitive projects simultaneously CISSP, CompTIA Security+, CEH, or similar certifications preferred Responsibilities Perform daily reviews of security alerts and dashboards Perform weekly log analysis and threat hunting Detect and analyze security events and incidents Coordinate escalations to internal response teams to ensure timely incident resolutions Review threat intelligence from multiple sources Maintain standard operating procedures, processes and guidelines Automate security analysis, administration and remediation procedures, workflows and tasks Assist with Incident Response Help configure Mac and Windows laptops to meet security requirements. Develop and maintaining information security metrics Provide IT support to local staff and troubleshoot hardware and software issues. Maintain awareness of trends in security regulatory, technology, and operational requirements

Total Number of Openings 1 About the position: As the IT Workforce Enablement (WE) Lead, you will lead a team of managed service personnel who deliver IT WE Services (Service Desk, desktop support, printers, A/V-Conference Rooms, etc.) to support business operations. You will oversee day-to-day operations, organize and monitor work processes, and allocate resources. This role is part of the core foundational IT support team for the GCC, thus expectations to grow and develop skills, capability, and depth beyond current job description scope is expected. Key Responsibilities: This position leads IT WE operations by developing team schedules, assigning, and monitoring work; gathering resources; implementing productivity and customer service standards; resolving operations problems. Controls expenditures by gathering and submitting budget information; scheduling expenditures; monitoring variances; implementing corrective actions. Delivers high performance by enforcing performance, quality, and customer service standards. Key Objectives : Deliver secure and reliable IT Workforce Enablement Services to GCC aligned to the Chevron Enterprise IT service model Plan and manage IT WE Service changes efficiently and effectively to meet GCC and Chevron Enterprise IT requirements Build effective working relationships with GCC stakeholders, Chevron Enterprise IT, and managed service partners Roles & Responsibilities Lead and serve as point of escalation on operational incidents and service escalations for IT WE Services Serve as GCC Escalation and coordination point for IT Service Desk Services provided by Chevron Enterprise IT Align and partner with Chevron Enterprise IT in the evergreen of IT Service Operations Provide support to internal and external divisions for events and programs, including some nights or weekends as needed (after-hours and weekends). Lead a variety of assignments related to the support of virtual town halls Lead in growth and build out of WE IT Services as the GCC matures Lead efforts in the purchasing of hardware, software, and technical services to ensure adherence to technical and security specifications Create and manage technical inventories, documentation, reports, and metrics Ensure On-Call support and remote support as needed Function as technical lead with supervisory responsibilities of managed service activities Plan, organize, and assign work for the team, communicate and define expectations, and provide technical guidance. Establish team goals that support organizational objectives by gathering pertinent business, financial, service, and operations information, identifying and evaluating trends and options, choosing a course of action, defining objectives, and evaluating outcomes. Maintain customer service standard by initiating, coordinating, and enforcing program, operational, and personnel policies and procedures. Complete customer service operational requirements by scheduling and assigning team members and following up on work results. Maintain quality service by enforcing quality and customer service standards, analyzing and resolving quality and customer service problems, identifying trends, and recommending system requirements. Assess customer satisfaction with services by designing and implementing satisfaction surveys, analyzing and interpreting results. Responsible for continued learning and development in current position expectation and growing in other technical area. Required Qualifications: EDUCATION - Requires a Bachelor's degree in Computer Science, Management and Information Systems (MIS) or a closely related field. EXPERIENCE - Requires at least 7-10 years of technology experience in IT Service support and supporting IT infrastructure (MS Windows/Azure Environment) including desktops/notebook computers, Printers, networks, conference/Audio Visual rooms in an Enterprise Environment (+500 users). At least 2 years in a supervisory/leadership role in the IT Service Delivery space. Preferred Qualifications: TECHNICAL CERTIFICATIONS - CISSP, Azure Fundamentals (AZ900) EXPERIENCE - Experience in IT Infrastructure and IT Service Support for GCC setup or new company setup in India for large companies (+1,000). Chevron ENGINE supports global operations, supporting business requirements across the world. Accordingly, the work hours for employees will be aligned to support business requirements. The standard work week will be Monday to Friday. Working hours are 8:00am to 5:00pm or 1.30pm to 10.30pm. Chevron participates in E-Verify in certain locations as required by law.

About NCR Atleos Position Summary At NCR Atleos, our Internal Audit Department (IAD) purpose is to help enable competent and informed decisions to add value and improve operations, while contributing meaningfully to Board and organizational confidence. We are indispensable business partners, with a brand focused on insight, impact and excellence. We believe that everything we do is to enhance value, provide insights, and instill confidence. To do this, we must be relevant, connected, flexible, and courageous. NCR Atleos IAD is seeking a Senior IT Auditor to support our India Internal Audit (IA) team. In this position, you will play a crucial role in enhancing our companys internal control environment and risk management processes. You will be responsible for leading and executing IT audits across all technology layers, assessing IT risks, and providing expert recommendations to the management. This role demands a balance of technical proficiency, strategic thinking, and excellent communication skills. Key Areas of Responsibility: Audit Planning: Participate in risk assessments where needed and assist in developing and implementing a comprehensive IT audit plan that aligns with the organizations objectives and risk. Audit Execution: Execute IT audits, including identifying and assessing IT risks in business processes, security policies, and system implementations. Lead audits of IT infrastructure, applications, and data management systems to assess compliance with internal policies, external regulations and SOX. Recognize and adapt to changing circumstances. Identify IT risks and recommend mitigating controls. Analyze and evaluate IT operations and strategies to identify efficiency improvements and cost-saving opportunities. Assess compliance and maturity in line with relevant laws, regulations, standards (e.g., SOX, GDPR, ISO) and frameworks (e.g., COBIT, NIST, ITIL). Communication: Communicate timely any significant changes to budget or scope and any significant audit findings, risks, and recommendations to the Internal Audit Manager. Collaboration: Work closely with IT, InfoSec (IS) and other business units to understand IT infrastructure, applications, and operations. Mentor and guide junior IT auditors, enhancing their skills and ensuring quality audit practices. Reporting: Draft detailed Audit observations, highlighting issues, risks, and actionable recommendations. Assist the IA manager with presenting findings to responsible business management. Follow-up and Monitoring: Assist the IA Manager with monitoring open audit recommendations and follow-up to encouraging timely implementation and help avoid past-due management actions. Continuous Improvement: Stay abreast of emerging technologies, audit methodologies, and regulatory changes. Contribute to innovation and improvements to the IT audit process, controls and the overall Internal Audit Department. Qualifications: Bachelors or Masters degree in Information Technology, Computer Science, Accounting, or a related field Minimum of 3 years of experience in IT auditing, with a proven track record in leading audits and managing audit projects Understanding of IT audit methodologies, IT governance frameworks (e.g., COBIT, NIST, ITIL), and regulatory requirements (e.g., SOX, ISO, GDPR) Experience with AuditBoard and analytic tools e.g. Power BI and Tableau a plus Professional certifications such as Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) are strongly desired Strong analytical and problem-solving skills with an ability to analyze data and identify control weaknesses Excellent verbal and written communication skills, with the ability to articulate complex IT issues in business terms. Proficient in English Ability to travel and a team player with a commitment to personal and professional growth. Commitment to ethical conduct, integrity, and the promotion of a culture of accountability and continuous improvement Strong organization and management skills in a multi-tasking environment Positive individual who enjoys working in a fun and dynamic team environment EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or CISM a plus 17+ years of experience in cyber security related activities required Firsthand experience in performing control-level technical cyber risk assessments In-depth technical knowledge in 1-2 cyber domains Experience in the securities or financial services industry is a plus Experience in third party governance and related tools is strongly desired but not required Ability to manage multiple projects and priorities Familiarity with various global regulations and industry standards concerning cyber security Strong verbal and written communication skills

Area Head IT Security Specialist Analyst Engineer: About Company: CMR Green Technologies Limited is Indias largest producer of Aluminium and Zinc die-casting alloys with a combined annual capacity of over approx 4, 18, 000 MT per annum. Since its inception in 2006, it has maintained its fast-paced growth by leveraging latest technology and continuous improvement. CMR, which recycles aluminium scrap to make alloy, has 28-30 percent market share in India and is nearly three times larger than its nearest competitor. We are having strong presence at PAN India level (North, West & South) with 13 manufacturing units, 5000 strong workforce and supplies to major automotive industry in India including tier one OEMs like Maruti Suzuki , Honda Cars , Bajaj Auto , Hero MotoCorp and Royal Enfield Motors. We are seeking a skilled IT Security Specialist/Analyst/Engineer to join our IT team. In this role, you will be responsible for protecting our organization's information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. You will work closely with IT and other departments to identify and mitigate IT security risks, ensuring that our systems and data remain secure. Position: Area Head IT Security Specialist/Analyst/Engineer Job Band/ Designation: B/ Dy. Manager/ Manager/ Sr. Manager No. of Post: 01 Department: Information Technology Reporting to: Chief Information Officer Qualifications: Essential: B.E./ B Tech / Bachelors degree in Computer Science, Information Technology, or related field . Desirable:- Relevant certifications (e.g., CISSP, CISM, CEH) are a plus. Experience: Proven 7-12 years of experience as an IT Security Specialist/Analyst/Engineer or similar role. Job Responsibilities: 1.Develop and enforce policies and procedures for data security, network access, and backup systems. 2.Identify vulnerabilities within our network and propose and implement security enhancements. 3.Coordinate with internal and external stakeholders to monitor network traffic for suspicious behavior. 4.Conduct regular system audits and manage the response to security incidents. 5.Lead cybersecurity awareness training for all staff. 6.Lead ISO 27001 certification for the organization 7.Stay up to date with the latest security systems, standards, authentication protocols, and products. 8.Create budget for security software and hardware and take buy-in from stakeholders. 9.Ensure compliance with the relevant laws and regulations regarding information security and privacy. functional competencies: Strong understanding of firewalls, VPNs, Data Loss Prevention, IDS/IPS, Web-Proxy, Zero Trust, DPDP Act, VAPT and Security Audits. CISSP certification is preferred. Experience with incident detection, incident response, and forensics. Key Personality Attributes: Effective Communication Knowledge sharing and learning. Execution Excellence General: Age -25-35 years. CTC 10 LPA-15 LPA approx. CTC is not a constraint for suitable candidate. Candidate should not be frequent job changer. Notice Period - Joining period Max 30 Days. We can buy notice period, if required Interested candidate those who are matching with our required, only can apply for the position. Location: Corporate office:-7th Floor, Tower 2, L & T Business Park, 12/4 Delhi Mathura Road (Near Delhi Badarpur Border) Faridabad, Haryana, 121003.

1. Information Security Management Assist CISO in implementation and management of entire ISMS life cycle Responsible for development, Periodic review, control and management of ISMS policies and procedure Monitor the adequacy of operational procedures, policies and process, create and monitor compliance Coordinate the Organizations ISO 27001:2013 recertification and SOC2 attestation process in terms of Planning, Coordination with Business owners and stakeholders and scheduling Audit meetings, Audit execution and Closure. Ensure compliance at an organizational level, achieved through identifying the applicable requirements which in the case of Quinnox are the ISO 27001 standard, Customer Contractual Security obligations and defined internal policies and procedures. Monitor performance of GDPR controls and respond to the quarterly compliance checklist. Ensure GDPR Data Processing Impact assessments are carried out periodically and gaps are addressed Plan and conduct the annual Management Review meeting. Demonstrate the performance of ISMS through the year and seek feedback / advice from the Leadership Council. Review and respond to risk assessment questionnaire by our clients Review MSA Security clauses of the existing clients and prospects Participate in POC of new security tools and implementation 2. Information Security Risk Management Carrying out Organization Wide Information Security Risk Management exercise on an Annual Basis to Quantify the Risks associated with the Information Assets and accordingly devise the Risk Mitigation strategies. Developing and Maintaining Risk Registers of all the Projects/Support Functions. Creating a Risk Summary report for the executive management. 3. Technical Vulnerability Management Monitor and review anti-virus and patch report across all endpoints and ensure that all endpoints are up-to-date with latest AV patches. Ensure SIEM and DLP alerts are monitored and corrective actions taken to address potential threats Ensure monthly scanning of infrastructure is carried out and vulnerabilities are remediated in time Defining the Scope of external VAPT and facilitating the VAPT vendor personnel with the requisite information. Facilitate the external VAPT exercise at org level, reviewing the VAPT findings for verifying the authenticity of the reported observations and ensure timely mitigation. 4. Audit Management: Act as point of contact for all external audits of ITIM to define scope and parties necessary to participate. Act as a repository of audit data to prevent duplication of audited processes Based on known annual audits, develop a schedule for audits which allows for distribution of audits throughout the course of the year Plan, schedule and execute internal ISMS audits twice a year Record the audit findings and track the closure of NC after following up with the concerned departments Summarize the audit findings and associated CAPA to include in steering committee meetings. Act as point contact during external audits and ensure smooth execution through careful planning ahead of time. 5. Change Management; Incident Management; ISMS Document Control: Ensure that all changes to critical infrastructure takes place through appropriate change control Reviewing change records for appropriateness and ensure that all they are filled in with the correct and relevant information by the responsible teams. Approve or reject changes in line with our change control policy Work and Incident Response Coordinator who, in consultation of IT head/CISO will be responsible for timely escalation and reporting of security incidents. Reviewing incident records for appropriateness and ensure that RCA and corrective actions are captured appropriately. Ensure all Incidents and security events are reviewed on an ongoing basis and appropriate corrective measures taken to remediate the issues. Maintaining, tracking and updating Change and Incident records (Record Management). Control of ISMS Documents and Records 6. Information Security Training & Awareness: Ensure dissemination of knowledge on our ISMS policies and procedures through awareness campaigns. Ensure the ISMS training compliance across all locations. Publishing security updates through newsletters on a periodic and ongoing basis. 7. Business Continuity: Perform business impact analysis, risk assessment, mitigation plans / recovery strategies and BCP testing for the company's critical business processes, operations and the technology that supports them. Ensure BCP tests, DR Drills conducted as per schedule Conduct BCP training to the crisis response team and project managers at least once a year Identify single point of failures through risk assessment and propose controls Competencies/Skills required: Must have managed Information Security in a medium / large size organization. Should be well versed with all aspects of Information security and risk management. Could have worked as an information security consultant in any of the consultancy service provider firms. Qualifications and Education Requirements: Minimum education Bachelor of Engineering Certifications such as CISSP, ISO 27001 (ISMS) Implementer / Lead Auditor, CISA, CISM will be an added advantage. Additional Notes: Ideal candidate for this position would be one who has completed an entire lifecycle of Information Security Management System in a medium or large organization. External Job Title

Eviden, part of the Atos Group, with an annual revenue of circa " 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. RoleGRC Consultant Location: Bangalore (JP Nagar), Navi Mumbai (Mahape) Experience: 3+ years Highest Qualification: Any Full Time Graduate Note: Hands on experience in ISO 27001 Implementation is mandatory for this role Experienced in managing cyber security services like Cyber Risk & Compliance consulting. Experience in setting up end to end Cyber Security frameworks, Compliance Standard implementation, including knowledge in testing (VAPT, Web & mobiles appsec, secure code review) Should be adept at conducting gap analysis, risk assessments, Impact assessments, governance and strategy development, Have worked with organizations to develop and implement various industry security standards like, IS0 27001, ISO 20000, PCI DSS, SOC2, GDPR, Privacy standards etc... Should be able to understand and explain technical vulnerabilities Basic knowledge on Active directory, firewalls, SCCM, MacAfee security products, DLP, Secure coding practices and product security Specific Duties and Responsibilities Include: To manage cyber security projects across EMEA region for cyber security services like Cyber security testing & cyber consulting Maintaining margins Business development like having presales discussions with various teams Assist in Business development of various security standards Must Have Skills: Excellent communication and presentation skills. Able to effectively interact with various clients/sales teams and manage clients Good to have Skills / CertificationISO27001:2013 Lead Auditor CISSP, CISA, CISM, ISO22301, OSCP, CEH, SANS, Cloud certifications, Privacy certifications like CIPP/E, CIPM Qualification: BE/ BTech, MCA, MBA with specialization in Information Security

Positions: Tech Lead Location: Remote, India-Based Role: Full-Time Role Requirements Educational Background Bachelors degree in Computer Science, AI/ML, Information Systems, or a related technical field. Masters degree (MSAI, MBA, or MS in Cybersecurity/Engineering) preferred. Industry certifications: CISSP, AWS Certified Solutions Architect, Azure AI Engineer, TOGAF, or similar. Experience Requirements 15+ years of progressive technology leadership experience. 10+ years in infrastructure, AI/ML systems, or enterprise architecture. 7+ years in intelligent automation, RPA, or AI/ML deployment at scale. 5+ years in a senior leadership role (VP of Engineering, Head of Architecture). Core Competencies & Skills AI/ML & Intelligent Automation Design Cloud Infrastructure & Hybrid Architecture (AWS, Azure, GCP) Cybersecurity & Risk Governance (Zero Trust, SOX, GDPR, ISO 27001) DevOps & MLOps Pipelines Systems Integration (ERP, RPA, APIs) Data Engineering & Real-Time Analytics Infrastructure Strategic Leadership & Client Advisory Act as interface with AI/GenAI partners Overseeing Mobile App Development Key Responsibilities 1. Technology Strategy Define and lead the firm's technology roadmap. Champion AI/ML innovation, from prototype to production, across industries with a strong focus on business innovation. 2. Cybersecurity Leadership Own the security architecture for solutions, including secure model inference, data protection, and client compliance. Champion AI guardrails, performance monitoring and ethics for AI solutions Implement comprehensive cybersecurity standards and controls, including IAM, threat monitoring and response. Design and implement process standards and attain/maintain respective organizational certifications. 3. Governance, Compliance & Risk Ensure all AI solutions meet legal, ethical, and compliance standards. Lead governance of AI usage including model explainability, auditability, and bias mitigation. 4. Scalable Infrastructure Architecture Build and govern modular, secure infrastructure to support workflows, including model training, deployment, and monitoring. Leverage containerization (Docker, Kubernetes) and serverless architectures for rapid, scalable delivery. 5. Technical Delivery Consulting and Delivery Oversight Translate client goals into secure, scalable AI automation blueprints with measurable outcomes. Technical quality oversight for AI-powered automation solutions and/or AI integrations with other systems. Example include, GenAI applications and agentic process automation. Act as technical advisor for high-value client engagements.

Job Title - Network & Cloud Manager, Level:Manager, Entity:CF Management Level:Manager Location:Bangalore or Any location Must have skills: Strong experience in cloud security (AWS, Azure, or GCP) IAM, key management, logging, hardening. Solid foundation in network security firewalls, VPNs, SD-WAN, NAC, segmentation. Practical knowledge of security frameworks ISO 27001, NIST, CIS Controls. Project management expertise planning, risk tracking, stakeholder coordination. Strong written and verbal communication skills for reporting and presentations. Good to have skills: Job Summary : Were looking for an experienced professional to lead Information Security initiatives while also overseeing the project management of key security programs and risk initiatives. This role requires a strong understanding of cybersecurity principles, regulatory frameworks, and the ability to drive structured project execution across teams and departments. Youll be responsible for aligning our security efforts with business goals, ensuring compliance, managing risks, and driving the successful rollout of enterprise security programs. You'll work closely with cross-functional teams to deliver secure, scalable, and efficient solutions, while also ensuring projects stay on track and align with business goals. If you enjoy combining hands-on tech work with planning, process, and team leadership, this might be the right fit for you Roles & Responsibilities: Lead and manage security-related projects, ensuring alignment with business priorities and timelines. Own project delivery from initiation to closure planning, scheduling, resourcing, and reporting. Develop and manage documentation, dashboards, and executive reporting for security programs. Stay up to date with industry trends, emerging technologies, and best practices. Professional & Technical Skills: Cloud Security: AWS/Azure/GCP security services (IAM, KMS, GuardDuty, Security Center, etc.) Network Security :Firewalls (e.g., Palo Alto, Fortinet), VPNs, SD-WAN, NAC, IDS/IPS. Communication: Strong documentation, reporting, and executive presentation skills. Certifications (preferred): CISSP, CISM, CCSP, AWS Security Specialty, Azure Security Engineer, PMP Additional Information: This is a strategic yet hands-on role requiring a blend of security expertise and project execution. The position involves working with multiple internal and external stakeholders, including auditors and technology teams. Flexibility is available for remote, or hybrid work arrangements based on business needs. Opportunities for career growth in cybersecurity leadership and program management are significant. About Our Company | AccentureQualification Experience: 812 years of relevant experience in network and/or cloud security roles Minimum 35 years of experience managing security-related projects Ability to work across teams and manage deliverables in matrix environments A strategic yet practical approach to solving security and governance challenges Ability to stay current on emerging threats, technologies, and best practices Educational Qualification: Bachelors Degree in Engineering B.Tech / B.E in Computer Science, Information Technology, Electronics & Communication, or a related field. Preferred :Certifications such as AWS Certified Solutions Architect, Microsoft Certified:Azure Administrator, CCNP, CISSP, CISM, or other relevant cloud and security certifications.

Job Title: Client Data Protection Opportunity Support (CDPOS) Specialist + Level 09/10 + CF Location: India Management Level: 09 Specialist/10 Senior Analyst Must have skill :Information Security process and procedures As part of the CDPOS Client Response team, the CDPOS RFP Specialist is primarily responsible for supporting Accenture business development teams to respond to a) client Information Security (IS) and Vendor questionnaires (which are commonly issued as part of Request for Proposal (RFP) process), b) reviewing client Information Security policies / standards, c) completing client Risk Management market surveys, and d) supporting IS and DP conversations with both Client and Accenture Account teams. The role sits within the pre-contract, business development space interfacing with multiple stakeholders common to the contract development process (Solution Architects, Legal, Contract Management and Security leads). The Specialist will act as an Information Security Subject Matter Expert who will support multiple Accenture business development teams (operating across multiple countries) to respond to client information security and data privacy requests related to Accenture IS policies / standards / processes and recognized security frameworks. Key Responsibilities: Respond to client security questionnaires and management market surveys Liaise with account business development team, IT and technical teams to understand specific client security requirements set out in security questionnaire / market survey and determine appropriate responses that meet both client technical requirements and Accenture Information Security standards. Agree a project schedule to respond to requirements and communicate progress with key stakeholders. Perform quality checks on final information security submission Participate in client meetings focused on Information Security controls (if required) Establish and maintain effective working relationships across multiple stakeholders who interact with the Accenture business development process - account management, business development, technical / solution leads, Information Security, Legal and Finance representatives Contribute to the creation of high-quality and reusable IS solutions by updating the CDPOS RFP database with new information security related proposal data (new product release documents / new responses created / changes to Accenture IS Standards & Policies and other Accenture wide developments) Continually build own knowledge on the features of Accenture products, IS practice, services and commonly used IT concepts to respond to client and account questions that are technical in nature Skills and Experience: Possess an understanding and awareness of typical information security framework and common information security standards Demonstrate working knowledge of the Accenture business development process (with practical experience working with stakeholders in the process being an advantage) Be comfortable challenging account executives who are most commonly above peer group - influencing executive decisions and addressing conflicts and challenges Developed an appreciation of Information security best practices, auditing, and overall risk management Possess strong organizational skills with the ability to handle multiple work activities under tight, short-term deadlines (whilst meeting account and qualitative expectations) Demonstrate effective prioritization and time management capability Achieved work experience assessing and implementing information security and data protection controls Strong relationship development skills with an ability to influence and interact with organizational leadership and account executive across multiple countries Preferably hold at least one recognized security certification such as ISO 27001 LA, CISSP, CISA, CISM or CRISC Demonstrate good verbal and written communication skills Possess a good knowledge of MS Office applications (Excel, Word, Power Point) About Our Company | AccentureQualification Good to have skill: Overview on ITIL Experience: Minimum of 1yr

Job Title - Information Security Management System (ISMS) domains + 9/10 + CF Management Level: 09 or 10 Location: Bangalore Must have skills: Information Security Management System (ISMS) domains Good to have skills: Software/Application Development, Cloud /infrastructure concepts Must have skills: Excellent English communication skills both in speaking and writing Knowledge of Information Security concepts and Information Security Management System (ISMS) domains Information security risk analysis Able to confidently present and assert findings with global counterparts Able to handle and balance time when working on multiple tasks Good attention to details Experienced in auditing/assessment Willing to continuously learn Microsoft Office (Excel, Word, Outlook, MS Teams) Good to have skills: Basic knowledge or familiarity with Software/Application Development, Cloud /infrastructure concepts Knowledge on various data privacy regulations such as GDPR, PCI and HIPAA Job Summary : A Client Data Protection (CDP) assessment is a review of a client accounts CDP plan and implemented controls to ensure that the clients sensitive business and personnel data is safeguarded. The assessment is intended to address data protection issues related to applications, systems, and business processes. The CDP Assessor will: Gather relevant information via interviews, meetings with account teams, review of supporting artifacts, about the client account and their processes Identify by conducting Risk Analysis all areas or processes that are vulnerable and where client sensitive data may be compromised Identify, rate and document risks found in the assessment Recommend security measures to remediate assessment findings Follow-up with the account team to review progress for closing findings Learn and apply new data privacy regulations, risk on emerging technologies etc. Roles & Responsibilities: The CDP Assessor will: Gather relevant information via interviews, meetings with account teams, review of supporting artifacts, about the client account and their processes Identify by conducting Risk Analysis all areas or processes that are vulnerable and where client sensitive data may be compromised Identify, rate and document risks found in the assessment Recommend security measures to remediate assessment findings Follow-up with the account team to review progress for closing findings Learn and apply new data privacy regulations, risk on emerging technologies etc. Complete and submit timely required assessment deliverables Professional & Technical Skills: Holder of any of the following Certifications is preferred but not required: Certified Information Systems Security Professional (CISSP) Certified Information Systems Auditor (CISA) Information Security Management System (ISMS) 27001 Lead Auditor Additional Information: Work involves virtually meeting with teams from various Accenture locations around the world so there is a need from time to time to find an overlapping time with those teams that may be outside of the home location time-zone. About Our Company | AccentureQualification Experience: Minimum 2 year(s) of experience on Information Security-related work is required Educational Qualification: Bachelors degree in any Information Technology or Information Security course

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record of 65 and above Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security architecture solutions- Conduct security assessments and provide recommendations- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of security compliance standards and regulations- Good To Have Skills: Experience with cloud security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Security Architecture Design- This position is based at our Gurugram office- A BE or MCA or MSc with Good Computer Science Background with good academic record of 65 and above is required Qualification BE or MCA or MSc with Good Computer Science Background with good academic record of 65 and above

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Showcasing creativity and expertise in cloud security solutions. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security architecture solutions.- Conduct risk assessments and provide recommendations for security enhancements.- Lead security governance initiatives and ensure compliance with industry standards.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in ServiceNow Governance, Risk, and Compliance (GRC).- Strong understanding of security architecture design.- Experience in defining and implementing cloud security frameworks.- Knowledge of security controls and compliance requirements.- Hands-on experience in transitioning to cloud security-managed operations. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC).- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education