702 Cissp Jobs - Page 15

Job Title: Cyber Security Architect No. of years of experience: 8+ years Job Type: Contract Contract Duration: 12 months (potential to extend) Location: Hyderabad Work Type: Hybrid Start Date: Immediate (Notice period/joining within 1-2 weeks) Disaster Recovery Strategy: Develop and maintain the organization's disaster recovery plans, ensuring immediate and efficient recovery of critical systems in the event of cyber incidents or natural disasters. Business Continuity Planning: Assess and design business continuity frameworks, ensuring minimal disruption to operations and rapid restoration of services. Risk Assessment: Evaluate potential threats, vulnerabilities, and risks to the organizations infrastructure and recommend mitigation strategies. Architect Secure Systems: Design and implement secure systems and protocols to protect digital assets and sensitive information. Compliance and Standards: Ensure adherence to regulatory standards, such as ISO 22301, NIST SP 800-34, and other frameworks related to DR/BCP and cybersecurity. Testing and Exercises: Conduct regular tests and simulations of DR and BCP plans to identify gaps and improve recovery strategies. Incident Response: Collaborate with incident response teams to ensure proper handling of security breaches and align recovery efforts with continuity strategies. Vendor Management: Oversee and evaluate third-party disaster recovery services and tools to ensure alignment with organizational requirements. Training and Awareness: Provide training and guidance to employees and stakeholders on DR and BCP roles and responsibilities. Documentation: Maintain detailed documentation for all DR and BCP processes and procedures for audit and operational purposes. If you are interested for above role please share your updated cv to mounika.t@intuition-it.com

Req ID: 125023. Remote Position: Hybrid. Region: Asia. Country: India. State/Province: Chennai. City: Guindy, Chennai. Summary. The Senior Specialist, IT Solutions is a key role that evaluates, implements, and manages Security solutions to protect Celestica's systems and data. Responsibilities include implementing automation technologies, performing risk assessments, contributing to automation policies and standards, and advising on automation best practices. This role also mentors junior team members and provides advanced technical support for automation solutions.. Detailed Description. Performs tasks such as, but not limited to, the following:. Maintain security infrastructure for operational efficiencies. collaborate with other IT infrastructure, application and network teams to ensure seamless integrations of tools and technology.. Develop and implement playbooks for security automation and orchestration to respond to security events and incidents.. Design and implement integrations between security tools such as EDR, SIEM, and ServiceNow, to automate incident response and threat intelligence sharing.. Automate security processes, such as vulnerability scanning, patching, and user provisioning, using scripting and configuration management tools.. Develop custom scripts and tools, such as parsers and data enrichment scripts, to automate repetitive security tasks and integrate disparate security data sources.. Create and maintain comprehensive documentation and runbooks for security automation processes and integrations.. Collaborate with other security team members, such as threat intelligence analysts and incident responders, to identify automation opportunities and implement effective security automation solutions.. Stay up-to-date on emerging security threats and technologies to proactively identify and address potential security risks through automation.. Knowledge/Skills/Competencies. Expert knowledge of information security principles, practices, and technologies.. Expert knowledge of EDR, SIEM, and ServiceNow. Strong understanding of data integration and API development. In-depth knowledge of information security standards and regulations (e.g., ISO 27001, NIST).. Strong understanding of software design processes and data modeling.. Excellent problem-solving and analytical skills.. Strong leadership, mentoring, and communication skills.. Ability to work independently and as part of a team.. Physical Demands. Duties of this position are performed in a normal office environment.. Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.. Typical Experience. 6 to 8 years of experience in information security, with a proven track record of evaluating, implementing, and managing security solutions.. Typical Education. Bachelor's degree in Software Engineering, Computer Science, Information Security, or a related field.. Relevant industry certifications (e.g., CISSP, CISM) are highly desirable.. Notes. This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.. Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).. At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.. Company Overview. Celestica (NYSE, TSX: CLS) enables the world’s best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development – from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.. Celestica would like to thank all applicants, however, only qualified applicants will be contacted.. Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.. Show more Show less

Dentsply Sirona is the world’s largest manufacturer of professional dental products and technologies, with a 130-year history of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona’s products provide innovative, high-quality and effective solutions to advance patient care and deliver better and safer dentistry. Dentsply Sirona’s global headquarters is located in Charlotte, North Carolina, USA. The company’s shares are listed in the United States on NASDAQ under the symbol XRAY.. Bringing out the best in people. As advanced as dentistry is today, we are dedicated to making it even better. Our people have a passion for innovation and are committed to applying it to improve dental care. We live and breathe high performance, working as one global team, bringing out the best in each other for the benefit of dental patients, and the professionals who serve them. If you want to grow and develop as a part of a team that is shaping an industry, then we’re looking for the best to join us.. Working At Dentsply Sirona You Are Able To. Develop faster with our commitment to the best professional development.. Perform better as part of a high-performance, empowering culture.. Shape an industry with a market leader that continues to drive innovation.. Make a difference -by helping improve oral health worldwide.. Scope. The Senior Security Analyst is responsible for maintaining security systems, implementing process automation, and responding to security incidents. They must have a thorough understanding of both cloud-based and on-prem environments and threats. They serve as an escalation point for incident response and the support of security toolsets. They must be capable of working on multiple projects and alerts with general supervision.. Key Responsibilities. Administer, monitor, and maintain cloud-based and on-prem security systems.. Coordinate the implementation and upgrade of security systems.. Administer, monitor, and maintain automated security response tools.. Develop and maintain automated security processes and workflows.. Investigate and remediate security related alerts for both cloud-based and on-prem systems.. Investigate and remediate security policy violations.. Research threat actors, tactics, techniques, procedures, malware, and other IOCs.. Engineer and tune custom alerts for security systems.. Research emerging security technologies and make recommendations to influence security initiatives.. Assist with documentation and training related to security systems.. Act as an escalation point and mentor for junior analysts.. Act as an escalation point and oversee relationship with hosted SOC.. Act as a technical point of contact during security incidents.. Prepare security reports for benchmarking security efficiency.. Collaborate with cross-functional teams to support security initiatives of varying complexity.. Typical Background. Education: BS/BA Degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience. Certifications/Licensing: COMPTIA Security+, CEH, CISSP, GIAC Security Essentials, CCNA Security, Google Professional Cloud Security Engineer. Years and Type of Experience: 6+ years of experience in Information Systems with at least 2 years of formal experience in Cyber Security.. Excellent English written and spoken communication skills with the ability to explain technical information to non-technical people.. Key Required Skills, Knowledge And Capabilities. Experience with the Microsoft Suite of Security Tools.. Experience with configuration and management of security solutions for Google Cloud, Microsoft Azure, and/or Amazon Web Services.. Experience with configuration and management of endpoint security solutions including EDR and DLP.. Experience with process and security automation.. Experience with SIEM configuration, alert tuning, and KQL.. Experience with configuration and management of Office 365 services and security solutions.. Experience with incident response.. Must have excellent technical writing and research skills.. Experience with Microsoft Windows, Linux, and macOS.. Willing to work non-standard hours and be on-call.. Team player.. Ability to work with ambiguity.. Resilience to change.. Communication skills.. Integrity.. Open minded, respectful, empathetic ability to work in a multicultural environment.. Analytical thinking, problem solving.. DentsplySirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in DentsplySirona.. If you need assistance with completing the online application due to a disability, please send an accommodation request to careers@dentsplysirona.com. Please be sure to include “Accommodation Request” in the subject.. Show more Show less

WHAT YOU DO AT AMD CHANGES EVERYTHING. We care deeply about transforming lives with AMD technology to enrich our industry, our communities, and the world. Our mission is to build great products that accelerate next-generation computing experiences the building blocks for the data center, artificial intelligence, PCs, gaming and embedded. Underpinning our mission is the AMD culture. We push the limits of innovation to solve the world’s most important challenges. We strive for execution excellence while being direct, humble, collaborative, and inclusive of diverse perspectives.. AMD together we advance_. The Staff Information Security Analyst will be responsible for identifying and defining requirements and engineering solutions to solve the existing threats and security issues of a global organization. This role will initial focus heavily on data protection, leading advancements in data loss prevention, and changing how AMD protects data going forward.. The Person. The ideal candidate will possess strong multi-tasking skills and enthusiasm for details and should think one step ahead of cyber-criminals. They should be well prepared to thrive in a fast-paced environment, possessing strong interpersonal and communication skills. You will use your critical thinking and sense of ownership to focus on long term quality IT security solutions. Are you self-motivated and a team player with proven ability to deliver end-to-end solutions in a high-tech and fast-moving industry? If so, this is a great career opportunity!. Key Responsibilities. The Staff Information Security Analyst responsibilities include, but are not limited to:. Building and growing AMD’s data security capabilities to keep AMD data secure regardless of location.. Identifying, monitoring, and defining the requirements to reduce the overall risk to AMD data, systems, and infrastructure.. Implementing hardware and software solutions to help mitigate a wide variety of information security risks.. Collaborating with other IT teams to align initiatives across the company.. Preferred Experience. Minimum of 5 years of IT security related experience.. Professional experience as a Security Engineer with demonstrated successful leadership and delivery of data protection solutions.. Experience as a customer-facing technical lead, including working with both management-level and development teams.. Senior/advanced related IT or security experience working in one or more Security Domains.. Experience with CASB, DLP, CSPM, Web Proxy.. Hands on experience with Data Classification policies and technologies to address data leakage.. Working knowledge of network topology, protocols, components, and OSI model, and IAM technologies (e.g., PKI, Oauth, OIDC, SAML). Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment.. Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.. Experience with cloud services (AWS, Google, Microsoft) and associated networking, as well as collaboration and integration with O365 products.. Hands on experience with Enterprise Linux platforms.. Experience with EDR solutions is a plus.. DLP, CASB. Nice to have: Client proxy, SIEM, File and Removable Media Protection [FRP]. It Would Be Nice If You Also Had. Experience with scripting language (python, PowerShell, etc.).. Strong documentation skills.. Academic Credentials. BS CS preferred but not required.. CISSP, CISA, CISM, CCSK. Benefits offered are described: AMD benefits at a glance.. AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective laws throughout all stages of the recruitment and selection process.. Show more Show less

About Us. At SentinelOne, we’re redefining cybersecurity by pushing the limits of what’s possible—leveraging AI-powered, data-driven innovation to stay ahead of tomorrow’s threats.. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We’re looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you’re excited about solving complex challenges in bold, innovative ways, we’d love to connect with you.. What are we looking for?. Reporting to the ManagerInternal Audit, this position is a highly visible and impactful role across the company. The Sr. Analyst – IT Internal Audit, based in India and will work with all levels of management to promote business integrity and robust internal control structures, compliance with Sarbanes-Oxley legislation, and recommendation for process improvements and IT internal Audit projects.. What will you do?. Assist in IT SOX 404 planning, scoping, and risk assessment process through close collaboration with external auditors and business process owners. Engage in Internal audit projects, ERM, operational and IT audits.. Participate in the IT risk assessment process and development of the audit plan for assigned entities. Conduct IT walkthroughs and controls testing according to established audit standards. Develop high-quality process and audit testing documentation for design effectiveness and operating effectiveness of ITGCs, ITAC, SOC1 restricted access controls. Perform testing of application controls, key reports, interfaces, integrations, and segregations of duties rules. Develop and maintain comprehensive documentation including flow charts, process narratives and risk and control matrices and any others required. Evaluate audit findings and coordinate remediation of deficiencies. Strong understanding of US GAAP, SOX requirements, and internal audit standards. Understanding of SDLC principles.. Develop business relationships and proactively interact with process owners to gather information, resolve problems, and make recommendations for improvement and optimization. Demonstrate initiative and provide timely updates to internal audit management. Manage multiple tasks effectively and deliver projects timely. Documentation and activities remain current and in compliance with the IIA’s IPPF Standards and are consistent with best practices. Develop metrics for ongoing operational activities and leverage technology and data analytics to enhance IA operations.. Help manage governance of the Internal Audit function and mature and evolve our audit methodology and operational audit program. Perform other tasks and projects as assigned in support of the internal audit team and corporate objectives. What skills and knowledge should you bring?. Bachelor’s degree in Computer Science, Accounting & Finance, Information Systems, or related field preferred CA/CPA/CISA/CIA/CISSP/CISM. Minimum of 5+ years of audit experience, preferably within the technology industry.. Experience with Big 4 accounting firms or global public companies is strongly preferred.. Ability to take direction, learn quickly, work independently, and maintain a level of professional skepticism. Ability to handle multiple priorities and deadlines, with high standards for quality, accuracy, and attention to detail. Working knowledge of data analysis and business intelligence tools is a plus (PowerBI, Tableau). Data Governance and Management. Business Continuity and Planning and Disaster Recovery. Systems Development Life Cycle (SDLC), Project Management Life Cycle (PMLC), and Application Change Management. Websites and Mobile Applications. IT Asset Lifecycle Management. IT Problem Management, Help Desk and Service Level Management. Enterprise Applications including the following control areas:. Application security architecture. Application access, Server-level access and controls, Database-level access and controls. Why us?. You will be joining a cutting-edge company, where you will tackle extraordinary challenges and work with the very best in the industry.. Industry leading gender-neutral parental leave. Paid Company Holidays. Paid Sick Time. Employee stock purchase program. Disability and life insurance. Employee assistance program. Gym membership reimbursement. Cell phone reimbursement. Numerous company-sponsored events including regular happy hours and team building events. SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.. SentinelOne participates in the E-Verify Program for all U.S. based roles.. Show more Show less

Position Purpose A primary focus for this position will be to lead audit execution covering end-to-end processes of auditable entities within the IT and Cybersecurity Inspection Generale APAC team. Responsibilities This individual will work closely with audit assignment team members to complete each phase of the audit. This will entail: assessing the sufficiency and suitability of controls to mitigate risks; and testing the operating effectiveness and sustainability of controls; and documenting walk-throughs of in-scope processes; and documenting the investigations conducted and their results; and drafting findings and associated recommendations to address identified gaps in the control environment; and documenting the final report. This individual will have regular interactions with team members, process / control owners, and management of business units. Based on experience, this role will entail contributing to IT audits. Duties: Demonstrates a strong ability to audit procedures and controls accurately, timely, and with minimal supervision. Executes audit work in accordance with BNPP Inspection Generale policies and procedures. Testing the control design and operating effectiveness of in-scope IT controls Contributes to the completion of continuous monitoring activities for assigned auditable entities and escalates matters that may impact the timing of the next audit assignments. Prepares and updates risk assessments for assigned auditable entities for supervisory review. Validates the sufficiency and suitability of business corrective actions to address audit recommendations. May be asked to direct the work of more junior staff members on the audit assignments. Performs other duties as assigned. Technical Behavioral Competencies Deep knowledge of IT audit Requires deep knowledge of banking functions typically obtained through advanced education combined with experience. Exhibits effective written and verbal communication skills with all levels of management (in English) Not less than 10 years of experience in IT external auditing / internal auditing / in the financial services industry. Curiosity, rigor, and precision. Outstanding analytical skills High level of initiative, commitment, and drive Ability to work effectively under pressure and within short deadlines Promotes a constructive, cooperative, and participative teamwork environment Specific Qualifications (if required) Possess a Bachelors / Masters Degree in Information Technology/ Management Information System / Computer Science and related discipline; Professional Qualification/Certification: in IT Audit - CISA (Certified Information System Audit) required other IT certification: Cybersecurity (e.g CISSP, CISM, CCSP/CCSK, CEH), IT Service Management (ITIL foundation). Skills Referential Behavioural Skills : Communication skills - oral written Ability to collaborate / Teamwork Attention to detail / rigor Active listening Adaptability Transversal Skills: Analytical Ability Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to understand, explain and support change Ability to anticipate business / strategic evolution Education Level: Master Degree or equivalent Experience Level At least 10 years

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. About The Team/Project The Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will support security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the analysts will enable security controls aligning with client contractual obligations, regulatory requirements, and industry best practices. The analyst will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges What You’ll Do The position is within the Information Security team. Main activities will include but are not limited to: Internal Audit & Assurance: Support the implementation and operations of the ISMS within the region. Support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS. Support continuous assessment and improvement of security controls and processes. Information Security Risk Management Support, identify, assess, and mitigate security risks. Maintain the risk register and track remediation activities. Provide risk-based guidance to business units, IT teams, and client-facing operations. Information Security Policy & Standards Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. Develop and enforce security standards and client requirements. Input into periodic reviews and updates to security policies to align with evolving requirements. Information Security Audit & Compliance Support internal and external security audits, ensuring timely remediation of findings. Provide security assurance to clients by responding to security questionnaires and participating in client audits. Coordinate with service delivery teams to meet client-specific obligations. Monitor and report on security posture, client security commitments, and compliance status. Information Security Training & Awareness Support the delivery of security awareness programs Support phishing exercises and other training initiatives to enhance security culture. Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training. Supply Chain Risk Management Support the assessment and management of security risks associated with third-party vendors and suppliers. Support security requirements are included in vendor contracts and SLAs. Enable regular security assessments of critical suppliers, considering the impact on client services. Security Operations & Incident Management Support Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation. Work with the Security Operations team to protect both internal and client environments. Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations. Qualifications and Experience • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience). • 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. • Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. • Experience in security risk management, audits, compliance, and client security assurance. • Knowledge of security operations, incident response, and managed security services. • Familiarity with supply chain security and third-party risk management. • Good communication and stakeholder management skills, with experience working with clients on security matters. • Ideally security certifications such as CISSP, CISM, or CRISC are preferred. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme. Flexible working hours, we value work-life balance. Maternity/ Parental (including secondary) leave policy. Cab facility available in Delhi/NCR. Meal facility available Free Medical Insurance So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video

Hi , As per response to your profile which is uploaded in Job portals. Excellent job openings for Enterprise Security Archite ct in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Please Note:-please refer your friends who are looking for job changes. Job Description: Enterprise Security Architect. JD:- Required Experience & Education:- Experience Minimum of 10 years of experience in enterprise architecture. Experience with leading teams and complex projects. Strong leadership, coaching and mentoring of resources in architecture functions. Knowledge of healthcare industry standards and regulations. Strong understanding of technology trends and emerging technologies. 5+ years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps. Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II. 2+ years developing and maturing EcoSystem driven frameworks. Excellent problem-solving and critical thinking skills. Excellent written and verbal communication skills. Ability to work independently and in a team environment Education Bachelors degree in computer science, information technology or related field or equivalent combination of education/experience. 2- Preferred Experience & Education:- Experience 10 years of experience in enterprise architecture or similar roles. Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools. In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks Experience with Cyber risk quantification methodologies. Experience with healthcare data terminologies, high-performance computing Experience with App Orchard, Job Description : Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization. Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention. Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives. Define and maintain our enterprise cybersecurity architecture standards and guidelines. Provide leadership and guidance to our IT, security, and infrastructure teams. Ensure that our systems and solutions are integrated, scalable, and secure. Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry. Formally communicate trends to EA and CISO. Advise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls. Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs. Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise. Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods. Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events. Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate. Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth. Stay up-to-date with emerging technologies and industry trends. Drive innovation and continuous improvement in our technology landscape. Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations. Conduct architecture assessments and provide recommendations for improvement. Develop and maintain architecture-related policies and procedures. Provide guidance and support for technology procurement and vendor management 5. Certification Requirements /any-1. Required Certification in at least one of the common architecture frameworks (TOGAF, Zachman, DODAF, FEAF or FEAC) 2. Preferred Certifications in multiple common architecture frameworks such as TOGAF, Zachman, DODAF, FEAF, FEAC is preferred. Security industry certifications, such as CISSP, CISM etc Those who have relevant experience and Skills, as mentioned above please revert back ur updated resume to - Sreenivasa.k@happiestminds.com. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Notice Period: Degree: Regards, Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

About the role: As a SOC Analyst - Detection Engineering in the banks security operations center (SOC), the individual will be responsible to strengthen the creation and optimization of Analytical rules and alerts configured in the bank’s SIEM platform. Key Responsibilities: Business Understanding Accountable to ensure all security anomalous activities are detected by the banks SIEM platform and false positives are kept to a minimum. You will be responsible to build analytical correlational rules in the banks SIEM platform covering network, systems and endpoints, cloud (SAAS, IAAS and PAAS) and applications (both COTS and internally developed). Collaborate Verify the ingested logs and ensure log parsing to normalize the events. Implement a testing methodology to test the alerts configured and obtain sign off before releasing into production. Provide expert guidance and support to the security operations team in the use of for threat hunting and incident investigation. Analyzing the detected Incidents to identify lessons learned to improve response processes and make recommendations for enhancing security posture. Reporting Develop and maintain documentation for Analytical rules processes and procedures. Stay Up to date with the latest trends and developments in cybersecurity and SIEM technologies and recommend improvements to the organization security posture. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with experience in cloud security with any of the following - Microsoft Azure, Google cloud, Ability to develop and implement security policies, procedures and best practices. Experience At least 5 years of experience working as a SOC analysts responsible to create SIEM rules/alerts. Hands-on experience in creation of security alerts in any of the commonly used SIEM solutions is a must. Certifications SIEM Certification from any of the leading SIEM OEMs Splunk, Palo Alto, Securonix, LogRhythm, etc,. CEH or CISSP CCNA Security and/or any of the Cloud security certifications (AWS, GCP, Azure, OCI). Compliance Knowledge of Networking components, Servers (RHEL, Windows, etc.) and Endpoints, cloud infrastructure along with Machine learning models used for detection of security alerts. Knowledge of various log types, event parsing and ingestion mechanisms across Systems, networks, cloud and commonly used applications in banks. Communication Skills Excellent communication and interpersonal skills. Synergize with the Team Working with the designated bank personnel to ensure alignment with RBI guidelines on detection of security alerts applicable to banks. Should have strong understanding of cybersecurity principles, threat detection and incident response.

Essential Services : Role & Location fungibility About the role We are looking for a skilled professional to join our Information Security Team as a DevSecOps Manager. As a DevSecOps Manager, you will be responsible for implementation of Security tools in DevOps CI/CD (Continuous integration/Continuous Delivery) pipeline and publish security standards and best practices for Developers teams. Key Responsibilities Identifying Vulnerabilities Enable automated security scanning process to identify the known vulnerabilities in source code, Open-source library, and configuration. Provide technical leadership and direction in the DevSecOps domain. Analysis Troubleshoot DevSecOps pipeline implementation issue and support for successful deployment. Implement DevSecOps with multiple agile teams across various platforms, environments, and instances. Implement Automated DevSecOps template-based solutions for cloud environments. Implement Security Measures Understand the Security Requirements & Implement the new DevSecOps process. Integrate, Monitor and Improve Cloud Security controls via DevSecOps process in existing DevOps process. Perform assessment and help to mitigate Security findings and implement improvement Security measures. Configure Cloud Security Tools/Systems in a CI/CD Pipelines. Implementing Security scanning into Jenkins, Code Pipeline, and DevOps workflows. Define gating process metrics for security and implement in DevSecOps. Employ infrastructure as code to increase automation, scalability, and reliability. Reporting Prepare and provide necessary metrics, detailed reports, artifacts, executive summary and dashboard to leadership on a regular frequency. Build and maintain a set of tools that enable developers to self-serve for remediation. Monthly Dashboard Reporting for Leadership. Collaborate Capable of working in a dynamic environment, multi-department coordination and attaining the target. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications CSSLP, CISSP, GPEN, ECSA, CEH, CISM, CISA, or equivalent. Compliance Good understanding of cyber security trends & hacking techniques. Experience in analysing threats of cloud and application components. Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance. Ability to review assessment reports to provide risk mitigation & recommendations on that basis. Technical Skills Experience with various application security tools including SAST, DAST, Software composition analysis and application Penetration testing. Experience with Automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, Gitlab, Bitbucket, etc. Knowledge of Agile and Scrum processes. Understanding of virtualization and container technologies (Docker, Kubernetes, etc). Communication Skills Outstanding communication abilities. Ability to effectively communicate the required recommendations.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and loc ation-fungible with the understanding that Banking is an essential service .The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role We are looking for a skilled professional to join our Information Security Team as an Infrastructure Cloud Risk Assessment Manager. The candidate is expected to have a solid understanding and experience of major cloud-native architectures, expertise in identity and access management, familiarity with various data encryption methods, and knowledge of cloud compliance regulations. driving revenue, while keeping NPS at the core of your engagement and following the Banks philosophy of Fair Customer, Fair to Bank. Key Responsibilities Identifying Vulnerabilities Understanding of cloud architecture review, and virtualization. Conduct cloud security assessments, across but not limited to the following domains: * Network and Perimeter Security *Data Protection and Backup Management * Identity and Access Management * Log Management and Monitoring Analysis Identify and analyse the risks associated. Provide recommendations for the identified findings and develop the road-map. Implement Security Measures Develop and implement robust security measures for cloud environments, ensuring the confidentiality, integrity, and availability of data. Contribute in creating and enforcing security policies, procedures, and best practices across the organization. Reporting Contribute in creating and enforcing security policies, procedures, and best practices across the organization. Collaborate Work closely with cross-functional teams to integrate security controls seamlessly into cloud-based architectures and applications. Collaborate with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications Relevant certifications such as CISSP, CISM, AWS Certified Security, etc. Compliance Assist in securing the IT landscape/ecosystem built on-premises and multi-cloud environment. As an enterprise Network Security architect in the security domain crafted to ensure availability, reliability, security and performance and resilient architecture to address customers/client business challenges and accelerate technology adoption to improve the product services. AWS/Azure cloud security architecture, design, operations and service orchestration, including application security, architectural concepts, compliance requirements, data security, design requirements, infrastructure security, legal requirements, process and platform. Technical Skills Proficient in cloud security assessment, across all the deployment and service models IaaS, PaaS, SaaS. Experience with the cloud-native services across major cloud service providers (AWS, GCP, Azure, OCI). Control on security by design principle of applications hosted in public cloud (Azure, AWS, GCP, OCI). Technical understanding on zero-trust architecture and micro segmentation. Hands-on experience with SIEM (Security Information and Event Management) tools to proactively monitor, analyse, and respond to security incidents. Communication skills Outstanding communication abilities. Ability to effectively communicate the required recommendations.

Job Description SecurityHQ is a global cybersecurity company. Our specialist teams design, engineer and manage systems that promote clarity and an inclusive culture of trust, build momentum around improving security posture, and increase the value of cybersecurity investment. Around the clock, 365 days per year, our customers are never alone. Were SecurityHQ. Were focused on engineering cybersecurity, by design Responsibilities Lead response to complex, high-impact security incidents in AWS, including unauthorized access, data breaches, malware infections, DDoS attacks, phishing, APTs, zero-day exploits, and cloud misconfigurations. Perform in-depth analysis of security incidents, including advanced log analysis, digital forensic investigation, and root cause analysis. Develop and implement containment, eradication, and recovery plans for complex security incidents, minimizing disruption and improving security posture. Coordinate with internal and external stakeholders during incident response activities. Document incident details, analysis findings, and remediation actions, including detailed forensic reports and security posture assessments. Identify and recommend security improvements to prevent future incidents and enhance cloud security posture, including: AWS security best practices Security tool implementation and configuration (with a focus on CSPM tools) Vulnerability management Security awareness training Threat hunting strategies Security architecture enhancements CSPM implementation and optimization Develop and maintain AWS-specific incident response plans, playbooks, and procedures, emphasizing automation, orchestration, and continuous security posture improvement. Stay current on cloud security, digital forensics, and cloud security posture management. Mentor junior security analysts in incident response and security posture management. Participate in on-call rotation, providing expert-level support and guidance on security posture. Develop and deliver training on incident response, forensic best practices, and cloud security posture management. Conduct proactive threat hunting and security posture assessments. Contribute to the development of security tools and automation to improve incident response efficiency, effectiveness, and security posture. Essential Skills Expert-level understanding of AWS services, including: EC2, S3, RDS, VPC, Lambda CloudTrail, CloudWatch, Config, Security Hub, GuardDuty IAM, KMS AWS Organizations, AWS Control Tower Extensive experience with SIEM systems (e.g., Datadog, Qradar, Azure Sentinel) in a cloud environment, with a focus on security posture monitoring. Mastery of log analysis, network analysis, and digital forensic investigation techniques, including experience with specialized forensic tools (e.g., EnCase, FTK, Autopsy, Velociraptor) and CSPM tools. Strong experience with scripting (e.g., Python, PowerShell) for automation, analysis, tool development, and security posture management. Deep familiarity with security tools and technologies, including: IDS/IPS EDR Vulnerability scanners Firewalls Network forensics tools CSPM tools Excellent communication and interpersonal skills, with the ability to convey highly technical information to technical and non-technical audiences, including executive leadership and legal counsel, regarding incident response and security posture. Exceptional problem-solving and analytical skills; ability to remain calm, focused, and decisive under high-pressure situations, including those involving significant security posture deficiencies. Ability to work independently, lead a team, and collaborate effectively to improve the organization's security posture. Expert-level understanding of AWS services, including: EC2, S3, RDS, VPC, Lambda CloudTrail, CloudWatch, Config, Security Hub, GuardDuty IAM, KMS AWS Organizations, AWS Control Tower Extensive experience with SIEM systems (e.g., Datadog, Qradar, Azure Sentinel) in a cloud environment, with a focus on security posture monitoring. Mastery of log analysis, network analysis, and digital forensic investigation techniques, including experience with specialized forensic tools (e.g., EnCase, FTK, Autopsy, Velociraptor) and CSPM tools. Strong experience with scripting (e.g., Python, PowerShell) for automation, analysis, tool development, and security posture management. Deep familiarity with security tools and technologies, including: IDS/IPS EDR Vulnerability scanners Firewalls Network forensics tools CSPM tools Excellent communication and interpersonal skills, with the ability to convey highly technical information to technical and non-technical audiences, including executive leadership and legal counsel, regarding incident response and security posture. Exceptional problem-solving and analytical skills; ability to remain calm, focused, and decisive under high-pressure situations, including those involving significant security posture deficiencies. Ability to work independently, lead a team, and collaborate effectively to improve the organization's security posture. Education Requirements & Experience Master's degree in Computer Science, Cybersecurity, or a related field. AWS Security certifications (e.g., AWS Certified Security - Specialty). Relevant security certifications (e.g., CISSP, GCIH, GCIA, GREM, GNFA, OSCP). Experience leading incident response teams and security posture improvement initiatives. Experience with cloud automation and orchestration (e.g., AWS Systems Manager, Lambda) for incident response and security posture management. Knowledge of DevSecOps principles and practices, including security integration into CI/CD pipelines and infrastructure as code (IaC) security. Experience with container security (e.g., Docker, Kubernetes) in AWS, including forensic analysis and security posture assessment. Experience with reverse engineering and malware analysis, focused on identifying threats that impact cloud security posture. Strong understanding of legal and regulatory issues related to digital forensics, incident response, and cloud security posture (e.g., data privacy, chain of custody, compliance requirements).

At least two-year experience in a similar Information Security position Vulnerability research skills Experience in security assessments, pentesting web applications and infrastructure. Experience developing security tools and open source projects Attention to detail and good problem solving skills Very good knowledge of the technical foundations behind networking, operating systems and applications (TCP/IP, Linux, Windows, Web Technologies) Good understanding of Information Security processes and theory Good communication skills and customer-facing experience Experience in the following areas: Vulnerability management Risk management Qualifications Desired Security Certification (GIAC, OSCP, etc.) or similar qualification Experience integrating systems and tools via API's (programming, automation) Online Gaming security experience Experience in Application Security Regulatory and industry standards work: ISO27001, PCI-DSS, etc. Additional Information Additional information With the capacity to display initiative as part of a very strong Technology Governance team, this position plays a key role in ensuring the continued alignment of our Technology department with business objectives. The Candidate should be able to think laterally; suggest process improvements; drive results; Confident with other team members and able to engage with Vendor third parties to ensure Entain's data and confidentiality is maintained to the highest of security standards. Qualification Criteria Qualifications Security Certification (GIAC, OSCP, etc.) or similar qualification Experience integrating systems and tools via API's (programming, automation) Online Gaming security experience Experience in Application Security Regulatory and industry standards work: ISO27001, PCI-DSS, etc. Other relevant professional qualifications will be considered, although not a requirement, e.g. CISA, CISM, CISSP, GIAC, etc.

Cyber Security Auditor Location: Mumbai Leading Bank Work From office mail at manjeet.kaur@mounttalent.com whatsap at 8384077438 Roles and Responsibilities 4 years of experience (upto 12 yrs.) in the field of information security operations, Information System Audits encompassing experience into any of the Banking Technologies Domains Application Security, Database management and administration, / Network security and SOC / Payment systems in addition to IT General controls (ITGC). Exposure to the Banking / Finance / Payment industry domains would be preferrable. Hands-on experience in the following areas: Writing Information security policies, procedures, and processes Conducting risk assessment covering Cyber Security domains as noted below: Application Security: Mobile application assessment, OWASP security practices for applications, VA/PT/AppSec, source-code review, black/grey/white box testing, application SDLC, Strong knowledge of programming languages for applications. Database Security: Database administration and management - Oracle, MS SQL etc., Database Activity Monitoring tools, data security and localization. Payments Systems Security: Understand payment systems and architecture such as SWIFT, UPI, IMPS, ATM, Internet Banking, Mobile Banking, Core Banking System, payment gateway, ATM switch and terminal. Experience in PCI DSS implementation/assessment and ATM end-point security and Cards data security and operations. Networks Security: Managing firewalls, routers, proxy, WAF, email filtering, DLP, DDoS protection, data encryption, IPS/IDS, Incident response and investigate security breaches, VA-PT for networks. Security Operations Centre- Implementation and review. IT General Controls: Familiarity with Technical Security controls of Identity & Access Management, Network, Server, Application, Change management, Backup and Restoration etc. and process controls reviews. Understand BCP and DR processes and architecture. Experience in conducting reviews based on ISO standards and regulatory guidelines in banking sector for a medium to large sized organization would be preferred. Experience in conducting Information System Audits Must have experience in preparing quality deliverables such as audit reports, presentations etc. Excellent written, oral communication and presentation skills Excellent organizational and interpersonal skills Ability to work independently or as part of a team Information technology / Banking and Financial services / Auditing / Cyber Security consulting Candidate will have to travel extensively within Mumbai and across the country for performing audits, as per RBI requirements. Conducting audit of Information security policies, procedures, and processes to identify process/design gaps. Conduct audits of information security systems and infrastructure to verify systems are secure and support the related applications/business processes. Conducts audits in different banking technology domains such as Active Directory, WAF, Network access security, End-point security, Application VA/PT/AppSec, SDLC, Database management and security, PCI-DSS, ATM controls, Cards (Debit/Credit) security, Payment-gateway, Cloud and API Security and IT General Controls etc. Additional weightage will be given to candidates with experience in domains such as Cloud Security, API security. Developing project plans, work programs, evaluating system controls, identify risks and audit gaps, documenting results in proper audit report format, making recommendations, and communicating information to stakeholders. Support in maintaining audit checklist and documents, trend analysis, preparing presentations etc. Should be a self-learner and must keep updated with the latest security guidelines issued by regulators, international standards for information security, threats and vulnerabilities researched/discovered. Research public domain to keep up to date knowledge on latest banking applications / technologies and emerging technologies Cloud, Virtualisation, AI-ML, IOT etc. and ensure continuous learning in identified security competencies and new/emerging technologies. Experience into people management / team management will be preferred.

Roles and Responsibilities : Conduct code reviews to identify potential security vulnerabilities and provide recommendations for remediation. Collaborate with development teams to implement secure coding practices and ensure compliance with industry standards (e.g., CISA). Develop and execute test plans to validate the effectiveness of implemented controls, identifying areas for improvement. Provide guidance on risk management strategies, including assessment, mitigation, and monitoring of identified risks. Job Requirements : 7-15 years of experience in IT services & consulting with a focus on cyber security, control testing, or related fields. Certifications such as CISSP or CISA are highly desirable; equivalent experience may be considered. Strong understanding of software development life cycles, including design patterns, coding standards, and testing methodologies. Experience with conducting audits/assessments using various frameworks (e.g., ISO 27001) is an asset.

Job Description: Cloud Segment Information Security Officer (SISO GL28) Location- Gurgaon Position Overview: The Cloud Segment Information Security Officer (SISO) is responsible for overseeing and implementing security measures to protect the organizations cloud-based data and infrastructure. This role involves developing cloud-specific security strategies, managing risks, ensuring compliance, and leading incident response efforts. A key aspect of this role is fostering strong relationships and partnerships with business leaders and stakeholders to ensure security measures align with business objectives. Key Responsibilities: Cloud Security Strategy: Develop and implement security strategies tailored to the cloud segment to ensure the protection of cloud-based data and infrastructure. Risk Management: Identify, assess, and mitigate security risks associated with cloud operations and technologies. Incident Response: Lead incident response efforts for security breaches within the cloud segment, including investigation, containment, and remediation. Compliance: Ensure compliance with relevant cloud-specific regulations and standards. Collaboration: Work closely with other IT teams and cloud segment leaders to integrate security measures into cloud services and applications. Training and Awareness: Support security training and awareness programs for employees within the cloud segment to promote a security-conscious culture. Policy Development: Develop and enforce security policies and procedures specific to cloud operations. Audit and Assessment: Support security audits and assessments to ensure the effectiveness of security measures within the cloud segment. Business Partnership: Foster strong relationships with business leaders and stakeholders to ensure security measures support and enhance business objectives. Collaborate with business units to understand their needs and provide tailored cloud security solutions. Qualifications: Proven experience in developing and implementing cloud security strategies. Strong knowledge of cloud risk management and security architecture. Experience in leading cloud incident response efforts. Familiarity with cloud compliance regulations and security monitoring tools. Excellent collaboration and communication skills. Ability to conduct training and develop cloud security policies. Experience in conducting cloud security audits and assessments. Demonstrated ability to build and maintain relationships with business leaders and stakeholders. At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission. njp

Primary Responsibilities: Perform audits to identify control gaps and implement corrective action plans Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL) Monitor compliance with corrective action plans, and address non-compliance issues appropriately Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools) Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards Facilitate/lead security incident investigation Analyze business requirements and ensure that solutions meet established security policies and controls Maintain metrics and ensure reporting as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications: Bachelors degree or higher level of education 6+ years of Information security experience Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2 Demonstrated auditing skills and the ability to manage risk assessments / projects independently Demonstrated excellent communication skills both verbal and written Demonstrated good presentation skills particularly ability to present technology elements in manner personnel can follow and act Preferred Qualification: CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyoneof every race, gender, sexuality, age, location and incomedeserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes an enterprise priority reflected in our mission.

Desired Candidate The ideal candidate is a proactive and detail-oriented professional with strong leadership skills and a passion for cybersecurity. They should have excellent communication abilities to convey technical concepts to diverse audiences and a proven track record of managing teams and fostering a culture of security awareness. Adaptable and ethical, the candidate thrives in dynamic environments and collaborates effectively to address evolving cyber threats while maintaining the highest standards of confidentiality and integrity. Responsibilities: Strategic Planning: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with organizational goals. Risk Management: Identify, assess, and mitigate potential cybersecurity risks and vulnerabilities across systems, applications, and networks. Incident Response: Lead and coordinate incident response activities, ensuring quick containment, recovery, and root-cause analysis of security breaches. Compliance and Standards: Ensure adherence to relevant regulatory standards (e.g., GDPR, ISO 27001) and internal security policies. Team Collaboration: Lead and mentor the cybersecurity team, fostering skill development and ensuring alignment with security objectives. Stakeholder Communication: Act as a liaison between technical teams and senior management, translating technical risks into business terms. Continuous Improvement: Monitor and evaluate the effectiveness of security measures, and recommend enhancements to maintain a robust security posture. Tool and Technology Management: Oversee the deployment and management of security tools (e.g., SIEM, firewalls, endpoint protection, etc.) to ensure system integrity and confidentiality. Training and Awareness: Develop and conduct security training programs to promote awareness and compliance across the organization. Requirements: Education: Bachelors or Masters degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 6-10 years of experience in cybersecurity roles with progressive leadership responsibilities. Certifications: CISSP (Certified Information Systems Security Professional)[Ongoing is acceptable]. Additional certifications (e.g., CISM, CEH) are a plus. Technical Expertise: Strong understanding of security architecture, protocols, and best practices. Experience with tools like SIEM, IDS/IPS, endpoint security, firewalls, and vulnerability management systems. Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments. Soft Skills: Excellent verbal and written communication skills for technical and non-technical audiences. Strong leadership, project management, and team collaboration abilities. Analytical and problem-solving mindset with attention to detail.

Job Title: Information Security Officer (ISO) Corporate Title: AS Role Description The role of an Information Security Officer (ISO) is of a role holder aligned to a portfolio of applications (Application ISO). The ISO has the responsibility for the operational aspects of ensuring compliance with the Information Security Principles. The ISO is the primary contact for information security relevant matters within their area of responsibility. The ISO has a disciplinary reporting line into their Line Manager and a functional reporting line into the Divisional CISO. Your key responsibilities To assume the ownership and responsibility for the assigned IT assets, in line with the DB Group Information Security management processes and the Divisional ISMS. To support the development and maintenance of Information Security policies and procedures pertaining to the Unit in accordance with the Information Security policies and procedures of DB Group. To support the management of IS Risks within the Risk Appetite defined by the ISR. To execute the IS Risk assessments and compliance evaluations for assigned IT assets To ensure the execution of information security risk management requirements in their area of responsibility as additionally defined by the Divisional ISO (e.g., conducting risk assessments on an organizational basis, preparing and implementing management action plans to mitigate identified risks) To ensure the implementation of Identity and Access Management Processes and the execution of a periodic recertification of User Access Rights in their area of responsibility To provide timely updates to the Divisional ISO regarding the aforementioned information security management tasks To ensure that application entries regarding information security (e.g., Data Protection and Data Privacy fields) in the Groups inventory of applications are accurate and up to date To implement Segregation of Duty (SoD) rules for the assigned IT assets To contribute to the Information Security incident management process in the case of a security breach Keep oneself informed of the Information Security Principles and its subordinate documents and liaise with any other necessary parties to accomplish their tasks. These resources may be e.g., the TISO, ITAO or any other subject matter experts To ensure appropriate documentation of information security risk management in area of responsibility. This includes major decisions including identified and assessed risks as well as risk mitigation measures To deliver all items requested during regulatory and internal Information Security related audits Your skills and experience Essential Candidate should have a minimum of 8 years of business experience in an operation management / risk management capacity, working knowledge in various banking products with strong communications skills Knowledge on Information Security Controls, Data Protection Policy, Information classification principles and segregation of duties requirements within Banking Operations Good understanding of Regulatory, Compliance, Risk & Control Knowledge Have sound knowledge of Identity and Access Management Process Ability to multitask and manage multiple deliverables / projects that are highly visible and of strategic importance to our clients Ability to effectively communicate with clients internally and externally Must be a team player and facilitator Desirable Solid technical understanding of the business (CB Operations) including strong knowledge of application security related processes. Knowledge of electronic banking products and flow of instructions Computer proficiency in MS Office and ability to utilize IT initiatives to achieve a high degree of operational efficiency, optimize costs and add value to the service provided Innovative approach to work and continuously identify and implement process improvements Seek opportunities to improve service processes, minimize operational risk and reduce costs Strong analytical skills, detail orientation, service commitment and solid people management skills Strong awareness of risk control Education / Certification Graduation degree CRISC Desired: CISA/CISM/CISSP

Role & responsibilities Strong understanding of cybersecurity standards, practices, and policies Hands on experience with Security Technologies such as SIEM, Secure web gateway, mail protection, endpoint protection / EDR, WAF, Identity & Threat protection, etc. Hands on experience of security tools implementation including initial setup, configuration and managing daily operations Experience with Windows, Linux, and MacOS architectures Knowledge of security best practices for on-premises virtualization (VMware) and multiple cloud platforms (e.g.: Azure, GCP, AWS) Understanding of network concepts and protocols, including monitoring logs for anomalous activity Proven experience in leading projects and managing vendor relationships Excellent communication skills, with the ability to assertively address Information Security challenges Familiarity with risk analysis and mitigation methodology, security policy and procedure development, incident response and handling, security training and awareness Hands on knowledge of incident response (investigating BEC, phishing, etc.) Hands on experience on reviewing and analyzing IIS and/or Kubernetes logs for threat investigation Technical/Domain Skills: Security related certifications (e.g., CISSP, CISM, or equivalent) Scripting and automation capabilities via tools like: Python, Bash, PowerShell, API Active engagement in Information Security communities, keeping apprised of the latest tools, technologies, and threats Education (Required): Education: BE / B. Tech Work Experience (Required): •10 to 12 years of experience

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 36 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

Date 31 May 2025 Location: Bangalore, IN Company Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Could you be the full-time Security into Project Specialist in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and project management expertise in a new cutting-edge field. Youll work alongside innovative, dedicated teammates. You'll ensure the robust integration of security within our IS&T projects, safeguarding our digital initiatives. Day-to-day, youll work closely with teams across the business (Security Architecture, GRC and ISMS team, Architects, Project Managers and PMO, Business teams), review and approve security deliverables and much more. Youll specifically take care of validating Security Inquiry for Partners (SIP) and ensuring secure configurations are applied, but also make informed decisions about security acceptance based on residual risk and asset value. Well look to you for: Reviewing and approving security deliverables Ensuring the application of the "Security into Project" policy Validating and signing off on Security Inquiry for Partners Applying secure configurations for projects or business initiatives Making decisions on security acceptance Implementing design patterns and standards All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Engineering/Technology Experience or understanding of cybersecurity, architecture and design Knowledge of security architecture and infrastructure Familiarity with cloud solutions (Microsoft Azure/O365) A CISSP or CISM certification Ability to analyze technical risks and vulnerabilities Fluency in English Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with cutting-edge security standards for rail signalling Collaborate with transverse teams and supportive colleagues Contribute to innovative projects that shape the future of transportation Utilise our dynamic working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards leadership roles within the cybersecurity domain Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Hiring for Application Security role at Mumbai location !!! Job Title: Senior Manager Third Party Technology Risk Management Location: Mumbai Experience Required: 7 - 9 Years Industry: Financial Services / BFSI Job Type: Full-Time Work Mode: Hybrid Note: 2 levels of interview with client - 1st round - Virtual / 2nd round - F2F is Must . Job Overview: We are looking for a seasoned and driven Senior Manager to lead our Third-Party Technology Risk Management efforts. If you have strong experience in managing vendor risks, IT security frameworks, and global compliance standards in a financial services environment this opportunity is for you! Key Responsibilities: Conduct and lead Third-Party Risk Assessments for new and existing vendors. Evaluate IT security controls using industry frameworks (NIST, ISO 27001, SOC 2, GDPR, etc.). Develop and manage vendor risk dashboards and reports for senior stakeholders. Collaborate with cross-functional teams across regions to ensure compliance and risk mitigation. Ensure vendors meet our cybersecurity, network, and cloud security expectations. Coordinate vendor audits, risk reviews, and maintain detailed documentation. Work effectively with multicultural, cross-time-zone teams. Communicate risk findings and remediation plans to senior management. Maintain high standards of confidentiality, integrity, and professionalism. Required Skills & Qualifications: Bachelor's degree in IT, Information Security, or related field. Certifications such as CISSP, CISA, CISM, CRISC, or ISO 27001 Lead Auditor. 1012+ years in Technology Risk, with strong focus on Third-Party Risk Management. In-depth knowledge of NIST, ISO 27001, PCI DSS, SOC 2, COBIT, GDPR. Strong grasp of cybersecurity, network, and cloud security principles. Experience working with compliance, procurement, and legal teams. Excellent verbal and written communication skills for senior stakeholder engagement. Proficient in Microsoft Word, PowerPoint, and Project. Proven ability to manage conflict, build strong vendor/client relationships, and influence decision-making. Preferred Skills (Nice to Have): Familiarity with GRC tools (e.g., Archer, ServiceNow, OneTrust). Experience working with cloud service providers (AWS, Azure, GCP). Knowledge of outsourced IT risk, data privacy, and regulatory trends.

Roles and Responsibilities : Conduct code reviews to ensure adherence to coding standards, best practices, and industry regulations. Collaborate with development teams to identify and resolve defects, improving overall product quality. Develop and execute test plans, test cases, and test scripts for software applications using Java-based tools. Participate in the Software Development Life Cycle (SDLC) process by providing input on requirements gathering, design documentation, and implementation. Job Requirements : 7-15 years of experience in IT services & consulting with expertise in quality assurance/quality control testing. Strong understanding of CISA/CISSP certifications or equivalent knowledge of security frameworks. Proficiency in conducting code reviews using various programming languages such as Java.

Key Responsibilities Assist in planning and scoping IT compliance and internal control assessments. Identify risk areas and develop internal control testing programs. Perform end-to-end IT compliance assessments, including evaluating effectiveness of risk and control frameworks. Test IT General Controls (ITGCs) across domains like change management, logical access, SDLC and IT operations. Assess IT Automated Controls across business functions such as payroll, inventory, and revenue. Document control walkthroughs using narratives and flowcharts. Develop, maintain, and present compliance workpapers and reports highlighting control deficiencies and recommendations. Collaborate with management to communicate findings and ensure timely remediation of audit issues. Support external audit activities by coordinating information requests and walkthroughs. Stay up to date with regulatory and industry developments in IT compliance and risk management. Engage in continuous improvement efforts to enhance the efficiency and effectiveness of compliance processes. Qualifications Bachelor's degree in Information Technology, Computer Science etc. Professional certification (or working towards) such as CISA, CRISC, CISSP, or CISM preferred. 710 years of experience in IT audit, compliance, or risk management; minimum 3-5 years in a Big 4 or similar professional services firm preferred . Strong understanding of IT infrastructure, applications, and enterprise systems. Knowledge of Sarbanes-Oxley (SOX), ITGCs, automated controls, and internal control principles. Experience with audit and compliance tools (e.g., eAudit, Auditboard, or equivalent). Ability to understand cross-functional business processes and their integration with IT systems. Strong interpersonal, communication, and report-writing skills. Able to work independently and collaboratively under tight deadlines. Demonstrated sound judgment, critical thinking, and attention to detail. Preferred Skills Hands-on experience in documenting business processes and identifying control gaps. Ability to present findings to senior stakeholders and recommend practical remediation steps. Familiarity with GRC platforms and data analytics tools. Understanding of global business practices and regulatory environments.