614 Cissp Jobs - Page 2

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Threat Protection Experience: 8-10 Years

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: ServiceNow SecOps Experience: 8-10 Years

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Palo Alto Networks - Firewall Experience: 8-10 Years

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Data Security Consulting Experience: 8-10 Years

You will be responsible for conducting application security reviews for Web, Mobile (Android and iOS), and API technologies. Your role will involve assessing and identifying potential vulnerabilities in the technology being developed before implementation. You should have expertise in application security testing methodologies such as SAST, DAST, and MAST, with experience in web application, API security, and mobile application security testing according to industry standards like OWASP top 10, SANS top 25, etc. It would be beneficial to have knowledge of programming and scripting languages such as Java, JavaScript, Angular, Spring Boot, Kotlin, and Swift. Familiarity with tools like Burp Suite, Postman, SoapUI, Checkmarx, Netsparker, Nexus IQ, Kryptowire for security testing and analyzing scanned reports is essential. Moreover, a strong understanding of application security tooling and experience in driving automation within the delivery environment is required. You must hold industry-recognized Information Security and Cyber Security qualifications such as CISSP, CISA, OSCP, GIAC GPEN, GIAC GMOB. A deep understanding of security industry trends, major vulnerabilities, and security threat landscape is crucial. Knowledge of Zero Trust security principles and practical implementations is necessary. While a degree is desirable, it is not mandatory. Experience in supporting major programs, security architecture, creating security designs, and displaying positive leadership behaviors related to risk management and mitigation is expected. Proficiency in collaboration tools like SharePoint, Teams, Confluence, and JIRA is advantageous. Hands-on experience in working with DevOps and Agile teams to incorporate security in the software development lifecycle is a key requirement. Additionally, experience in application risk assessment, threat modeling, and working closely with delivery teams for security risk remediation is important. About the Company: Purview is a leading Digital Cloud & Data Engineering company with headquarters in Edinburgh, United Kingdom and a presence in 14 countries including India, Poland, Germany, USA, UAE, Singapore, Australia, among others. The company provides services to Captive Clients and top-tier IT organizations, delivering solutions and resources to clients worldwide. Company Information: Purview Services 3rd Floor, Sonthalia Mind Space Near Westin Hotel, Gafoor Nagar, Hitechcity, Hyderabad Phone: +91 40 48549120 / +91 8790177967 Gyleview House, 3 Redheughs Rigg South Gyle, Edinburgh, EH12 9DQ Phone: +44 7590230910 Email: careers@purviewservices.com Login to Apply!,

As a highly organized Cybersecurity Officer at AmeriPharma, you will play a crucial role in managing system-wide healthcare compliance, information security, and privacy regulations. Reporting to the Director of Regulatory Affairs, you will be responsible for ensuring regulatory excellence, information security, and adherence to federal and state laws. Your primary focus will be on fostering a culture of accountability, trust, and risk management across all IT infrastructures. Your duties will involve developing and managing a comprehensive cybersecurity program in compliance with regulations such as HITECH, providing cybersecurity support during software and network development, conducting security and risk assessments, and managing annual risk assessments, vulnerability management, and penetration testing. You will also be responsible for implementing security measures, overseeing compliance with patient data protection regulations, and managing cyber threats, incident response, and forensic investigations. To be successful in this role, you must have expertise in HIPAA, HITECH, HITRUST, and cybersecurity frameworks, along with extensive experience in risk management, information security, and regulatory compliance auditing. Strong technical knowledge in network security, cloud security, and identity access management is essential, as well as exceptional communication skills and the ability to make strategic, data-driven decisions in high-pressure environments. You will collaborate with IT teams to improve security controls across cloud, network, and endpoints, lead cybersecurity awareness training programs for employees, align cybersecurity initiatives with business objectives, and innovate in cybersecurity frameworks, AI-driven threat detection, and cloud security. Additionally, you will engage with industry leaders and regulatory bodies on emerging cybersecurity threats and develop and test software applications using Agile methodologies. The ideal candidate will have a Bachelor's degree in Computer Science, Information Technology, or a related field, along with certifications such as CompTIA A+, Network+, CISSP, CCNA, MSCE, or MCSD. A minimum of 4 years of experience in Engineering, Software Engineering, or related fields is required, as well as proficiency in cybersecurity tools and platforms. If you are passionate about cybersecurity, have a strong background in regulatory compliance and risk management, and are looking for a challenging and rewarding opportunity to make a difference in healthcare IT security, we invite you to join our dynamic team at AmeriPharma.,

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are looking for a highly skilled and motivated Lead Security Engineer to join our Vulnerability Detection Signature Research team. In this role, you will take charge of researching, developing, and delivering vulnerability detection signatures for our scanning products. You will oversee and resolve vulnerability scanning and detection issues that impact our customers, leading the sustenance research team to ensure expert handling of customer concerns and managing escalations. Collaboration with cross-functional teams will be key to resolving complex challenges. This position demands a strong technical foundation in vulnerability management, scanning tools, and security best practices, along with proven leadership experience in managing teams and addressing customer-facing escalations. Lead the development, implementation, and continuous improvement of vulnerability detections and scanning processes for customers. Lead and manage customer calls and meetings, ensuring that all issues are clearly understood and effectively addressed. Investigate, analyze, and troubleshoot vulnerability detection issues reported by customers, then modify the code to resolve these problems. Build automation for day-to-day tasks. As a Lead Security Signature Engineer, you will also dedicate time to staying up-to-date with the latest vulnerabilities, attacks, and countermeasures. Coordinate team tasks, assign priorities, and ensure timely resolution of customer issues. Externalize research by writing blog posts, presenting at security conferences, etc. As a Lead Security Signature Engineer, you would also work alongside information security engineers to execute internal projects. Qualifications: - 7+ years of industry experience in network and systems security - Proven experience in leading and mentoring teams in a technical environment - Demonstrated experience with vulnerability scanning tools and vulnerability management processes - In-depth knowledge of protocols such as TCP/IP, HTTP, FTP, SSH and SSL - Strong understanding of common security vulnerabilities (e.g., OWASP Top 10, CVEs, etc.) and their remediation - Experience with scripting languages, including Python and Bash - Experience with network analysis tools, analysis of packet captures - Proficient with regular expressions - Ability to shift priorities as needed and demanded by the customer requirements - System administrator experience on Windows or Unix platforms - Strong understanding of VPN, Firewalls, Intrusion detection systems (IDS) - Proven ability to manage customer escalations and deliver effective solutions under pressure - Excellent written and verbal communication skills Additional Plus Competencies: - Understanding of Lua (preferred), Java - Knowledge of Virtualization software (VMWare, Virtual PC/Virtual Box, XEN, etc) - Experience in cloud security (AWS, Azure, GCP) and containerized environments (Docker, Kubernetes) - Able to handle projects independently - Experience in developing security-related tools/programs - OSCP, CISSP or SANS GIAC certifications,

As an organization focused on re-imagining agricultural insurance through the innovative integration of Public Cloud, GIS, Remote-sensing, and cutting-edge AI-based algorithms, we at Kshema are dedicated to empowering the future of agricultural insurance. Leveraging the latest advancements in Mobile and Geospatial technologies, we are committed to revolutionizing the industry. We are currently seeking a Chief Information Security Officer (CISO) who will play a pivotal role in driving our cyber security strategy and ensuring strict compliance with regulatory and statutory guidelines pertaining to information and cyber security. As the CISO, you will be entrusted with the responsibility of enforcing policies aimed at safeguarding the organization's information assets and coordinating all information/cyber security-related matters internally and externally. **Key Responsibilities:** - Develop a comprehensive Information Security Roadmap for the organization with a forward-looking perspective. - Establish and oversee an enterprise-wide information security and IT risk management program. - Lead the implementation and review of Hardware, Network, and Software Security Standards and Controls to fortify systems, data, and assets against internal and external threats. - Implement Security Assessment and Testing Processes, including Penetration Testing, Secure Software Development, and Vulnerability Management. - Identify and deploy cutting-edge Security Products/Tools for various purposes. - Proactively monitor and address security issues, potential threats, and vulnerabilities to enhance security standards continually. - Conduct Information Security awareness training for all employees. - Execute Security Assessment practices such as Audits and Reviews. - Provide strategic guidance and consultation for IT Projects, including security risk assessments. - Conduct real-time analysis, investigations, and forensics when necessary to enhance security measures. - Develop strategies to manage security incidents and conduct investigations. - Maintain regular communication with stakeholders on Information and Data Security Practices and Activities. - Implement a strategy for deploying information security technologies to mitigate cyber-attack risks. - Continuously evaluate current IT security practices and systems for enhancement. - Ensure compliance with the latest regulations and requirements. - Develop and implement business continuity plans. **Desired Skills and Experience:** - Engineering Graduate/Post-Graduate in fields such as Computer Science, IT, Electronics, Communications, or Cyber Security. - Minimum of 15 years" experience in risk management, information security, or cyber security. - Profound knowledge of information security management frameworks like ISO/IEC 27001 and NIST. - Familiarity with DevSecOps, Secure SDLC, Security Automation, Security Testing, DR & BCP Concepts. - Experience in financial forecasting and budget management. - Understanding of Industry Security Standards, Protocols, and Data Privacy Regulations. - Ability to navigate ambiguity and devise solutions for complex problems. - Experience in contract and vendor negotiations and management. - Proficiency in Agile software development practices. - Collaboration skills to work effectively with cross-functional teams. - Relevant certifications such as CISSP, CEH, CISA, and CISM are advantageous. - Hands-on experience in designing, implementing, and operating security in public clouds like AWS, Azure, Oracle, or GCP. - Strong written and verbal communication skills with a high level of integrity. - Excellent presentation skills. Join us at Kshema and be a part of our mission to redefine agricultural insurance through innovation and technology.,

As an Information Security professional in our organization, you will be responsible for various key tasks related to ensuring the security of our third-party suppliers and information systems. Your role will involve assessing and managing the security risks associated with our suppliers, interpreting security assurance reports such as SOC2 and pen test reports, as well as reviewing security requirements in contracts. Your responsibilities will also include understanding outsourced solutions and the information classification associated with them, assessing supplier security controls based on ISO27001/2 standards, and identifying and documenting security risks. Additionally, you will be expected to suggest recommendations to address the identified security risks and potentially perform information classification assessments. To excel in this role, you should hold relevant security certifications such as ISO27001 auditor/implementation, CISSP, CRISC, CISM, or CISA. Your experience of at least 4 years in Information Security along with a strong understanding of security policies, processes, and standards will be valuable in this position. If you are a proactive professional with a keen eye for detail and a passion for enhancing information security practices, we encourage you to apply for this position. Please note that the location of this role is in Mumbai (Andheri East) and the ideal candidates should be able to join within an immediate to 30 days" notice period. Interested candidates are requested to share their updated resumes with us at manasa.chilla@visionyle.com.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY-Cyber security, the EKM Team owns the Public Key Infrastructure (PKI) and is responsible for certificate lifecycle management, distribution, and key management. The Lead Info Security engineer will be a part of a team of subject matter experts to facilitate the protection of data at rest, in-transit, or in-use by providing systems of processes, technologies, and policies. We're looking for Security Analysts in the Risk Consulting team to work on various privacy/data protection related projects for our customers across the globe. As an influential member of the team, you will help create a positive learning culture, coach and counsel junior team members, and assist in their development. **Your key responsibilities include:** - Designing, developing, integrating, and deploying encryption and key management solutions both on-premises and in the cloud. - Defining business/technical strategies to reduce risk and improve the overall security posture of applications, platforms, and infrastructure. - Collaborating with stakeholders at all levels to understand security needs and prioritize the roadmap accordingly. - Ensuring projects are completed on time, within budget, and with high quality. - Supporting necessary compliance activities and developing runbooks, SOPs, and troubleshooting guides. - Continuously validating the team's products/solutions against policies, guidelines, procedures, and regulations to ensure compliance. - Supporting the client's team by acting as an interim team member (e.g., security officer, security manager, security analyst). **Skills and attributes for success:** - Being a good team player with excellent verbal and written communication skills. - Proficient in documentation and PowerPoint skills, with good social, communication, and technical writing skills. - Ability to prioritize tasks, work accurately under pressure, and follow workplace policies and procedures. - Strong analytical/problem-solving skills and the ability to work independently on projects with minimal oversight. **To qualify for the role, you must have:** - Bachelor's or master's degree in Computer Science, Information Systems, Engineering, or a related field. - At least 7+ years of experience in Information Security with subject matter expertise in PKI, CLM, HSM. - Excellent scripting skills and experience with developing SOPs, runbooks, CP/CPS. - Technical experience with a combination of CLM, KMS, and PKI services, along with Linux and Windows systems. - 2+ years of working experience in cloud technologies such as AWS, Azure, and Google Cloud Platform. - Knowledge of security technologies like Venafi, AppViewX CERT+, Luna HSM, Fortanix DSM, MS-PKI, Sectigo. **Ideally, you'll also have:** - Experience with data tokenization/data masking and leading high performing technical teams. - Security certifications such as CISSP, CISM, CRISC, AWS, Azure, SANS, etc. - Ability to provide strong customer service and willingness to work weekends and travel as required. **What we look for:** - A team of people with commercial acumen, technical experience, and enthusiasm to learn in a fast-moving environment with consulting skills. - An opportunity to be part of a market-leading, multi-disciplinary team of professionals, working with leading businesses across various industries. **What working at EY offers:** - Inspiring and meaningful projects with a focus on education, coaching, and personal development. - Support, coaching, and feedback from engaging colleagues. - Opportunities to develop new skills, progress your career, and handle your role in a way that suits you. EY exists to build a better working world, creating long-term value for clients, people, and society, and building trust in the capital markets. Join EY's diverse global teams to provide assurance, help clients grow and transform, and find new answers to complex issues facing the world today across assurance, consulting, law, strategy, tax, and transactions.,

As the Head of Networks India and Global Product Delivery Assurance at Deutsche Bank, your role will involve planning, directing, and leading a major function within the Global Network Services (GNS) department. Your responsibilities will include ensuring alignment of priorities for specific product domains with the overall GTI and GNS Strategy, overseeing the delivery functions in Network Engineering, Solution Deployment, and Network Automation. You will be tasked with managing services globally, supporting the definition of Product Strategy, developing Product Roadmaps, and ensuring successful product launch, rollout, and management throughout its lifecycle. Collaboration with various departments and organizations will be essential to drive the strategic development of products based on user requirements and plans. Your role will also involve coordinating with engineering, deployment, automation, risk, and operational functions to bring the product vision to life, ensuring compliance with architectural principles, control, and regulatory requirements. Automation will play a crucial role in future deployments, and you will be responsible for driving and supporting its introduction wherever possible. As the Head of Network Services in India, you will provide administrative management oversight for all India-based resources, reporting to the Head of Technology Infrastructure India (GTI). This will include local team leadership and management in a matrixed environment, performance evaluations, compensation discussions, and other human resources responsibilities. To excel in this role, you should possess a highly proactive self-starting ethos, strong customer focus, outstanding leadership, collaboration, and problem-solving skills. With at least 10 years of relevant experience in managing general networks including security practice, along with leadership experience in globally distributed Network Organization or Product Management, you should have expert knowledge of core networking and relevant certifications. A good understanding of IT infrastructure technologies, modern Cloud and Hybrid Cloud infrastructures, automation, orchestration methods, and systems/platforms is crucial. Excellent interpersonal and active listening skills, along with the ability to communicate effectively with stakeholders across different functions, are essential for success in this role. Deutsche Bank offers training and development opportunities, flexible working arrangements, coaching and support from experts, and a culture of continuous learning to aid in your career progression. If you have a passion for delivering top-notch service and possess the necessary skills and experience, we encourage you to apply for this challenging and rewarding position.,

As a Cyber Assurance Assistant Vice President (AVP) at Barclays in Pune, you will play a crucial role in partnering with the bank to provide independent assurance on control processes and offer advice on enhancements to ensure the efficiency and effectiveness of the bank's internal controls framework. Your responsibilities will include collaborating across the bank to maintain a robust control environment by conducting ad-hoc assessments and testing the design and operational effectiveness of internal controls aligned with the bank's policies and standards. You will develop detailed test plans and procedures to identify weaknesses in internal controls and other initiatives within the bank's control framework to mitigate potential risks and issues that could disrupt bank operations, lead to losses, or impact reputation. In this role, you will communicate key findings and observations to relevant stakeholders and business units to enhance overall control efficiency and provide corrective actions to senior managers. You will work closely with other control professionals to address complex issues and ensure consistent testing methodologies across the bank. Additionally, you will establish a knowledge center containing detailed documentation of control assessments, testing results, findings, and distribute material on internal controls to train and upskill colleagues within the bank. As an Assistant Vice President, you are expected to advise and influence decision making, contribute to policy development, and take responsibility for operational effectiveness. You will lead a team in performing complex tasks, set objectives, coach employees, appraise performance, and determine reward outcomes. If the position involves leadership responsibilities, you will demonstrate a clear set of leadership behaviors to create an environment for colleagues to excel. Your role may involve collaborating on assignments, guiding team members, identifying new directions for projects, and consulting on complex issues. You will identify ways to mitigate risks, develop new policies and procedures to support the control and governance agenda, and take ownership of managing risk and strengthening controls related to your work. Furthermore, you will engage in complex data analysis, communicate complex information effectively, and influence stakeholders to achieve desired outcomes. It is essential for all colleagues to uphold the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as demonstrate the Barclays Mindset of Empower, Challenge, and Drive in their behavior.,

The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: ForgeRock Identity Manager.: Experience: 8-10 Years.

The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Network Detection and Response Vectra.: Experience: 8-10 Years.

Your role We are seeking a proactive and experienced Security Operations Center (SOC) professional to join our cybersecurity team with 4+ years of experience . Depending on the level (Analyst, Lead, or Manager), the role will involve monitoring, analyzing, and responding to security incidents, managing SOC operations, and leading threat detection and response initiatives. Monitor SIEM systems and security tools for suspicious activity. Analyze and respond to security incidents and threats. Stay updated on threat intelligence and attack trends. Review logs from firewalls, IDS/IPS, and antivirus tools. Escalate critical incidents and document findings. Support vulnerability management and remediation tracking. Configure and tune security tools like SIEM and EDR. Ensure compliance with security policies and audits. Collaborate with IT and network teams on investigations. Contribute to process improvements and incident playbooks. Lead and mentor junior analysts (for Lead/Manager roles). Your profile SIEM (e.g., Splunk, QRadar, ArcSight) Incident Response /Log Analysis Threat Intelligence Scripting (Python, PowerShell) for automation EDR tools (e.g., CrowdStrike, Carbon Black) What you''ll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges. Location - Bengaluru,Mumbai,,Pune

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: ForgeRock Identity Manager. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SailPoint Identity Mgmt and Governance. Experience: 8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: SOAR Tools. Experience:8-10 Years.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Threat Protection. Experience: 10 YEARS.

Role Purpose The purpose of this role is to design the organisations computer and network security infrastructure and protect its systems and sensitive information from cyber threats Do 1. Design and develop enterprise cyber security strategy and architecture a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses b. Identify risks associated with business processes, operations, information security programs and technology projects c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc. g. Provide support during technical deployment, configuration, integration and administration of security technologies h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc. i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity j. Provide solution of RFPs received from clients and ensure overall design assurance i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture iii. Depending on the clients need with particular standards and technology stacks create complete RFPs iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps vii. Evaluate and recommend solutions to integrate with overall technology ecosystem viii. Tracks industry and application trends and relates these to planning current and future IT needs 2. Stakeholder coordination & audit assistance a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers e. Provide training to employees on issues such as spam and unwanted or malicious emails Skills: Microsoft Entra ID. Experience10 YEARS.

Key Responsibilities: • Define the overall GRC strategy, policies, standards, and procedures. • Oversee the identification, assessment, analysis, and prioritization of enterprise-wide risks, including operational, reputational, and cybersecurity risks. • Develop and implement robust risk mitigation strategies and controls • Monitor the effectiveness of risk management activities and report on the organization's risk posture to senior leadership and the Board. • Ensure the organization complies with all applicable laws, regulations, industry standards, and internal policies (e.g., data privacy regulations like DPDPA, RBI regulatory requirements and compliance) • Develop and manage compliance programs, internal audits, and assessments to identify and address compliance gaps. • Drive a strong governance culture by establishing clear accountability, transparency, and ethical conduct throughout the organization • Develop and implement governance policies and procedures to guide decision-making and operational processes • Develop meaningful GRC metrics, dashboards, and reports for various stakeholders, including executive management and the Board. • Collaborate closely with various departments, including Enterprise Risk, IT Operations, Legal, Finance and HR to integrate GRC principles into daily business operations. • Act as a trusted advisor to business on Infosec Risk and Compliance matters. • Thoroughly review of all incoming information security requests (e.g., user access, system configuration changes, firewall rules creation/modifications, software installations, data access, third-party system integrations) and approve them. • Assess requests for completeness, accuracy, and adherence to established information security policies, procedures, & guidelines and analyse potential security risks, impacts associated with each request, including data confidentiality, integrity, and availability. • Review and approve access requests to sensitive systems, applications, and data and validate justifications, roles, and least-privilege principles prior to approval. • Maintain a comprehensive understanding of evolving security threats, vulnerabilities, and regulatory changes related to upcoming technologies like Blockchain and AI to take informed approval decisions. • Review and recommend exceptions to security policies and standards, identify and document any residual risks associated with approved exceptions, and ensure that compensating controls are in place for recommended exceptions, documenting the rationale, validity period, and expiration tracking. • Communicate clearly and concisely with requestors, providing detailed explanations for approvals, denials, or requests for additional information. • Identify opportunities to streamline the request approval process, enhance efficiency, and improve security controls. • Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements • Provide guidance and mentorship to junior security team members. Technical Skills: • Deep understanding of GRC principles, methodologies, and best practices. • Strong analytical and problem-solving skills with the ability to identify, assess, and mitigate complex risks. • Excellent communication, interpersonal, and presentation skills, with the ability to articulate complex GRC concepts to diverse audiences (technical and non-technical, all levels of management). • Proven leadership and team management abilities, including the ability to influence and collaborate across departments. • Strategic thinking with a proactive approach to GRC challenges. • High level of integrity and ethical conduct. • Ability to manage multiple projects and priorities in a dynamic environment. • Proven track record of developing, implementing, and managing successful GRC programs in a complex organizational environment. • Strong experience with risk assessment methodologies, control frameworks, and compliance audits. • Experience with relevant regulatory frameworks (e.g., ISO 27001, NIST, SOC 2, PCI DSS, DPDPA, GDPR etc.). • Strong understanding of security domains (e.g., network security, data security, application security). • Understanding on cryptographic standards, application security, enterprise architecture, software development lifecycle etc. • Experience with security frameworks (e.g., MITRE, NIST, ISO). • Familiar in Vulnerability Management and Configuration Management with a commitment to staying current on emerging security threats and technological advancements. • Knowledge of identity and access management (IAM) concepts and technologies and Familiarity with role-based access control (RBAC) models and approval workflows. • Knowledge of cryptography, secure communication protocols, data encryption techniques, understanding of Key management process. • Deep understanding of security vulnerabilities exploits applications, infrastructure and APIs • Strong analytical and problem-solving skills. • Basic understanding of cloud security principles (AWS, Azure, GCP) is a plus. • Experience with ITSM or request/ticketing systems (e.g., ServiceNow, Jira, Remedy)

As a Senior Security Administrator at BMC, you will play a crucial role in ensuring the security and efficiency of our systems operation. Your expertise in RACF, ACF2, and Top Secret will be essential as you install, configure, and customize these security products to meet the highest standards. Your deep understanding of security architecture and methodologies will enable you to design and implement robust security measures to protect our systems from vulnerabilities. Your responsibilities will include administering and maintaining these security products, enforcing security policies, and collaborating with cross-functional teams to enhance security across all platforms. You will stay updated on emerging threats and industry best practices, utilizing security tools and technologies to monitor, analyze, and respond to security events effectively. To excel in this role, you should possess in-depth knowledge of RACF, ACF2, and Top Secret, along with strong zOS knowledge. Proficiency in a coding language such as ASM, REXX, SAS, or Python is required, while CISSP certification is preferred but not mandatory. Familiarity with ticketing systems like Jira, Remedy, or Service-Now and excellent communication skills will be beneficial in fulfilling your responsibilities effectively. At BMC, we value our people and encourage diversity in experience and background. Join our award-winning, culturally diverse team that fosters a supportive and inspiring work environment. Your contributions will be celebrated, and your growth will be championed as we work together towards creating an Autonomous Digital Enterprise that embraces innovation and excellence. Apply now to be a part of our dynamic team at BMC and embark on a rewarding journey of professional development and personal growth.,

Responsible for overseeing the IT infrastructure, software systems, and data analytics to drive operational efficiency and business growth. This role requires a strategic leader who can manage teams handling hardware, software, and data analytics,

Hiring TPRM (third party risk management) risk assessment In a world of growing cyber threats and regulatory demands, role of a TPRM Analyst has never been more vital We are seeking Governance, Risk, and Compliance (GRC) to implement robust frameworks that integrate risk management, compliance, and governance processes into our business strategy. Experience - 4 -7Years Location - Bengaluru Work Mode - Hybrid Certifications: ISO 27001 LA/LI, ISC2 CC, Security+, CTPRP, CTPRA, CISA, CISM, CRISC, CISSP (any one is preferable ) Information Security Governance, Compliance and Security Assessment, experience, with a focus on IT and IS Risk Assessments and program reviews / establishment. Familiarity with and demonstrated experience assessing against the BS ISO/IEC/SIG 27002:2005 BS 7799 standard domains, BS 25999 including Risk Assessment; Security policy; Organization of Information Security; Asset Management; HR Security; Physical and Environmental Security; Communications and Operations Management; Access Control; IS Acquisition, Development and Maintenance; IS Incident Management; Business Continuity Management; and Compliance. Broad understanding of Information Security trends, services and disciplines and experience applying them in dynamic environments. Were ready to fast-track your application if youre available to start! Think youre a perfect fit? Drop your resume bhumika.soni@weareams.com or Share this with someone you know who fits the bill.